Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/DuKPBdqM3cl4qcXLKNVwx9-UKjE.roa
File: DuKPBdqM3cl4qcXLKNVwx9-UKjE.roa (raw, json)
Hash identifier: 5Z5HMPjYR6D2KZeF3msbLmxYy6YxqohNZc+9NRsHshs=
Subject key identifier: 0E:E2:8F:05:DA:8C:DD:C9:78:A9:C5:CB:28:D5:70:C7:DF:94:2A:31
Certificate issuer: /CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Certificate serial: 0192FCD0979DE4494073488CD81A439CF541
Authority key identifier: 6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/DuKPBdqM3cl4qcXLKNVwx9-UKjE.roa
Signing time: Tue 05 Nov 2024 14:53:01 +0000
ROA not before: Tue 05 Nov 2024 14:53:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2914
IP address blocks: 217.177.8.0/22 maxlen: 24
217.177.40.0/22 maxlen: 24
217.177.44.0/22 maxlen: 24
217.177.48.0/22 maxlen: 24
217.177.52.0/22 maxlen: 24
217.177.80.0/22 maxlen: 24
217.177.84.0/22 maxlen: 24
217.180.22.0/23 maxlen: 24
217.180.40.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.crl
rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.mft
rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:fc:d0:97:9d:e4:49:40:73:48:8c:d8:1a:43:9c:f5:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Validity
Not Before: Nov 5 14:53:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0ee28f05da8cddc978a9c5cb28d570c7df942a31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:43:e4:81:5b:ff:1f:05:ae:19:f7:04:c7:68:
fb:4d:1b:e4:56:21:ea:87:48:05:f9:6e:1e:25:50:
96:e0:96:f7:bb:b4:2b:2a:d6:e3:5a:47:9f:d0:6b:
23:58:2f:f8:5e:28:fe:dd:df:3b:f2:89:bc:f4:d6:
6c:9e:06:3e:15:ee:56:72:40:fa:b1:8c:a0:32:51:
0a:6e:7c:8f:a8:fc:58:08:8c:be:d1:ba:ae:99:66:
07:e8:e3:b0:94:9c:96:cc:87:5b:d8:5c:ef:0d:ed:
a9:64:08:df:95:a7:3f:bc:7c:25:48:fe:e5:c0:e6:
cb:8c:b6:44:87:cb:c9:23:85:67:14:12:eb:42:75:
46:ac:de:a5:63:e4:45:9d:40:97:61:5b:84:f6:c7:
a7:46:c2:7c:1e:81:ac:fa:ba:91:6a:17:b8:85:ae:
cc:11:5a:c1:f4:32:86:f7:2f:d5:5f:0b:83:5c:d8:
57:65:24:25:b3:d2:70:c8:a7:ab:9f:e7:30:b5:b2:
c4:3d:27:eb:18:bc:0b:00:74:2a:70:20:49:41:86:
2f:9e:6c:4e:70:61:24:9f:5f:b9:1d:cf:ac:c7:dd:
5e:c0:0b:bf:2e:4c:a0:e6:64:04:dd:12:6e:16:ac:
de:4c:b8:e4:c8:22:47:98:fa:df:09:54:33:c7:ee:
34:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:E2:8F:05:DA:8C:DD:C9:78:A9:C5:CB:28:D5:70:C7:DF:94:2A:31
X509v3 Authority Key Identifier:
keyid:6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/DuKPBdqM3cl4qcXLKNVwx9-UKjE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.177.8.0/22
217.177.40.0-217.177.55.255
217.177.80.0/21
217.180.22.0/23
217.180.40.0/22
Signature Algorithm: sha256WithRSAEncryption
33:83:cd:cf:8a:d7:5a:c2:68:2a:46:b0:23:84:7e:61:4d:58:
25:74:07:43:66:44:18:f3:c0:7a:55:12:ac:43:2b:3b:a3:8e:
5d:de:e9:da:28:88:83:9d:0f:ea:ff:87:8d:3d:b8:f8:07:d7:
a7:96:e5:26:4a:f7:cb:c7:5b:0f:e3:25:e3:d7:30:38:a7:a9:
7e:68:e7:17:85:9d:7a:7a:31:b9:ff:c3:f4:00:bb:76:fa:90:
b5:9f:7a:fe:0e:4c:58:a1:de:4d:3d:ef:02:57:98:1f:7f:7f:
cf:e5:dd:2a:b4:56:8a:87:24:cb:58:61:7b:98:63:64:ab:81:
89:94:22:a6:4d:c0:8d:8b:d5:b5:8e:4b:d7:0b:bc:92:04:54:
bf:8d:89:ac:66:52:a6:28:43:64:6c:b8:76:cf:a4:34:0a:ea:
65:4e:61:a4:9b:91:5f:3f:be:45:92:03:34:17:b3:7e:4a:75:
da:b3:0d:f5:28:78:17:4d:e4:7d:90:e0:7f:ae:7c:1f:86:3c:
f1:f5:da:57:1b:1d:14:fc:54:cb:2f:db:99:32:15:90:97:69:
3e:be:d9:f4:a9:bb:1c:96:73:2e:23:30:10:b3:19:ea:0a:14:
b7:fc:2b:1d:a7:2d:86:b0:a6:32:11:95:82:f6:2c:ce:05:fc:
4c:ed:af:d9
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZL80Jed5ElAc0iM2BpDnPVBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhNTgzNmRkZTliOWRhZWYzNWE4YTdmNzRkNjMyNmY2YjQy
ZGE3NGQwHhcNMjQxMTA1MTQ1MzAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZWUyOGYwNWRhOGNkZGM5NzhhOWM1Y2IyOGQ1NzBjN2RmOTQyYTMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxUPkgVv/HwWuGfcEx2j7TRvkViHq
h0gF+W4eJVCW4Jb3u7QrKtbjWkef0GsjWC/4Xij+3d878om89NZsngY+Fe5WckD6
sYygMlEKbnyPqPxYCIy+0bqumWYH6OOwlJyWzIdb2FzvDe2pZAjflac/vHwlSP7l
wObLjLZEh8vJI4VnFBLrQnVGrN6lY+RFnUCXYVuE9senRsJ8HoGs+rqRahe4ha7M
EVrB9DKG9y/VXwuDXNhXZSQls9JwyKern+cwtbLEPSfrGLwLAHQqcCBJQYYvnmxO
cGEkn1+5Hc+sx91ewAu/Lkyg5mQE3RJuFqzeTLjkyCJHmPrfCVQzx+40AwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFA7ijwXajN3JeKnFyyjVcMfflCoxMB8GA1UdIwQY
MBaAFGpYNt3pudrvNain901jJva0LadNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUt
YzE5OTQyNzM3ZTZkLzEvRHVLUEJkcU0zY2w0cWNYTEtOVnd4OS1VS2pFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUtYzE5OTQyNzM3ZTZk
LzEvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQC2bEIMAwD
BAPZsSgDBAPZsTADBAPZsVADBAHZtBYDBALZtCgwDQYJKoZIhvcNAQELBQADggEB
ADODzc+K11rCaCpGsCOEfmFNWCV0B0NmRBjzwHpVEqxDKzujjl3e6dooiIOdD+r/
h409uPgH16eW5SZK98vHWw/jJePXMDinqX5o5xeFnXp6Mbn/w/QAu3b6kLWfev4O
TFih3k097wJXmB9/f8/l3Sq0VoqHJMtYYXuYY2SrgYmUIqZNwI2L1bWOS9cLvJIE
VL+NiaxmUqYoQ2RsuHbPpDQK6mVOYaSbkV8/vkWSAzQXs35KddqzDfUoeBdN5H2Q
4H+ufB+GPPH12lcbHRT8VMsv25kyFZCXaT6+2fSpuxyWcy4jMBCzGeoKFLf8Kx2n
LYawpjIRlYL2LM4F/Eztr9k=
-----END CERTIFICATE-----
Generated at Thu Nov 21 23:54:45 2024 by rpki-client on console-ams.rpki-client.org