Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/781a61-7d03-4a8e-90ba-1b3a36e1aca8/1/TWYnB52Oavk9789kFBH_TtsFA20.roa
File: TWYnB52Oavk9789kFBH_TtsFA20.roa (raw, json)
Hash identifier: Lo6TIcgKkzIrKcc1K5udX1XvguvwpolYTItBn5Pxknw=
Subject key identifier: 4D:66:27:07:9D:8E:6A:F9:3D:EF:CF:64:14:11:FF:4E:DB:05:03:6D
Certificate issuer: /CN=fc0487a04f5aa442be519a17cb2bb22d783df23b
Certificate serial: 019425220985C21EC5F79A58404C04749346
Authority key identifier: FC:04:87:A0:4F:5A:A4:42:BE:51:9A:17:CB:2B:B2:2D:78:3D:F2:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_ASHoE9apEK-UZoXyyuyLXg98js.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/781a61-7d03-4a8e-90ba-1b3a36e1aca8/1/TWYnB52Oavk9789kFBH_TtsFA20.roa
Signing time: Thu 02 Jan 2025 03:49:35 +0000
ROA not before: Thu 02 Jan 2025 03:49:35 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44764
IP address blocks: 46.29.216.0/21 maxlen: 21
78.41.120.0/21 maxlen: 21
92.42.64.0/21 maxlen: 21
185.46.132.0/22 maxlen: 22
2a00:13e0::/32 maxlen: 32
2a00:1400::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/18/781a61-7d03-4a8e-90ba-1b3a36e1aca8/1/_ASHoE9apEK-UZoXyyuyLXg98js.crl
rsync://rpki.ripe.net/repository/DEFAULT/18/781a61-7d03-4a8e-90ba-1b3a36e1aca8/1/_ASHoE9apEK-UZoXyyuyLXg98js.mft
rsync://rpki.ripe.net/repository/DEFAULT/_ASHoE9apEK-UZoXyyuyLXg98js.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 18:34:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:22:09:85:c2:1e:c5:f7:9a:58:40:4c:04:74:93:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fc0487a04f5aa442be519a17cb2bb22d783df23b
Validity
Not Before: Jan 2 03:49:35 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4d6627079d8e6af93defcf641411ff4edb05036d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:b8:2c:d9:c4:18:e5:01:fa:ea:51:a3:13:ef:
58:f3:58:81:dd:3b:82:df:fb:60:5a:8e:65:5e:3b:
e6:57:71:83:84:6e:4f:93:a8:d0:48:17:5b:68:d7:
96:ac:3b:f0:a9:b8:19:96:e8:e5:b7:7c:0a:80:af:
d0:33:4b:12:a9:d2:32:3d:43:43:62:ee:77:b2:89:
5d:e3:2e:90:35:6f:c9:20:c0:a8:2a:67:73:2a:93:
9f:b7:fb:12:ce:b3:ff:a3:f3:39:4d:95:ef:ab:ee:
fc:e9:25:10:71:03:4a:52:fe:56:89:cd:aa:29:24:
0d:0e:b3:9d:71:5d:a6:5c:21:41:fa:42:c2:c3:4d:
f6:5d:5e:62:1a:1f:af:00:25:0e:5e:28:b0:04:26:
60:ca:ae:55:eb:5e:ba:1d:37:fb:fa:42:30:37:09:
41:b5:cb:84:f6:60:ee:4f:19:c4:71:49:eb:35:45:
75:8a:40:03:f3:27:da:7a:cb:b7:f9:71:00:d4:1a:
f1:d9:58:30:1f:e5:b9:69:af:30:14:e7:2d:c2:9a:
18:5a:a5:9e:4f:aa:c4:14:07:57:20:db:a4:7b:7c:
f9:7b:7c:bf:c6:57:e3:4f:38:51:8e:f1:7c:80:3d:
e7:cf:19:1e:f9:a9:f1:3c:f6:2b:d9:b1:be:c6:7c:
8e:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:66:27:07:9D:8E:6A:F9:3D:EF:CF:64:14:11:FF:4E:DB:05:03:6D
X509v3 Authority Key Identifier:
keyid:FC:04:87:A0:4F:5A:A4:42:BE:51:9A:17:CB:2B:B2:2D:78:3D:F2:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_ASHoE9apEK-UZoXyyuyLXg98js.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/781a61-7d03-4a8e-90ba-1b3a36e1aca8/1/TWYnB52Oavk9789kFBH_TtsFA20.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/781a61-7d03-4a8e-90ba-1b3a36e1aca8/1/_ASHoE9apEK-UZoXyyuyLXg98js.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.29.216.0/21
78.41.120.0/21
92.42.64.0/21
185.46.132.0/22
IPv6:
2a00:13e0::/32
2a00:1400::/32
Signature Algorithm: sha256WithRSAEncryption
39:b6:ff:9e:9a:57:0b:2f:f3:0d:e5:7f:3c:2e:32:5a:e6:b2:
db:05:de:2b:9f:d0:37:bc:a1:80:7c:bf:1d:d6:d1:e3:15:8c:
56:ba:ac:be:07:98:0e:d9:07:42:6b:a5:86:73:7f:9a:17:5f:
51:f2:92:96:a7:cc:3a:b2:0b:18:4b:0b:ac:f5:97:c1:69:3a:
8a:33:27:1b:14:6b:7f:d4:7a:93:72:80:9d:0e:d0:b4:14:62:
a5:94:b4:ab:96:f8:2b:df:7a:d5:6b:7a:a6:1e:02:a6:e4:2b:
0c:9e:de:f8:c5:f6:09:da:12:5d:28:23:39:ba:6e:23:ba:cb:
8c:81:3e:60:13:b5:6e:50:05:50:81:ec:ee:ee:35:1c:96:af:
a9:db:d4:e5:46:04:a3:50:9f:8b:68:c9:a4:bd:7b:fe:5d:2e:
ba:bc:10:9c:4a:80:ce:c8:fd:c6:4f:97:07:8b:55:81:f9:a8:
f3:24:39:cf:32:26:66:ea:74:3e:b4:bf:23:18:9c:d4:e6:46:
61:61:b6:eb:c1:10:b7:d2:56:6b:0f:e8:99:cc:b0:f8:a8:6f:
39:0c:ac:3c:b1:ba:b9:c2:cf:da:a5:6d:c1:b4:15:cc:93:82:
2b:64:bd:bf:ad:d6:da:9b:a4:7e:ab:94:b1:a3:9c:cf:af:5c:
d0:16:75:21
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAZQlIgmFwh7F95pYQEwEdJNGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjMDQ4N2EwNGY1YWE0NDJiZTUxOWExN2NiMmJiMjJkNzgz
ZGYyM2IwHhcNMjUwMTAyMDM0OTM1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDY2MjcwNzlkOGU2YWY5M2RlZmNmNjQxNDExZmY0ZWRiMDUwMzZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp7gs2cQY5QH66lGjE+9Y81iB3TuC
3/tgWo5lXjvmV3GDhG5Pk6jQSBdbaNeWrDvwqbgZlujlt3wKgK/QM0sSqdIyPUND
Yu53sold4y6QNW/JIMCoKmdzKpOft/sSzrP/o/M5TZXvq+786SUQcQNKUv5Wic2q
KSQNDrOdcV2mXCFB+kLCw032XV5iGh+vACUOXiiwBCZgyq5V6166HTf7+kIwNwlB
tcuE9mDuTxnEcUnrNUV1ikAD8yfaesu3+XEA1Brx2VgwH+W5aa8wFOctwpoYWqWe
T6rEFAdXINuke3z5e3y/xlfjTzhRjvF8gD3nzxke+anxPPYr2bG+xnyOsQIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFE1mJwedjmr5Pe/PZBQR/07bBQNtMB8GA1UdIwQY
MBaAFPwEh6BPWqRCvlGaF8srsi14PfI7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX0FTSG9FOWFwRUstVVpvWHl5dXlMWGc5OGpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC83ODFhNjEtN2QwMy00YThlLTkwYmEt
MWIzYTM2ZTFhY2E4LzEvVFdZbkI1Mk9hdms5Nzg5a0ZCSF9UdHNGQTIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC83ODFhNjEtN2QwMy00YThlLTkwYmEtMWIzYTM2ZTFhY2E4
LzEvX0FTSG9FOWFwRUstVVpvWHl5dXlMWGc5OGpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAeBAIAATAYAwQDLh3YAwQD
Til4AwQDXCpAAwQCuS6EMBQEAgACMA4DBQAqABPgAwUAKgAUADANBgkqhkiG9w0B
AQsFAAOCAQEAObb/nppXCy/zDeV/PC4yWuay2wXeK5/QN7yhgHy/HdbR4xWMVrqs
vgeYDtkHQmulhnN/mhdfUfKSlqfMOrILGEsLrPWXwWk6ijMnGxRrf9R6k3KAnQ7Q
tBRipZS0q5b4K9961Wt6ph4CpuQrDJ7e+MX2CdoSXSgjObpuI7rLjIE+YBO1blAF
UIHs7u41HJavqdvU5UYEo1Cfi2jJpL17/l0uurwQnEqAzsj9xk+XB4tVgfmo8yQ5
zzImZup0PrS/Ixic1OZGYWG268EQt9JWaw/omcyw+KhvOQysPLG6ucLP2qVtwbQV
zJOCK2S9v63W2pukfquUsaOcz69c0BZ1IQ==
-----END CERTIFICATE-----
Generated at Sun Apr 13 03:32:42 2025 by rpki-client