Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/f4e03e-27b2-494b-8c0f-6f7009bee915/1/kEzmBsQ_ujjkAaORkicXngGDk5k.roa
File: kEzmBsQ_ujjkAaORkicXngGDk5k.roa (raw, json)
Hash identifier: ufUq5ylIwpjVf9t/GcjPGZobGjFZGJ55aHMogtJ6l1A=
Subject key identifier: 90:4C:E6:06:C4:3F:BA:38:E4:01:A3:91:92:27:17:9E:01:83:93:99
Certificate issuer: /CN=089c8c7f334053c8a90a3408009ef3d3b7a82e3d
Certificate serial: 018FC9E8CACA7E684189B5FE8E3747D58BA3
Authority key identifier: 08:9C:8C:7F:33:40:53:C8:A9:0A:34:08:00:9E:F3:D3:B7:A8:2E:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CJyMfzNAU8ipCjQIAJ7z07eoLj0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/95/f4e03e-27b2-494b-8c0f-6f7009bee915/1/kEzmBsQ_ujjkAaORkicXngGDk5k.roa
Signing time: Thu 30 May 2024 14:30:27 +0000
ROA not before: Thu 30 May 2024 14:30:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201507
IP address blocks: 195.137.221.0/24 maxlen: 24
2a13:2440:a0::/44 maxlen: 44
2a13:2440:b0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/95/f4e03e-27b2-494b-8c0f-6f7009bee915/1/CJyMfzNAU8ipCjQIAJ7z07eoLj0.crl
rsync://rpki.ripe.net/repository/DEFAULT/95/f4e03e-27b2-494b-8c0f-6f7009bee915/1/CJyMfzNAU8ipCjQIAJ7z07eoLj0.mft
rsync://rpki.ripe.net/repository/DEFAULT/CJyMfzNAU8ipCjQIAJ7z07eoLj0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 05:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:c9:e8:ca:ca:7e:68:41:89:b5:fe:8e:37:47:d5:8b:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=089c8c7f334053c8a90a3408009ef3d3b7a82e3d
Validity
Not Before: May 30 14:30:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=904ce606c43fba38e401a3919227179e01839399
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:a5:80:a3:50:42:22:a1:66:bf:74:be:56:82:
74:79:01:a5:31:e4:59:72:18:4e:d3:08:20:b2:f8:
06:b8:c1:15:f8:1c:b2:69:05:48:0e:f8:38:fd:27:
1a:61:64:42:47:26:f9:7d:6f:bf:cc:d2:f7:91:05:
af:3f:f6:e2:47:1c:fc:83:51:b3:e6:43:5b:97:e0:
53:35:50:74:d6:f5:fb:dd:a1:fa:1b:9e:de:a5:fe:
a7:35:79:ae:03:81:90:4a:d7:71:eb:40:b8:22:e8:
90:c9:7a:19:46:ee:55:59:ed:f0:6c:2b:05:3a:61:
18:41:fd:b4:6d:ed:48:20:31:da:6e:ba:aa:17:6b:
19:1f:9a:a0:a7:f2:4c:b2:d0:4e:3f:9c:36:ac:88:
f8:50:98:73:bf:44:d1:c8:97:4e:b9:93:bc:af:5d:
ad:6b:10:76:69:33:3b:ba:f1:96:cb:11:fd:2e:91:
6e:4b:93:c4:0f:aa:b1:a0:88:d2:65:20:0d:8c:71:
6f:7b:8e:09:ad:14:ff:37:a2:cd:6f:0f:94:5f:4b:
3b:cf:f3:99:a7:f3:0f:c5:bc:6b:d4:0d:e5:5e:46:
68:23:70:b6:6f:b7:53:ef:0e:31:4f:a9:8f:b6:9b:
22:dd:0d:b2:8a:7d:92:61:f8:09:e3:6c:c7:f3:4b:
6e:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:4C:E6:06:C4:3F:BA:38:E4:01:A3:91:92:27:17:9E:01:83:93:99
X509v3 Authority Key Identifier:
keyid:08:9C:8C:7F:33:40:53:C8:A9:0A:34:08:00:9E:F3:D3:B7:A8:2E:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CJyMfzNAU8ipCjQIAJ7z07eoLj0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/f4e03e-27b2-494b-8c0f-6f7009bee915/1/kEzmBsQ_ujjkAaORkicXngGDk5k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/95/f4e03e-27b2-494b-8c0f-6f7009bee915/1/CJyMfzNAU8ipCjQIAJ7z07eoLj0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.137.221.0/24
IPv6:
2a13:2440:a0::-2a13:2440:b0:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
78:87:1d:64:26:52:73:e3:4d:2d:28:81:b4:c8:74:37:7c:64:
2e:7b:a1:c2:83:da:cb:b4:64:16:38:b2:b8:9e:98:a7:8b:2c:
23:4f:6e:e7:be:e3:d3:65:57:cc:a7:eb:d7:ae:0e:86:f6:e4:
06:79:d2:2b:af:bc:de:cb:39:01:b7:81:b3:14:21:4a:9f:d6:
72:d9:a5:1d:eb:9f:57:bf:70:58:c3:6c:2d:84:f9:bb:e7:83:
82:4b:45:b0:23:b2:35:8a:6d:b6:de:77:42:3d:bd:fa:74:ff:
b7:40:f8:ca:25:98:66:11:ca:4c:45:6f:32:a6:ab:f8:27:20:
2d:b5:10:ca:fb:70:a6:c2:e8:de:13:50:8d:f1:0f:f3:62:81:
52:b2:50:3f:66:45:31:d5:f1:0b:21:4d:cd:39:93:1c:95:92:
89:ba:d1:48:ac:53:55:00:2a:be:ec:c6:21:de:90:24:18:08:
84:0e:0d:64:94:82:cd:76:c5:a5:63:33:06:a3:a0:52:39:26:
8b:20:87:21:31:cb:0e:b6:93:ba:6a:bd:e3:bf:b4:08:1a:d8:
51:e6:c9:32:17:e9:b1:37:aa:a1:82:b0:7e:8d:47:f6:78:5c:
d7:c9:42:18:2c:ca:3a:ca:02:dc:b0:c5:ca:85:57:f6:27:de:
4a:55:13:15
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAY/J6MrKfmhBibX+jjdH1YujMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4OWM4YzdmMzM0MDUzYzhhOTBhMzQwODAwOWVmM2QzYjdh
ODJlM2QwHhcNMjQwNTMwMTQzMDI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDRjZTYwNmM0M2ZiYTM4ZTQwMWEzOTE5MjI3MTc5ZTAxODM5Mzk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoqWAo1BCIqFmv3S+VoJ0eQGlMeRZ
chhO0wggsvgGuMEV+ByyaQVIDvg4/ScaYWRCRyb5fW+/zNL3kQWvP/biRxz8g1Gz
5kNbl+BTNVB01vX73aH6G57epf6nNXmuA4GQStdx60C4IuiQyXoZRu5VWe3wbCsF
OmEYQf20be1IIDHabrqqF2sZH5qgp/JMstBOP5w2rIj4UJhzv0TRyJdOuZO8r12t
axB2aTM7uvGWyxH9LpFuS5PED6qxoIjSZSANjHFve44JrRT/N6LNbw+UX0s7z/OZ
p/MPxbxr1A3lXkZoI3C2b7dT7w4xT6mPtpsi3Q2yin2SYfgJ42zH80tubwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFJBM5gbEP7o45AGjkZInF54Bg5OZMB8GA1UdIwQY
MBaAFAicjH8zQFPIqQo0CACe89O3qC49MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0p5TWZ6TkFVOGlwQ2pRSUFKN3owN2VvTGowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS9mNGUwM2UtMjdiMi00OTRiLThjMGYt
NmY3MDA5YmVlOTE1LzEva0V6bUJzUV91amprQWFPUmtpY1huZ0dEazVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS9mNGUwM2UtMjdiMi00OTRiLThjMGYtNmY3MDA5YmVlOTE1
LzEvQ0p5TWZ6TkFVOGlwQ2pRSUFKN3owN2VvTGowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAMBAIAATAGAwQAw4ndMBoE
AgACMBQwEgMHBSoTJEAAoAMHACoTJEAAsDANBgkqhkiG9w0BAQsFAAOCAQEAeIcd
ZCZSc+NNLSiBtMh0N3xkLnuhwoPay7RkFjiyuJ6Yp4ssI09u577j02VXzKfr164O
hvbkBnnSK6+83ss5AbeBsxQhSp/WctmlHeufV79wWMNsLYT5u+eDgktFsCOyNYpt
tt53Qj29+nT/t0D4yiWYZhHKTEVvMqar+CcgLbUQyvtwpsLo3hNQjfEP82KBUrJQ
P2ZFMdXxCyFNzTmTHJWSibrRSKxTVQAqvuzGId6QJBgIhA4NZJSCzXbFpWMzBqOg
UjkmiyCHITHLDraTumq947+0CBrYUebJMhfpsTeqoYKwfo1H9nhc18lCGCzKOsoC
3LDFyoVX9ifeSlUTFQ==
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:03:46 2024 by rpki-client on console-fra.rpki-client.org