Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d6/feb3ba-ee90-4f03-9e00-f6179a910b15/1/z9DXA4bR1O_oyqlyRFjjAJwKX7M.roa
File: z9DXA4bR1O_oyqlyRFjjAJwKX7M.roa (raw, json)
Hash identifier: RUsCUGzFsvO7Og70cW7tDiCDdfv1iNFIr2vahA8I5Dc=
Subject key identifier: CF:D0:D7:03:86:D1:D4:EF:E8:CA:A9:72:44:58:E3:00:9C:0A:5F:B3
Certificate issuer: /CN=26bddae04dbcb1f82f55b078307ba4b084b994bb
Certificate serial: 018E7C268CD5B2269282482881D3ED44628E
Authority key identifier: 26:BD:DA:E0:4D:BC:B1:F8:2F:55:B0:78:30:7B:A4:B0:84:B9:94:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Jr3a4E28sfgvVbB4MHuksIS5lLs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d6/feb3ba-ee90-4f03-9e00-f6179a910b15/1/z9DXA4bR1O_oyqlyRFjjAJwKX7M.roa
Signing time: Tue 26 Mar 2024 19:04:44 +0000
ROA not before: Tue 26 Mar 2024 19:04:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49596
IP address blocks: 103.231.138.0/24 maxlen: 24
103.231.139.0/24 maxlen: 24
185.137.108.0/22 maxlen: 22
185.137.108.0/24 maxlen: 24
185.137.109.0/24 maxlen: 24
185.137.110.0/24 maxlen: 24
185.137.111.0/24 maxlen: 24
2a07:380::/29 maxlen: 29
2a07:387::/32 maxlen: 32
2a0a:40c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d6/feb3ba-ee90-4f03-9e00-f6179a910b15/1/Jr3a4E28sfgvVbB4MHuksIS5lLs.crl
rsync://rpki.ripe.net/repository/DEFAULT/d6/feb3ba-ee90-4f03-9e00-f6179a910b15/1/Jr3a4E28sfgvVbB4MHuksIS5lLs.mft
rsync://rpki.ripe.net/repository/DEFAULT/Jr3a4E28sfgvVbB4MHuksIS5lLs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 16 Jun 2024 04:02:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:7c:26:8c:d5:b2:26:92:82:48:28:81:d3:ed:44:62:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=26bddae04dbcb1f82f55b078307ba4b084b994bb
Validity
Not Before: Mar 26 19:04:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cfd0d70386d1d4efe8caa9724458e3009c0a5fb3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:44:12:74:a6:06:9c:45:c2:24:48:89:47:29:
1f:0d:af:20:2a:28:e1:5b:5c:50:ae:ee:e6:27:d4:
da:11:7a:20:9a:4b:02:f7:f8:fe:0c:4c:b7:e9:8d:
4b:9b:71:a5:55:68:ba:0f:54:85:67:a6:20:c8:8c:
93:c8:a1:b7:71:77:a7:a3:77:cf:ec:f2:49:83:7d:
0b:fc:60:d2:ab:66:f9:2f:52:43:fb:02:71:de:33:
c9:7b:63:ba:b7:47:1f:29:5a:26:81:9e:fa:40:30:
30:6b:ec:e2:fc:d5:78:6e:57:c3:9d:81:bb:75:52:
b9:1b:35:55:57:57:94:7e:76:4c:ed:b9:f6:67:ea:
e3:80:6f:49:44:b7:c8:d3:c2:78:ce:60:2c:1a:64:
38:ee:78:e6:a2:ed:ec:69:e2:66:1c:bc:8e:b5:5f:
fb:e3:20:32:4c:e2:2f:ae:43:e7:92:dc:0e:17:53:
c6:10:7a:b2:2a:f2:2c:35:80:98:5e:57:70:ce:32:
1b:77:a0:53:60:69:0c:02:e1:81:05:1d:02:aa:40:
65:d9:35:32:fa:11:28:2a:4a:58:f0:92:46:68:08:
d9:2a:b9:72:5a:ca:f7:79:7a:12:17:04:50:48:87:
e5:d1:6b:33:c2:42:9b:a7:18:6d:d0:16:77:a0:54:
4d:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:D0:D7:03:86:D1:D4:EF:E8:CA:A9:72:44:58:E3:00:9C:0A:5F:B3
X509v3 Authority Key Identifier:
keyid:26:BD:DA:E0:4D:BC:B1:F8:2F:55:B0:78:30:7B:A4:B0:84:B9:94:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Jr3a4E28sfgvVbB4MHuksIS5lLs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/feb3ba-ee90-4f03-9e00-f6179a910b15/1/z9DXA4bR1O_oyqlyRFjjAJwKX7M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/feb3ba-ee90-4f03-9e00-f6179a910b15/1/Jr3a4E28sfgvVbB4MHuksIS5lLs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.231.138.0/23
185.137.108.0/22
IPv6:
2a07:380::/29
2a0a:40c0::/29
Signature Algorithm: sha256WithRSAEncryption
81:5a:25:56:31:df:3f:4a:fb:fe:2b:94:b0:8e:93:d8:c5:09:
e3:0a:e1:f2:5f:60:f2:f0:ee:05:96:d6:93:77:36:e4:33:48:
80:29:a1:27:2e:d2:ea:c6:5e:75:74:68:84:c9:70:48:8a:96:
45:cf:a1:74:63:2b:a0:d1:2b:09:26:cf:b2:91:c1:3b:c1:cb:
3c:94:38:0a:f3:e1:6f:7b:20:f5:d9:07:ec:b5:63:5e:39:92:
df:92:ac:ed:9d:11:b5:1f:db:80:5b:3d:d3:ce:0a:89:08:51:
0a:c9:92:50:b6:c8:fd:91:70:d4:c6:a1:fb:ff:6b:3e:2e:c6:
f1:2b:db:03:f1:3e:00:7b:88:8e:94:fd:94:73:ee:da:2e:55:
fc:dc:6d:3a:85:bb:a4:0a:46:df:f8:25:3a:1e:bb:24:02:ce:
91:c6:80:4c:bf:18:0c:12:cb:35:0f:92:1b:18:be:41:3b:7b:
fd:df:8f:e8:f4:7f:95:31:11:74:4a:0b:ca:e9:b5:bb:27:4e:
63:14:a1:8c:99:37:8b:5b:06:75:19:bb:fc:50:a7:c0:00:f2:
55:a2:7b:5f:23:40:f2:32:37:10:3c:57:ba:13:7e:bc:5d:6a:
f8:4b:2d:3f:cb:5c:51:7d:54:35:59:d7:5a:90:95:fa:ac:f6:
3a:30:98:8d
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAY58JozVsiaSgkgogdPtRGKOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2YmRkYWUwNGRiY2IxZjgyZjU1YjA3ODMwN2JhNGIwODRi
OTk0YmIwHhcNMjQwMzI2MTkwNDQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZmQwZDcwMzg2ZDFkNGVmZThjYWE5NzI0NDU4ZTMwMDljMGE1ZmIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApEQSdKYGnEXCJEiJRykfDa8gKijh
W1xQru7mJ9TaEXogmksC9/j+DEy36Y1Lm3GlVWi6D1SFZ6YgyIyTyKG3cXeno3fP
7PJJg30L/GDSq2b5L1JD+wJx3jPJe2O6t0cfKVomgZ76QDAwa+zi/NV4blfDnYG7
dVK5GzVVV1eUfnZM7bn2Z+rjgG9JRLfI08J4zmAsGmQ47njmou3saeJmHLyOtV/7
4yAyTOIvrkPnktwOF1PGEHqyKvIsNYCYXldwzjIbd6BTYGkMAuGBBR0CqkBl2TUy
+hEoKkpY8JJGaAjZKrlyWsr3eXoSFwRQSIfl0WszwkKbpxht0BZ3oFRN8wIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFM/Q1wOG0dTv6MqpckRY4wCcCl+zMB8GA1UdIwQY
MBaAFCa92uBNvLH4L1WweDB7pLCEuZS7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSnIzYTRFMjhzZmd2VmJCNE1IdWtzSVM1bExzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNi9mZWIzYmEtZWU5MC00ZjAzLTllMDAt
ZjYxNzlhOTEwYjE1LzEvejlEWEE0YlIxT19veXFseVJGampBSndLWDdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNi9mZWIzYmEtZWU5MC00ZjAzLTllMDAtZjYxNzlhOTEwYjE1
LzEvSnIzYTRFMjhzZmd2VmJCNE1IdWtzSVM1bExzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQBZ+eKAwQC
uYlsMBQEAgACMA4DBQMqBwOAAwUDKgpAwDANBgkqhkiG9w0BAQsFAAOCAQEAgVol
VjHfP0r7/iuUsI6T2MUJ4wrh8l9g8vDuBZbWk3c25DNIgCmhJy7S6sZedXRohMlw
SIqWRc+hdGMroNErCSbPspHBO8HLPJQ4CvPhb3sg9dkH7LVjXjmS35Ks7Z0RtR/b
gFs9084KiQhRCsmSULbI/ZFw1Mah+/9rPi7G8SvbA/E+AHuIjpT9lHPu2i5V/Nxt
OoW7pApG3/glOh67JALOkcaATL8YDBLLNQ+SGxi+QTt7/d+P6PR/lTERdEoLyum1
uydOYxShjJk3i1sGdRm7/FCnwADyVaJ7XyNA8jI3EDxXuhN+vF1q+EstP8tcUX1U
NVnXWpCV+qz2OjCYjQ==
-----END CERTIFICATE-----
Generated at Sat Jun 15 11:17:26 2024 by rpki-client on console-fra.rpki-client.org