Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/b69bba-7200-4f52-b631-fe0a658d9ded/1/9c9IMdwPViHHlGIXa-EYvM5rE2c.roa
File: 9c9IMdwPViHHlGIXa-EYvM5rE2c.roa (raw, json)
Hash identifier: Y48jer5SEM8eKuN0ygvkfPpOfOkBQ0uV7/NANNuOcto=
Subject key identifier: F5:CF:48:31:DC:0F:56:21:C7:94:62:17:6B:E1:18:BC:CE:6B:13:67
Certificate issuer: /CN=f1bd02ea44a9bee35b63d1ab3e25b14f19a35a55
Certificate serial: 0194228D9CE6E3A5B56A29AEC182A16595EA
Authority key identifier: F1:BD:02:EA:44:A9:BE:E3:5B:63:D1:AB:3E:25:B1:4F:19:A3:5A:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8b0C6kSpvuNbY9GrPiWxTxmjWlU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/b69bba-7200-4f52-b631-fe0a658d9ded/1/9c9IMdwPViHHlGIXa-EYvM5rE2c.roa
Signing time: Wed 01 Jan 2025 15:48:13 +0000
ROA not before: Wed 01 Jan 2025 15:48:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41436
IP address blocks: 113.30.188.0/24 maxlen: 24
113.30.189.0/24 maxlen: 24
185.167.96.0/24 maxlen: 24
185.167.97.0/24 maxlen: 24
185.167.98.0/24 maxlen: 24
185.167.99.0/24 maxlen: 24
185.229.224.0/24 maxlen: 24
185.229.225.0/24 maxlen: 24
185.229.227.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fc/b69bba-7200-4f52-b631-fe0a658d9ded/1/8b0C6kSpvuNbY9GrPiWxTxmjWlU.crl
rsync://rpki.ripe.net/repository/DEFAULT/fc/b69bba-7200-4f52-b631-fe0a658d9ded/1/8b0C6kSpvuNbY9GrPiWxTxmjWlU.mft
rsync://rpki.ripe.net/repository/DEFAULT/8b0C6kSpvuNbY9GrPiWxTxmjWlU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Apr 2025 07:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:9c:e6:e3:a5:b5:6a:29:ae:c1:82:a1:65:95:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1bd02ea44a9bee35b63d1ab3e25b14f19a35a55
Validity
Not Before: Jan 1 15:48:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f5cf4831dc0f5621c79462176be118bcce6b1367
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:25:3c:b3:ff:0e:00:c6:a9:e8:ff:79:de:d6:
db:94:4d:55:e0:8b:cf:b9:60:b1:eb:9d:89:70:02:
d5:92:dd:bf:b6:73:c4:a0:93:6a:1b:fe:81:79:96:
39:64:84:4c:e6:8c:5f:01:c7:bf:75:d4:cd:e4:7b:
2f:ad:9e:86:90:a2:7f:a9:c2:a5:b8:33:f2:7e:1b:
81:48:44:c0:76:02:d0:32:fa:88:02:14:b1:bb:71:
2a:c8:05:be:1a:f7:fa:9e:e2:34:2c:56:7e:84:88:
b4:03:79:83:12:5d:05:fe:cd:7a:06:a3:67:a4:b1:
64:ef:f2:b3:ac:3b:5b:f9:2c:8a:da:16:57:e7:42:
99:07:08:19:3b:cf:53:3f:ae:a0:91:6f:73:ef:a4:
fd:c1:55:d3:8e:40:f0:f6:3a:4c:94:0b:b7:40:a2:
86:da:68:47:01:c6:a7:11:85:1a:2e:62:5d:79:f0:
52:23:45:37:ce:31:a5:81:cd:7b:59:71:39:06:cd:
0a:ce:c0:69:12:ec:c6:88:2c:20:9e:d7:76:53:3c:
7e:3c:5e:eb:b7:0e:39:11:f3:d0:9c:e0:d9:fa:45:
f7:6d:32:a9:f9:16:29:15:97:df:05:e5:99:58:e0:
2d:22:c8:41:54:9e:c7:4b:0a:48:e8:21:bf:8e:e8:
a0:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:CF:48:31:DC:0F:56:21:C7:94:62:17:6B:E1:18:BC:CE:6B:13:67
X509v3 Authority Key Identifier:
keyid:F1:BD:02:EA:44:A9:BE:E3:5B:63:D1:AB:3E:25:B1:4F:19:A3:5A:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b0C6kSpvuNbY9GrPiWxTxmjWlU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/b69bba-7200-4f52-b631-fe0a658d9ded/1/9c9IMdwPViHHlGIXa-EYvM5rE2c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/b69bba-7200-4f52-b631-fe0a658d9ded/1/8b0C6kSpvuNbY9GrPiWxTxmjWlU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
113.30.188.0/23
185.167.96.0/22
185.229.224.0/23
185.229.227.0/24
Signature Algorithm: sha256WithRSAEncryption
da:a0:1f:b3:43:58:c5:01:5e:00:a7:ef:0d:2a:37:46:fc:c7:
49:0b:75:fb:ca:a6:93:4f:5f:68:64:7d:ea:0f:f5:ac:ec:c9:
21:61:9c:65:02:75:bf:a2:ec:10:93:63:34:58:f2:84:93:b0:
d8:8a:46:40:80:a5:c1:f2:79:f4:a6:4f:2b:e4:87:0a:07:14:
a0:d4:71:ce:d5:3a:49:24:f3:5c:2f:06:a7:70:39:fc:59:e2:
20:06:75:bb:c8:8a:5d:f3:b1:72:17:af:13:a3:30:e7:b0:0e:
bf:d4:83:90:b5:be:dd:96:4d:56:8c:77:d6:8f:27:04:0e:9e:
42:61:af:14:a9:1d:be:3c:75:7c:3b:0e:a7:2b:fd:24:c8:8a:
49:8e:0d:06:48:dc:b2:72:2f:59:a1:ca:47:e7:ec:31:a3:26:
a9:e6:a2:98:86:0f:b5:bd:33:d4:59:4c:4a:52:68:45:c5:89:
5c:68:07:00:84:15:e6:38:11:64:ed:a4:18:88:c6:78:e5:11:
0f:61:f7:37:92:35:89:e9:7c:6d:bc:6c:11:2d:50:6e:20:0c:
f8:63:37:5e:4c:95:1a:e5:e9:dd:45:24:74:ab:34:c6:8a:26:
a6:bf:d9:b3:2d:b4:e0:95:0f:27:0e:ad:d8:c7:e8:c6:68:1e:
04:d5:6f:3f
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQijZzm46W1aimuwYKhZZXqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxYmQwMmVhNDRhOWJlZTM1YjYzZDFhYjNlMjViMTRmMTlh
MzVhNTUwHhcNMjUwMTAxMTU0ODEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNWNmNDgzMWRjMGY1NjIxYzc5NDYyMTc2YmUxMThiY2NlNmIxMzY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsSU8s/8OAMap6P953tbblE1V4IvP
uWCx652JcALVkt2/tnPEoJNqG/6BeZY5ZIRM5oxfAce/ddTN5HsvrZ6GkKJ/qcKl
uDPyfhuBSETAdgLQMvqIAhSxu3EqyAW+Gvf6nuI0LFZ+hIi0A3mDEl0F/s16BqNn
pLFk7/KzrDtb+SyK2hZX50KZBwgZO89TP66gkW9z76T9wVXTjkDw9jpMlAu3QKKG
2mhHAcanEYUaLmJdefBSI0U3zjGlgc17WXE5Bs0KzsBpEuzGiCwgntd2Uzx+PF7r
tw45EfPQnODZ+kX3bTKp+RYpFZffBeWZWOAtIshBVJ7HSwpI6CG/juigKQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPXPSDHcD1Yhx5RiF2vhGLzOaxNnMB8GA1UdIwQY
MBaAFPG9AupEqb7jW2PRqz4lsU8Zo1pVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGIwQzZrU3B2dU5iWTlHclBpV3hUeG1qV2xVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy9iNjliYmEtNzIwMC00ZjUyLWI2MzEt
ZmUwYTY1OGQ5ZGVkLzEvOWM5SU1kd1BWaUhIbEdJWGEtRVl2TTVyRTJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy9iNjliYmEtNzIwMC00ZjUyLWI2MzEtZmUwYTY1OGQ5ZGVk
LzEvOGIwQzZrU3B2dU5iWTlHclBpV3hUeG1qV2xVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBcR68AwQC
uadgAwQBueXgAwQAueXjMA0GCSqGSIb3DQEBCwUAA4IBAQDaoB+zQ1jFAV4Ap+8N
KjdG/MdJC3X7yqaTT19oZH3qD/Ws7MkhYZxlAnW/ouwQk2M0WPKEk7DYikZAgKXB
8nn0pk8r5IcKBxSg1HHO1TpJJPNcLwancDn8WeIgBnW7yIpd87FyF68TozDnsA6/
1IOQtb7dlk1WjHfWjycEDp5CYa8UqR2+PHV8Ow6nK/0kyIpJjg0GSNyyci9ZocpH
5+wxoyap5qKYhg+1vTPUWUxKUmhFxYlcaAcAhBXmOBFk7aQYiMZ45REPYfc3kjWJ
6XxtvGwRLVBuIAz4YzdeTJUa5endRSR0qzTGiiamv9mzLbTglQ8nDq3Yx+jGaB4E
1W8/
-----END CERTIFICATE-----
Generated at Sun Apr 20 18:03:35 2025 by rpki-client