Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/480f4a-a937-4149-aee8-e32924ac7b63/1/nugkUkCxhGevF67sQAeR2mG4ef4.roa
File: nugkUkCxhGevF67sQAeR2mG4ef4.roa (raw, json)
Hash identifier: slCiTmijkK8eqPcSGcrXn1nb8JHjVkUR2k4jAKIncb8=
Subject key identifier: 9E:E8:24:52:40:B1:84:67:AF:17:AE:EC:40:07:91:DA:61:B8:79:FE
Certificate issuer: /CN=b78678bd654ca6b10a5c773bc269754dc234cfd5
Certificate serial: 018F80D6B545F96D3BFF72314CCDC5C62F62
Authority key identifier: B7:86:78:BD:65:4C:A6:B1:0A:5C:77:3B:C2:69:75:4D:C2:34:CF:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/t4Z4vWVMprEKXHc7wml1TcI0z9U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/480f4a-a937-4149-aee8-e32924ac7b63/1/nugkUkCxhGevF67sQAeR2mG4ef4.roa
Signing time: Thu 16 May 2024 09:58:25 +0000
ROA not before: Thu 16 May 2024 09:58:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29119
IP address blocks: 103.95.124.0/22 maxlen: 22
103.115.182.0/23 maxlen: 23
103.132.4.0/22 maxlen: 22
103.204.220.0/23 maxlen: 23
192.140.228.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ae/480f4a-a937-4149-aee8-e32924ac7b63/1/t4Z4vWVMprEKXHc7wml1TcI0z9U.crl
rsync://rpki.ripe.net/repository/DEFAULT/ae/480f4a-a937-4149-aee8-e32924ac7b63/1/t4Z4vWVMprEKXHc7wml1TcI0z9U.mft
rsync://rpki.ripe.net/repository/DEFAULT/t4Z4vWVMprEKXHc7wml1TcI0z9U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:80:d6:b5:45:f9:6d:3b:ff:72:31:4c:cd:c5:c6:2f:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b78678bd654ca6b10a5c773bc269754dc234cfd5
Validity
Not Before: May 16 09:58:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9ee8245240b18467af17aeec400791da61b879fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:cf:90:a6:0b:04:1a:42:cb:b9:44:86:7b:58:
90:ca:5a:ae:f2:bc:3a:0a:43:57:f6:2c:3a:50:55:
8a:54:d8:0b:24:b6:59:c4:05:b7:a9:5b:a4:f1:7d:
dc:77:ae:75:9e:18:cc:c4:dd:35:7f:a4:b6:54:aa:
ca:fc:60:43:ec:01:c2:6f:4d:00:7f:1c:30:6f:90:
b3:f7:85:ef:ef:8a:c4:d6:d2:80:ab:d7:87:ad:81:
eb:70:89:ce:af:b6:5f:b9:3b:3b:ee:4d:04:53:35:
43:92:a5:2c:a9:ce:49:bf:bb:b0:9f:f4:0d:17:b0:
26:7c:ce:fb:d8:43:ec:dc:7e:b7:56:45:24:e9:ac:
d0:f9:a3:28:09:26:22:73:62:45:80:5c:f3:c8:7d:
8d:70:fb:ae:b5:65:18:3c:1f:80:48:2e:f3:75:30:
a3:66:1c:4b:a2:27:39:da:f3:1d:b6:ba:1e:36:cb:
e3:4a:0f:bf:b7:dd:17:36:eb:18:83:33:bc:5d:d3:
28:87:6f:f3:60:22:2c:b8:dc:4c:25:b7:f8:fd:79:
77:59:14:36:66:65:12:ac:e7:9e:24:29:7a:29:53:
a3:50:5f:88:a9:df:92:49:5d:21:90:cf:3d:99:5a:
f3:b4:03:84:ed:03:d0:5f:ed:0d:eb:78:98:bd:b9:
6c:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:E8:24:52:40:B1:84:67:AF:17:AE:EC:40:07:91:DA:61:B8:79:FE
X509v3 Authority Key Identifier:
keyid:B7:86:78:BD:65:4C:A6:B1:0A:5C:77:3B:C2:69:75:4D:C2:34:CF:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/t4Z4vWVMprEKXHc7wml1TcI0z9U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/480f4a-a937-4149-aee8-e32924ac7b63/1/nugkUkCxhGevF67sQAeR2mG4ef4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/480f4a-a937-4149-aee8-e32924ac7b63/1/t4Z4vWVMprEKXHc7wml1TcI0z9U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.95.124.0/22
103.115.182.0/23
103.132.4.0/22
103.204.220.0/23
192.140.228.0/22
Signature Algorithm: sha256WithRSAEncryption
78:cd:90:3c:6c:cd:fc:0a:dc:68:ca:e7:41:d1:b3:24:ff:53:
f6:48:af:5c:dd:58:9a:f8:21:e1:84:a1:b0:ea:aa:f9:5f:04:
f9:2c:d9:80:e9:ce:15:28:65:d2:7f:09:a8:c5:40:da:b8:0f:
f4:f5:a7:77:65:98:ab:6d:3b:1f:ae:15:8c:d9:c6:7b:95:d6:
96:5f:15:4e:64:8e:79:c9:ac:ed:b0:ec:4d:b5:f9:d2:2d:9c:
0e:64:38:82:4f:9b:a4:08:30:e0:41:90:94:18:b5:7c:3c:f2:
87:88:57:e0:57:9b:0d:30:56:5d:63:e3:bb:e0:18:62:56:40:
af:b5:e2:b7:d5:f8:3c:90:b7:c9:91:1b:32:8b:04:ca:fb:a2:
21:4b:a6:7f:97:69:9c:fd:19:80:e7:b4:09:40:08:ed:e2:6a:
1d:a6:4d:84:dd:2c:30:f8:17:5f:cd:49:69:f0:3d:27:ac:6d:
ab:ac:44:4c:e0:92:f9:f6:d3:b4:0a:4e:9c:10:8f:25:09:9c:
b8:fd:97:5a:db:7f:5b:92:98:9d:6f:54:3b:f4:de:25:bf:60:
bf:a6:39:e7:74:ae:8a:85:bc:5c:0b:08:83:4f:12:08:fd:04:
32:b3:4b:29:6e:74:51:84:22:15:46:87:a1:2e:13:91:f6:f7:
d8:8a:f4:5a
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY+A1rVF+W07/3IxTM3Fxi9iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3ODY3OGJkNjU0Y2E2YjEwYTVjNzczYmMyNjk3NTRkYzIz
NGNmZDUwHhcNMjQwNTE2MDk1ODI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZWU4MjQ1MjQwYjE4NDY3YWYxN2FlZWM0MDA3OTFkYTYxYjg3OWZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo8+QpgsEGkLLuUSGe1iQylqu8rw6
CkNX9iw6UFWKVNgLJLZZxAW3qVuk8X3cd651nhjMxN01f6S2VKrK/GBD7AHCb00A
fxwwb5Cz94Xv74rE1tKAq9eHrYHrcInOr7ZfuTs77k0EUzVDkqUsqc5Jv7uwn/QN
F7AmfM772EPs3H63VkUk6azQ+aMoCSYic2JFgFzzyH2NcPuutWUYPB+ASC7zdTCj
ZhxLoic52vMdtroeNsvjSg+/t90XNusYgzO8XdMoh2/zYCIsuNxMJbf4/Xl3WRQ2
ZmUSrOeeJCl6KVOjUF+Iqd+SSV0hkM89mVrztAOE7QPQX+0N63iYvblsSQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFJ7oJFJAsYRnrxeu7EAHkdphuHn+MB8GA1UdIwQY
MBaAFLeGeL1lTKaxClx3O8JpdU3CNM/VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdDRaNHZXVk1wckVLWEhjN3dtbDFUY0kwejlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS80ODBmNGEtYTkzNy00MTQ5LWFlZTgt
ZTMyOTI0YWM3YjYzLzEvbnVna1VrQ3hoR2V2RjY3c1FBZVIybUc0ZWY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS80ODBmNGEtYTkzNy00MTQ5LWFlZTgtZTMyOTI0YWM3YjYz
LzEvdDRaNHZXVk1wckVLWEhjN3dtbDFUY0kwejlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCZ198AwQB
Z3O2AwQCZ4QEAwQBZ8zcAwQCwIzkMA0GCSqGSIb3DQEBCwUAA4IBAQB4zZA8bM38
CtxoyudB0bMk/1P2SK9c3Via+CHhhKGw6qr5XwT5LNmA6c4VKGXSfwmoxUDauA/0
9ad3ZZirbTsfrhWM2cZ7ldaWXxVOZI55yaztsOxNtfnSLZwOZDiCT5ukCDDgQZCU
GLV8PPKHiFfgV5sNMFZdY+O74BhiVkCvteK31fg8kLfJkRsyiwTK+6IhS6Z/l2mc
/RmA57QJQAjt4modpk2E3Sww+BdfzUlp8D0nrG2rrERM4JL59tO0Ck6cEI8lCZy4
/Zda239bkpidb1Q79N4lv2C/pjnndK6KhbxcCwiDTxII/QQys0spbnRRhCIVRoeh
LhOR9vfYivRa
-----END CERTIFICATE-----
Generated at Sat Jun 1 16:57:10 2024 by rpki-client on console-ams.rpki-client.org