Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/TwzbR0yLuNhCm1sEkju-Cp-Nm9s.roa
File: TwzbR0yLuNhCm1sEkju-Cp-Nm9s.roa (raw, json)
Hash identifier: NDI2ncxfDyt085jfjZLKPyKa8IShfs5q2Sbkp7eMZNQ=
Subject key identifier: 4F:0C:DB:47:4C:8B:B8:D8:42:9B:5B:04:92:3B:BE:0A:9F:8D:9B:DB
Certificate issuer: /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Certificate serial: 018E99519E013E176CE6A61216A49977B180
Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/TwzbR0yLuNhCm1sEkju-Cp-Nm9s.roa
Signing time: Mon 01 Apr 2024 11:00:46 +0000
ROA not before: Mon 01 Apr 2024 11:00:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34927
IP address blocks: 45.134.88.0/24 maxlen: 24
45.134.89.0/24 maxlen: 24
45.134.91.0/24 maxlen: 24
193.37.139.0/24 maxlen: 24
193.148.248.0/24 maxlen: 24
193.148.249.0/24 maxlen: 24
193.148.250.0/24 maxlen: 24
193.148.251.0/24 maxlen: 24
2a0c:9a40:1::/48 maxlen: 48
2a0c:9a40:1000::/44 maxlen: 48
2a0c:9a40:1001::/48 maxlen: 48
2a0c:9a40:1002::/48 maxlen: 48
2a0c:9a40:1024::/48 maxlen: 48
2a0c:9a40:1030::/44 maxlen: 48
2a0c:9a40:1050::/48 maxlen: 48
2a0c:9a40:1051::/48 maxlen: 48
2a0c:9a40:1054::/48 maxlen: 48
2a0c:9a40:1055::/48 maxlen: 48
2a0c:9a40:1057::/48 maxlen: 48
2a0c:9a40:1058::/48 maxlen: 48
2a0c:9a40:1060::/48 maxlen: 48
2a0c:9a40:1070::/44 maxlen: 48
2a0c:9a40:1070::/48 maxlen: 48
2a0c:9a40:1072::/48 maxlen: 48
2a0c:9a40:1080::/44 maxlen: 48
2a0c:9a40:1080::/48 maxlen: 48
2a0c:9a40:1090::/44 maxlen: 48
2a0c:9a40:2100::/40 maxlen: 48
2a0c:9a40:2200::/40 maxlen: 48
2a0c:9a40:2300::/40 maxlen: 48
2a0c:9a40:2328::/48 maxlen: 48
2a0c:9a40:2400::/40 maxlen: 48
2a0c:9a40:2500::/40 maxlen: 48
2a0c:9a40:2600::/40 maxlen: 48
2a0c:9a40:2700::/40 maxlen: 48
2a0c:9a40:2800::/40 maxlen: 48
2a0c:9a40:2900::/48 maxlen: 48
2a0c:9a40:2a00::/40 maxlen: 40
2a0c:9a40:2b00::/40 maxlen: 48
2a0c:9a40:2c00::/40 maxlen: 48
2a0c:9a40:2d00::/40 maxlen: 48
2a0c:9a44::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.mft
rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 May 2024 06:00:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:99:51:9e:01:3e:17:6c:e6:a6:12:16:a4:99:77:b1:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Validity
Not Before: Apr 1 11:00:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4f0cdb474c8bb8d8429b5b04923bbe0a9f8d9bdb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:dc:bd:b3:6d:f3:6f:86:26:84:15:c4:72:0d:
f5:30:6f:47:98:10:a3:c6:5f:da:60:ac:6a:ac:d7:
8a:8b:64:81:11:d3:98:a6:15:db:49:6f:a7:00:94:
f3:e4:c0:20:cf:af:4c:8b:3b:93:ea:8c:48:01:21:
48:5c:07:f7:14:54:e0:64:19:85:9f:c2:12:b0:a9:
85:f4:53:01:3a:84:22:9f:25:74:71:3f:2e:f0:f0:
9a:e3:5e:94:b1:08:a5:02:4e:d3:d0:7d:c5:06:f8:
f7:43:f2:c4:b5:6b:b2:b2:86:4e:d9:0b:da:c4:a8:
39:4d:e5:1e:cd:d4:6f:71:1d:37:53:07:2d:db:02:
8c:63:f1:a2:e4:82:2b:00:88:81:4a:82:fe:d5:50:
b8:db:b7:ee:e3:5e:81:a0:5c:ff:55:bf:63:7f:47:
31:47:a4:c7:61:af:ba:6a:94:6b:32:7f:cf:e4:5b:
21:f4:2f:3b:54:36:87:f8:da:1d:d5:55:14:70:bb:
a4:69:75:3d:31:54:8b:29:90:23:9b:63:8d:3b:9b:
b3:6f:87:70:90:6e:68:c2:d2:5d:01:81:eb:dd:a7:
ee:79:bf:63:f5:80:71:9f:e0:22:eb:cd:15:fa:17:
b8:1d:91:7c:26:3d:71:e6:91:35:21:0c:0e:70:06:
01:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:0C:DB:47:4C:8B:B8:D8:42:9B:5B:04:92:3B:BE:0A:9F:8D:9B:DB
X509v3 Authority Key Identifier:
keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/TwzbR0yLuNhCm1sEkju-Cp-Nm9s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.134.88.0/23
45.134.91.0/24
193.37.139.0/24
193.148.248.0/22
IPv6:
2a0c:9a40:1::/48
2a0c:9a40:1000::/44
2a0c:9a40:1024::/48
2a0c:9a40:1030::/44
2a0c:9a40:1050::/47
2a0c:9a40:1054::/47
2a0c:9a40:1057::-2a0c:9a40:1058:ffff:ffff:ffff:ffff:ffff
2a0c:9a40:1060::/48
2a0c:9a40:1070::-2a0c:9a40:109f:ffff:ffff:ffff:ffff:ffff
2a0c:9a40:2100::-2a0c:9a40:2900:ffff:ffff:ffff:ffff:ffff
2a0c:9a40:2a00::-2a0c:9a40:2dff:ffff:ffff:ffff:ffff:ffff
2a0c:9a44::/48
Signature Algorithm: sha256WithRSAEncryption
3c:da:5f:c5:9e:82:78:90:f4:88:ce:be:78:8e:27:f4:b2:bf:
75:b9:32:35:0b:fc:bf:8b:fe:ce:22:76:5f:2c:7f:19:b8:08:
f8:9c:33:96:51:f8:17:0c:dc:23:94:8d:7b:6b:22:96:8d:c5:
ee:16:4b:66:79:6c:c2:50:a2:41:88:b4:cb:aa:a4:d9:d8:22:
bb:28:8b:0b:19:97:16:6e:58:3e:f5:b0:f1:17:c1:02:4e:67:
5b:dc:ab:fe:bc:26:0f:f6:59:6a:f6:aa:da:2e:b3:34:86:b7:
f7:55:0f:f1:2e:55:ab:2c:9f:45:3a:6f:52:a6:61:58:4c:03:
a0:04:34:5a:0b:ff:d3:75:55:7b:07:44:e3:d7:f7:39:02:80:
70:05:d0:99:e2:6e:56:cd:cb:d4:9d:de:fa:5d:a1:c2:f3:3b:
07:37:c1:04:e9:28:80:7e:20:f9:72:de:3b:97:08:f6:d1:62:
47:e1:99:3d:38:fb:94:41:e4:ed:b1:c7:80:d9:ab:78:b6:63:
3e:6f:a6:fb:a9:47:c2:58:98:26:cf:4b:7b:c5:f0:9a:04:b6:
79:f3:c4:2b:a8:49:6e:5f:25:31:bd:f2:ac:b4:ad:ba:6b:97:
63:fc:84:6e:cf:42:00:26:b6:a8:a6:a6:62:4e:38:e5:8f:ad:
67:c3:de:31
-----BEGIN CERTIFICATE-----
MIIFsTCCBJmgAwIBAgISAY6ZUZ4BPhds5qYSFqSZd7GAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOTVhMzYxZmUyYjJjNTI5MjYyNmJhNGM1NmE2NWE4MTRl
NDgwMDgwHhcNMjQwNDAxMTEwMDQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjBjZGI0NzRjOGJiOGQ4NDI5YjViMDQ5MjNiYmUwYTlmOGQ5YmRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi9y9s23zb4YmhBXEcg31MG9HmBCj
xl/aYKxqrNeKi2SBEdOYphXbSW+nAJTz5MAgz69MizuT6oxIASFIXAf3FFTgZBmF
n8ISsKmF9FMBOoQinyV0cT8u8PCa416UsQilAk7T0H3FBvj3Q/LEtWuysoZO2Qva
xKg5TeUezdRvcR03Uwct2wKMY/Gi5IIrAIiBSoL+1VC427fu416BoFz/Vb9jf0cx
R6THYa+6apRrMn/P5Fsh9C87VDaH+Nod1VUUcLukaXU9MVSLKZAjm2ONO5uzb4dw
kG5owtJdAYHr3afueb9j9YBxn+Ai680V+he4HZF8Jj1x5pE1IQwOcAYB2QIDAQAB
o4ICvTCCArkwHQYDVR0OBBYEFE8M20dMi7jYQptbBJI7vgqfjZvbMB8GA1UdIwQY
MBaAFJ6Vo2H+KyxSkmJrpMVqZagU5IAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2Yt
YmY0ZTUyN2I5ZmE4LzEvVHd6YlIweUx1TmhDbTFzRWtqdS1DcC1ObTlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2YtYmY0ZTUyN2I5ZmE4
LzEvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHSBggrBgEFBQcBBwEB/wSBwjCBvzAeBAIAATAYAwQBLYZY
AwQALYZbAwQAwSWLAwQCwZT4MIGcBAIAAjCBlQMHACoMmkAAAQMHBCoMmkAQAAMH
ACoMmkAQJAMHBCoMmkAQMAMHASoMmkAQUAMHASoMmkAQVDASAwcAKgyaQBBXAwcA
KgyaQBBYAwcAKgyaQBBgMBIDBwQqDJpAEHADBwUqDJpAEIAwEQMGACoMmkAhAwcA
KgyaQCkAMBADBgEqDJpAKgMGASoMmkAsAwcAKgyaRAAAMA0GCSqGSIb3DQEBCwUA
A4IBAQA82l/FnoJ4kPSIzr54jif0sr91uTI1C/y/i/7OInZfLH8ZuAj4nDOWUfgX
DNwjlI17ayKWjcXuFktmeWzCUKJBiLTLqqTZ2CK7KIsLGZcWblg+9bDxF8ECTmdb
3Kv+vCYP9llq9qraLrM0hrf3VQ/xLlWrLJ9FOm9SpmFYTAOgBDRaC//TdVV7B0Tj
1/c5AoBwBdCZ4m5WzcvUnd76XaHC8zsHN8EE6SiAfiD5ct47lwj20WJH4Zk9OPuU
QeTtsceA2at4tmM+b6b7qUfCWJgmz0t7xfCaBLZ588QrqEluXyUxvfKstK26a5dj
/IRuz0IAJraopqZiTjjlj61nw94x
-----END CERTIFICATE-----
Generated at Fri May 17 14:12:22 2024 by rpki-client on console-fra.rpki-client.org