Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/ODBhxY63jXTqeI3s_qJcxSyc6jQ.roa
File: ODBhxY63jXTqeI3s_qJcxSyc6jQ.roa (raw, json)
Hash identifier: fhBI5SmDxXcGqbnUUcuvis0BGQrU/PSvmV0Ewz2OyW0=
Subject key identifier: 38:30:61:C5:8E:B7:8D:74:EA:78:8D:EC:FE:A2:5C:C5:2C:9C:EA:34
Certificate issuer: /CN=f04a58047f37bbc057944bbf8cad8742879592da
Certificate serial: 019130B0E447B11D9CDB465D0008D55EFF02
Authority key identifier: F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/ODBhxY63jXTqeI3s_qJcxSyc6jQ.roa
Signing time: Thu 08 Aug 2024 06:33:04 +0000
ROA not before: Thu 08 Aug 2024 06:33:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212238
IP address blocks: 103.125.77.0/24 maxlen: 24
103.125.78.0/24 maxlen: 24
103.125.79.0/24 maxlen: 24
167.160.16.0/24 maxlen: 24
167.160.17.0/24 maxlen: 24
167.160.29.0/24 maxlen: 24
198.55.28.0/24 maxlen: 24
198.55.29.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.mft
rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 19 Sep 2024 21:01:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:30:b0:e4:47:b1:1d:9c:db:46:5d:00:08:d5:5e:ff:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f04a58047f37bbc057944bbf8cad8742879592da
Validity
Not Before: Aug 8 06:33:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=383061c58eb78d74ea788decfea25cc52c9cea34
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:a5:ae:42:3f:f4:c5:62:81:08:97:92:5b:7a:
99:d6:98:cb:6f:68:4e:f3:59:24:bf:6b:53:54:f1:
76:90:94:cb:11:95:6b:fd:4b:45:68:88:27:4f:06:
95:2e:5f:c5:f9:d8:f4:fd:23:de:fe:69:32:a1:42:
e8:4a:b8:2a:e2:0c:b7:bc:d3:13:d2:a8:c9:67:3a:
9c:90:8a:a1:24:47:d0:1b:23:5a:db:47:48:da:be:
e1:96:18:e7:2e:7a:d0:fe:6d:b7:af:42:a5:08:ea:
10:ba:9b:1a:71:48:fe:77:ea:8f:ea:95:49:92:b1:
04:b7:d6:1b:a4:e8:6a:a2:9c:1f:8b:21:9d:33:0e:
e0:fd:f3:35:f9:ab:59:20:8f:1a:d2:99:8d:dc:94:
7f:a5:12:50:d6:7f:d2:34:8f:64:05:c7:0e:bb:42:
27:78:98:be:21:99:85:6e:7d:ab:6e:3e:00:e7:8a:
fa:34:d7:c1:3e:ad:33:73:c3:c7:bc:55:e4:45:f3:
90:fb:39:0d:23:2b:0f:26:8c:48:c0:ca:6d:90:bc:
fc:ae:e4:22:83:bb:9d:5e:e9:0e:bb:98:fa:2f:f5:
c3:01:d7:f3:f6:25:c8:e2:61:53:3c:25:43:01:d1:
45:38:89:e6:5d:4d:6e:19:00:9d:4f:ff:2c:b2:67:
e2:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:30:61:C5:8E:B7:8D:74:EA:78:8D:EC:FE:A2:5C:C5:2C:9C:EA:34
X509v3 Authority Key Identifier:
keyid:F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/ODBhxY63jXTqeI3s_qJcxSyc6jQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.125.77.0-103.125.79.255
167.160.16.0/23
167.160.29.0/24
198.55.28.0/23
Signature Algorithm: sha256WithRSAEncryption
9e:9e:ec:65:b9:aa:eb:2b:c4:91:ba:d6:b6:31:d4:bc:dc:df:
1e:fd:d6:79:e8:c8:c9:b4:1f:96:e6:61:2b:a8:a6:dd:74:2f:
9d:05:c3:59:fb:a4:11:51:67:1f:cd:d7:45:74:6f:5c:ba:e6:
62:e7:2f:7c:db:0a:32:a2:32:a0:61:f8:09:4c:94:bd:bf:25:
0e:cc:7e:5f:10:d2:ab:4b:93:a3:8e:b8:71:6c:b7:e7:f1:26:
d5:36:c4:66:fd:bf:17:6c:06:80:68:f4:89:ac:37:ec:e6:af:
f0:1c:94:2c:c4:0d:82:0a:74:32:63:8c:bd:25:2e:32:d3:f3:
f5:ee:7f:60:e6:6c:ce:3b:17:37:35:9b:bc:7a:02:b5:84:63:
96:b1:e3:72:c1:8b:e9:3c:35:2b:59:31:83:6a:8a:6f:a4:3f:
e9:10:4f:cd:be:fd:3a:db:ff:50:10:cc:ca:03:d6:2c:73:ba:
c3:e7:bc:4b:42:b6:ed:be:ae:6d:ea:3c:0b:c3:c8:d9:68:65:
0c:7a:2c:3e:e6:c2:4c:3e:84:ee:6e:e1:30:f8:30:88:e2:cc:
5b:63:d9:bb:cb:c5:a2:1a:56:d5:f7:7c:6b:25:80:48:bf:7a:
03:bc:80:b6:3f:01:91:b6:de:9b:51:d1:68:b5:78:e1:ae:29:
58:84:ce:5c
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZEwsORHsR2c20ZdAAjVXv8CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNGE1ODA0N2YzN2JiYzA1Nzk0NGJiZjhjYWQ4NzQyODc5
NTkyZGEwHhcNMjQwODA4MDYzMzA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODMwNjFjNThlYjc4ZDc0ZWE3ODhkZWNmZWEyNWNjNTJjOWNlYTM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs6WuQj/0xWKBCJeSW3qZ1pjLb2hO
81kkv2tTVPF2kJTLEZVr/UtFaIgnTwaVLl/F+dj0/SPe/mkyoULoSrgq4gy3vNMT
0qjJZzqckIqhJEfQGyNa20dI2r7hlhjnLnrQ/m23r0KlCOoQupsacUj+d+qP6pVJ
krEEt9YbpOhqopwfiyGdMw7g/fM1+atZII8a0pmN3JR/pRJQ1n/SNI9kBccOu0In
eJi+IZmFbn2rbj4A54r6NNfBPq0zc8PHvFXkRfOQ+zkNIysPJoxIwMptkLz8ruQi
g7udXukOu5j6L/XDAdfz9iXI4mFTPCVDAdFFOInmXU1uGQCdT/8ssmfi2QIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFDgwYcWOt4106niN7P6iXMUsnOo0MB8GA1UdIwQY
MBaAFPBKWAR/N7vAV5RLv4yth0KHlZLaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYt
ZjVmYjcxYjlhNTFmLzEvT0RCaHhZNjNqWFRxZUkzc19xSmN4U3ljNmpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYtZjVmYjcxYjlhNTFm
LzEvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgMAwDBABnfU0D
BARnfUADBAGnoBADBACnoB0DBAHGNxwwDQYJKoZIhvcNAQELBQADggEBAJ6e7GW5
qusrxJG61rYx1Lzc3x791nnoyMm0H5bmYSuopt10L50Fw1n7pBFRZx/N10V0b1y6
5mLnL3zbCjKiMqBh+AlMlL2/JQ7Mfl8Q0qtLk6OOuHFst+fxJtU2xGb9vxdsBoBo
9ImsN+zmr/AclCzEDYIKdDJjjL0lLjLT8/Xuf2DmbM47Fzc1m7x6ArWEY5ax43LB
i+k8NStZMYNqim+kP+kQT82+/Trb/1AQzMoD1ixzusPnvEtCtu2+rm3qPAvDyNlo
ZQx6LD7mwkw+hO5u4TD4MIjizFtj2bvLxaIaVtX3fGslgEi/egO8gLY/AZG23ptR
0Wi1eOGuKViEzlw=
-----END CERTIFICATE-----
Generated at Wed Sep 18 23:42:58 2024 by rpki-client on console-fra.rpki-client.org