Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/a8d943-f082-4b18-b840-389195c4f07b/1/TyGoeOAvHyE6sSvUGTKxTIto9oQ.roa
File: TyGoeOAvHyE6sSvUGTKxTIto9oQ.roa (raw, json)
Hash identifier: oFVnsNu+Rm5raDA9LjGTXpPYoX1ExECmGg8HH0jPK/c=
Subject key identifier: 4F:21:A8:78:E0:2F:1F:21:3A:B1:2B:D4:19:32:B1:4C:8B:68:F6:84
Certificate issuer: /CN=f43bf90808ae7eca063f746a8f1d88865734c8a3
Certificate serial: 018FC9AB74F46EF5F3FA1F433612DB561DA9
Authority key identifier: F4:3B:F9:08:08:AE:7E:CA:06:3F:74:6A:8F:1D:88:86:57:34:C8:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9Dv5CAiufsoGP3Rqjx2Ihlc0yKM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/a8d943-f082-4b18-b840-389195c4f07b/1/TyGoeOAvHyE6sSvUGTKxTIto9oQ.roa
Signing time: Thu 30 May 2024 13:23:28 +0000
ROA not before: Thu 30 May 2024 13:23:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202448
IP address blocks: 2.56.212.0/24 maxlen: 24
2.56.213.0/24 maxlen: 24
2.56.214.0/24 maxlen: 24
2.56.215.0/24 maxlen: 24
31.14.238.0/24 maxlen: 24
31.222.229.0/24 maxlen: 24
45.137.148.0/24 maxlen: 32
45.137.149.0/24 maxlen: 24
45.137.150.0/24 maxlen: 24
45.137.151.0/24 maxlen: 24
45.153.184.0/24 maxlen: 24
45.153.185.0/24 maxlen: 24
45.153.186.0/24 maxlen: 24
45.153.187.0/24 maxlen: 24
62.3.32.0/24 maxlen: 24
86.105.252.0/24 maxlen: 24
86.106.181.0/24 maxlen: 24
86.107.197.0/24 maxlen: 24
89.38.128.0/24 maxlen: 24
89.38.129.0/24 maxlen: 24
89.38.130.0/24 maxlen: 24
89.38.131.0/24 maxlen: 24
89.38.135.0/24 maxlen: 32
89.43.33.0/24 maxlen: 24
91.227.40.0/24 maxlen: 24
91.227.41.0/24 maxlen: 24
91.250.248.0/24 maxlen: 32
91.250.249.0/24 maxlen: 32
93.114.128.0/24 maxlen: 24
93.114.133.0/24 maxlen: 24
93.115.16.0/24 maxlen: 24
93.115.17.0/24 maxlen: 24
93.115.18.0/24 maxlen: 24
93.115.19.0/24 maxlen: 24
93.115.20.0/24 maxlen: 24
93.115.21.0/24 maxlen: 24
93.115.22.0/24 maxlen: 24
93.115.23.0/24 maxlen: 24
94.176.182.0/24 maxlen: 24
94.231.205.0/24 maxlen: 24
95.169.192.0/24 maxlen: 24
95.169.201.0/24 maxlen: 24
95.169.204.0/24 maxlen: 24
95.169.205.0/24 maxlen: 24
178.157.82.0/24 maxlen: 24
178.157.90.0/24 maxlen: 24
178.157.91.0/24 maxlen: 24
185.96.163.0/24 maxlen: 24
185.170.212.0/24 maxlen: 24
185.170.213.0/24 maxlen: 24
185.170.214.0/24 maxlen: 24
185.170.215.0/24 maxlen: 24
185.177.73.0/24 maxlen: 24
185.234.52.0/24 maxlen: 32
185.243.214.0/24 maxlen: 32
185.243.215.0/24 maxlen: 24
188.212.124.0/24 maxlen: 24
188.212.125.0/24 maxlen: 24
193.201.15.0/24 maxlen: 24
194.26.213.0/24 maxlen: 24
194.32.76.0/24 maxlen: 24
194.32.77.0/24 maxlen: 24
194.32.78.0/24 maxlen: 24
194.32.79.0/24 maxlen: 24
194.63.145.0/24 maxlen: 24
194.99.20.0/24 maxlen: 24
194.99.21.0/24 maxlen: 24
194.99.22.0/24 maxlen: 24
194.99.23.0/24 maxlen: 24
2a05:8280::/32 maxlen: 32
2a09:cd40::/32 maxlen: 32
2a09:cd41::/32 maxlen: 32
2a09:cd42::/32 maxlen: 32
2a09:cd43::/32 maxlen: 32
2a09:cd45::/32 maxlen: 32
2a09:cd46::/32 maxlen: 32
2a0c:b9c0::/32 maxlen: 32
2a0c:b9c1::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/a8d943-f082-4b18-b840-389195c4f07b/1/9Dv5CAiufsoGP3Rqjx2Ihlc0yKM.crl
rsync://rpki.ripe.net/repository/DEFAULT/16/a8d943-f082-4b18-b840-389195c4f07b/1/9Dv5CAiufsoGP3Rqjx2Ihlc0yKM.mft
rsync://rpki.ripe.net/repository/DEFAULT/9Dv5CAiufsoGP3Rqjx2Ihlc0yKM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 17:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:c9:ab:74:f4:6e:f5:f3:fa:1f:43:36:12:db:56:1d:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f43bf90808ae7eca063f746a8f1d88865734c8a3
Validity
Not Before: May 30 13:23:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4f21a878e02f1f213ab12bd41932b14c8b68f684
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:e5:a5:ca:6b:03:93:19:51:96:c2:06:69:18:
ff:05:ea:9c:67:c9:60:08:f5:a7:6e:ea:90:76:ea:
28:df:a2:02:24:79:c7:1c:8a:c2:a2:fd:b0:8c:fe:
c4:aa:83:ed:b0:e8:5d:89:fa:15:12:c6:11:72:9f:
ae:d8:e3:39:1a:94:0f:02:44:5a:92:7c:3d:d9:c9:
fb:6c:5e:47:70:61:ba:de:5f:dd:81:05:a1:46:ad:
5c:9d:6d:6b:20:80:dd:64:1a:b7:5a:ff:a3:21:b8:
3d:ad:a9:85:f8:c7:5b:3c:5d:c6:d8:7f:cd:a0:43:
be:ca:91:f1:57:e6:d3:a2:3c:84:bb:74:d9:2d:c2:
ff:03:eb:b1:87:b6:ee:78:64:76:ff:8a:cf:0f:92:
12:e7:0c:5e:4d:2b:e1:43:d2:12:28:51:68:b5:9d:
08:3b:1a:75:a1:80:e7:66:64:ab:0f:93:de:4e:07:
21:07:9e:96:ad:c9:7c:03:d4:38:ce:17:a4:2d:72:
00:c8:ac:a8:39:71:b6:5c:d9:16:19:c8:62:a6:0a:
7e:bc:16:9d:b8:3f:f7:1c:6a:ad:5c:3b:80:a6:b8:
d0:e2:4c:3e:04:af:c3:da:3d:14:3f:e8:dd:b6:ce:
9a:88:53:40:d7:18:26:3f:40:5a:51:8c:b5:5d:5a:
2d:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:21:A8:78:E0:2F:1F:21:3A:B1:2B:D4:19:32:B1:4C:8B:68:F6:84
X509v3 Authority Key Identifier:
keyid:F4:3B:F9:08:08:AE:7E:CA:06:3F:74:6A:8F:1D:88:86:57:34:C8:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9Dv5CAiufsoGP3Rqjx2Ihlc0yKM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/a8d943-f082-4b18-b840-389195c4f07b/1/TyGoeOAvHyE6sSvUGTKxTIto9oQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/a8d943-f082-4b18-b840-389195c4f07b/1/9Dv5CAiufsoGP3Rqjx2Ihlc0yKM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.212.0/22
31.14.238.0/24
31.222.229.0/24
45.137.148.0/22
45.153.184.0/22
62.3.32.0/24
86.105.252.0/24
86.106.181.0/24
86.107.197.0/24
89.38.128.0/22
89.38.135.0/24
89.43.33.0/24
91.227.40.0/23
91.250.248.0/23
93.114.128.0/24
93.114.133.0/24
93.115.16.0/21
94.176.182.0/24
94.231.205.0/24
95.169.192.0/24
95.169.201.0/24
95.169.204.0/23
178.157.82.0/24
178.157.90.0/23
185.96.163.0/24
185.170.212.0/22
185.177.73.0/24
185.234.52.0/24
185.243.214.0/23
188.212.124.0/23
193.201.15.0/24
194.26.213.0/24
194.32.76.0/22
194.63.145.0/24
194.99.20.0/22
IPv6:
2a05:8280::/32
2a09:cd40::/30
2a09:cd45::-2a09:cd46:ffff:ffff:ffff:ffff:ffff:ffff
2a0c:b9c0::/31
Signature Algorithm: sha256WithRSAEncryption
7b:6c:1f:22:60:9f:15:c3:1d:ea:ce:8f:ad:ab:13:e3:69:38:
72:83:b1:54:8f:14:51:3d:48:3c:23:97:74:a7:61:e7:99:3a:
a3:2d:dc:a1:39:42:c1:fc:c9:52:9e:27:a5:5c:33:c1:9b:de:
64:a8:20:8f:50:dd:20:d3:c3:5d:6f:58:06:fa:8a:b2:c7:50:
a7:8f:b9:8e:7e:4a:3e:23:18:9d:cc:03:da:8b:d8:6e:13:f5:
6a:10:47:82:2c:a6:53:de:d6:a0:00:45:4a:f4:ad:d9:9d:55:
10:9c:3a:b8:5d:11:85:de:2e:03:c1:90:5e:5b:c7:90:ea:28:
e1:00:9a:02:d0:e1:e4:a4:ef:98:a0:81:b6:13:f9:bc:ad:36:
55:a5:8c:8a:4f:17:59:d4:b2:04:75:91:7e:52:7e:4c:92:a7:
7e:2d:68:9e:4d:59:ea:e4:04:64:4b:f8:30:21:83:7f:2c:6e:
37:24:87:e4:a6:9b:fe:23:1a:90:4a:cc:44:72:03:54:d7:48:
7c:74:ae:04:24:d6:1a:6e:4f:6f:6f:ca:62:f0:29:26:bc:f7:
29:9a:ab:37:97:b3:0c:e5:d5:d7:79:57:ce:73:8d:50:aa:9b:
43:7c:74:cb:64:c2:88:45:15:62:48:bf:47:1a:21:e3:51:54:
e0:10:6b:c4
-----BEGIN CERTIFICATE-----
MIIF/jCCBOagAwIBAgISAY/Jq3T0bvXz+h9DNhLbVh2pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0M2JmOTA4MDhhZTdlY2EwNjNmNzQ2YThmMWQ4ODg2NTcz
NGM4YTMwHhcNMjQwNTMwMTMyMzI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjIxYTg3OGUwMmYxZjIxM2FiMTJiZDQxOTMyYjE0YzhiNjhmNjg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy+WlymsDkxlRlsIGaRj/BeqcZ8lg
CPWnbuqQduoo36ICJHnHHIrCov2wjP7EqoPtsOhdifoVEsYRcp+u2OM5GpQPAkRa
knw92cn7bF5HcGG63l/dgQWhRq1cnW1rIIDdZBq3Wv+jIbg9ramF+MdbPF3G2H/N
oEO+ypHxV+bTojyEu3TZLcL/A+uxh7bueGR2/4rPD5IS5wxeTSvhQ9ISKFFotZ0I
Oxp1oYDnZmSrD5PeTgchB56Wrcl8A9Q4zhekLXIAyKyoOXG2XNkWGchipgp+vBad
uD/3HGqtXDuAprjQ4kw+BK/D2j0UP+jdts6aiFNA1xgmP0BaUYy1XVotqwIDAQAB
o4IDCjCCAwYwHQYDVR0OBBYEFE8hqHjgLx8hOrEr1BkysUyLaPaEMB8GA1UdIwQY
MBaAFPQ7+QgIrn7KBj90ao8diIZXNMijMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOUR2NUNBaXVmc29HUDNScWp4MklobGMweUtNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi9hOGQ5NDMtZjA4Mi00YjE4LWI4NDAt
Mzg5MTk1YzRmMDdiLzEvVHlHb2VPQXZIeUU2c1N2VUdUS3hUSXRvOW9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi9hOGQ5NDMtZjA4Mi00YjE4LWI4NDAtMzg5MTk1YzRmMDdi
LzEvOUR2NUNBaXVmc29HUDNScWp4MklobGMweUtNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBHgYIKwYBBQUHAQcBAf8EggENMIIBCTCB2QQCAAEwgdID
BAICONQDBAAfDu4DBAAf3uUDBAItiZQDBAItmbgDBAA+AyADBABWafwDBABWarUD
BABWa8UDBAJZJoADBABZJocDBABZKyEDBAFb4ygDBAFb+vgDBABdcoADBABdcoUD
BANdcxADBABesLYDBABe580DBABfqcADBABfqckDBAFfqcwDBACynVIDBAGynVoD
BAC5YKMDBAK5qtQDBAC5sUkDBAC56jQDBAG589YDBAG81HwDBADByQ8DBADCGtUD
BALCIEwDBADCP5EDBALCYxQwKwQCAAIwJQMFACoFgoADBQIqCc1AMA4DBQAqCc1F
AwUAKgnNRgMFASoMucAwDQYJKoZIhvcNAQELBQADggEBAHtsHyJgnxXDHerOj62r
E+NpOHKDsVSPFFE9SDwjl3SnYeeZOqMt3KE5QsH8yVKeJ6VcM8Gb3mSoII9Q3SDT
w11vWAb6irLHUKePuY5+Sj4jGJ3MA9qL2G4T9WoQR4IsplPe1qAARUr0rdmdVRCc
OrhdEYXeLgPBkF5bx5DqKOEAmgLQ4eSk75iggbYT+bytNlWljIpPF1nUsgR1kX5S
fkySp34taJ5NWerkBGRL+DAhg38sbjckh+Smm/4jGpBKzERyA1TXSHx0rgQk1hpu
T29vymLwKSa89ymaqzeXswzl1dd5V85zjVCqm0N8dMtkwohFFWJIv0caIeNRVOAQ
a8Q=
-----END CERTIFICATE-----
Generated at Fri Nov 22 22:29:32 2024 by rpki-client on console-ams.rpki-client.org