Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/b69bba-7200-4f52-b631-fe0a658d9ded/1/PkMAYhOUZg8th2A_dFFEb0WfwwA.roa
File: PkMAYhOUZg8th2A_dFFEb0WfwwA.roa (raw, json)
Hash identifier: c//fMtLBZ1khmxjUw6g+H0+XY61NQ+ZLO4ouywNA50s=
Subject key identifier: 3E:43:00:62:13:94:66:0F:2D:87:60:3F:74:51:44:6F:45:9F:C3:00
Certificate issuer: /CN=f1bd02ea44a9bee35b63d1ab3e25b14f19a35a55
Certificate serial: 018CC26D43669CFC6311D20107BD6D3AEBAE
Authority key identifier: F1:BD:02:EA:44:A9:BE:E3:5B:63:D1:AB:3E:25:B1:4F:19:A3:5A:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8b0C6kSpvuNbY9GrPiWxTxmjWlU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/b69bba-7200-4f52-b631-fe0a658d9ded/1/PkMAYhOUZg8th2A_dFFEb0WfwwA.roa
Signing time: Mon 01 Jan 2024 00:29:49 +0000
ROA not before: Mon 01 Jan 2024 00:29:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204548
IP address blocks: 113.30.190.0/24 maxlen: 24
113.30.191.0/24 maxlen: 24
212.115.110.0/24 maxlen: 24
45.147.248.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fc/b69bba-7200-4f52-b631-fe0a658d9ded/1/8b0C6kSpvuNbY9GrPiWxTxmjWlU.crl
rsync://rpki.ripe.net/repository/DEFAULT/fc/b69bba-7200-4f52-b631-fe0a658d9ded/1/8b0C6kSpvuNbY9GrPiWxTxmjWlU.mft
rsync://rpki.ripe.net/repository/DEFAULT/8b0C6kSpvuNbY9GrPiWxTxmjWlU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:43:66:9c:fc:63:11:d2:01:07:bd:6d:3a:eb:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1bd02ea44a9bee35b63d1ab3e25b14f19a35a55
Validity
Not Before: Jan 1 00:29:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3e4300621394660f2d87603f7451446f459fc300
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:6a:93:79:ba:2e:1c:69:10:73:33:14:10:1a:
e3:a0:a1:e1:45:99:a8:29:3e:0e:f2:22:96:2b:63:
c8:96:e8:c7:73:13:65:78:62:fa:1c:0c:fe:12:3d:
b4:44:e5:61:9a:78:93:bc:86:56:9b:5e:0c:20:d4:
6e:ea:f1:52:1d:11:e9:76:74:8b:ed:b8:4c:49:37:
f4:71:5a:ff:8e:5d:7b:75:98:65:fc:64:6c:67:0e:
23:34:82:b4:15:29:f8:d3:1f:00:32:30:94:a1:75:
8a:91:da:a1:73:ff:e1:e1:8e:40:a2:33:13:ec:69:
97:88:3f:2d:16:e3:32:03:78:64:63:f8:66:dd:da:
18:ce:7b:72:4a:8a:47:c0:d6:e3:88:be:46:92:34:
5c:4a:0f:c9:46:42:69:a5:d6:99:6c:6a:7d:f4:ea:
eb:df:26:b7:ec:7a:27:13:91:e8:a2:ce:4b:a4:f4:
6f:22:8b:4d:7b:50:b9:33:f3:ea:80:47:2d:6e:5c:
ef:08:50:c7:6e:fd:19:44:10:ce:af:f3:28:d4:2b:
34:17:60:97:95:74:ef:f1:ef:99:50:f0:d6:8c:67:
3e:5d:a9:7d:58:75:24:82:e2:dc:1b:c5:76:5f:8c:
97:c7:76:c6:7d:61:b9:76:37:6c:a5:6d:58:3d:20:
d6:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:43:00:62:13:94:66:0F:2D:87:60:3F:74:51:44:6F:45:9F:C3:00
X509v3 Authority Key Identifier:
keyid:F1:BD:02:EA:44:A9:BE:E3:5B:63:D1:AB:3E:25:B1:4F:19:A3:5A:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b0C6kSpvuNbY9GrPiWxTxmjWlU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/b69bba-7200-4f52-b631-fe0a658d9ded/1/PkMAYhOUZg8th2A_dFFEb0WfwwA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/b69bba-7200-4f52-b631-fe0a658d9ded/1/8b0C6kSpvuNbY9GrPiWxTxmjWlU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.147.248.0/24
113.30.190.0/23
212.115.110.0/24
Signature Algorithm: sha256WithRSAEncryption
41:f3:de:dd:51:7c:a4:26:76:25:cb:3e:9c:e1:ae:04:e5:03:
1e:2f:b4:a1:75:08:cd:24:b9:30:94:44:5a:95:94:fb:25:c2:
e3:bc:08:25:d1:aa:da:c5:71:ef:97:51:6b:f9:29:d2:ce:d0:
13:c6:02:5c:48:b0:b9:46:21:67:54:cc:2e:ad:8c:cc:00:be:
e0:a0:07:d0:85:f5:af:5d:65:10:f7:1f:94:38:9a:16:06:78:
b8:ee:e6:bf:a1:4b:42:44:13:48:75:11:7a:18:4b:85:92:07:
80:b9:08:64:d0:f8:ff:4e:1a:82:11:a5:af:51:4b:66:6e:4e:
36:61:b3:c1:ec:5f:2e:b1:f4:fe:46:4b:b7:6f:d3:5a:ff:9a:
5b:ef:98:20:ac:02:e6:19:c1:dd:d4:85:b8:e5:b4:88:8e:2e:
21:bc:f0:9d:1c:24:1a:29:e5:2f:45:e0:4b:73:18:23:51:af:
33:b3:57:59:94:14:f1:de:2a:43:cd:3e:4c:69:cd:e5:fa:c3:
e6:d2:ba:fa:f7:5e:ff:17:0f:7e:aa:52:f9:dc:89:df:f8:8f:
a9:7d:9a:75:e7:95:37:fa:a4:98:94:95:86:ce:b4:37:76:03:
26:8d:6a:df:12:2a:bf:fe:3e:bf:38:35:ce:a9:94:d2:92:e0:
21:18:66:1d
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzCbUNmnPxjEdIBB71tOuuuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxYmQwMmVhNDRhOWJlZTM1YjYzZDFhYjNlMjViMTRmMTlh
MzVhNTUwHhcNMjQwMTAxMDAyOTQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTQzMDA2MjEzOTQ2NjBmMmQ4NzYwM2Y3NDUxNDQ2ZjQ1OWZjMzAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoWqTebouHGkQczMUEBrjoKHhRZmo
KT4O8iKWK2PIlujHcxNleGL6HAz+Ej20ROVhmniTvIZWm14MINRu6vFSHRHpdnSL
7bhMSTf0cVr/jl17dZhl/GRsZw4jNIK0FSn40x8AMjCUoXWKkdqhc//h4Y5AojMT
7GmXiD8tFuMyA3hkY/hm3doYzntySopHwNbjiL5GkjRcSg/JRkJppdaZbGp99Orr
3ya37HonE5Hoos5LpPRvIotNe1C5M/PqgEctblzvCFDHbv0ZRBDOr/Mo1Cs0F2CX
lXTv8e+ZUPDWjGc+Xal9WHUkguLcG8V2X4yXx3bGfWG5djdspW1YPSDWvwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFD5DAGITlGYPLYdgP3RRRG9Fn8MAMB8GA1UdIwQY
MBaAFPG9AupEqb7jW2PRqz4lsU8Zo1pVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGIwQzZrU3B2dU5iWTlHclBpV3hUeG1qV2xVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy9iNjliYmEtNzIwMC00ZjUyLWI2MzEt
ZmUwYTY1OGQ5ZGVkLzEvUGtNQVloT1VaZzh0aDJBX2RGRkViMFdmd3dBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy9iNjliYmEtNzIwMC00ZjUyLWI2MzEtZmUwYTY1OGQ5ZGVk
LzEvOGIwQzZrU3B2dU5iWTlHclBpV3hUeG1qV2xVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALZP4AwQB
cR6+AwQA1HNuMA0GCSqGSIb3DQEBCwUAA4IBAQBB897dUXykJnYlyz6c4a4E5QMe
L7ShdQjNJLkwlERalZT7JcLjvAgl0araxXHvl1Fr+SnSztATxgJcSLC5RiFnVMwu
rYzMAL7goAfQhfWvXWUQ9x+UOJoWBni47ua/oUtCRBNIdRF6GEuFkgeAuQhk0Pj/
ThqCEaWvUUtmbk42YbPB7F8usfT+Rku3b9Na/5pb75ggrALmGcHd1IW45bSIji4h
vPCdHCQaKeUvReBLcxgjUa8zs1dZlBTx3ipDzT5Mac3l+sPm0rr6917/Fw9+qlL5
3Inf+I+pfZp155U3+qSYlJWGzrQ3dgMmjWrfEiq//j6/ODXOqZTSkuAhGGYd
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:28:50 2024 by rpki-client on console-fra.rpki-client.org