Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/650c97-4eb6-4c91-b5a3-dc1db67db3cb/1/DUQSx04274WpRndnyarrff3nGEQ.roa
File: DUQSx04274WpRndnyarrff3nGEQ.roa (raw, json)
Hash identifier: 9s8U7DT0n9exf09vHF90VqhCURYAzKitXIwJmWcORM0=
Subject key identifier: 0D:44:12:C7:4E:36:EF:85:A9:46:77:67:C9:AA:EB:7D:FD:E7:18:44
Certificate issuer: /CN=f19cf09771b8f184caa1a00421b9294491e97e6b
Certificate serial: 018CC5DC3B0B2B5B3C40B7A87A46049D26F1
Authority key identifier: F1:9C:F0:97:71:B8:F1:84:CA:A1:A0:04:21:B9:29:44:91:E9:7E:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8Zzwl3G48YTKoaAEIbkpRJHpfms.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/650c97-4eb6-4c91-b5a3-dc1db67db3cb/1/DUQSx04274WpRndnyarrff3nGEQ.roa
Signing time: Mon 01 Jan 2024 16:29:53 +0000
ROA not before: Mon 01 Jan 2024 16:29:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51695
IP address blocks: 217.78.98.0/24 maxlen: 24
217.78.97.0/24 maxlen: 24
217.78.101.0/24 maxlen: 24
217.78.100.0/24 maxlen: 24
217.78.99.0/24 maxlen: 24
217.78.105.0/24 maxlen: 24
217.78.104.0/24 maxlen: 24
217.78.103.0/24 maxlen: 24
217.78.102.0/24 maxlen: 24
217.78.108.0/24 maxlen: 24
217.78.107.0/24 maxlen: 24
217.78.106.0/24 maxlen: 24
217.78.111.0/24 maxlen: 24
217.78.110.0/24 maxlen: 24
217.78.109.0/24 maxlen: 24
2a02:6700::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b2/650c97-4eb6-4c91-b5a3-dc1db67db3cb/1/8Zzwl3G48YTKoaAEIbkpRJHpfms.crl
rsync://rpki.ripe.net/repository/DEFAULT/b2/650c97-4eb6-4c91-b5a3-dc1db67db3cb/1/8Zzwl3G48YTKoaAEIbkpRJHpfms.mft
rsync://rpki.ripe.net/repository/DEFAULT/8Zzwl3G48YTKoaAEIbkpRJHpfms.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 18 Jun 2024 02:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:3b:0b:2b:5b:3c:40:b7:a8:7a:46:04:9d:26:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f19cf09771b8f184caa1a00421b9294491e97e6b
Validity
Not Before: Jan 1 16:29:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0d4412c74e36ef85a9467767c9aaeb7dfde71844
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:84:08:65:46:11:69:5e:00:6d:1a:4a:6c:bb:
e7:fa:9a:e6:36:3f:b4:38:68:4d:5e:fc:9f:19:4a:
19:27:8b:dd:37:d6:4c:f8:73:a8:5f:17:dc:5e:54:
5e:b3:99:6a:42:77:f7:f5:7e:f8:61:3e:da:22:ab:
3b:69:52:cb:29:16:16:4d:71:46:93:8e:d2:3e:b4:
f8:dc:6c:f6:24:18:0c:ad:82:91:72:d3:6a:e9:b2:
39:37:fa:b6:8e:1d:b9:3f:2d:dc:03:9f:75:2c:73:
f4:22:e9:af:b4:6b:16:7b:38:cc:67:30:5e:13:d1:
55:de:0d:e6:7f:ad:71:e3:ac:d1:18:37:8c:40:c5:
a8:7b:af:1b:7e:cf:14:65:8d:57:93:af:4c:6a:4b:
3b:91:88:a2:72:e2:12:80:00:a9:9a:9d:2a:b4:60:
64:2c:36:9a:58:27:3e:a4:ff:ed:33:5d:c5:db:a6:
2f:9d:af:41:8a:9f:3a:c3:25:76:a1:fd:03:4b:02:
55:f5:78:94:29:39:3c:0d:dd:b9:6f:21:7f:69:14:
30:69:09:b7:4a:ec:e3:db:f2:fd:69:2e:36:30:cb:
55:71:fc:cc:b1:9b:c3:59:97:8a:78:04:34:bd:f0:
9e:f7:95:49:7a:d6:b9:c8:82:9a:8f:57:a1:9a:50:
86:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:44:12:C7:4E:36:EF:85:A9:46:77:67:C9:AA:EB:7D:FD:E7:18:44
X509v3 Authority Key Identifier:
keyid:F1:9C:F0:97:71:B8:F1:84:CA:A1:A0:04:21:B9:29:44:91:E9:7E:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8Zzwl3G48YTKoaAEIbkpRJHpfms.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/650c97-4eb6-4c91-b5a3-dc1db67db3cb/1/DUQSx04274WpRndnyarrff3nGEQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/650c97-4eb6-4c91-b5a3-dc1db67db3cb/1/8Zzwl3G48YTKoaAEIbkpRJHpfms.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.78.97.0-217.78.111.255
IPv6:
2a02:6700::/32
Signature Algorithm: sha256WithRSAEncryption
45:2c:e5:a5:51:60:88:28:e6:76:dc:6f:fc:08:29:b1:c1:10:
ad:4d:5a:55:85:59:86:73:f2:b6:b9:87:8b:ba:ae:68:4e:99:
02:eb:4e:0c:b4:48:57:33:b6:38:73:64:7d:52:45:4c:67:29:
2f:0d:86:e5:5d:af:d5:d1:39:0d:e9:b9:af:cf:99:c6:b9:c6:
d8:57:2c:79:ab:d8:d6:a2:84:8d:33:e9:67:8d:cc:11:3c:84:
38:20:b7:49:24:4e:5c:7f:13:24:0a:22:56:ac:ae:9b:b3:cc:
31:b1:28:56:c5:98:d2:21:e9:cc:58:df:2f:7a:59:3a:18:8a:
4a:71:ea:a8:d0:86:d5:37:a3:ae:79:f2:86:35:36:eb:2f:7f:
50:e9:95:7c:83:66:de:6e:8e:45:40:25:cb:03:24:29:f7:68:
b2:f0:95:c6:b6:3f:6e:16:41:4b:ef:90:60:9b:d2:e2:ba:e8:
1b:65:d2:a3:6e:a6:02:44:00:68:01:b6:d0:a0:07:eb:17:23:
4e:70:60:1c:fb:15:ad:0a:83:a0:72:a3:de:a8:3e:c6:47:ba:
3f:ac:c5:df:18:81:26:ec:c5:67:af:e0:e0:01:4f:e7:ef:a9:
3a:03:83:3c:90:90:c7:8e:67:01:c6:40:82:81:a7:01:32:42:
15:0c:a8:c2
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYzF3DsLK1s8QLeoekYEnSbxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxOWNmMDk3NzFiOGYxODRjYWExYTAwNDIxYjkyOTQ0OTFl
OTdlNmIwHhcNMjQwMTAxMTYyOTUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDQ0MTJjNzRlMzZlZjg1YTk0Njc3NjdjOWFhZWI3ZGZkZTcxODQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvIQIZUYRaV4AbRpKbLvn+prmNj+0
OGhNXvyfGUoZJ4vdN9ZM+HOoXxfcXlRes5lqQnf39X74YT7aIqs7aVLLKRYWTXFG
k47SPrT43Gz2JBgMrYKRctNq6bI5N/q2jh25Py3cA591LHP0IumvtGsWezjMZzBe
E9FV3g3mf61x46zRGDeMQMWoe68bfs8UZY1Xk69Maks7kYiicuISgACpmp0qtGBk
LDaaWCc+pP/tM13F26Yvna9Bip86wyV2of0DSwJV9XiUKTk8Dd25byF/aRQwaQm3
Suzj2/L9aS42MMtVcfzMsZvDWZeKeAQ0vfCe95VJeta5yIKaj1ehmlCGnwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFA1EEsdONu+FqUZ3Z8mq63395xhEMB8GA1UdIwQY
MBaAFPGc8JdxuPGEyqGgBCG5KUSR6X5rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFp6d2wzRzQ4WVRLb2FBRUlia3BSSkhwZm1zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi82NTBjOTctNGViNi00YzkxLWI1YTMt
ZGMxZGI2N2RiM2NiLzEvRFVRU3gwNDI3NFdwUm5kbnlhcnJmZjNuR0VRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi82NTBjOTctNGViNi00YzkxLWI1YTMtZGMxZGI2N2RiM2Ni
LzEvOFp6d2wzRzQ4WVRLb2FBRUlia3BSSkhwZm1zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAUBAIAATAOMAwDBADZTmED
BATZTmAwDQQCAAIwBwMFACoCZwAwDQYJKoZIhvcNAQELBQADggEBAEUs5aVRYIgo
5nbcb/wIKbHBEK1NWlWFWYZz8ra5h4u6rmhOmQLrTgy0SFcztjhzZH1SRUxnKS8N
huVdr9XROQ3pua/Pmca5xthXLHmr2NaihI0z6WeNzBE8hDggt0kkTlx/EyQKIlas
rpuzzDGxKFbFmNIh6cxY3y96WToYikpx6qjQhtU3o6558oY1Nusvf1DplXyDZt5u
jkVAJcsDJCn3aLLwlca2P24WQUvvkGCb0uK66Btl0qNupgJEAGgBttCgB+sXI05w
YBz7Fa0Kg6Byo96oPsZHuj+sxd8YgSbsxWev4OABT+fvqToDgzyQkMeOZwHGQIKB
pwEyQhUMqMI=
-----END CERTIFICATE-----
Generated at Mon Jun 17 08:32:39 2024 by rpki-client on console-fra.rpki-client.org