Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/f4e03e-27b2-494b-8c0f-6f7009bee915/1/dThs0Y_gEV2FJQMxKlBWQyThSuo.roa
File: dThs0Y_gEV2FJQMxKlBWQyThSuo.roa (raw, json)
Hash identifier: 0hGFY4oC5PIsKVQtr7DEIpGbJ6P6Z+FxEOTxWqNM/aI=
Subject key identifier: 75:38:6C:D1:8F:E0:11:5D:85:25:03:31:2A:50:56:43:24:E1:4A:EA
Certificate issuer: /CN=089c8c7f334053c8a90a3408009ef3d3b7a82e3d
Certificate serial: 018CC802BF0FE1BDBE0181FE0C30E6045922
Authority key identifier: 08:9C:8C:7F:33:40:53:C8:A9:0A:34:08:00:9E:F3:D3:B7:A8:2E:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CJyMfzNAU8ipCjQIAJ7z07eoLj0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/95/f4e03e-27b2-494b-8c0f-6f7009bee915/1/dThs0Y_gEV2FJQMxKlBWQyThSuo.roa
Signing time: Tue 02 Jan 2024 02:31:12 +0000
ROA not before: Tue 02 Jan 2024 02:31:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203380
IP address blocks: 195.137.221.0/24 maxlen: 24
2a13:2440:a0::/44 maxlen: 44
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/95/f4e03e-27b2-494b-8c0f-6f7009bee915/1/CJyMfzNAU8ipCjQIAJ7z07eoLj0.crl
rsync://rpki.ripe.net/repository/DEFAULT/95/f4e03e-27b2-494b-8c0f-6f7009bee915/1/CJyMfzNAU8ipCjQIAJ7z07eoLj0.mft
rsync://rpki.ripe.net/repository/DEFAULT/CJyMfzNAU8ipCjQIAJ7z07eoLj0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 05:00:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:02:bf:0f:e1:bd:be:01:81:fe:0c:30:e6:04:59:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=089c8c7f334053c8a90a3408009ef3d3b7a82e3d
Validity
Not Before: Jan 2 02:31:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=75386cd18fe0115d852503312a50564324e14aea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:60:47:78:c1:2a:80:1c:e8:a9:db:02:8e:79:
19:b3:68:b1:5c:bf:da:00:d3:08:2f:b5:72:98:bb:
6f:76:69:bd:41:99:be:94:8b:3f:c4:0a:4c:16:a6:
0e:10:5c:60:ef:6c:a3:c8:4a:4d:39:05:d1:8f:33:
ff:e8:1b:ad:21:6b:85:0d:c5:e9:3c:bd:73:96:ed:
e5:6c:ca:ec:80:e6:31:50:ba:79:50:ff:7b:34:73:
ec:30:05:53:1e:3a:89:46:26:e9:ee:36:bf:93:31:
93:69:53:3a:58:c4:d3:15:58:60:0c:b8:b9:62:e4:
02:67:a5:8b:93:f7:4c:c6:0c:b4:10:cb:93:38:01:
07:59:b1:73:12:48:1b:e1:e0:94:ba:3d:f4:9a:70:
5f:64:8b:da:ca:53:90:c5:f6:cb:02:e6:1c:a2:5c:
7c:26:c9:dc:94:b9:33:75:0e:60:55:3b:d6:3f:99:
a3:2c:2e:8c:e9:ac:64:df:a3:29:08:fd:04:e0:62:
19:7f:af:7d:a2:23:9b:79:0c:b0:9e:13:d8:4a:0a:
02:13:9c:4e:91:ae:d9:2e:78:5f:e9:bc:66:ac:fe:
2b:bb:2e:a3:d3:ca:fa:8a:a4:e1:dc:50:30:12:f4:
d6:ca:2c:b5:44:0e:91:f5:e8:bb:09:7e:38:c4:45:
f4:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:38:6C:D1:8F:E0:11:5D:85:25:03:31:2A:50:56:43:24:E1:4A:EA
X509v3 Authority Key Identifier:
keyid:08:9C:8C:7F:33:40:53:C8:A9:0A:34:08:00:9E:F3:D3:B7:A8:2E:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CJyMfzNAU8ipCjQIAJ7z07eoLj0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/f4e03e-27b2-494b-8c0f-6f7009bee915/1/dThs0Y_gEV2FJQMxKlBWQyThSuo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/95/f4e03e-27b2-494b-8c0f-6f7009bee915/1/CJyMfzNAU8ipCjQIAJ7z07eoLj0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.137.221.0/24
IPv6:
2a13:2440:a0::/44
Signature Algorithm: sha256WithRSAEncryption
79:a9:69:ac:a9:d3:58:1f:cf:92:32:bc:20:24:2b:c3:b4:c5:
af:73:23:27:1b:59:02:15:d4:63:93:ed:3c:99:0d:2e:8a:a3:
e1:3d:6f:19:1b:35:d9:ab:e3:b7:f4:1b:92:3b:04:9a:81:b1:
8e:52:12:b4:66:b9:fa:dd:2e:06:cd:e5:da:95:4f:b9:22:3b:
9a:af:d8:c5:95:01:34:e5:f3:11:82:fc:23:71:28:2e:4c:3f:
65:70:8c:1a:0a:93:5c:86:e0:ae:20:b1:79:c2:41:7a:f4:24:
63:25:48:e2:a3:72:78:eb:70:5d:93:6b:fb:36:99:84:60:ae:
cc:7f:1c:ef:92:7c:62:bb:4b:91:7b:c5:6b:5b:3a:94:7b:95:
c8:02:5f:2f:48:3d:08:15:fd:ea:6a:5a:1d:35:2e:ff:72:23:
29:78:f8:dd:d6:07:e0:74:33:d0:e7:68:55:4a:13:c9:7f:f3:
8d:ec:5e:44:5f:4c:c0:cb:d6:3c:99:e4:12:a4:72:b8:68:c8:
e8:b6:4e:be:52:34:90:8f:b1:60:4b:3a:f1:b1:1f:e4:d6:eb:
66:75:db:11:2c:7d:60:87:ae:b5:bd:65:26:d9:42:35:2e:44:
35:4b:26:8b:51:1d:fd:06:bd:40:2e:73:68:ce:aa:e0:80:20:
3a:90:de:0a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzIAr8P4b2+AYH+DDDmBFkiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4OWM4YzdmMzM0MDUzYzhhOTBhMzQwODAwOWVmM2QzYjdh
ODJlM2QwHhcNMjQwMTAyMDIzMTEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTM4NmNkMThmZTAxMTVkODUyNTAzMzEyYTUwNTY0MzI0ZTE0YWVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoWBHeMEqgBzoqdsCjnkZs2ixXL/a
ANMIL7VymLtvdmm9QZm+lIs/xApMFqYOEFxg72yjyEpNOQXRjzP/6ButIWuFDcXp
PL1zlu3lbMrsgOYxULp5UP97NHPsMAVTHjqJRibp7ja/kzGTaVM6WMTTFVhgDLi5
YuQCZ6WLk/dMxgy0EMuTOAEHWbFzEkgb4eCUuj30mnBfZIvaylOQxfbLAuYcolx8
JsnclLkzdQ5gVTvWP5mjLC6M6axk36MpCP0E4GIZf699oiObeQywnhPYSgoCE5xO
ka7ZLnhf6bxmrP4ruy6j08r6iqTh3FAwEvTWyiy1RA6R9ei7CX44xEX0DwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHU4bNGP4BFdhSUDMSpQVkMk4UrqMB8GA1UdIwQY
MBaAFAicjH8zQFPIqQo0CACe89O3qC49MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0p5TWZ6TkFVOGlwQ2pRSUFKN3owN2VvTGowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS9mNGUwM2UtMjdiMi00OTRiLThjMGYt
NmY3MDA5YmVlOTE1LzEvZFRoczBZX2dFVjJGSlFNeEtsQldReVRoU3VvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS9mNGUwM2UtMjdiMi00OTRiLThjMGYtNmY3MDA5YmVlOTE1
LzEvQ0p5TWZ6TkFVOGlwQ2pRSUFKN3owN2VvTGowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAw4ndMA8E
AgACMAkDBwQqEyRAAKAwDQYJKoZIhvcNAQELBQADggEBAHmpaayp01gfz5IyvCAk
K8O0xa9zIycbWQIV1GOT7TyZDS6Ko+E9bxkbNdmr47f0G5I7BJqBsY5SErRmufrd
LgbN5dqVT7kiO5qv2MWVATTl8xGC/CNxKC5MP2VwjBoKk1yG4K4gsXnCQXr0JGMl
SOKjcnjrcF2Ta/s2mYRgrsx/HO+SfGK7S5F7xWtbOpR7lcgCXy9IPQgV/epqWh01
Lv9yIyl4+N3WB+B0M9DnaFVKE8l/843sXkRfTMDL1jyZ5BKkcrhoyOi2Tr5SNJCP
sWBLOvGxH+TW62Z12xEsfWCHrrW9ZSbZQjUuRDVLJotRHf0GvUAuc2jOquCAIDqQ
3go=
-----END CERTIFICATE-----
Generated at Tue Nov 26 11:29:59 2024 by rpki-client on console-fra.rpki-client.org