Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/cd081e-89c2-4309-9490-0a89c6996fef/1/CEIAM_Z5wqqB3OcuXpbXUjFic8w.roa
File: CEIAM_Z5wqqB3OcuXpbXUjFic8w.roa (raw, json)
Hash identifier: 1J+x5xfWrT8PESG5R2kvw9J7FQLL7zNAAXl9/ndHNk0=
Subject key identifier: 08:42:00:33:F6:79:C2:AA:81:DC:E7:2E:5E:96:D7:52:31:62:73:CC
Certificate issuer: /CN=bbfbee4a968df0fac4751b4f49027fa095c65277
Certificate serial: 019315606E18F77DDB22C477E29BB54BCAD6
Authority key identifier: BB:FB:EE:4A:96:8D:F0:FA:C4:75:1B:4F:49:02:7F:A0:95:C6:52:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u_vuSpaN8PrEdRtPSQJ_oJXGUnc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/cd081e-89c2-4309-9490-0a89c6996fef/1/CEIAM_Z5wqqB3OcuXpbXUjFic8w.roa
Signing time: Sun 10 Nov 2024 09:21:01 +0000
ROA not before: Sun 10 Nov 2024 09:21:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49879
IP address blocks: 185.21.204.0/22 maxlen: 22
185.21.204.0/24 maxlen: 24
185.21.205.0/24 maxlen: 24
185.21.206.0/24 maxlen: 24
185.21.207.0/24 maxlen: 24
217.116.192.0/21 maxlen: 21
217.116.192.0/24 maxlen: 24
217.116.193.0/24 maxlen: 24
217.116.194.0/24 maxlen: 24
217.116.195.0/24 maxlen: 24
217.116.196.0/24 maxlen: 24
217.116.197.0/24 maxlen: 24
217.116.198.0/24 maxlen: 24
217.116.199.0/24 maxlen: 24
217.116.200.0/21 maxlen: 21
217.116.200.0/24 maxlen: 24
217.116.201.0/24 maxlen: 24
217.116.202.0/24 maxlen: 24
217.116.203.0/24 maxlen: 24
217.116.204.0/24 maxlen: 24
217.116.205.0/24 maxlen: 24
217.116.206.0/24 maxlen: 24
217.116.207.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e6/cd081e-89c2-4309-9490-0a89c6996fef/1/u_vuSpaN8PrEdRtPSQJ_oJXGUnc.crl
rsync://rpki.ripe.net/repository/DEFAULT/e6/cd081e-89c2-4309-9490-0a89c6996fef/1/u_vuSpaN8PrEdRtPSQJ_oJXGUnc.mft
rsync://rpki.ripe.net/repository/DEFAULT/u_vuSpaN8PrEdRtPSQJ_oJXGUnc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:15:60:6e:18:f7:7d:db:22:c4:77:e2:9b:b5:4b:ca:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bbfbee4a968df0fac4751b4f49027fa095c65277
Validity
Not Before: Nov 10 09:21:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=08420033f679c2aa81dce72e5e96d752316273cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:99:e7:35:9d:53:8a:f2:d3:87:38:24:a6:f2:
7b:fb:aa:0e:fe:a8:05:41:04:b3:dc:06:a6:f0:c4:
a5:91:87:91:20:4f:e6:39:4b:5b:4c:9c:ee:2f:a7:
dd:77:15:14:58:8e:ba:23:fd:ea:15:f2:c0:2e:84:
7a:cc:ec:f8:42:03:fa:95:e7:1c:6f:41:c8:24:70:
37:ad:cb:05:f3:38:a6:ed:52:80:6f:0e:86:7d:f7:
ea:db:32:6d:cb:c3:74:87:54:9e:f8:5b:a3:17:a3:
9b:b0:2e:ed:2e:c9:d0:d8:ec:ab:d5:1a:55:8a:ed:
fa:44:93:df:d0:ea:f2:04:8a:93:b1:34:e0:35:16:
05:42:2f:f5:83:9c:70:80:ca:bd:55:5b:55:af:77:
1d:74:d9:fe:d5:c2:4a:e9:51:cc:d5:11:bb:77:51:
79:5c:88:26:f2:77:7f:cc:0a:7e:ac:96:61:0b:82:
5d:d3:ef:cc:6c:c1:a8:06:98:57:cd:1a:13:df:ce:
67:b5:7b:dc:1d:a2:e8:d4:78:6d:9d:98:f3:74:ac:
82:11:06:14:e7:02:90:59:22:9f:b8:f0:2f:de:6d:
d9:1d:54:7d:88:3b:4c:a0:b1:97:07:06:fe:42:83:
61:89:64:39:59:7c:92:0e:40:c9:8f:0f:33:e4:7d:
ee:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:42:00:33:F6:79:C2:AA:81:DC:E7:2E:5E:96:D7:52:31:62:73:CC
X509v3 Authority Key Identifier:
keyid:BB:FB:EE:4A:96:8D:F0:FA:C4:75:1B:4F:49:02:7F:A0:95:C6:52:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u_vuSpaN8PrEdRtPSQJ_oJXGUnc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/cd081e-89c2-4309-9490-0a89c6996fef/1/CEIAM_Z5wqqB3OcuXpbXUjFic8w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/cd081e-89c2-4309-9490-0a89c6996fef/1/u_vuSpaN8PrEdRtPSQJ_oJXGUnc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.21.204.0/22
217.116.192.0/20
Signature Algorithm: sha256WithRSAEncryption
b0:cb:4b:d7:55:27:62:ea:dd:7f:b2:8c:cd:04:d7:c2:ac:b2:
cc:69:be:40:55:c7:36:39:56:b2:b7:b9:74:f6:b6:9b:02:33:
b7:7b:1b:d8:5f:3c:95:35:08:01:9b:fd:8e:2b:65:bd:d4:d6:
b4:f1:0a:c2:e1:31:16:ca:83:4f:7e:e1:c7:e4:45:1f:3a:c2:
30:a5:f0:d6:62:6a:98:3e:29:e8:69:31:35:03:cb:ff:5a:25:
4b:af:fd:8c:35:6b:9f:73:e9:1b:7d:b2:77:44:da:8f:1e:b0:
6c:f3:21:c7:e9:d4:03:53:df:dd:69:7b:1b:6c:9d:90:ec:36:
70:6b:e9:95:36:93:8e:16:04:dc:30:2e:8f:57:9b:46:64:3f:
0f:d6:d5:e3:56:f1:e6:fa:b6:1a:be:c8:6f:de:3e:c2:e7:34:
df:77:c4:88:b9:36:9a:1a:eb:d5:2c:96:08:eb:d9:4d:d5:4f:
de:18:ac:20:24:9a:a9:dd:06:9a:9c:77:96:79:fa:28:c0:07:
5a:51:3f:e1:df:92:68:b3:a2:c7:c2:68:6c:27:40:4d:57:d0:
7a:b6:5f:db:a6:a2:5b:a6:5e:59:eb:de:ea:aa:0e:02:5f:e2:
a9:9f:16:a3:5d:d1:46:e1:a4:3d:ae:e1:a8:57:02:3b:f1:98:
d9:57:d7:1c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZMVYG4Y933bIsR34pu1S8rWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiZmJlZTRhOTY4ZGYwZmFjNDc1MWI0ZjQ5MDI3ZmEwOTVj
NjUyNzcwHhcNMjQxMTEwMDkyMTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODQyMDAzM2Y2NzljMmFhODFkY2U3MmU1ZTk2ZDc1MjMxNjI3M2NjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyZnnNZ1TivLThzgkpvJ7+6oO/qgF
QQSz3Aam8MSlkYeRIE/mOUtbTJzuL6fddxUUWI66I/3qFfLALoR6zOz4QgP6lecc
b0HIJHA3rcsF8zim7VKAbw6Gfffq2zJty8N0h1Se+FujF6ObsC7tLsnQ2Oyr1RpV
iu36RJPf0OryBIqTsTTgNRYFQi/1g5xwgMq9VVtVr3cddNn+1cJK6VHM1RG7d1F5
XIgm8nd/zAp+rJZhC4Jd0+/MbMGoBphXzRoT385ntXvcHaLo1HhtnZjzdKyCEQYU
5wKQWSKfuPAv3m3ZHVR9iDtMoLGXBwb+QoNhiWQ5WXySDkDJjw8z5H3umwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAhCADP2ecKqgdznLl6W11IxYnPMMB8GA1UdIwQY
MBaAFLv77kqWjfD6xHUbT0kCf6CVxlJ3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdV92dVNwYU44UHJFZFJ0UFNRSl9vSlhHVW5jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9jZDA4MWUtODljMi00MzA5LTk0OTAt
MGE4OWM2OTk2ZmVmLzEvQ0VJQU1fWjV3cXFCM09jdVhwYlhVakZpYzh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9jZDA4MWUtODljMi00MzA5LTk0OTAtMGE4OWM2OTk2ZmVm
LzEvdV92dVNwYU44UHJFZFJ0UFNRSl9vSlhHVW5jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuRXMAwQE
2XTAMA0GCSqGSIb3DQEBCwUAA4IBAQCwy0vXVSdi6t1/sozNBNfCrLLMab5AVcc2
OVayt7l09rabAjO3exvYXzyVNQgBm/2OK2W91Na08QrC4TEWyoNPfuHH5EUfOsIw
pfDWYmqYPinoaTE1A8v/WiVLr/2MNWufc+kbfbJ3RNqPHrBs8yHH6dQDU9/daXsb
bJ2Q7DZwa+mVNpOOFgTcMC6PV5tGZD8P1tXjVvHm+rYavshv3j7C5zTfd8SIuTaa
GuvVLJYI69lN1U/eGKwgJJqp3QaanHeWefoowAdaUT/h35Jos6LHwmhsJ0BNV9B6
tl/bpqJbpl5Z697qqg4CX+KpnxajXdFG4aQ9ruGoVwI78ZjZV9cc
-----END CERTIFICATE-----
Generated at Sat Nov 23 13:17:02 2024 by rpki-client on console-fra.rpki-client.org