Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/fb791b-8013-458a-9a1e-25dbf43804c5/1/DuzRugEDu3E00qO1Eu_kNtxi2sc.roa
File: DuzRugEDu3E00qO1Eu_kNtxi2sc.roa (raw, json)
Hash identifier: uBAiNyJXAYX3E4e0e51jDT7WX2rc5PVnjZu8i4ddhmY=
Subject key identifier: 0E:EC:D1:BA:01:03:BB:71:34:D2:A3:B5:12:EF:E4:36:DC:62:DA:C7
Certificate issuer: /CN=9c542f5df3c1acb857fd50eeb016eed07385ff8c
Certificate serial: 018EBEAED61D58D49FC9AEDE622A6FCFD973
Authority key identifier: 9C:54:2F:5D:F3:C1:AC:B8:57:FD:50:EE:B0:16:EE:D0:73:85:FF:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nFQvXfPBrLhX_VDusBbu0HOF_4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/fb791b-8013-458a-9a1e-25dbf43804c5/1/DuzRugEDu3E00qO1Eu_kNtxi2sc.roa
Signing time: Mon 08 Apr 2024 17:08:32 +0000
ROA not before: Mon 08 Apr 2024 17:08:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34304
IP address blocks: 86.107.57.0/24 maxlen: 24
86.107.60.0/23 maxlen: 23
86.107.63.0/24 maxlen: 24
89.35.224.0/24 maxlen: 24
89.35.229.0/24 maxlen: 24
89.35.232.0/24 maxlen: 24
89.35.235.0/24 maxlen: 24
89.35.236.0/24 maxlen: 24
89.35.238.0/24 maxlen: 24
89.47.0.0/24 maxlen: 24
89.47.12.0/24 maxlen: 24
89.47.14.0/24 maxlen: 24
188.211.164.0/23 maxlen: 23
193.138.192.0/23 maxlen: 23
193.138.194.0/24 maxlen: 24
2a05:8880::/30 maxlen: 30
2a05:8884::/30 maxlen: 30
2a0f:55c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/fb791b-8013-458a-9a1e-25dbf43804c5/1/nFQvXfPBrLhX_VDusBbu0HOF_4w.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/fb791b-8013-458a-9a1e-25dbf43804c5/1/nFQvXfPBrLhX_VDusBbu0HOF_4w.mft
rsync://rpki.ripe.net/repository/DEFAULT/nFQvXfPBrLhX_VDusBbu0HOF_4w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 24 Jun 2024 11:00:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:be:ae:d6:1d:58:d4:9f:c9:ae:de:62:2a:6f:cf:d9:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9c542f5df3c1acb857fd50eeb016eed07385ff8c
Validity
Not Before: Apr 8 17:08:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0eecd1ba0103bb7134d2a3b512efe436dc62dac7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:4a:82:1c:fd:24:31:d9:84:a2:33:14:dd:e9:
8c:61:b5:3a:34:ab:f1:fb:dc:81:25:97:f9:55:5c:
45:fd:a6:7c:98:ff:08:25:ff:44:7a:98:9c:5e:45:
48:26:35:e6:38:ad:04:4c:a8:51:45:cf:58:14:4f:
0f:a4:31:21:a3:c8:14:21:66:38:f6:6a:fb:f5:fe:
87:89:71:03:20:53:cc:85:3f:08:02:b0:59:25:8b:
ee:64:4e:94:8a:86:3d:ac:e9:07:95:a1:f5:63:ed:
3c:a3:04:d8:9c:67:ed:f8:a5:c2:65:28:82:05:f4:
5a:49:75:4e:66:bc:c3:23:ad:f4:db:ef:d5:44:fb:
d9:26:f6:03:f2:b1:5a:e7:0c:47:7c:e9:39:c5:11:
16:a3:ad:bb:a1:8c:6e:e8:67:94:8c:16:9c:28:b8:
f9:2e:38:fa:e1:3b:4d:89:1f:34:fd:ba:76:bb:cb:
4a:27:05:74:67:5a:10:9f:7a:0e:cf:21:63:aa:69:
be:5c:0d:00:44:33:25:b8:94:22:bd:db:c4:f8:87:
62:e0:5f:61:cf:3a:68:4a:bc:56:61:f7:68:84:99:
36:d9:4c:9a:b8:47:ce:db:00:d9:b0:5d:e1:45:9f:
f6:a4:1b:7f:68:de:a4:a9:13:6c:de:fa:49:b5:d4:
a7:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:EC:D1:BA:01:03:BB:71:34:D2:A3:B5:12:EF:E4:36:DC:62:DA:C7
X509v3 Authority Key Identifier:
keyid:9C:54:2F:5D:F3:C1:AC:B8:57:FD:50:EE:B0:16:EE:D0:73:85:FF:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nFQvXfPBrLhX_VDusBbu0HOF_4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/fb791b-8013-458a-9a1e-25dbf43804c5/1/DuzRugEDu3E00qO1Eu_kNtxi2sc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/fb791b-8013-458a-9a1e-25dbf43804c5/1/nFQvXfPBrLhX_VDusBbu0HOF_4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.107.57.0/24
86.107.60.0/23
86.107.63.0/24
89.35.224.0/24
89.35.229.0/24
89.35.232.0/24
89.35.235.0-89.35.236.255
89.35.238.0/24
89.47.0.0/24
89.47.12.0/24
89.47.14.0/24
188.211.164.0/23
193.138.192.0-193.138.194.255
IPv6:
2a05:8880::/29
2a0f:55c0::/29
Signature Algorithm: sha256WithRSAEncryption
0f:91:dc:eb:08:7d:4a:46:7e:b9:d8:e9:5f:55:1f:d0:61:fb:
01:ca:df:c8:12:88:ab:1d:9b:57:6d:4e:1a:31:70:17:a1:3b:
73:2a:8c:af:0a:c4:ca:9f:57:09:33:24:0e:11:34:03:15:3d:
f6:57:f8:98:97:74:a1:c1:31:91:df:2a:f8:31:8d:3b:09:b6:
ce:cd:e7:89:bf:8c:e2:ed:93:4b:03:02:b9:84:82:20:81:ae:
ec:35:8c:3e:0d:49:ba:08:2b:1d:54:74:fc:7b:61:e7:1e:25:
56:ae:92:1a:b3:6c:6e:41:97:df:41:20:00:77:56:9b:c3:7b:
17:3c:ae:36:60:5a:7b:3b:5d:64:86:ec:ab:e3:b2:11:96:a0:
e6:de:53:49:d8:73:ee:5c:ab:7b:b0:0e:b5:ee:57:c0:e7:f5:
1b:e8:d7:74:11:5d:24:eb:7b:3b:21:10:1e:9c:2b:56:ef:5c:
87:e6:5a:bd:7a:8d:d9:27:30:c4:2b:cc:88:65:be:c1:ea:1e:
f0:c0:04:35:a4:bb:c9:f2:04:bf:db:34:13:d0:e9:e8:c2:60:
c1:f2:cc:b0:e2:50:92:4c:3b:d1:d4:e8:40:5b:04:ec:d5:5d:
1a:ea:24:a0:63:9b:70:5a:69:2a:fb:d0:f5:73:e8:86:19:7d:
48:e7:dc:2a
-----BEGIN CERTIFICATE-----
MIIFbDCCBFSgAwIBAgISAY6+rtYdWNSfya7eYipvz9lzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljNTQyZjVkZjNjMWFjYjg1N2ZkNTBlZWIwMTZlZWQwNzM4
NWZmOGMwHhcNMjQwNDA4MTcwODMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZWVjZDFiYTAxMDNiYjcxMzRkMmEzYjUxMmVmZTQzNmRjNjJkYWM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs0qCHP0kMdmEojMU3emMYbU6NKvx
+9yBJZf5VVxF/aZ8mP8IJf9EepicXkVIJjXmOK0ETKhRRc9YFE8PpDEho8gUIWY4
9mr79f6HiXEDIFPMhT8IArBZJYvuZE6UioY9rOkHlaH1Y+08owTYnGft+KXCZSiC
BfRaSXVOZrzDI6302+/VRPvZJvYD8rFa5wxHfOk5xREWo627oYxu6GeUjBacKLj5
Ljj64TtNiR80/bp2u8tKJwV0Z1oQn3oOzyFjqmm+XA0ARDMluJQivdvE+Idi4F9h
zzpoSrxWYfdohJk22UyauEfO2wDZsF3hRZ/2pBt/aN6kqRNs3vpJtdSnMwIDAQAB
o4ICeDCCAnQwHQYDVR0OBBYEFA7s0boBA7txNNKjtRLv5DbcYtrHMB8GA1UdIwQY
MBaAFJxUL13zway4V/1Q7rAW7tBzhf+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkZRdlhmUEJyTGhYX1ZEdXNCYnUwSE9GXzR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9mYjc5MWItODAxMy00NThhLTlhMWUt
MjVkYmY0MzgwNGM1LzEvRHV6UnVnRUR1M0UwMHFPMUV1X2tOdHhpMnNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9mYjc5MWItODAxMy00NThhLTlhMWUtMjVkYmY0MzgwNGM1
LzEvbkZRdlhmUEJyTGhYX1ZEdXNCYnUwSE9GXzR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGNBggrBgEFBQcBBwEB/wR+MHwwZAQCAAEwXgMEAFZrOQME
AVZrPAMEAFZrPwMEAFkj4AMEAFkj5QMEAFkj6DAMAwQAWSPrAwQAWSPsAwQAWSPu
AwQAWS8AAwQAWS8MAwQAWS8OAwQBvNOkMAwDBAbBisADBADBisIwFAQCAAIwDgMF
AyoFiIADBQMqD1XAMA0GCSqGSIb3DQEBCwUAA4IBAQAPkdzrCH1KRn652OlfVR/Q
YfsByt/IEoirHZtXbU4aMXAXoTtzKoyvCsTKn1cJMyQOETQDFT32V/iYl3ShwTGR
3yr4MY07CbbOzeeJv4zi7ZNLAwK5hIIgga7sNYw+DUm6CCsdVHT8e2HnHiVWrpIa
s2xuQZffQSAAd1abw3sXPK42YFp7O11khuyr47IRlqDm3lNJ2HPuXKt7sA617lfA
5/Ub6Nd0EV0k63s7IRAenCtW71yH5lq9eo3ZJzDEK8yIZb7B6h7wwAQ1pLvJ8gS/
2zQT0OnowmDB8syw4lCSTDvR1OhAWwTs1V0a6iSgY5twWmkq+9D1c+iGGX1I59wq
-----END CERTIFICATE-----
Generated at Sun Jun 23 18:30:19 2024 by rpki-client on console-fra.rpki-client.org