Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d6/feb3ba-ee90-4f03-9e00-f6179a910b15/1/On6P0oyCVsJaxIEE3GftNC4qztw.roa
File: On6P0oyCVsJaxIEE3GftNC4qztw.roa (raw, json)
Hash identifier: MHdX24gf5gM9PdREHRYQX0s+qP7Sh6jKR9PNtNbtiPk=
Subject key identifier: 3A:7E:8F:D2:8C:82:56:C2:5A:C4:81:04:DC:67:ED:34:2E:2A:CE:DC
Certificate issuer: /CN=26bddae04dbcb1f82f55b078307ba4b084b994bb
Certificate serial: 019427B61C3C4D1BA29ACCD0449D18A3291E
Authority key identifier: 26:BD:DA:E0:4D:BC:B1:F8:2F:55:B0:78:30:7B:A4:B0:84:B9:94:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Jr3a4E28sfgvVbB4MHuksIS5lLs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d6/feb3ba-ee90-4f03-9e00-f6179a910b15/1/On6P0oyCVsJaxIEE3GftNC4qztw.roa
Signing time: Thu 02 Jan 2025 15:50:33 +0000
ROA not before: Thu 02 Jan 2025 15:50:33 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213222
IP address blocks: 103.231.136.0/24 maxlen: 24
103.231.137.0/24 maxlen: 24
103.231.138.0/24 maxlen: 24
185.137.108.0/24 maxlen: 24
185.137.109.0/24 maxlen: 24
185.137.110.0/24 maxlen: 24
185.137.111.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d6/feb3ba-ee90-4f03-9e00-f6179a910b15/1/Jr3a4E28sfgvVbB4MHuksIS5lLs.crl
rsync://rpki.ripe.net/repository/DEFAULT/d6/feb3ba-ee90-4f03-9e00-f6179a910b15/1/Jr3a4E28sfgvVbB4MHuksIS5lLs.mft
rsync://rpki.ripe.net/repository/DEFAULT/Jr3a4E28sfgvVbB4MHuksIS5lLs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 20 Apr 2025 21:00:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b6:1c:3c:4d:1b:a2:9a:cc:d0:44:9d:18:a3:29:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=26bddae04dbcb1f82f55b078307ba4b084b994bb
Validity
Not Before: Jan 2 15:50:33 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3a7e8fd28c8256c25ac48104dc67ed342e2acedc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fb:2e:20:47:41:87:8c:c2:ed:6e:ff:93:85:7c:
dc:c2:e6:ed:b2:c2:31:a2:57:4a:57:6c:cd:9b:51:
a5:79:69:83:fc:a0:b0:c0:1a:23:47:e4:10:51:7c:
46:98:ad:67:3f:d9:e3:62:fc:40:c2:a1:72:b7:25:
f5:83:63:f1:16:4e:e0:fe:d6:05:92:a3:f9:89:da:
9f:1a:04:95:65:d8:71:44:8c:c8:0f:16:e8:68:df:
40:29:87:3c:fd:21:0c:53:30:ff:cb:6f:ed:8a:5c:
4a:ee:ab:0b:1f:28:5e:3f:2f:c4:3b:aa:dd:54:95:
06:ac:b4:ad:a9:d9:91:d1:32:2a:52:4b:c4:b9:6a:
d0:00:8a:5b:5a:1e:d6:99:80:41:4e:81:a5:19:91:
f4:26:35:a6:b2:e2:92:3d:a2:d2:ff:0c:bf:fd:d7:
cd:60:47:fb:b0:33:71:a9:32:ff:d2:7b:92:d9:26:
7d:22:71:6e:b9:59:1c:87:12:71:de:41:dc:3e:63:
a0:ba:90:60:95:d3:96:46:36:47:dc:8a:b6:d0:a8:
7d:17:7f:99:ec:6f:51:1b:87:4a:d5:ec:cc:99:b8:
48:9a:53:8d:53:a6:77:d3:65:4c:05:d3:71:9c:74:
c7:6e:ed:ab:35:97:15:f8:e4:2c:12:34:a7:ef:b8:
3f:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:7E:8F:D2:8C:82:56:C2:5A:C4:81:04:DC:67:ED:34:2E:2A:CE:DC
X509v3 Authority Key Identifier:
keyid:26:BD:DA:E0:4D:BC:B1:F8:2F:55:B0:78:30:7B:A4:B0:84:B9:94:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Jr3a4E28sfgvVbB4MHuksIS5lLs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/feb3ba-ee90-4f03-9e00-f6179a910b15/1/On6P0oyCVsJaxIEE3GftNC4qztw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/feb3ba-ee90-4f03-9e00-f6179a910b15/1/Jr3a4E28sfgvVbB4MHuksIS5lLs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.231.136.0-103.231.138.255
185.137.108.0/22
Signature Algorithm: sha256WithRSAEncryption
93:bb:38:f1:0a:40:10:f5:21:82:fe:98:3c:3c:41:3f:f1:b4:
c1:b9:10:5b:87:f5:3e:7e:ff:20:67:66:fe:3d:25:ab:52:d6:
f5:f7:ae:1b:52:29:55:db:8c:b9:47:ff:1c:bd:8e:58:2a:3e:
72:df:88:bd:ee:27:9f:0f:54:d4:bd:39:d1:72:af:f1:8c:a8:
08:08:62:04:e5:24:51:6e:80:27:fe:6b:9a:d9:07:45:3a:ed:
6a:8b:24:9a:99:8d:8a:7d:b5:42:77:26:05:06:e1:cd:88:a9:
fc:42:24:29:24:06:28:a2:4d:42:e8:f3:57:11:16:c8:96:e8:
f0:49:69:ab:7d:59:3f:ea:44:f0:b6:37:c0:bc:3e:db:56:f2:
b9:77:23:3b:5e:f0:b6:51:e0:32:e0:ec:18:34:d5:32:fa:39:
92:1f:fa:1a:7f:31:3d:78:7d:7b:b9:62:73:c4:a9:a9:53:86:
e1:4a:40:a8:ef:c0:37:3e:2a:0c:0c:4a:05:4e:d8:7f:ba:a4:
63:a5:36:ae:d0:c0:ee:e2:9d:09:a3:57:f7:62:d9:e7:02:df:
1b:c6:91:df:b9:68:96:e3:84:49:de:c7:f0:6d:9e:5e:4c:81:
02:eb:3a:c6:17:54:a6:b7:63:60:16:13:74:41:08:ae:a6:89:
34:42:2f:18
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZQnthw8TRuimszQRJ0YoykeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2YmRkYWUwNGRiY2IxZjgyZjU1YjA3ODMwN2JhNGIwODRi
OTk0YmIwHhcNMjUwMTAyMTU1MDMzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTdlOGZkMjhjODI1NmMyNWFjNDgxMDRkYzY3ZWQzNDJlMmFjZWRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+y4gR0GHjMLtbv+ThXzcwubtssIx
oldKV2zNm1GleWmD/KCwwBojR+QQUXxGmK1nP9njYvxAwqFytyX1g2PxFk7g/tYF
kqP5idqfGgSVZdhxRIzIDxboaN9AKYc8/SEMUzD/y2/tilxK7qsLHyhePy/EO6rd
VJUGrLStqdmR0TIqUkvEuWrQAIpbWh7WmYBBToGlGZH0JjWmsuKSPaLS/wy//dfN
YEf7sDNxqTL/0nuS2SZ9InFuuVkchxJx3kHcPmOgupBgldOWRjZH3Iq20Kh9F3+Z
7G9RG4dK1ezMmbhImlONU6Z302VMBdNxnHTHbu2rNZcV+OQsEjSn77g/YQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFDp+j9KMglbCWsSBBNxn7TQuKs7cMB8GA1UdIwQY
MBaAFCa92uBNvLH4L1WweDB7pLCEuZS7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSnIzYTRFMjhzZmd2VmJCNE1IdWtzSVM1bExzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNi9mZWIzYmEtZWU5MC00ZjAzLTllMDAt
ZjYxNzlhOTEwYjE1LzEvT242UDBveUNWc0pheElFRTNHZnROQzRxenR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNi9mZWIzYmEtZWU5MC00ZjAzLTllMDAtZjYxNzlhOTEwYjE1
LzEvSnIzYTRFMjhzZmd2VmJCNE1IdWtzSVM1bExzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBANn54gD
BABn54oDBAK5iWwwDQYJKoZIhvcNAQELBQADggEBAJO7OPEKQBD1IYL+mDw8QT/x
tMG5EFuH9T5+/yBnZv49JatS1vX3rhtSKVXbjLlH/xy9jlgqPnLfiL3uJ58PVNS9
OdFyr/GMqAgIYgTlJFFugCf+a5rZB0U67WqLJJqZjYp9tUJ3JgUG4c2IqfxCJCkk
BiiiTULo81cRFsiW6PBJaat9WT/qRPC2N8C8PttW8rl3Izte8LZR4DLg7Bg01TL6
OZIf+hp/MT14fXu5YnPEqalThuFKQKjvwDc+KgwMSgVO2H+6pGOlNq7QwO7inQmj
V/di2ecC3xvGkd+5aJbjhEnex/Btnl5MgQLrOsYXVKa3Y2AWE3RBCK6miTRCLxg=
-----END CERTIFICATE-----
Generated at Sun Apr 20 03:35:27 2025 by rpki-client