Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/38op26Ug3xTUscX891usud_9BzU.roa
File: 38op26Ug3xTUscX891usud_9BzU.roa (raw, json)
Hash identifier: ogSXZZRo/rmFLLtLpbDS2WCTQGG5mp5q4uazkbb30pY=
Subject key identifier: DF:CA:29:DB:A5:20:DF:14:D4:B1:C5:FC:F7:5B:AC:B9:DF:FD:07:35
Certificate issuer: /CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Certificate serial: 018DAF57C7F126067DFA40BC00972DD98D47
Authority key identifier: 72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/38op26Ug3xTUscX891usud_9BzU.roa
Signing time: Fri 16 Feb 2024 00:36:22 +0000
ROA not before: Fri 16 Feb 2024 00:36:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 40676
IP address blocks: 103.130.179.0/24 maxlen: 24
193.148.95.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl
rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.mft
rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:af:57:c7:f1:26:06:7d:fa:40:bc:00:97:2d:d9:8d:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Validity
Not Before: Feb 16 00:36:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dfca29dba520df14d4b1c5fcf75bacb9dffd0735
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:3c:11:c0:87:97:a7:28:06:4c:b9:70:44:62:
80:17:10:ae:2c:54:28:c6:3f:ba:76:60:a8:88:c2:
35:9e:58:be:45:e2:ca:b4:1e:92:6f:fc:8b:84:97:
db:1c:e3:9d:cf:be:d8:36:2f:f5:9b:78:66:dc:f8:
d3:0e:32:3a:c8:3d:58:08:41:08:5f:e6:aa:52:15:
2d:1e:3f:51:e9:3c:11:e0:3e:b0:ea:d8:10:a4:0d:
7e:43:51:e7:37:52:c1:39:c0:d5:54:b3:49:b1:30:
8c:30:6d:67:7d:5e:32:7f:18:6b:35:ba:c9:f5:5f:
fe:0b:34:f6:27:6d:ec:50:c9:1f:5b:77:b5:38:f5:
8b:0d:dd:5d:4a:00:2f:6a:db:2c:20:af:80:59:f8:
5a:bb:d6:e2:50:e4:04:15:30:22:e8:c8:03:6a:06:
a1:2d:cf:52:ef:e3:19:c7:70:b7:b1:bf:4a:80:16:
fb:01:49:28:7e:f9:b1:da:e8:e9:30:c7:97:17:60:
94:d8:ee:40:ce:53:65:3a:a1:53:e5:fa:38:e2:f8:
c4:d7:1d:c1:74:a9:94:54:68:62:0d:8c:09:70:54:
36:d2:4c:11:30:3a:08:7d:85:aa:57:16:57:20:f6:
03:2e:eb:2a:20:ce:17:5a:9c:59:c2:d4:06:2d:81:
ab:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:CA:29:DB:A5:20:DF:14:D4:B1:C5:FC:F7:5B:AC:B9:DF:FD:07:35
X509v3 Authority Key Identifier:
keyid:72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/38op26Ug3xTUscX891usud_9BzU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.130.179.0/24
193.148.95.0/24
Signature Algorithm: sha256WithRSAEncryption
66:9c:75:0c:e8:c5:f1:c2:f1:0c:06:72:e1:79:31:42:08:33:
44:7f:93:c8:be:e4:f3:ec:bd:6d:b4:9c:c4:44:6f:da:dc:2a:
77:25:ad:89:07:a5:38:e8:ac:5b:43:7f:73:42:68:cd:fc:f7:
7e:37:f8:30:9e:74:36:bc:e7:e4:c5:15:be:2f:4d:44:5d:72:
60:4f:d9:e6:32:dd:a9:52:24:1f:63:0e:f3:06:ed:0b:d9:3a:
94:7a:36:da:14:76:35:35:63:fb:08:f7:4c:4d:07:87:27:d0:
86:b3:56:f7:11:a4:8c:e1:d6:ea:11:f9:5a:c3:08:f7:3c:16:
94:78:8b:82:06:42:18:45:5f:7e:16:b6:ad:f8:6d:04:e7:42:
7d:8b:af:b6:dd:d0:16:52:06:a0:b0:68:ff:ea:7f:83:06:1a:
cd:b3:e6:d3:36:21:92:fa:90:c5:4a:1a:6f:14:69:84:b6:72:
12:d2:fe:2d:b7:d5:b5:06:10:fa:2b:c6:1a:49:12:6e:d0:57:
fa:35:2e:6a:87:12:4c:29:4c:e5:8d:0f:89:ae:02:25:c1:b8:
3d:0e:c4:fe:0c:cc:04:7c:11:fd:b2:00:5b:9b:2c:8a:36:a7:
13:48:27:f9:73:51:7a:2e:8c:0c:cd:ca:a3:a6:66:e1:9b:73:
68:7e:ba:c3
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY2vV8fxJgZ9+kC8AJct2Y1HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyYjc4ZjY2ODJmYzM5YzU1YjQxZDQ4ZjgwYjg4MzhkNWQy
ZGJmMDcwHhcNMjQwMjE2MDAzNjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZmNhMjlkYmE1MjBkZjE0ZDRiMWM1ZmNmNzViYWNiOWRmZmQwNzM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmjwRwIeXpygGTLlwRGKAFxCuLFQo
xj+6dmCoiMI1nli+ReLKtB6Sb/yLhJfbHOOdz77YNi/1m3hm3PjTDjI6yD1YCEEI
X+aqUhUtHj9R6TwR4D6w6tgQpA1+Q1HnN1LBOcDVVLNJsTCMMG1nfV4yfxhrNbrJ
9V/+CzT2J23sUMkfW3e1OPWLDd1dSgAvatssIK+AWfhau9biUOQEFTAi6MgDagah
Lc9S7+MZx3C3sb9KgBb7AUkofvmx2ujpMMeXF2CU2O5AzlNlOqFT5fo44vjE1x3B
dKmUVGhiDYwJcFQ20kwRMDoIfYWqVxZXIPYDLusqIM4XWpxZwtQGLYGrXwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFN/KKdulIN8U1LHF/PdbrLnf/Qc1MB8GA1UdIwQY
MBaAFHK3j2aC/DnFW0HUj4C4g41dLb8HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEt
ZjNlNTA2YWVhYTAxLzEvMzhvcDI2VWczeFRVc2NYODkxdXN1ZF85QnpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEtZjNlNTA2YWVhYTAx
LzEvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAZ4KzAwQA
wZRfMA0GCSqGSIb3DQEBCwUAA4IBAQBmnHUM6MXxwvEMBnLheTFCCDNEf5PIvuTz
7L1ttJzERG/a3Cp3Ja2JB6U46KxbQ39zQmjN/Pd+N/gwnnQ2vOfkxRW+L01EXXJg
T9nmMt2pUiQfYw7zBu0L2TqUejbaFHY1NWP7CPdMTQeHJ9CGs1b3EaSM4dbqEfla
wwj3PBaUeIuCBkIYRV9+Frat+G0E50J9i6+23dAWUgagsGj/6n+DBhrNs+bTNiGS
+pDFShpvFGmEtnIS0v4tt9W1BhD6K8YaSRJu0Ff6NS5qhxJMKUzljQ+JrgIlwbg9
DsT+DMwEfBH9sgBbmyyKNqcTSCf5c1F6LowMzcqjpmbhm3NofrrD
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:49:41 2024 by rpki-client on console-fra.rpki-client.org