Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/79e905-fb0d-4b8b-9390-50d2b70bcf31/1/ClTB3bu6h9My_FzrFH8g1fusj0M.roa
File: ClTB3bu6h9My_FzrFH8g1fusj0M.roa (raw, json)
Hash identifier: eA2dJiPmxnn3Cuyg81Fqx+5CcLurcsxwpUeUniOCF3w=
Subject key identifier: 0A:54:C1:DD:BB:BA:87:D3:32:FC:5C:EB:14:7F:20:D5:FB:AC:8F:43
Certificate issuer: /CN=f2e2810f49b36fdd641c326bd1de4e42d128b046
Certificate serial: 018CCA29BA0161DCEBC2ED1E417046F4396A
Authority key identifier: F2:E2:81:0F:49:B3:6F:DD:64:1C:32:6B:D1:DE:4E:42:D1:28:B0:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8uKBD0mzb91kHDJr0d5OQtEosEY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/79e905-fb0d-4b8b-9390-50d2b70bcf31/1/ClTB3bu6h9My_FzrFH8g1fusj0M.roa
Signing time: Tue 02 Jan 2024 12:33:01 +0000
ROA not before: Tue 02 Jan 2024 12:33:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34970
IP address blocks: 212.103.22.0/23 maxlen: 24
212.103.24.0/24 maxlen: 24
212.103.28.0/24 maxlen: 24
212.103.25.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fb/79e905-fb0d-4b8b-9390-50d2b70bcf31/1/8uKBD0mzb91kHDJr0d5OQtEosEY.crl
rsync://rpki.ripe.net/repository/DEFAULT/fb/79e905-fb0d-4b8b-9390-50d2b70bcf31/1/8uKBD0mzb91kHDJr0d5OQtEosEY.mft
rsync://rpki.ripe.net/repository/DEFAULT/8uKBD0mzb91kHDJr0d5OQtEosEY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:29:ba:01:61:dc:eb:c2:ed:1e:41:70:46:f4:39:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f2e2810f49b36fdd641c326bd1de4e42d128b046
Validity
Not Before: Jan 2 12:33:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0a54c1ddbbba87d332fc5ceb147f20d5fbac8f43
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:59:3c:cd:cb:02:1c:2a:ac:b0:86:be:ad:95:
be:cd:7c:d6:34:c9:29:7a:91:f2:55:ad:3d:5c:b2:
ac:3f:7e:6b:01:e2:98:08:84:fa:4d:27:9c:45:d6:
03:7c:9f:b3:54:9d:07:83:30:dc:8b:a8:57:66:5d:
6a:b1:95:75:a8:36:0b:aa:44:f1:b7:fd:6f:43:ec:
93:05:b2:38:97:31:c1:8c:73:ba:56:b7:86:37:da:
05:ad:ba:39:99:b4:ac:a4:89:be:d3:f2:06:a0:6f:
66:81:41:90:ad:c3:f5:a6:ee:af:1c:b8:b3:ea:59:
3d:be:4c:78:fd:d8:92:7b:53:c6:ed:94:fc:e9:d1:
ad:c7:3a:b8:73:83:8b:2c:41:96:0c:ea:4e:5f:65:
22:34:79:89:ba:c4:e7:0b:75:35:85:a3:53:54:44:
09:52:86:52:04:5d:dc:e6:b6:0b:0d:19:2d:98:2d:
8d:a5:97:a6:99:b9:af:f3:7b:f8:76:f6:1e:d0:4a:
d8:c2:4a:5f:57:7f:60:47:8a:8e:53:cf:f5:06:ab:
09:b9:a4:28:8c:60:53:49:16:98:b0:4a:3f:c2:fc:
b3:4c:6a:47:a4:00:07:56:57:66:10:3c:c2:87:56:
bc:9b:3f:33:74:a8:35:87:6e:a7:35:f4:6b:a5:e4:
26:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:54:C1:DD:BB:BA:87:D3:32:FC:5C:EB:14:7F:20:D5:FB:AC:8F:43
X509v3 Authority Key Identifier:
keyid:F2:E2:81:0F:49:B3:6F:DD:64:1C:32:6B:D1:DE:4E:42:D1:28:B0:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8uKBD0mzb91kHDJr0d5OQtEosEY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/79e905-fb0d-4b8b-9390-50d2b70bcf31/1/ClTB3bu6h9My_FzrFH8g1fusj0M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/79e905-fb0d-4b8b-9390-50d2b70bcf31/1/8uKBD0mzb91kHDJr0d5OQtEosEY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.103.22.0-212.103.25.255
212.103.28.0/24
Signature Algorithm: sha256WithRSAEncryption
13:5c:95:0e:6a:a6:dc:52:43:22:0f:66:3a:5e:2c:82:d8:c4:
b7:57:3d:f8:10:02:3a:99:2d:1a:c0:7b:17:a9:1b:37:0e:5a:
06:74:d9:8c:d7:56:7f:b9:32:4d:5c:2d:23:eb:f6:cd:1d:af:
79:f2:c9:a2:21:ea:a7:e0:5a:cd:95:1a:4d:a9:f8:ad:2a:b4:
50:62:a2:48:3c:95:d0:9a:99:7b:09:17:3f:4d:5d:32:22:1e:
f3:56:df:b6:f4:dd:a9:ce:ab:42:32:fd:d5:8e:09:25:cc:98:
87:8e:c0:ca:5c:54:fa:b2:27:8a:a7:4a:f1:a2:40:56:74:2e:
d2:96:e3:e2:f9:ef:0a:60:9d:9a:5e:08:93:70:c0:82:2e:28:
90:84:cd:91:2b:7f:f5:ed:8e:d4:0c:b5:9d:1b:0b:48:66:8c:
20:07:1c:93:ad:ef:c8:64:f0:26:6e:89:d4:2b:17:f1:83:30:
a2:f2:90:bb:a4:63:89:f0:be:b1:a0:81:ba:6a:b7:16:3e:ee:
0b:38:cb:84:c0:62:98:30:ab:50:3a:9f:db:a6:13:9e:58:94:
71:02:e3:2a:83:45:83:da:82:66:95:e1:87:9d:c1:7e:fe:e5:
1a:8c:c2:46:d7:e6:56:f9:90:4e:cb:98:be:4a:db:f4:ec:5c:
ba:fd:e4:39
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYzKKboBYdzrwu0eQXBG9DlqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYyZTI4MTBmNDliMzZmZGQ2NDFjMzI2YmQxZGU0ZTQyZDEy
OGIwNDYwHhcNMjQwMTAyMTIzMzAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTU0YzFkZGJiYmE4N2QzMzJmYzVjZWIxNDdmMjBkNWZiYWM4ZjQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAilk8zcsCHCqssIa+rZW+zXzWNMkp
epHyVa09XLKsP35rAeKYCIT6TSecRdYDfJ+zVJ0HgzDci6hXZl1qsZV1qDYLqkTx
t/1vQ+yTBbI4lzHBjHO6VreGN9oFrbo5mbSspIm+0/IGoG9mgUGQrcP1pu6vHLiz
6lk9vkx4/diSe1PG7ZT86dGtxzq4c4OLLEGWDOpOX2UiNHmJusTnC3U1haNTVEQJ
UoZSBF3c5rYLDRktmC2NpZemmbmv83v4dvYe0ErYwkpfV39gR4qOU8/1BqsJuaQo
jGBTSRaYsEo/wvyzTGpHpAAHVldmEDzCh1a8mz8zdKg1h26nNfRrpeQm9QIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFApUwd27uofTMvxc6xR/INX7rI9DMB8GA1UdIwQY
MBaAFPLigQ9Js2/dZBwya9HeTkLRKLBGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOHVLQkQwbXpiOTFrSERKcjBkNU9RdEVvc0VZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi83OWU5MDUtZmIwZC00YjhiLTkzOTAt
NTBkMmI3MGJjZjMxLzEvQ2xUQjNidTZoOU15X0Z6ckZIOGcxZnVzajBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi83OWU5MDUtZmIwZC00YjhiLTkzOTAtNTBkMmI3MGJjZjMx
LzEvOHVLQkQwbXpiOTFrSERKcjBkNU9RdEVvc0VZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAHUZxYD
BAHUZxgDBADUZxwwDQYJKoZIhvcNAQELBQADggEBABNclQ5qptxSQyIPZjpeLILY
xLdXPfgQAjqZLRrAexepGzcOWgZ02YzXVn+5Mk1cLSPr9s0dr3nyyaIh6qfgWs2V
Gk2p+K0qtFBiokg8ldCamXsJFz9NXTIiHvNW37b03anOq0Iy/dWOCSXMmIeOwMpc
VPqyJ4qnSvGiQFZ0LtKW4+L57wpgnZpeCJNwwIIuKJCEzZErf/XtjtQMtZ0bC0hm
jCAHHJOt78hk8CZuidQrF/GDMKLykLukY4nwvrGggbpqtxY+7gs4y4TAYpgwq1A6
n9umE55YlHEC4yqDRYPagmaV4YedwX7+5RqMwkbX5lb5kE7LmL5K2/TsXLr95Dk=
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:43:14 2024 by rpki-client on console-fra.rpki-client.org