Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/421498-28d3-4376-b625-31af3e294671/1/Dtq_BbYQG_cf9hfyce67pNymZMM.roa
File: Dtq_BbYQG_cf9hfyce67pNymZMM.roa (raw, json)
Hash identifier: 3SpwHQh02R0QwNc7EY1K8IxFKhltq1wk1Vc4un+x3Qs=
Subject key identifier: 0E:DA:BF:05:B6:10:1B:F7:1F:F6:17:F2:71:EE:BB:A4:DC:A6:64:C3
Certificate issuer: /CN=1120a0ce013e2d52a6ff354a270894bb998e4547
Certificate serial: 019252A4DB3B56D75C0117C672FE5E0BA19D
Authority key identifier: 11:20:A0:CE:01:3E:2D:52:A6:FF:35:4A:27:08:94:BB:99:8E:45:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ESCgzgE-LVKm_zVKJwiUu5mORUc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/421498-28d3-4376-b625-31af3e294671/1/Dtq_BbYQG_cf9hfyce67pNymZMM.roa
Signing time: Thu 03 Oct 2024 13:49:48 +0000
ROA not before: Thu 03 Oct 2024 13:49:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8075
IP address blocks: 193.17.96.0/21 maxlen: 24
193.17.104.0/23 maxlen: 24
193.17.108.0/23 maxlen: 24
193.17.112.0/23 maxlen: 24
193.17.116.0/23 maxlen: 24
193.17.120.0/23 maxlen: 24
193.17.124.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/60/421498-28d3-4376-b625-31af3e294671/1/ESCgzgE-LVKm_zVKJwiUu5mORUc.crl
rsync://rpki.ripe.net/repository/DEFAULT/60/421498-28d3-4376-b625-31af3e294671/1/ESCgzgE-LVKm_zVKJwiUu5mORUc.mft
rsync://rpki.ripe.net/repository/DEFAULT/ESCgzgE-LVKm_zVKJwiUu5mORUc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:52:a4:db:3b:56:d7:5c:01:17:c6:72:fe:5e:0b:a1:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1120a0ce013e2d52a6ff354a270894bb998e4547
Validity
Not Before: Oct 3 13:49:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0edabf05b6101bf71ff617f271eebba4dca664c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:e5:34:93:74:6b:f5:d1:b8:d4:41:ca:52:d6:
69:e8:66:21:8a:59:d1:08:3a:7d:eb:34:4d:f5:0b:
24:9b:9b:25:53:1d:c1:b1:a9:40:46:a1:a9:a5:fa:
12:ed:8e:65:df:94:2a:b5:b3:5c:6c:64:6b:01:30:
1f:b9:d8:ce:fc:e4:a9:62:80:cb:b2:3d:3d:a1:9f:
37:2d:0f:67:23:3e:3d:43:03:e7:bb:d8:6f:bb:ee:
62:d4:43:7b:e7:e8:0b:f4:75:23:41:b3:7f:2f:f1:
95:c0:be:51:f4:2f:64:f8:30:4d:79:46:56:9a:9d:
58:79:f4:6e:70:c2:85:41:a3:7c:24:4f:b1:36:a0:
01:c7:2a:2f:2c:fd:fa:a9:48:00:b3:8d:01:46:bc:
b1:84:51:8b:2e:a1:b3:36:4d:09:a3:7a:c9:8e:fc:
8c:39:d3:02:0a:e7:60:9d:ee:fc:d5:be:8c:14:3c:
a9:d7:ce:42:d3:3f:c4:69:0a:a3:ba:39:79:66:28:
9a:98:bf:7e:09:26:9c:35:8e:ba:7b:ca:a7:d2:ed:
95:fe:d3:8e:9e:92:c3:46:71:36:f2:d2:da:6d:61:
e5:d6:70:d1:6f:9b:94:c0:24:92:5c:57:fa:25:f5:
ee:d5:33:6b:80:b7:75:ae:d6:5b:b9:b2:e9:8f:6f:
14:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:DA:BF:05:B6:10:1B:F7:1F:F6:17:F2:71:EE:BB:A4:DC:A6:64:C3
X509v3 Authority Key Identifier:
keyid:11:20:A0:CE:01:3E:2D:52:A6:FF:35:4A:27:08:94:BB:99:8E:45:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ESCgzgE-LVKm_zVKJwiUu5mORUc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/421498-28d3-4376-b625-31af3e294671/1/Dtq_BbYQG_cf9hfyce67pNymZMM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/421498-28d3-4376-b625-31af3e294671/1/ESCgzgE-LVKm_zVKJwiUu5mORUc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.17.96.0-193.17.105.255
193.17.108.0/23
193.17.112.0/23
193.17.116.0/23
193.17.120.0/23
193.17.124.0/23
Signature Algorithm: sha256WithRSAEncryption
34:ad:1d:72:d0:1a:9a:1c:42:1c:25:4c:59:cb:55:79:40:c2:
17:1d:67:44:72:4a:23:c7:c4:8e:c7:82:e8:2c:08:a0:9f:20:
49:34:a7:84:44:b0:ab:81:ca:2a:d7:c0:41:49:ee:0b:5a:03:
c9:bf:97:be:fa:99:28:8c:6b:aa:2e:13:d5:4b:fd:81:98:41:
77:8c:68:a3:9b:18:f5:9a:5f:a5:f3:a7:a9:50:b2:a7:cd:1f:
b1:c8:06:f4:89:f5:df:85:01:2f:34:9d:d7:0f:65:b3:a7:24:
65:8b:0f:f3:9f:43:da:b7:00:c6:c5:03:96:df:b1:a7:2a:44:
f1:e6:38:43:05:e9:84:94:8d:b9:75:de:9a:6d:9d:dc:e2:ee:
f3:22:5c:bc:b8:b9:de:f4:e9:71:b6:72:11:3a:28:95:15:90:
cc:b0:71:7d:6d:75:5d:3b:27:39:fe:de:b0:f1:73:c5:55:b6:
48:cc:7c:57:14:1f:81:5a:9c:57:0b:6f:19:f9:ae:40:ff:e2:
72:da:a3:77:81:22:e3:dc:b4:00:4f:b8:dd:3f:10:ed:82:f9:
f8:b3:5b:a8:bf:75:4e:13:25:8d:e1:e3:70:28:32:85:9a:2e:
66:39:76:74:f8:99:c5:3c:ef:99:77:de:69:ff:fe:ac:b4:34:
a4:d9:13:36
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZJSpNs7VtdcARfGcv5eC6GdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExMjBhMGNlMDEzZTJkNTJhNmZmMzU0YTI3MDg5NGJiOTk4
ZTQ1NDcwHhcNMjQxMDAzMTM0OTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZWRhYmYwNWI2MTAxYmY3MWZmNjE3ZjI3MWVlYmJhNGRjYTY2NGMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAteU0k3Rr9dG41EHKUtZp6GYhilnR
CDp96zRN9Qskm5slUx3BsalARqGppfoS7Y5l35QqtbNcbGRrATAfudjO/OSpYoDL
sj09oZ83LQ9nIz49QwPnu9hvu+5i1EN75+gL9HUjQbN/L/GVwL5R9C9k+DBNeUZW
mp1YefRucMKFQaN8JE+xNqABxyovLP36qUgAs40BRryxhFGLLqGzNk0Jo3rJjvyM
OdMCCudgne781b6MFDyp185C0z/EaQqjujl5ZiiamL9+CSacNY66e8qn0u2V/tOO
npLDRnE28tLabWHl1nDRb5uUwCSSXFf6JfXu1TNrgLd1rtZbubLpj28UMQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFA7avwW2EBv3H/YX8nHuu6TcpmTDMB8GA1UdIwQY
MBaAFBEgoM4BPi1Spv81SicIlLuZjkVHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRVNDZ3pnRS1MVkttX3pWS0p3aVV1NW1PUlVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC80MjE0OTgtMjhkMy00Mzc2LWI2MjUt
MzFhZjNlMjk0NjcxLzEvRHRxX0JiWVFHX2NmOWhmeWNlNjdwTnltWk1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC80MjE0OTgtMjhkMy00Mzc2LWI2MjUtMzFhZjNlMjk0Njcx
LzEvRVNDZ3pnRS1MVkttX3pWS0p3aVV1NW1PUlVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsMAwDBAXBEWAD
BAHBEWgDBAHBEWwDBAHBEXADBAHBEXQDBAHBEXgDBAHBEXwwDQYJKoZIhvcNAQEL
BQADggEBADStHXLQGpocQhwlTFnLVXlAwhcdZ0RySiPHxI7HgugsCKCfIEk0p4RE
sKuByirXwEFJ7gtaA8m/l776mSiMa6ouE9VL/YGYQXeMaKObGPWaX6Xzp6lQsqfN
H7HIBvSJ9d+FAS80ndcPZbOnJGWLD/OfQ9q3AMbFA5bfsacqRPHmOEMF6YSUjbl1
3pptndzi7vMiXLy4ud706XG2chE6KJUVkMywcX1tdV07Jzn+3rDxc8VVtkjMfFcU
H4FanFcLbxn5rkD/4nLao3eBIuPctABPuN0/EO2C+fizW6i/dU4TJY3h43AoMoWa
LmY5dnT4mcU875l33mn//qy0NKTZEzY=
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:41:13 2024 by rpki-client on console-fra.rpki-client.org