Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/dab6ae-dba8-4b28-9c8f-b248cfa96a69/1/yQTN6wKMwPoofcB89TUuC64IbIQ.roa
File: yQTN6wKMwPoofcB89TUuC64IbIQ.roa (raw, json)
Hash identifier: iUnIOPsIJ8934f+BcF8Fy0E8mQ7Mkg8TVZijy0OUN8c=
Subject key identifier: C9:04:CD:EB:02:8C:C0:FA:28:7D:C0:7C:F5:35:2E:0B:AE:08:6C:84
Certificate issuer: /CN=905a109336de89712e249c9846c9dbb1b3c98c7e
Certificate serial: 018CC349540F653362E0B9E773820CE7B28B
Authority key identifier: 90:5A:10:93:36:DE:89:71:2E:24:9C:98:46:C9:DB:B1:B3:C9:8C:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kFoQkzbeiXEuJJyYRsnbsbPJjH4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/dab6ae-dba8-4b28-9c8f-b248cfa96a69/1/yQTN6wKMwPoofcB89TUuC64IbIQ.roa
Signing time: Mon 01 Jan 2024 04:30:11 +0000
ROA not before: Mon 01 Jan 2024 04:30:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216053
IP address blocks: 202.37.103.0/24 maxlen: 24
203.21.4.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e9/dab6ae-dba8-4b28-9c8f-b248cfa96a69/1/kFoQkzbeiXEuJJyYRsnbsbPJjH4.crl
rsync://rpki.ripe.net/repository/DEFAULT/e9/dab6ae-dba8-4b28-9c8f-b248cfa96a69/1/kFoQkzbeiXEuJJyYRsnbsbPJjH4.mft
rsync://rpki.ripe.net/repository/DEFAULT/kFoQkzbeiXEuJJyYRsnbsbPJjH4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:54:0f:65:33:62:e0:b9:e7:73:82:0c:e7:b2:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=905a109336de89712e249c9846c9dbb1b3c98c7e
Validity
Not Before: Jan 1 04:30:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c904cdeb028cc0fa287dc07cf5352e0bae086c84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:47:97:34:11:17:89:39:cf:ee:7b:27:7b:c7:
11:df:66:23:99:96:80:3a:64:c8:a6:42:45:70:eb:
0b:6c:66:58:dd:29:2f:7e:a2:84:a8:df:1e:86:01:
1b:f7:a1:31:e1:f5:b4:1b:d7:be:a2:4c:32:3e:c9:
0e:ac:3a:c2:7a:30:ad:1f:56:9a:a2:76:47:49:80:
3c:7c:43:3d:4c:df:99:4a:d9:20:60:06:b4:e3:7c:
f4:73:8d:89:08:25:f9:bc:80:ed:83:14:ab:7a:e8:
8c:b9:4d:55:60:e5:d6:8d:97:6f:b6:81:08:3f:af:
28:83:a8:57:b2:e4:c8:8a:1d:69:01:f9:8e:94:ff:
23:a5:48:a0:67:18:2e:5b:1c:85:c1:57:be:1c:20:
26:fc:2b:f3:c3:89:60:95:b7:a7:13:f8:3d:3d:c6:
b0:76:4c:73:e5:9f:c1:66:75:de:14:0d:6c:2f:ec:
bf:f5:62:4b:70:3b:26:70:41:22:55:9a:a5:57:26:
d6:b1:d5:fa:17:52:ab:48:40:dd:54:fd:ac:b2:09:
b8:7c:55:4e:ae:25:3e:e0:4f:6d:ca:f0:80:c6:a1:
78:1b:0e:19:dc:42:c8:43:20:17:dc:a9:12:90:a2:
b1:04:e8:36:64:e2:26:83:44:e8:e0:2c:cb:65:b9:
3f:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:04:CD:EB:02:8C:C0:FA:28:7D:C0:7C:F5:35:2E:0B:AE:08:6C:84
X509v3 Authority Key Identifier:
keyid:90:5A:10:93:36:DE:89:71:2E:24:9C:98:46:C9:DB:B1:B3:C9:8C:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kFoQkzbeiXEuJJyYRsnbsbPJjH4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/dab6ae-dba8-4b28-9c8f-b248cfa96a69/1/yQTN6wKMwPoofcB89TUuC64IbIQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/dab6ae-dba8-4b28-9c8f-b248cfa96a69/1/kFoQkzbeiXEuJJyYRsnbsbPJjH4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
202.37.103.0/24
203.21.4.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:48:bc:54:68:43:95:3d:78:78:be:7d:d3:85:b9:9f:5c:3c:
27:d9:c8:da:aa:f2:4d:b7:5f:b2:05:53:12:e9:e4:c3:7b:0e:
37:8a:58:8c:4b:bd:44:c9:70:25:e0:5b:04:9c:96:63:6b:09:
f9:99:f6:49:f9:4c:0b:4c:c1:c1:f1:e9:56:83:1f:57:6d:8c:
91:4d:86:3f:dc:c4:ef:bd:21:94:68:f2:15:38:f6:44:55:4b:
72:80:89:62:e4:41:2a:dc:72:83:89:41:1e:30:39:68:b4:73:
0a:92:4d:cb:8a:ca:e3:40:8e:f2:f1:01:d8:fe:3f:5f:e3:5c:
f1:66:6c:37:5c:62:61:a5:af:59:4b:e0:1c:fe:93:d6:63:8e:
fe:df:b6:5c:70:25:89:5d:34:64:87:ea:47:3f:f8:36:c6:82:
a6:8a:7a:f2:e0:dd:c6:22:4a:80:72:85:63:aa:bb:df:6c:21:
cf:b0:3a:d8:d6:6b:4c:af:8a:c1:b6:9b:f7:71:98:48:fc:60:
bc:85:4d:bb:7f:3c:86:67:5f:f4:dd:b0:02:b2:5f:c7:5f:48:
5b:ef:e7:71:6c:5a:02:45:4b:0d:b3:5a:97:7e:99:93:96:59:
44:05:b9:bf:b1:63:e2:1d:ef:00:7d:9f:ca:a8:3b:82:45:e7:
c6:7a:d7:29
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzDSVQPZTNi4Lnnc4IM57KLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwNWExMDkzMzZkZTg5NzEyZTI0OWM5ODQ2YzlkYmIxYjNj
OThjN2UwHhcNMjQwMTAxMDQzMDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTA0Y2RlYjAyOGNjMGZhMjg3ZGMwN2NmNTM1MmUwYmFlMDg2Yzg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq0eXNBEXiTnP7nsne8cR32YjmZaA
OmTIpkJFcOsLbGZY3SkvfqKEqN8ehgEb96Ex4fW0G9e+okwyPskOrDrCejCtH1aa
onZHSYA8fEM9TN+ZStkgYAa043z0c42JCCX5vIDtgxSreuiMuU1VYOXWjZdvtoEI
P68og6hXsuTIih1pAfmOlP8jpUigZxguWxyFwVe+HCAm/Cvzw4lglbenE/g9Pcaw
dkxz5Z/BZnXeFA1sL+y/9WJLcDsmcEEiVZqlVybWsdX6F1KrSEDdVP2ssgm4fFVO
riU+4E9tyvCAxqF4Gw4Z3ELIQyAX3KkSkKKxBOg2ZOImg0To4CzLZbk/bwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMkEzesCjMD6KH3AfPU1LguuCGyEMB8GA1UdIwQY
MBaAFJBaEJM23olxLiScmEbJ27GzyYx+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva0ZvUWt6YmVpWEV1Skp5WVJzbmJzYlBKakg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS9kYWI2YWUtZGJhOC00YjI4LTljOGYt
YjI0OGNmYTk2YTY5LzEveVFUTjZ3S013UG9vZmNCODlUVXVDNjRJYklRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS9kYWI2YWUtZGJhOC00YjI4LTljOGYtYjI0OGNmYTk2YTY5
LzEva0ZvUWt6YmVpWEV1Skp5WVJzbmJzYlBKakg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAyiVnAwQA
yxUEMA0GCSqGSIb3DQEBCwUAA4IBAQBuSLxUaEOVPXh4vn3ThbmfXDwn2cjaqvJN
t1+yBVMS6eTDew43iliMS71EyXAl4FsEnJZjawn5mfZJ+UwLTMHB8elWgx9XbYyR
TYY/3MTvvSGUaPIVOPZEVUtygIli5EEq3HKDiUEeMDlotHMKkk3LisrjQI7y8QHY
/j9f41zxZmw3XGJhpa9ZS+Ac/pPWY47+37ZccCWJXTRkh+pHP/g2xoKminry4N3G
IkqAcoVjqrvfbCHPsDrY1mtMr4rBtpv3cZhI/GC8hU27fzyGZ1/03bACsl/HX0hb
7+dxbFoCRUsNs1qXfpmTlllEBbm/sWPiHe8AfZ/KqDuCRefGetcp
-----END CERTIFICATE-----
Generated at Sat Nov 23 06:17:47 2024 by rpki-client on console-ams.rpki-client.org