Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/30282c-3c82-4730-b95e-e745948983ed/1/DugZSIywv-aykGs08d6SFaW2LYk.roa
File: DugZSIywv-aykGs08d6SFaW2LYk.roa (raw, json)
Hash identifier: RY89hPM7XNzDa91cfspENoZbc/SIN4rE3y+rF3uqINQ=
Subject key identifier: 0E:E8:19:48:8C:B0:BF:E6:B2:90:6B:34:F1:DE:92:15:A5:B6:2D:89
Certificate issuer: /CN=09e5518e68467b4290c3509268b6d6d664962c86
Certificate serial: 0192B973095E5694DA6890F2DDA6A5E54892
Authority key identifier: 09:E5:51:8E:68:46:7B:42:90:C3:50:92:68:B6:D6:D6:64:96:2C:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CeVRjmhGe0KQw1CSaLbW1mSWLIY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/30282c-3c82-4730-b95e-e745948983ed/1/DugZSIywv-aykGs08d6SFaW2LYk.roa
Signing time: Wed 23 Oct 2024 12:56:16 +0000
ROA not before: Wed 23 Oct 2024 12:56:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31515
IP address blocks: 161.30.0.0/16 maxlen: 16
161.30.5.0/24 maxlen: 24
161.30.7.0/24 maxlen: 24
161.30.8.0/24 maxlen: 24
161.30.9.0/24 maxlen: 24
161.30.10.0/24 maxlen: 24
161.30.12.0/22 maxlen: 22
161.30.16.0/22 maxlen: 22
161.30.20.0/24 maxlen: 24
161.30.22.0/23 maxlen: 23
161.30.28.0/24 maxlen: 24
161.30.29.0/24 maxlen: 24
161.30.33.0/24 maxlen: 24
161.30.40.0/23 maxlen: 23
161.30.42.0/23 maxlen: 24
161.30.44.0/23 maxlen: 24
161.30.112.0/23 maxlen: 23
161.30.114.0/23 maxlen: 23
161.30.115.0/24 maxlen: 24
161.30.116.0/23 maxlen: 23
161.30.118.0/24 maxlen: 24
161.30.119.0/24 maxlen: 24
161.30.120.0/24 maxlen: 24
161.30.121.0/24 maxlen: 24
161.30.124.0/23 maxlen: 23
161.30.126.0/23 maxlen: 23
161.30.128.0/23 maxlen: 23
161.30.129.0/24 maxlen: 24
161.30.130.0/24 maxlen: 24
161.30.155.0/24 maxlen: 24
161.30.164.0/24 maxlen: 24
161.30.165.0/24 maxlen: 24
161.30.169.0/24 maxlen: 24
161.30.171.0/24 maxlen: 24
161.30.176.0/20 maxlen: 20
161.30.193.0/24 maxlen: 24
161.30.194.0/23 maxlen: 23
161.30.201.0/24 maxlen: 24
161.30.202.0/24 maxlen: 24
161.30.203.0/24 maxlen: 24
161.30.220.0/24 maxlen: 24
161.30.221.0/24 maxlen: 24
161.30.236.0/22 maxlen: 24
161.30.236.0/24 maxlen: 24
161.30.237.0/24 maxlen: 24
161.30.238.0/24 maxlen: 24
161.30.239.0/24 maxlen: 24
161.30.240.0/24 maxlen: 24
161.30.246.0/24 maxlen: 24
161.30.250.0/24 maxlen: 24
161.30.251.0/24 maxlen: 24
2a11:ae00::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/30282c-3c82-4730-b95e-e745948983ed/1/CeVRjmhGe0KQw1CSaLbW1mSWLIY.crl
rsync://rpki.ripe.net/repository/DEFAULT/dd/30282c-3c82-4730-b95e-e745948983ed/1/CeVRjmhGe0KQw1CSaLbW1mSWLIY.mft
rsync://rpki.ripe.net/repository/DEFAULT/CeVRjmhGe0KQw1CSaLbW1mSWLIY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:b9:73:09:5e:56:94:da:68:90:f2:dd:a6:a5:e5:48:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=09e5518e68467b4290c3509268b6d6d664962c86
Validity
Not Before: Oct 23 12:56:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0ee819488cb0bfe6b2906b34f1de9215a5b62d89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:99:17:57:e7:da:ca:96:15:6d:5c:7c:03:df:
87:35:14:de:44:27:02:17:d2:c4:a9:dd:0e:5d:4c:
68:82:b1:7f:d5:9c:4f:cf:13:b2:a8:fd:56:3b:ec:
fb:04:9f:dc:b9:d9:44:b1:56:d8:97:f7:df:63:54:
75:cb:fd:4d:6d:ef:6c:89:32:b3:e9:c3:bd:8c:c8:
d8:21:b7:51:a9:4e:7a:63:c5:ce:eb:08:10:2d:be:
ce:49:98:5f:96:14:bd:df:35:e7:ae:e7:78:5a:66:
ae:2b:f0:7c:a1:28:cf:c0:00:cd:fb:4c:ae:64:a3:
fb:cf:e7:eb:35:98:26:04:c6:73:0f:a5:c6:94:9b:
d3:0a:fc:e2:49:c2:47:61:89:0c:13:86:fa:fe:68:
e7:eb:e9:1f:0c:c6:37:bb:09:a0:b6:6e:aa:60:a4:
51:6d:05:3f:4f:74:2b:d1:41:70:1a:a7:8a:ea:63:
da:ec:ee:b3:b0:11:0b:58:a4:8d:59:17:4e:a5:62:
e5:46:09:5f:db:77:63:e1:13:bd:14:91:ce:5f:c3:
e3:98:d6:b9:9c:ee:62:cb:a7:f4:17:ef:5c:f8:05:
79:d1:61:5d:a3:31:a0:96:b0:1d:e5:a3:77:32:66:
a2:df:c5:20:6a:2c:c3:4c:dd:0d:4c:06:ad:b7:10:
43:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:E8:19:48:8C:B0:BF:E6:B2:90:6B:34:F1:DE:92:15:A5:B6:2D:89
X509v3 Authority Key Identifier:
keyid:09:E5:51:8E:68:46:7B:42:90:C3:50:92:68:B6:D6:D6:64:96:2C:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CeVRjmhGe0KQw1CSaLbW1mSWLIY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/30282c-3c82-4730-b95e-e745948983ed/1/DugZSIywv-aykGs08d6SFaW2LYk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/30282c-3c82-4730-b95e-e745948983ed/1/CeVRjmhGe0KQw1CSaLbW1mSWLIY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
161.30.0.0/16
IPv6:
2a11:ae00::/32
Signature Algorithm: sha256WithRSAEncryption
4d:8a:54:7d:74:79:f2:56:24:a8:c8:1d:eb:b4:f7:27:ab:f6:
cc:51:8e:39:a9:e9:01:81:f0:0b:d8:1e:fb:af:18:5d:b5:17:
45:92:78:1b:ff:ac:0e:0e:a2:3d:26:d9:48:8a:d3:61:07:d2:
d0:b9:b6:36:68:35:59:25:c8:93:a3:60:93:2f:e7:e5:5d:ee:
08:0f:65:2a:00:40:94:1b:02:5e:b8:21:ff:bc:e6:7e:59:b0:
af:a2:d6:2f:f8:6b:dd:75:0b:79:9f:1b:84:05:31:d0:f8:6b:
2e:46:f9:9b:4e:05:a0:16:93:e1:60:63:2d:01:cc:d2:5f:90:
82:6a:28:00:b9:79:0f:77:22:e1:2b:37:16:35:e3:10:61:35:
1b:6d:74:5c:c1:96:f0:dd:87:91:de:91:bd:3b:95:81:9c:28:
dc:c8:c6:05:26:ea:4b:d2:0a:2c:f8:72:3b:50:68:b6:12:a7:
41:39:95:0d:ca:42:4b:46:0d:76:66:cb:39:77:e8:e8:19:19:
9b:85:76:18:90:93:33:e7:c3:bc:a4:d2:15:ad:96:da:30:49:
95:52:45:16:48:c0:03:7c:44:45:06:8e:fe:9c:be:67:28:d9:
dc:8a:d3:b0:5b:b3:e0:5d:9e:94:cf:63:9c:aa:e1:dc:98:aa:
73:4e:e2:ab
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZK5cwleVpTaaJDy3aal5UiSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5ZTU1MThlNjg0NjdiNDI5MGMzNTA5MjY4YjZkNmQ2NjQ5
NjJjODYwHhcNMjQxMDIzMTI1NjE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZWU4MTk0ODhjYjBiZmU2YjI5MDZiMzRmMWRlOTIxNWE1YjYyZDg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtJkXV+faypYVbVx8A9+HNRTeRCcC
F9LEqd0OXUxogrF/1ZxPzxOyqP1WO+z7BJ/cudlEsVbYl/ffY1R1y/1Nbe9siTKz
6cO9jMjYIbdRqU56Y8XO6wgQLb7OSZhflhS93zXnrud4WmauK/B8oSjPwADN+0yu
ZKP7z+frNZgmBMZzD6XGlJvTCvziScJHYYkME4b6/mjn6+kfDMY3uwmgtm6qYKRR
bQU/T3Qr0UFwGqeK6mPa7O6zsBELWKSNWRdOpWLlRglf23dj4RO9FJHOX8PjmNa5
nO5iy6f0F+9c+AV50WFdozGglrAd5aN3Mmai38UgaizDTN0NTAattxBD/wIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFA7oGUiMsL/mspBrNPHekhWlti2JMB8GA1UdIwQY
MBaAFAnlUY5oRntCkMNQkmi21tZkliyGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2VWUmptaEdlMEtRdzFDU2FMYlcxbVNXTElZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC8zMDI4MmMtM2M4Mi00NzMwLWI5NWUt
ZTc0NTk0ODk4M2VkLzEvRHVnWlNJeXd2LWF5a0dzMDhkNlNGYVcyTFlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC8zMDI4MmMtM2M4Mi00NzMwLWI5NWUtZTc0NTk0ODk4M2Vk
LzEvQ2VWUmptaEdlMEtRdzFDU2FMYlcxbVNXTElZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDALBAIAATAFAwMAoR4wDQQC
AAIwBwMFACoRrgAwDQYJKoZIhvcNAQELBQADggEBAE2KVH10efJWJKjIHeu09yer
9sxRjjmp6QGB8AvYHvuvGF21F0WSeBv/rA4Ooj0m2UiK02EH0tC5tjZoNVklyJOj
YJMv5+Vd7ggPZSoAQJQbAl64If+85n5ZsK+i1i/4a911C3mfG4QFMdD4ay5G+ZtO
BaAWk+FgYy0BzNJfkIJqKAC5eQ93IuErNxY14xBhNRttdFzBlvDdh5Hekb07lYGc
KNzIxgUm6kvSCiz4cjtQaLYSp0E5lQ3KQktGDXZmyzl36OgZGZuFdhiQkzPnw7yk
0hWtltowSZVSRRZIwAN8REUGjv6cvmco2dyK07Bbs+BdnpTPY5yq4dyYqnNO4qs=
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:26:17 2024 by rpki-client on console-fra.rpki-client.org