Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d6/feb3ba-ee90-4f03-9e00-f6179a910b15/1/fxI8sLxLvwAdVW6AGfWF_E20yyc.roa
File: fxI8sLxLvwAdVW6AGfWF_E20yyc.roa (raw, json)
Hash identifier: mfyUsAsVFadhrb6pHlF5Pg8OOBC6lLaHHtGqtjl/ml4=
Subject key identifier: 7F:12:3C:B0:BC:4B:BF:00:1D:55:6E:80:19:F5:85:FC:4D:B4:CB:27
Certificate issuer: /CN=26bddae04dbcb1f82f55b078307ba4b084b994bb
Certificate serial: 0192DD8DF7231F9BDCE5E850D6CB14F9F7D3
Authority key identifier: 26:BD:DA:E0:4D:BC:B1:F8:2F:55:B0:78:30:7B:A4:B0:84:B9:94:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Jr3a4E28sfgvVbB4MHuksIS5lLs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d6/feb3ba-ee90-4f03-9e00-f6179a910b15/1/fxI8sLxLvwAdVW6AGfWF_E20yyc.roa
Signing time: Wed 30 Oct 2024 13:12:01 +0000
ROA not before: Wed 30 Oct 2024 13:12:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213222
IP address blocks: 103.231.136.0/24 maxlen: 24
103.231.137.0/24 maxlen: 24
103.231.138.0/24 maxlen: 24
185.137.108.0/24 maxlen: 24
185.137.109.0/24 maxlen: 24
185.137.110.0/24 maxlen: 24
185.137.111.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d6/feb3ba-ee90-4f03-9e00-f6179a910b15/1/Jr3a4E28sfgvVbB4MHuksIS5lLs.crl
rsync://rpki.ripe.net/repository/DEFAULT/d6/feb3ba-ee90-4f03-9e00-f6179a910b15/1/Jr3a4E28sfgvVbB4MHuksIS5lLs.mft
rsync://rpki.ripe.net/repository/DEFAULT/Jr3a4E28sfgvVbB4MHuksIS5lLs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:dd:8d:f7:23:1f:9b:dc:e5:e8:50:d6:cb:14:f9:f7:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=26bddae04dbcb1f82f55b078307ba4b084b994bb
Validity
Not Before: Oct 30 13:12:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7f123cb0bc4bbf001d556e8019f585fc4db4cb27
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:4b:79:df:a0:c5:e0:5c:78:16:28:bc:e6:9d:
29:1a:f4:55:87:8e:52:fd:f8:36:0d:4a:04:d2:8b:
20:7a:17:82:19:a8:69:b9:4c:1c:7e:12:3f:03:9e:
39:46:6a:42:a1:bc:8e:45:0d:7b:14:ab:1e:dd:f7:
c3:87:b4:35:d7:b3:a1:89:c1:f9:bc:43:93:e9:5b:
37:0d:9a:df:91:7b:b0:11:cb:69:b5:d8:37:fe:f3:
8d:af:c6:80:9c:e6:df:8c:bb:62:67:e2:b7:f4:66:
f1:e4:5a:d9:fd:9d:10:4c:0f:ea:10:81:2f:ee:04:
cd:9d:1d:31:31:65:b7:7e:c1:35:f2:83:2e:4a:21:
a2:92:11:bd:8f:df:75:43:75:e9:1c:e5:20:d9:7f:
c2:44:6f:7c:6d:4a:30:5a:cd:25:c3:b7:49:08:4d:
21:70:75:8d:91:b6:b3:b7:c6:a1:c1:27:b4:29:8f:
92:10:69:cf:7e:37:de:a1:fd:3b:63:81:de:99:06:
ec:87:60:60:14:57:5b:c2:c6:f3:79:f4:b9:d4:d6:
25:3b:69:42:df:b9:bf:28:53:d0:8c:81:23:98:78:
c5:1d:e6:71:fc:6a:d5:37:d4:ba:fc:cc:d1:a9:7c:
af:35:08:b7:02:c1:37:a8:0f:4b:22:18:bf:7b:a4:
5a:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:12:3C:B0:BC:4B:BF:00:1D:55:6E:80:19:F5:85:FC:4D:B4:CB:27
X509v3 Authority Key Identifier:
keyid:26:BD:DA:E0:4D:BC:B1:F8:2F:55:B0:78:30:7B:A4:B0:84:B9:94:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Jr3a4E28sfgvVbB4MHuksIS5lLs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/feb3ba-ee90-4f03-9e00-f6179a910b15/1/fxI8sLxLvwAdVW6AGfWF_E20yyc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/feb3ba-ee90-4f03-9e00-f6179a910b15/1/Jr3a4E28sfgvVbB4MHuksIS5lLs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.231.136.0-103.231.138.255
185.137.108.0/22
Signature Algorithm: sha256WithRSAEncryption
6a:51:b2:ed:fb:12:1d:6e:e2:e5:d4:ef:9b:ae:a2:2d:09:18:
c9:28:73:fd:b8:de:54:0c:7f:23:e9:f8:8b:7c:fd:2b:00:46:
13:4b:1e:56:11:40:1b:7f:b3:ef:b1:a5:a2:5d:58:7a:ec:5e:
cb:46:2a:2e:b2:74:de:7c:98:e8:0c:2b:e5:a9:16:6d:b4:59:
4a:68:7f:2d:31:44:8e:cf:0e:f8:43:5d:4a:68:4b:4f:cc:ce:
8d:30:98:49:ee:c0:74:89:04:b8:7d:0a:6d:ad:4a:73:5e:85:
f4:ba:d6:9c:1f:35:9e:86:14:b2:53:ad:e1:e4:50:02:e7:21:
07:4d:ed:d1:76:ab:2e:f8:c9:8b:5f:e3:15:09:a0:ab:76:62:
2b:1e:ac:80:72:2f:c8:30:62:f5:a7:d3:a0:b9:96:64:fd:4b:
c5:a2:0d:9f:2a:52:85:95:8c:76:b2:55:41:28:e6:f4:8b:64:
d1:dd:c9:7d:7e:e7:99:96:66:12:5e:cc:be:6c:50:69:b2:17:
72:7c:37:d9:ff:d6:96:e3:a6:54:d1:98:0f:62:0a:2d:87:47:
fd:3b:b2:24:46:d9:9f:da:f8:98:0d:2d:2f:c0:73:9b:45:00:
23:f6:87:33:12:67:4b:ca:10:71:1b:cd:78:a3:af:cd:26:37:
4e:ca:b7:1e
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZLdjfcjH5vc5ehQ1ssU+ffTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2YmRkYWUwNGRiY2IxZjgyZjU1YjA3ODMwN2JhNGIwODRi
OTk0YmIwHhcNMjQxMDMwMTMxMjAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZjEyM2NiMGJjNGJiZjAwMWQ1NTZlODAxOWY1ODVmYzRkYjRjYjI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Ut536DF4Fx4Fii85p0pGvRVh45S
/fg2DUoE0osgeheCGahpuUwcfhI/A545RmpCobyORQ17FKse3ffDh7Q117OhicH5
vEOT6Vs3DZrfkXuwEctptdg3/vONr8aAnObfjLtiZ+K39Gbx5FrZ/Z0QTA/qEIEv
7gTNnR0xMWW3fsE18oMuSiGikhG9j991Q3XpHOUg2X/CRG98bUowWs0lw7dJCE0h
cHWNkbazt8ahwSe0KY+SEGnPfjfeof07Y4HemQbsh2BgFFdbwsbzefS51NYlO2lC
37m/KFPQjIEjmHjFHeZx/GrVN9S6/MzRqXyvNQi3AsE3qA9LIhi/e6Ra+QIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFH8SPLC8S78AHVVugBn1hfxNtMsnMB8GA1UdIwQY
MBaAFCa92uBNvLH4L1WweDB7pLCEuZS7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSnIzYTRFMjhzZmd2VmJCNE1IdWtzSVM1bExzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNi9mZWIzYmEtZWU5MC00ZjAzLTllMDAt
ZjYxNzlhOTEwYjE1LzEvZnhJOHNMeEx2d0FkVlc2QUdmV0ZfRTIweXljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNi9mZWIzYmEtZWU5MC00ZjAzLTllMDAtZjYxNzlhOTEwYjE1
LzEvSnIzYTRFMjhzZmd2VmJCNE1IdWtzSVM1bExzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBANn54gD
BABn54oDBAK5iWwwDQYJKoZIhvcNAQELBQADggEBAGpRsu37Eh1u4uXU75uuoi0J
GMkoc/243lQMfyPp+It8/SsARhNLHlYRQBt/s++xpaJdWHrsXstGKi6ydN58mOgM
K+WpFm20WUpofy0xRI7PDvhDXUpoS0/Mzo0wmEnuwHSJBLh9Cm2tSnNehfS61pwf
NZ6GFLJTreHkUALnIQdN7dF2qy74yYtf4xUJoKt2YiserIByL8gwYvWn06C5lmT9
S8WiDZ8qUoWVjHayVUEo5vSLZNHdyX1+55mWZhJezL5sUGmyF3J8N9n/1pbjplTR
mA9iCi2HR/07siRG2Z/a+JgNLS/Ac5tFACP2hzMSZ0vKEHEbzXijr80mN07Ktx4=
-----END CERTIFICATE-----
Generated at Sat Nov 23 06:17:28 2024 by rpki-client on console-ams.rpki-client.org