Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d6/feb3ba-ee90-4f03-9e00-f6179a910b15/1/24JLLn88ifQpDFyWWL1HEsLLsJY.roa
File: 24JLLn88ifQpDFyWWL1HEsLLsJY.roa (raw, json)
Hash identifier: Mb7i6pCkYezjiwuQlWTVUhmGZHu7D81JZ3O6eGXwBVc=
Subject key identifier: DB:82:4B:2E:7F:3C:89:F4:29:0C:5C:96:58:BD:47:12:C2:CB:B0:96
Certificate issuer: /CN=26bddae04dbcb1f82f55b078307ba4b084b994bb
Certificate serial: 018EFC4FBFFDF54B01A019CC3F41908CE5FF
Authority key identifier: 26:BD:DA:E0:4D:BC:B1:F8:2F:55:B0:78:30:7B:A4:B0:84:B9:94:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Jr3a4E28sfgvVbB4MHuksIS5lLs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d6/feb3ba-ee90-4f03-9e00-f6179a910b15/1/24JLLn88ifQpDFyWWL1HEsLLsJY.roa
Signing time: Sat 20 Apr 2024 16:21:08 +0000
ROA not before: Sat 20 Apr 2024 16:21:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213222
IP address blocks: 103.231.136.0/24 maxlen: 24
103.231.137.0/24 maxlen: 24
103.231.138.0/24 maxlen: 24
103.231.139.0/24 maxlen: 24
185.137.108.0/24 maxlen: 24
185.137.109.0/24 maxlen: 24
185.137.110.0/24 maxlen: 24
185.137.111.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d6/feb3ba-ee90-4f03-9e00-f6179a910b15/1/Jr3a4E28sfgvVbB4MHuksIS5lLs.crl
rsync://rpki.ripe.net/repository/DEFAULT/d6/feb3ba-ee90-4f03-9e00-f6179a910b15/1/Jr3a4E28sfgvVbB4MHuksIS5lLs.mft
rsync://rpki.ripe.net/repository/DEFAULT/Jr3a4E28sfgvVbB4MHuksIS5lLs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 23:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:fc:4f:bf:fd:f5:4b:01:a0:19:cc:3f:41:90:8c:e5:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=26bddae04dbcb1f82f55b078307ba4b084b994bb
Validity
Not Before: Apr 20 16:21:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=db824b2e7f3c89f4290c5c9658bd4712c2cbb096
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:ed:c5:36:1b:aa:c1:64:ab:7d:8b:e0:27:af:
c9:12:27:48:3c:80:33:86:a3:0e:d4:2a:02:bb:06:
c0:8a:f1:08:9b:1c:d0:21:a6:22:f2:f7:18:33:d3:
30:04:fc:d9:59:4a:b6:d3:db:83:cf:05:80:c3:89:
5e:25:74:da:5a:96:05:73:0e:25:37:10:33:73:c8:
08:85:b6:b9:1f:c1:3f:b9:7b:5e:0b:14:3a:24:b2:
b8:eb:51:68:6e:dc:4c:af:e6:a0:3c:8f:5c:c7:23:
21:4b:71:b8:36:d8:90:fb:b7:55:99:62:61:84:2d:
d2:f0:f7:11:5d:78:86:cd:b9:69:e7:03:0a:a6:01:
1b:49:d3:43:9b:f3:4f:5e:fb:c1:ad:a8:34:93:66:
34:0e:86:95:2f:c0:f1:35:b9:87:ef:f6:12:1a:d8:
46:af:bf:92:05:ca:3f:90:7f:8b:b8:77:a6:ca:12:
ab:4d:b2:f6:02:2e:8e:be:09:c2:20:02:e7:20:f5:
6f:61:ce:da:39:9e:fe:2a:a9:02:da:91:24:a2:0c:
e7:bc:b5:c1:81:ab:6e:56:15:9f:37:96:41:51:d7:
b3:2d:59:7c:ab:73:d7:87:f1:3e:be:ac:e3:47:2b:
8f:a4:4f:bd:e4:d8:23:e5:98:91:70:60:34:ab:01:
c9:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:82:4B:2E:7F:3C:89:F4:29:0C:5C:96:58:BD:47:12:C2:CB:B0:96
X509v3 Authority Key Identifier:
keyid:26:BD:DA:E0:4D:BC:B1:F8:2F:55:B0:78:30:7B:A4:B0:84:B9:94:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Jr3a4E28sfgvVbB4MHuksIS5lLs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/feb3ba-ee90-4f03-9e00-f6179a910b15/1/24JLLn88ifQpDFyWWL1HEsLLsJY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/feb3ba-ee90-4f03-9e00-f6179a910b15/1/Jr3a4E28sfgvVbB4MHuksIS5lLs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.231.136.0/22
185.137.108.0/22
Signature Algorithm: sha256WithRSAEncryption
38:c9:15:20:6f:a7:04:af:99:a2:c9:aa:ba:e4:e0:50:87:0d:
dd:4b:5f:b3:4e:3d:09:d1:ce:50:02:9f:88:46:54:6a:9b:56:
68:d6:10:52:94:3f:7f:c7:fe:d7:b1:6c:ca:8e:3e:b5:2a:2b:
18:2b:ea:34:bb:00:26:1b:3e:6a:36:47:99:2c:ae:8c:a2:89:
17:9e:af:48:d3:d3:04:d9:e3:21:a8:2c:f3:ea:52:bc:90:47:
f9:4d:1c:1a:3a:cc:26:61:d5:95:ee:f2:0f:1e:60:4d:b5:16:
ad:de:52:6c:15:1e:09:37:99:f9:93:74:77:a9:a6:c9:be:70:
05:ad:01:7e:58:87:f0:3e:81:ff:39:23:20:b9:22:ed:5b:5d:
0e:39:1c:ee:e0:61:ef:9d:44:4b:3a:9e:39:9a:37:64:4c:b0:
36:9f:50:c7:9b:15:e0:1b:42:6b:c5:85:95:3e:98:e0:4e:80:
11:78:e1:60:59:5d:cf:9e:1c:50:d1:3d:a1:78:b9:c1:0f:72:
ac:a0:2b:24:bb:66:54:df:31:0f:d3:5b:e8:54:37:67:18:4f:
31:65:88:2a:b3:c4:3a:97:37:e0:9d:58:43:7e:b5:05:d6:eb:
6e:05:88:76:d5:a8:ab:2f:d4:5a:4d:6d:6f:38:6c:f6:ec:03:
c3:3c:27:5c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY78T7/99UsBoBnMP0GQjOX/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2YmRkYWUwNGRiY2IxZjgyZjU1YjA3ODMwN2JhNGIwODRi
OTk0YmIwHhcNMjQwNDIwMTYyMTA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjgyNGIyZTdmM2M4OWY0MjkwYzVjOTY1OGJkNDcxMmMyY2JiMDk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx+3FNhuqwWSrfYvgJ6/JEidIPIAz
hqMO1CoCuwbAivEImxzQIaYi8vcYM9MwBPzZWUq209uDzwWAw4leJXTaWpYFcw4l
NxAzc8gIhba5H8E/uXteCxQ6JLK461FobtxMr+agPI9cxyMhS3G4NtiQ+7dVmWJh
hC3S8PcRXXiGzblp5wMKpgEbSdNDm/NPXvvBrag0k2Y0DoaVL8DxNbmH7/YSGthG
r7+SBco/kH+LuHemyhKrTbL2Ai6OvgnCIALnIPVvYc7aOZ7+KqkC2pEkogznvLXB
gatuVhWfN5ZBUdezLVl8q3PXh/E+vqzjRyuPpE+95Ngj5ZiRcGA0qwHJpwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNuCSy5/PIn0KQxclli9RxLCy7CWMB8GA1UdIwQY
MBaAFCa92uBNvLH4L1WweDB7pLCEuZS7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSnIzYTRFMjhzZmd2VmJCNE1IdWtzSVM1bExzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNi9mZWIzYmEtZWU5MC00ZjAzLTllMDAt
ZjYxNzlhOTEwYjE1LzEvMjRKTExuODhpZlFwREZ5V1dMMUhFc0xMc0pZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNi9mZWIzYmEtZWU5MC00ZjAzLTllMDAtZjYxNzlhOTEwYjE1
LzEvSnIzYTRFMjhzZmd2VmJCNE1IdWtzSVM1bExzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCZ+eIAwQC
uYlsMA0GCSqGSIb3DQEBCwUAA4IBAQA4yRUgb6cEr5miyaq65OBQhw3dS1+zTj0J
0c5QAp+IRlRqm1Zo1hBSlD9/x/7XsWzKjj61KisYK+o0uwAmGz5qNkeZLK6MookX
nq9I09ME2eMhqCzz6lK8kEf5TRwaOswmYdWV7vIPHmBNtRat3lJsFR4JN5n5k3R3
qabJvnAFrQF+WIfwPoH/OSMguSLtW10OORzu4GHvnURLOp45mjdkTLA2n1DHmxXg
G0JrxYWVPpjgToAReOFgWV3PnhxQ0T2heLnBD3KsoCsku2ZU3zEP01voVDdnGE8x
ZYgqs8Q6lzfgnVhDfrUF1utuBYh21airL9RaTW1vOGz27APDPCdc
-----END CERTIFICATE-----
Generated at Sat Jun 8 07:26:18 2024 by rpki-client on console-ams.rpki-client.org