Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/b69bba-7200-4f52-b631-fe0a658d9ded/1/RMd-ss5096Ka8m9Jt3F1w9EKz5s.roa
File: RMd-ss5096Ka8m9Jt3F1w9EKz5s.roa (raw, json)
Hash identifier: 3FYZTA2VhIZh0MQfEFapiE6rSat8NDgDbKyBm1NN3ck=
Subject key identifier: 44:C7:7E:B2:CE:74:F7:A2:9A:F2:6F:49:B7:71:75:C3:D1:0A:CF:9B
Certificate issuer: /CN=f1bd02ea44a9bee35b63d1ab3e25b14f19a35a55
Certificate serial: 018CC26D4263CAB5512236C25DF82A036594
Authority key identifier: F1:BD:02:EA:44:A9:BE:E3:5B:63:D1:AB:3E:25:B1:4F:19:A3:5A:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8b0C6kSpvuNbY9GrPiWxTxmjWlU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/b69bba-7200-4f52-b631-fe0a658d9ded/1/RMd-ss5096Ka8m9Jt3F1w9EKz5s.roa
Signing time: Mon 01 Jan 2024 00:29:49 +0000
ROA not before: Mon 01 Jan 2024 00:29:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 36007
IP address blocks: 113.30.149.0/24 maxlen: 24
113.30.148.0/24 maxlen: 24
113.30.151.0/24 maxlen: 24
113.30.150.0/24 maxlen: 24
45.147.250.0/24 maxlen: 24
45.147.251.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fc/b69bba-7200-4f52-b631-fe0a658d9ded/1/8b0C6kSpvuNbY9GrPiWxTxmjWlU.crl
rsync://rpki.ripe.net/repository/DEFAULT/fc/b69bba-7200-4f52-b631-fe0a658d9ded/1/8b0C6kSpvuNbY9GrPiWxTxmjWlU.mft
rsync://rpki.ripe.net/repository/DEFAULT/8b0C6kSpvuNbY9GrPiWxTxmjWlU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 07:02:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:42:63:ca:b5:51:22:36:c2:5d:f8:2a:03:65:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1bd02ea44a9bee35b63d1ab3e25b14f19a35a55
Validity
Not Before: Jan 1 00:29:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=44c77eb2ce74f7a29af26f49b77175c3d10acf9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:45:50:74:35:a5:38:53:ae:d8:58:1b:37:2c:
7d:ce:13:49:33:ef:a9:fe:2f:44:f4:a7:d4:be:29:
0e:27:ee:61:c9:5e:3c:3a:34:09:0d:2f:78:da:f4:
e5:15:9d:6c:08:3e:7d:24:58:8f:ec:9d:19:be:0e:
9d:38:5b:07:52:5a:9a:32:4d:86:1c:6d:78:94:41:
34:ba:d8:eb:ce:06:9d:4c:56:94:c9:65:8b:67:55:
35:69:ee:53:c6:1d:f2:fa:f8:98:84:a4:75:32:c8:
32:13:7d:84:18:b2:58:65:48:47:d9:8f:70:fe:bc:
ea:9f:b8:b8:d2:3a:da:f3:71:61:77:bf:ef:6d:bf:
90:cf:c4:1a:0f:a2:f6:57:fb:9a:01:9c:0e:d7:11:
48:a9:6f:f7:1a:e9:c2:dc:9c:2d:38:7d:61:08:c7:
a7:ba:02:22:b6:8d:44:44:1a:44:29:8f:e2:fc:32:
fd:0b:4f:68:04:8b:b3:91:a4:53:ee:9d:94:45:0f:
fd:63:71:3c:05:40:be:7d:01:05:d8:bf:79:6b:90:
0d:e6:20:9c:82:0d:86:b8:61:b8:c7:3f:32:92:06:
1f:ce:5b:4a:4c:dc:9c:30:b5:bc:82:d7:82:13:60:
0c:98:0f:1a:7a:7a:d0:05:ad:64:11:18:f8:70:93:
0e:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:C7:7E:B2:CE:74:F7:A2:9A:F2:6F:49:B7:71:75:C3:D1:0A:CF:9B
X509v3 Authority Key Identifier:
keyid:F1:BD:02:EA:44:A9:BE:E3:5B:63:D1:AB:3E:25:B1:4F:19:A3:5A:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b0C6kSpvuNbY9GrPiWxTxmjWlU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/b69bba-7200-4f52-b631-fe0a658d9ded/1/RMd-ss5096Ka8m9Jt3F1w9EKz5s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/b69bba-7200-4f52-b631-fe0a658d9ded/1/8b0C6kSpvuNbY9GrPiWxTxmjWlU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.147.250.0/23
113.30.148.0/22
Signature Algorithm: sha256WithRSAEncryption
35:b2:d8:87:50:65:67:0a:67:e0:50:c1:c1:bb:6e:e8:0e:10:
f8:e0:97:a0:c4:c4:5f:5f:4c:c4:67:31:a8:b3:63:f2:37:05:
16:49:9e:21:71:a1:f7:b1:4c:dd:36:eb:c9:12:4f:06:38:2a:
f5:2d:e6:3f:2c:b4:53:e2:b7:75:3a:fe:65:de:d7:24:67:55:
b4:cc:2b:d7:a5:2a:ea:c3:0b:7f:da:a2:06:59:d9:32:ea:2a:
05:ab:0f:bb:ea:fa:54:42:9a:ff:9a:ad:8f:a5:89:fd:67:7a:
ba:bd:ae:d5:94:31:2c:ab:de:e8:be:2e:d6:15:41:21:67:5b:
21:68:3f:f1:fc:47:fe:d7:00:bf:97:22:21:7d:4f:75:b5:2c:
e6:e4:f4:70:ab:05:61:40:df:22:cc:cf:1e:5a:bb:44:8d:ab:
db:69:89:c4:4a:32:d9:91:66:c1:99:28:b6:e3:98:c4:e7:6d:
d0:e1:a3:ab:59:ff:c8:07:e4:39:3a:cf:fb:d3:e9:bb:98:67:
65:e7:96:7c:22:e6:87:58:eb:55:bd:4f:97:ac:9c:9a:56:87:
48:da:de:e2:4b:4b:ae:b5:97:c6:f9:0b:f0:29:c0:65:d7:c4:
a7:5f:a8:d4:45:73:f7:1a:3e:2d:61:5c:f6:68:f2:34:1f:54:
c3:31:52:38
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzCbUJjyrVRIjbCXfgqA2WUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxYmQwMmVhNDRhOWJlZTM1YjYzZDFhYjNlMjViMTRmMTlh
MzVhNTUwHhcNMjQwMTAxMDAyOTQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NGM3N2ViMmNlNzRmN2EyOWFmMjZmNDliNzcxNzVjM2QxMGFjZjliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqUVQdDWlOFOu2FgbNyx9zhNJM++p
/i9E9KfUvikOJ+5hyV48OjQJDS942vTlFZ1sCD59JFiP7J0Zvg6dOFsHUlqaMk2G
HG14lEE0utjrzgadTFaUyWWLZ1U1ae5Txh3y+viYhKR1MsgyE32EGLJYZUhH2Y9w
/rzqn7i40jra83Fhd7/vbb+Qz8QaD6L2V/uaAZwO1xFIqW/3GunC3JwtOH1hCMen
ugIito1ERBpEKY/i/DL9C09oBIuzkaRT7p2URQ/9Y3E8BUC+fQEF2L95a5AN5iCc
gg2GuGG4xz8ykgYfzltKTNycMLW8gteCE2AMmA8aenrQBa1kERj4cJMOhwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFETHfrLOdPeimvJvSbdxdcPRCs+bMB8GA1UdIwQY
MBaAFPG9AupEqb7jW2PRqz4lsU8Zo1pVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGIwQzZrU3B2dU5iWTlHclBpV3hUeG1qV2xVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy9iNjliYmEtNzIwMC00ZjUyLWI2MzEt
ZmUwYTY1OGQ5ZGVkLzEvUk1kLXNzNTA5NkthOG05SnQzRjF3OUVLejVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy9iNjliYmEtNzIwMC00ZjUyLWI2MzEtZmUwYTY1OGQ5ZGVk
LzEvOGIwQzZrU3B2dU5iWTlHclBpV3hUeG1qV2xVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBLZP6AwQC
cR6UMA0GCSqGSIb3DQEBCwUAA4IBAQA1stiHUGVnCmfgUMHBu27oDhD44JegxMRf
X0zEZzGos2PyNwUWSZ4hcaH3sUzdNuvJEk8GOCr1LeY/LLRT4rd1Ov5l3tckZ1W0
zCvXpSrqwwt/2qIGWdky6ioFqw+76vpUQpr/mq2PpYn9Z3q6va7VlDEsq97ovi7W
FUEhZ1shaD/x/Ef+1wC/lyIhfU91tSzm5PRwqwVhQN8izM8eWrtEjavbaYnESjLZ
kWbBmSi245jE523Q4aOrWf/IB+Q5Os/70+m7mGdl55Z8IuaHWOtVvU+XrJyaVodI
2t7iS0uutZfG+QvwKcBl18SnX6jURXP3Gj4tYVz2aPI0H1TDMVI4
-----END CERTIFICATE-----
Generated at Fri Nov 22 15:03:14 2024 by rpki-client on console-ams.rpki-client.org