Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/1d2ef8-a86e-446f-8c35-b833bd9e0b3a/1/tBM-DrnBYydsdg6F6aLLT9vxf20.roa
File: tBM-DrnBYydsdg6F6aLLT9vxf20.roa (raw, json)
Hash identifier: PEQS8dd4bQUdiATUnjbQ7dUpOm49zdaWw7hR4Hnecco=
Subject key identifier: B4:13:3E:0E:B9:C1:63:27:6C:76:0E:85:E9:A2:CB:4F:DB:F1:7F:6D
Certificate issuer: /CN=0d69e3ee55dd862674d458661ba34908b0617fa1
Certificate serial: 018F53AE5C2609BAE878F459A985F8C1136A
Authority key identifier: 0D:69:E3:EE:55:DD:86:26:74:D4:58:66:1B:A3:49:08:B0:61:7F:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DWnj7lXdhiZ01FhmG6NJCLBhf6E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/1d2ef8-a86e-446f-8c35-b833bd9e0b3a/1/tBM-DrnBYydsdg6F6aLLT9vxf20.roa
Signing time: Tue 07 May 2024 15:31:26 +0000
ROA not before: Tue 07 May 2024 15:31:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60294
IP address blocks: 46.245.216.0/21 maxlen: 21
94.31.64.0/18 maxlen: 18
94.31.67.0/24 maxlen: 24
94.31.68.0/22 maxlen: 22
94.31.72.0/22 maxlen: 22
94.31.80.0/20 maxlen: 20
94.31.92.0/23 maxlen: 23
94.31.94.0/23 maxlen: 23
94.31.96.0/20 maxlen: 20
94.31.108.0/22 maxlen: 22
94.31.112.0/23 maxlen: 23
94.31.114.0/23 maxlen: 23
94.31.116.0/22 maxlen: 22
185.7.196.0/22 maxlen: 22
185.22.44.0/22 maxlen: 22
185.22.44.0/24 maxlen: 24
185.22.45.0/24 maxlen: 24
185.22.140.0/22 maxlen: 22
185.113.120.0/22 maxlen: 22
185.158.40.0/22 maxlen: 22
185.158.41.0/24 maxlen: 24
2a00:6020::/32 maxlen: 32
2a00:6020:0:21::/64 maxlen: 64
2a00:61e0::/32 maxlen: 32
2a03:fc0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0f/1d2ef8-a86e-446f-8c35-b833bd9e0b3a/1/DWnj7lXdhiZ01FhmG6NJCLBhf6E.crl
rsync://rpki.ripe.net/repository/DEFAULT/0f/1d2ef8-a86e-446f-8c35-b833bd9e0b3a/1/DWnj7lXdhiZ01FhmG6NJCLBhf6E.mft
rsync://rpki.ripe.net/repository/DEFAULT/DWnj7lXdhiZ01FhmG6NJCLBhf6E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:53:ae:5c:26:09:ba:e8:78:f4:59:a9:85:f8:c1:13:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d69e3ee55dd862674d458661ba34908b0617fa1
Validity
Not Before: May 7 15:31:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b4133e0eb9c163276c760e85e9a2cb4fdbf17f6d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:56:cf:c8:08:8e:10:8a:40:0f:ee:d9:48:5c:
2f:d5:72:9c:fe:aa:11:f4:73:54:87:36:ae:7e:69:
ec:c9:a4:2b:5f:7f:db:42:ab:f3:e0:80:50:24:0d:
be:b0:81:c2:2b:50:21:0c:7a:1b:dc:c7:a8:65:ed:
2f:d5:51:d5:3e:d1:80:31:0d:84:ed:9c:ef:0c:03:
8c:d1:21:26:b9:fb:60:c1:e1:29:4b:51:ed:4b:db:
13:68:31:b4:23:e1:15:93:a5:2a:45:f3:3b:4d:c5:
4a:84:33:4c:ad:38:2e:2b:07:13:8d:97:2c:e4:72:
fb:d6:eb:9f:37:5f:ed:eb:1d:ac:7e:77:8e:87:4d:
87:42:ed:22:cd:ab:33:1a:cd:fe:f4:a3:91:03:8c:
bc:d1:67:ce:54:7b:26:8c:53:34:68:e3:94:35:2a:
ab:e2:32:12:bb:a7:03:e1:3b:6a:1a:8b:05:e3:96:
a3:ea:49:36:fb:b6:e3:67:0e:af:cd:78:9d:42:aa:
06:f8:fa:0a:d5:e7:d7:c1:de:d6:4c:3d:ed:3b:04:
ee:71:7c:a3:64:3c:ec:80:ff:28:98:f5:75:9c:fc:
76:ca:23:af:2c:77:d7:5e:63:21:e8:1f:a1:1c:db:
d3:84:ec:47:ea:41:83:78:f0:ed:e3:92:7d:39:16:
2b:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:13:3E:0E:B9:C1:63:27:6C:76:0E:85:E9:A2:CB:4F:DB:F1:7F:6D
X509v3 Authority Key Identifier:
keyid:0D:69:E3:EE:55:DD:86:26:74:D4:58:66:1B:A3:49:08:B0:61:7F:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DWnj7lXdhiZ01FhmG6NJCLBhf6E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/1d2ef8-a86e-446f-8c35-b833bd9e0b3a/1/tBM-DrnBYydsdg6F6aLLT9vxf20.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/1d2ef8-a86e-446f-8c35-b833bd9e0b3a/1/DWnj7lXdhiZ01FhmG6NJCLBhf6E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.245.216.0/21
94.31.64.0/18
185.7.196.0/22
185.22.44.0/22
185.22.140.0/22
185.113.120.0/22
185.158.40.0/22
IPv6:
2a00:6020::/32
2a00:61e0::/32
2a03:fc0::/32
Signature Algorithm: sha256WithRSAEncryption
ac:78:06:92:39:67:e2:4f:26:f1:d1:92:76:ec:3b:5d:a7:48:
ce:94:e3:64:f5:6c:e1:05:3f:25:c0:73:b4:b3:41:51:e4:bd:
47:70:c6:3d:93:db:e6:a6:07:94:e6:02:6b:c0:eb:7b:a2:ac:
45:e2:fc:93:b7:bc:5e:9b:06:ea:ac:64:b0:4f:71:1b:ce:f8:
63:12:57:49:18:e3:66:b1:f7:49:d9:0c:1f:64:40:d9:42:86:
54:73:af:13:70:91:48:8e:28:1f:a7:ae:04:06:81:40:c5:0b:
03:f7:09:8b:f4:20:dc:04:8b:ce:2b:9d:91:bd:b0:e9:93:45:
b7:44:1a:48:f3:07:ef:45:c4:79:7a:a1:fc:aa:52:97:4d:8d:
29:8f:df:b5:f2:ae:05:8d:34:6e:7d:9a:f3:28:a4:b4:a9:54:
f7:d3:08:a2:e5:09:91:5b:ee:ae:bb:1b:b0:c8:0f:3d:77:89:
e9:38:aa:74:e1:19:59:ed:0b:2e:f1:ca:fd:22:51:88:9e:eb:
24:d2:bd:e5:66:3f:d4:b9:93:ea:70:c1:f2:0e:36:24:0f:90:
e3:d1:b4:2a:1b:28:10:17:a1:e5:a2:44:c4:a3:86:c4:79:a9:
87:a7:93:6c:79:a4:c6:ea:e6:d8:4b:44:4a:84:68:e8:ae:97:
64:55:d0:a1
-----BEGIN CERTIFICATE-----
MIIFPjCCBCagAwIBAgISAY9TrlwmCbroePRZqYX4wRNqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNjllM2VlNTVkZDg2MjY3NGQ0NTg2NjFiYTM0OTA4YjA2
MTdmYTEwHhcNMjQwNTA3MTUzMTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDEzM2UwZWI5YzE2MzI3NmM3NjBlODVlOWEyY2I0ZmRiZjE3ZjZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmlbPyAiOEIpAD+7ZSFwv1XKc/qoR
9HNUhzaufmnsyaQrX3/bQqvz4IBQJA2+sIHCK1AhDHob3MeoZe0v1VHVPtGAMQ2E
7ZzvDAOM0SEmuftgweEpS1HtS9sTaDG0I+EVk6UqRfM7TcVKhDNMrTguKwcTjZcs
5HL71uufN1/t6x2sfneOh02HQu0izaszGs3+9KORA4y80WfOVHsmjFM0aOOUNSqr
4jISu6cD4TtqGosF45aj6kk2+7bjZw6vzXidQqoG+PoK1efXwd7WTD3tOwTucXyj
ZDzsgP8omPV1nPx2yiOvLHfXXmMh6B+hHNvThOxH6kGDePDt45J9ORYrSwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFLQTPg65wWMnbHYOhemiy0/b8X9tMB8GA1UdIwQY
MBaAFA1p4+5V3YYmdNRYZhujSQiwYX+hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFduajdsWGRoaVowMUZobUc2TkpDTEJoZjZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi8xZDJlZjgtYTg2ZS00NDZmLThjMzUt
YjgzM2JkOWUwYjNhLzEvdEJNLURybkJZeWRzZGc2RjZhTExUOXZ4ZjIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi8xZDJlZjgtYTg2ZS00NDZmLThjMzUtYjgzM2JkOWUwYjNh
LzEvRFduajdsWGRoaVowMUZobUc2TkpDTEJoZjZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGAGCCsGAQUFBwEHAQH/BFEwTzAwBAIAATAqAwQDLvXYAwQG
Xh9AAwQCuQfEAwQCuRYsAwQCuRaMAwQCuXF4AwQCuZ4oMBsEAgACMBUDBQAqAGAg
AwUAKgBh4AMFACoDD8AwDQYJKoZIhvcNAQELBQADggEBAKx4BpI5Z+JPJvHRknbs
O12nSM6U42T1bOEFPyXAc7SzQVHkvUdwxj2T2+amB5TmAmvA63uirEXi/JO3vF6b
BuqsZLBPcRvO+GMSV0kY42ax90nZDB9kQNlChlRzrxNwkUiOKB+nrgQGgUDFCwP3
CYv0INwEi84rnZG9sOmTRbdEGkjzB+9FxHl6ofyqUpdNjSmP37XyrgWNNG59mvMo
pLSpVPfTCKLlCZFb7q67G7DIDz13iek4qnThGVntCy7xyv0iUYie6yTSveVmP9S5
k+pwwfIONiQPkOPRtCobKBAXoeWiRMSjhsR5qYenk2x5pMbq5thLREqEaOiul2RV
0KE=
-----END CERTIFICATE-----
Generated at Fri Jun 7 19:52:54 2024 by rpki-client on console-fra.rpki-client.org