Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/0ebdd4-2617-4d31-a8c3-45ea38da2218/1/TzinwoOe3SCYRQ2PDfGfvylBx5o.roa
File: TzinwoOe3SCYRQ2PDfGfvylBx5o.roa (raw, json)
Hash identifier: KBijsh63HjjWDvzbnPxtCm+OSR8utmWEYBgbvUwNT1E=
Subject key identifier: 4F:38:A7:C2:83:9E:DD:20:98:45:0D:8F:0D:F1:9F:BF:29:41:C7:9A
Certificate issuer: /CN=85aaadc568f6c928fd764d421d42c71cf5791954
Certificate serial: 0191C24DC68FD54A5BAE8E4F6AB42D250D35
Authority key identifier: 85:AA:AD:C5:68:F6:C9:28:FD:76:4D:42:1D:42:C7:1C:F5:79:19:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/haqtxWj2ySj9dk1CHULHHPV5GVQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/0ebdd4-2617-4d31-a8c3-45ea38da2218/1/TzinwoOe3SCYRQ2PDfGfvylBx5o.roa
Signing time: Thu 05 Sep 2024 13:09:22 +0000
ROA not before: Thu 05 Sep 2024 13:09:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44092
IP address blocks: 45.145.200.0/22 maxlen: 22
45.145.200.0/24 maxlen: 24
45.145.201.0/24 maxlen: 24
45.145.202.0/24 maxlen: 24
45.145.203.0/24 maxlen: 24
77.242.128.0/20 maxlen: 24
77.242.128.0/24 maxlen: 24
77.242.129.0/24 maxlen: 24
77.242.130.0/24 maxlen: 24
77.242.131.0/24 maxlen: 24
77.242.132.0/24 maxlen: 24
77.242.133.0/24 maxlen: 24
77.242.134.0/24 maxlen: 24
77.242.135.0/24 maxlen: 24
77.242.136.0/24 maxlen: 24
77.242.137.0/24 maxlen: 24
77.242.138.0/24 maxlen: 24
77.242.139.0/24 maxlen: 24
77.242.140.0/24 maxlen: 24
77.242.141.0/24 maxlen: 24
77.242.142.0/24 maxlen: 24
77.242.143.0/24 maxlen: 24
85.208.200.0/22 maxlen: 22
85.208.200.0/24 maxlen: 24
85.208.201.0/24 maxlen: 24
85.208.202.0/24 maxlen: 24
85.208.203.0/24 maxlen: 24
89.37.70.0/23 maxlen: 24
89.37.70.0/24 maxlen: 24
89.37.71.0/24 maxlen: 24
178.23.8.0/21 maxlen: 24
185.56.156.0/22 maxlen: 24
185.71.244.0/22 maxlen: 22
185.171.232.0/22 maxlen: 22
185.171.232.0/24 maxlen: 24
185.171.233.0/24 maxlen: 24
185.171.234.0/24 maxlen: 24
185.171.235.0/24 maxlen: 24
185.178.252.0/22 maxlen: 22
185.191.104.0/22 maxlen: 22
185.191.104.0/24 maxlen: 24
185.191.105.0/24 maxlen: 24
185.191.106.0/24 maxlen: 24
185.191.107.0/24 maxlen: 24
185.215.144.0/22 maxlen: 22
185.215.144.0/24 maxlen: 24
185.215.145.0/24 maxlen: 24
185.215.146.0/24 maxlen: 24
185.215.147.0/24 maxlen: 24
185.219.116.0/22 maxlen: 22
185.219.116.0/24 maxlen: 24
185.219.117.0/24 maxlen: 24
185.219.118.0/24 maxlen: 24
185.219.119.0/24 maxlen: 24
185.248.227.0/24 maxlen: 24
185.255.29.0/24 maxlen: 24
188.191.56.0/22 maxlen: 24
188.191.56.0/24 maxlen: 24
188.191.57.0/24 maxlen: 24
188.191.58.0/24 maxlen: 24
188.191.59.0/24 maxlen: 24
217.28.64.0/22 maxlen: 22
217.28.64.0/24 maxlen: 24
217.28.65.0/24 maxlen: 24
217.28.66.0/24 maxlen: 24
217.28.67.0/24 maxlen: 24
2a02:53e0::/32 maxlen: 32
2a05:3680::/29 maxlen: 29
2a0b:7b80::/29 maxlen: 29
2a0f:de80::/29 maxlen: 29
2a13:56c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/0ebdd4-2617-4d31-a8c3-45ea38da2218/1/haqtxWj2ySj9dk1CHULHHPV5GVQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/0ebdd4-2617-4d31-a8c3-45ea38da2218/1/haqtxWj2ySj9dk1CHULHHPV5GVQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/haqtxWj2ySj9dk1CHULHHPV5GVQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 04:00:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:c2:4d:c6:8f:d5:4a:5b:ae:8e:4f:6a:b4:2d:25:0d:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=85aaadc568f6c928fd764d421d42c71cf5791954
Validity
Not Before: Sep 5 13:09:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4f38a7c2839edd2098450d8f0df19fbf2941c79a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:ba:03:1e:91:1c:74:43:0a:ba:7f:84:8c:64:
6f:da:3e:81:76:27:88:b1:6a:1b:45:a2:3d:8d:aa:
9c:d5:1e:82:ec:b7:30:49:5a:59:b6:72:54:cf:12:
86:7a:d9:3a:d4:92:f7:5b:4f:ee:34:1d:a2:70:87:
02:c9:19:5b:85:47:1d:c4:b5:b8:3a:3f:ac:41:ea:
bb:cf:57:f3:76:8f:38:72:b3:b9:ac:57:7b:df:7c:
38:87:ad:49:df:62:0a:cd:f1:ae:47:54:56:7a:b9:
cf:b0:fa:ea:64:11:92:4e:b8:10:c6:9e:3a:83:4c:
e4:23:96:ce:0c:3b:d9:17:93:62:e9:6b:e5:0d:46:
a7:91:ee:5c:f2:0b:f6:e2:4d:49:31:d4:b6:c2:32:
fa:2b:56:47:fd:b7:c9:05:d5:f3:ad:7b:d7:56:1c:
ec:4e:27:7a:fb:46:70:cb:38:cb:7f:36:74:6b:97:
ea:4b:6b:10:19:09:6e:c2:7d:55:5d:41:b8:89:d8:
3f:58:3e:68:f9:8f:d0:7c:ac:6a:42:f3:4f:5f:ae:
b6:13:17:b4:0b:e0:42:eb:2a:c1:75:7d:06:8f:91:
da:f3:d9:b6:f0:5d:9b:db:ad:96:ef:0d:a0:36:46:
34:f6:08:f0:3e:c8:ec:99:c1:36:00:1e:04:ce:05:
6b:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:38:A7:C2:83:9E:DD:20:98:45:0D:8F:0D:F1:9F:BF:29:41:C7:9A
X509v3 Authority Key Identifier:
keyid:85:AA:AD:C5:68:F6:C9:28:FD:76:4D:42:1D:42:C7:1C:F5:79:19:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/haqtxWj2ySj9dk1CHULHHPV5GVQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/0ebdd4-2617-4d31-a8c3-45ea38da2218/1/TzinwoOe3SCYRQ2PDfGfvylBx5o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/0ebdd4-2617-4d31-a8c3-45ea38da2218/1/haqtxWj2ySj9dk1CHULHHPV5GVQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.145.200.0/22
77.242.128.0/20
85.208.200.0/22
89.37.70.0/23
178.23.8.0/21
185.56.156.0/22
185.71.244.0/22
185.171.232.0/22
185.178.252.0/22
185.191.104.0/22
185.215.144.0/22
185.219.116.0/22
185.248.227.0/24
185.255.29.0/24
188.191.56.0/22
217.28.64.0/22
IPv6:
2a02:53e0::/32
2a05:3680::/29
2a0b:7b80::/29
2a0f:de80::/29
2a13:56c0::/29
Signature Algorithm: sha256WithRSAEncryption
31:16:64:3a:0a:06:c7:9e:f5:76:e9:8c:1f:ce:82:30:a7:ee:
dc:5f:00:cf:8c:50:b2:90:d3:54:27:b4:76:3d:13:ac:18:34:
64:72:99:3d:59:61:3e:36:29:30:46:f8:ad:a2:8a:36:84:b1:
5b:58:16:3f:90:93:a3:74:01:3f:98:fd:d3:28:12:8b:ab:e2:
b0:64:12:25:67:d2:f4:8f:21:57:d2:31:9a:55:6c:d5:86:1d:
37:21:3a:07:8b:af:41:00:6f:62:a0:4b:98:ea:51:8c:a1:fb:
4c:a0:d8:17:37:54:4b:a4:4c:ca:2e:1c:6f:42:9d:12:86:e7:
9f:07:6a:5b:af:81:a9:ff:8b:05:43:21:26:cb:d6:a8:75:eb:
0c:39:08:ed:fa:ab:11:5a:9f:5e:55:12:31:c2:eb:4f:9d:2b:
c3:3c:0c:96:9e:ce:87:b1:2c:02:48:3e:61:67:03:6c:cc:1c:
c0:75:22:6a:11:a2:5f:8a:68:bf:18:c3:22:7d:f6:cc:09:38:
a4:7a:20:cc:c9:11:69:27:78:2c:97:d5:57:0c:d8:73:e9:5e:
dd:4a:81:a6:58:db:eb:40:7b:b2:d4:f6:6c:2d:85:17:ee:3c:
11:e7:f1:41:4b:dd:eb:44:11:f8:1a:34:35:94:22:27:41:70:
54:17:d6:74
-----BEGIN CERTIFICATE-----
MIIFhTCCBG2gAwIBAgISAZHCTcaP1Upbro5ParQtJQ01MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1YWFhZGM1NjhmNmM5MjhmZDc2NGQ0MjFkNDJjNzFjZjU3
OTE5NTQwHhcNMjQwOTA1MTMwOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjM4YTdjMjgzOWVkZDIwOTg0NTBkOGYwZGYxOWZiZjI5NDFjNzlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx7oDHpEcdEMKun+EjGRv2j6BdieI
sWobRaI9jaqc1R6C7LcwSVpZtnJUzxKGetk61JL3W0/uNB2icIcCyRlbhUcdxLW4
Oj+sQeq7z1fzdo84crO5rFd733w4h61J32IKzfGuR1RWernPsPrqZBGSTrgQxp46
g0zkI5bODDvZF5Ni6WvlDUanke5c8gv24k1JMdS2wjL6K1ZH/bfJBdXzrXvXVhzs
Tid6+0ZwyzjLfzZ0a5fqS2sQGQluwn1VXUG4idg/WD5o+Y/QfKxqQvNPX662Exe0
C+BC6yrBdX0Gj5Ha89m28F2b262W7w2gNkY09gjwPsjsmcE2AB4EzgVr/wIDAQAB
o4ICkTCCAo0wHQYDVR0OBBYEFE84p8KDnt0gmEUNjw3xn78pQceaMB8GA1UdIwQY
MBaAFIWqrcVo9sko/XZNQh1Cxxz1eRlUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGFxdHhXajJ5U2o5ZGsxQ0hVTEhIUFY1R1ZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS8wZWJkZDQtMjYxNy00ZDMxLWE4YzMt
NDVlYTM4ZGEyMjE4LzEvVHppbndvT2UzU0NZUlEyUERmR2Z2eWxCeDVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS8wZWJkZDQtMjYxNy00ZDMxLWE4YzMtNDVlYTM4ZGEyMjE4
LzEvaGFxdHhXajJ5U2o5ZGsxQ0hVTEhIUFY1R1ZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGmBggrBgEFBQcBBwEB/wSBljCBkzBmBAIAATBgAwQCLZHI
AwQETfKAAwQCVdDIAwQBWSVGAwQDshcIAwQCuTicAwQCuUf0AwQCuavoAwQCubL8
AwQCub9oAwQCudeQAwQCudt0AwQAufjjAwQAuf8dAwQCvL84AwQC2RxAMCkEAgAC
MCMDBQAqAlPgAwUDKgU2gAMFAyoLe4ADBQMqD96AAwUDKhNWwDANBgkqhkiG9w0B
AQsFAAOCAQEAMRZkOgoGx571dumMH86CMKfu3F8Az4xQspDTVCe0dj0TrBg0ZHKZ
PVlhPjYpMEb4raKKNoSxW1gWP5CTo3QBP5j90ygSi6visGQSJWfS9I8hV9IxmlVs
1YYdNyE6B4uvQQBvYqBLmOpRjKH7TKDYFzdUS6RMyi4cb0KdEobnnwdqW6+Bqf+L
BUMhJsvWqHXrDDkI7fqrEVqfXlUSMcLrT50rwzwMlp7Oh7EsAkg+YWcDbMwcwHUi
ahGiX4povxjDIn32zAk4pHogzMkRaSd4LJfVVwzYc+le3UqBpljb60B7stT2bC2F
F+48EefxQUvd60QR+Bo0NZQiJ0FwVBfWdA==
-----END CERTIFICATE-----
Generated at Fri Nov 22 13:43:10 2024 by rpki-client on console-fra.rpki-client.org