Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/1ba191-a42a-4509-bb28-0bc7e7ef0763/1/Tci-duFHvWMEGttKQ92T_aViR_A.roa
File: Tci-duFHvWMEGttKQ92T_aViR_A.roa (raw, json)
Hash identifier: TNMB/iEiiWHvlZINV0FtcnUi3rWiLmL/5woKI9WyM90=
Subject key identifier: 4D:C8:BE:76:E1:47:BD:63:04:1A:DB:4A:43:DD:93:FD:A5:62:47:F0
Certificate issuer: /CN=e9fdfcdc3261b57afadfed730fb2dedb28649fcf
Certificate serial: 019422FC0C120545A5C4166D17EBB6CAA8EB
Authority key identifier: E9:FD:FC:DC:32:61:B5:7A:FA:DF:ED:73:0F:B2:DE:DB:28:64:9F:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6f383DJhtXr63-1zD7Le2yhkn88.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/1ba191-a42a-4509-bb28-0bc7e7ef0763/1/Tci-duFHvWMEGttKQ92T_aViR_A.roa
Signing time: Wed 01 Jan 2025 17:48:50 +0000
ROA not before: Wed 01 Jan 2025 17:48:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202596
IP address blocks: 45.12.240.0/22 maxlen: 22
45.80.244.0/22 maxlen: 22
45.92.120.0/22 maxlen: 22
45.95.156.0/22 maxlen: 22
45.133.120.0/21 maxlen: 21
45.133.128.0/22 maxlen: 22
45.134.228.0/22 maxlen: 22
45.139.12.0/22 maxlen: 22
45.141.132.0/22 maxlen: 22
45.145.48.0/22 maxlen: 22
45.149.188.0/22 maxlen: 22
45.152.232.0/22 maxlen: 22
45.159.64.0/23 maxlen: 23
62.197.32.0/21 maxlen: 21
62.197.42.0/23 maxlen: 23
62.197.46.0/23 maxlen: 23
62.197.52.0/22 maxlen: 22
62.197.56.0/21 maxlen: 21
80.249.16.0/20 maxlen: 20
85.8.164.0/22 maxlen: 22
86.105.196.0/24 maxlen: 24
95.141.16.0/20 maxlen: 20
130.195.48.0/22 maxlen: 22
130.195.60.0/22 maxlen: 22
158.41.48.0/20 maxlen: 20
160.19.180.0/22 maxlen: 22
161.38.0.0/21 maxlen: 21
176.97.152.0/22 maxlen: 22
185.14.88.0/22 maxlen: 22
185.96.220.0/22 maxlen: 22
185.106.72.0/22 maxlen: 22
185.111.72.0/22 maxlen: 22
185.159.76.0/22 maxlen: 22
185.176.160.0/22 maxlen: 22
185.179.12.0/22 maxlen: 22
185.222.80.0/22 maxlen: 22
185.225.44.0/22 maxlen: 22
185.226.36.0/22 maxlen: 22
185.236.184.0/22 maxlen: 22
185.239.32.0/22 maxlen: 22
185.240.108.0/22 maxlen: 22
185.247.172.0/22 maxlen: 22
185.248.104.0/22 maxlen: 22
185.250.188.0/22 maxlen: 22
185.254.136.0/22 maxlen: 22
193.29.28.0/22 maxlen: 22
193.39.240.0/22 maxlen: 22
193.46.20.0/22 maxlen: 22
194.6.251.0/24 maxlen: 24
194.6.252.0/24 maxlen: 24
194.6.254.0/24 maxlen: 24
195.26.112.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/97/1ba191-a42a-4509-bb28-0bc7e7ef0763/1/6f383DJhtXr63-1zD7Le2yhkn88.crl
rsync://rpki.ripe.net/repository/DEFAULT/97/1ba191-a42a-4509-bb28-0bc7e7ef0763/1/6f383DJhtXr63-1zD7Le2yhkn88.mft
rsync://rpki.ripe.net/repository/DEFAULT/6f383DJhtXr63-1zD7Le2yhkn88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Apr 2025 14:46:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fc:0c:12:05:45:a5:c4:16:6d:17:eb:b6:ca:a8:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e9fdfcdc3261b57afadfed730fb2dedb28649fcf
Validity
Not Before: Jan 1 17:48:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4dc8be76e147bd63041adb4a43dd93fda56247f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:ee:2a:9f:09:0e:6e:c5:dc:b7:33:12:69:e0:
98:7f:10:27:cf:9f:66:45:81:f7:bc:74:b5:45:2f:
05:0f:5a:b3:83:d4:5f:5c:a3:41:47:50:bb:d5:03:
89:f8:68:a3:92:97:88:b7:e0:be:b6:16:dd:ba:d6:
7d:26:07:2c:48:0b:f1:d8:c5:8a:04:ef:53:c9:38:
19:2a:a3:24:ec:f6:6d:75:a8:d0:37:3e:f1:9b:10:
fc:c6:cb:d4:f5:07:c4:ad:55:dd:d9:ec:3f:ab:72:
2f:7b:9b:e9:1e:19:62:22:29:7f:ca:27:aa:95:d5:
1d:99:44:a1:15:bd:17:7e:fc:39:ab:ca:a3:e8:c1:
6f:97:dd:9d:46:61:d6:0b:6b:30:4f:c0:71:ac:7d:
b8:2a:8a:6e:95:e5:61:0a:a0:e1:44:3f:9a:7c:0f:
6a:4e:ba:8a:50:8c:98:15:a8:fd:3e:d8:4e:90:37:
76:82:b0:7b:06:fe:18:ea:25:7a:32:3b:44:84:74:
98:a6:f9:ad:56:9e:38:2c:37:0a:c0:24:95:05:e2:
00:78:f0:42:10:29:1d:3a:fb:da:a7:65:0b:19:29:
e1:e1:c8:ee:61:60:62:03:ec:bd:7a:ec:06:1b:85:
02:36:c6:02:45:10:e9:aa:12:7c:fa:d4:4d:ae:44:
79:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:C8:BE:76:E1:47:BD:63:04:1A:DB:4A:43:DD:93:FD:A5:62:47:F0
X509v3 Authority Key Identifier:
keyid:E9:FD:FC:DC:32:61:B5:7A:FA:DF:ED:73:0F:B2:DE:DB:28:64:9F:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f383DJhtXr63-1zD7Le2yhkn88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/1ba191-a42a-4509-bb28-0bc7e7ef0763/1/Tci-duFHvWMEGttKQ92T_aViR_A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/1ba191-a42a-4509-bb28-0bc7e7ef0763/1/6f383DJhtXr63-1zD7Le2yhkn88.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.12.240.0/22
45.80.244.0/22
45.92.120.0/22
45.95.156.0/22
45.133.120.0-45.133.131.255
45.134.228.0/22
45.139.12.0/22
45.141.132.0/22
45.145.48.0/22
45.149.188.0/22
45.152.232.0/22
45.159.64.0/23
62.197.32.0/21
62.197.42.0/23
62.197.46.0/23
62.197.52.0-62.197.63.255
80.249.16.0/20
85.8.164.0/22
86.105.196.0/24
95.141.16.0/20
130.195.48.0/22
130.195.60.0/22
158.41.48.0/20
160.19.180.0/22
161.38.0.0/21
176.97.152.0/22
185.14.88.0/22
185.96.220.0/22
185.106.72.0/22
185.111.72.0/22
185.159.76.0/22
185.176.160.0/22
185.179.12.0/22
185.222.80.0/22
185.225.44.0/22
185.226.36.0/22
185.236.184.0/22
185.239.32.0/22
185.240.108.0/22
185.247.172.0/22
185.248.104.0/22
185.250.188.0/22
185.254.136.0/22
193.29.28.0/22
193.39.240.0/22
193.46.20.0/22
194.6.251.0-194.6.252.255
194.6.254.0/24
195.26.112.0/20
Signature Algorithm: sha256WithRSAEncryption
92:de:4b:a5:f9:95:79:82:92:ea:2a:1d:e9:e3:1a:d3:0d:bc:
ff:8c:f6:a6:f6:aa:cd:cc:cf:ed:21:3b:1a:a7:c4:70:33:21:
73:f0:eb:87:91:10:6c:70:fd:93:0a:0f:db:8b:33:16:98:2c:
97:33:a7:ca:da:21:0f:80:88:dd:30:73:a7:97:1a:36:95:6c:
fc:76:26:d3:7e:15:98:0b:38:8f:b1:ae:49:a4:6b:ad:57:77:
e8:d6:fc:c8:d6:76:94:3f:e4:d5:ea:8b:57:e9:a3:5c:b8:80:
51:d2:d7:61:58:83:d8:c3:93:18:72:98:05:6e:8a:c3:44:6c:
ee:ad:4b:6c:87:d3:b3:2b:07:f9:2c:da:10:d1:92:e9:4d:a0:
5f:72:46:29:8e:c8:cd:9f:0f:fd:d7:97:86:31:99:1a:16:a0:
95:b6:b1:70:f9:7e:95:57:1e:71:45:3d:44:23:b5:ca:9a:20:
66:17:6b:8f:df:ca:34:b4:79:c0:fc:1b:c3:8a:0b:3f:18:9a:
f1:b8:db:6a:40:39:4f:8c:20:38:0b:28:f8:88:c8:1d:95:bd:
b8:63:60:b5:d7:8a:13:d9:6d:ef:5f:d6:bf:b8:65:53:18:6d:
97:1e:f5:d8:5a:e0:f1:8b:66:2e:98:8d:ee:b2:d7:33:ca:ab:
09:43:ee:5d
-----BEGIN CERTIFICATE-----
MIIGPzCCBSegAwIBAgISAZQi/AwSBUWlxBZtF+u2yqjrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5ZmRmY2RjMzI2MWI1N2FmYWRmZWQ3MzBmYjJkZWRiMjg2
NDlmY2YwHhcNMjUwMTAxMTc0ODUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZGM4YmU3NmUxNDdiZDYzMDQxYWRiNGE0M2RkOTNmZGE1NjI0N2YwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk+4qnwkObsXctzMSaeCYfxAnz59m
RYH3vHS1RS8FD1qzg9RfXKNBR1C71QOJ+GijkpeIt+C+thbdutZ9JgcsSAvx2MWK
BO9TyTgZKqMk7PZtdajQNz7xmxD8xsvU9QfErVXd2ew/q3Ive5vpHhliIil/yieq
ldUdmUShFb0Xfvw5q8qj6MFvl92dRmHWC2swT8BxrH24KopuleVhCqDhRD+afA9q
TrqKUIyYFaj9PthOkDd2grB7Bv4Y6iV6MjtEhHSYpvmtVp44LDcKwCSVBeIAePBC
ECkdOvvap2ULGSnh4cjuYWBiA+y9euwGG4UCNsYCRRDpqhJ8+tRNrkR5JwIDAQAB
o4IDSzCCA0cwHQYDVR0OBBYEFE3IvnbhR71jBBrbSkPdk/2lYkfwMB8GA1UdIwQY
MBaAFOn9/NwyYbV6+t/tcw+y3tsoZJ/PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNmYzODNESmh0WHI2My0xekQ3TGUyeWhrbjg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny8xYmExOTEtYTQyYS00NTA5LWJiMjgt
MGJjN2U3ZWYwNzYzLzEvVGNpLWR1Rkh2V01FR3R0S1E5MlRfYVZpUl9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny8xYmExOTEtYTQyYS00NTA5LWJiMjgtMGJjN2U3ZWYwNzYz
LzEvNmYzODNESmh0WHI2My0xekQ3TGUyeWhrbjg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBXwYIKwYBBQUHAQcBAf8EggFOMIIBSjCCAUYEAgABMIIB
PgMEAi0M8AMEAi1Q9AMEAi1ceAMEAi1fnDAMAwQDLYV4AwQCLYWAAwQCLYbkAwQC
LYsMAwQCLY2EAwQCLZEwAwQCLZW8AwQCLZjoAwQBLZ9AAwQDPsUgAwQBPsUqAwQB
PsUuMAwDBAI+xTQDBAY+xQADBARQ+RADBAJVCKQDBABWacQDBARfjRADBAKCwzAD
BAKCwzwDBASeKTADBAKgE7QDBAOhJgADBAKwYZgDBAK5DlgDBAK5YNwDBAK5akgD
BAK5b0gDBAK5n0wDBAK5sKADBAK5swwDBAK53lADBAK54SwDBAK54iQDBAK57LgD
BAK57yADBAK58GwDBAK596wDBAK5+GgDBAK5+rwDBAK5/ogDBALBHRwDBALBJ/AD
BALBLhQwDAMEAMIG+wMEAMIG/AMEAMIG/gMEBMMacDANBgkqhkiG9w0BAQsFAAOC
AQEAkt5LpfmVeYKS6iod6eMa0w28/4z2pvaqzczP7SE7GqfEcDMhc/Drh5EQbHD9
kwoP24szFpgslzOnytohD4CI3TBzp5caNpVs/HYm034VmAs4j7GuSaRrrVd36Nb8
yNZ2lD/k1eqLV+mjXLiAUdLXYViD2MOTGHKYBW6Kw0Rs7q1LbIfTsysH+SzaENGS
6U2gX3JGKY7IzZ8P/deXhjGZGhaglbaxcPl+lVcecUU9RCO1ypogZhdrj9/KNLR5
wPwbw4oLPxia8bjbakA5T4wgOAso+IjIHZW9uGNgtdeKE9lt71/Wv7hlUxhtlx71
2Frg8YtmLpiN7rLXM8qrCUPuXQ==
-----END CERTIFICATE-----
Generated at Tue Apr 22 20:47:05 2025 by rpki-client