Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/a16c4e-b5ad-47d7-8b5b-39e76db2f808/1/TSGJBwmUH6zzcSk5BJxtW8RE4eo.roa
File: TSGJBwmUH6zzcSk5BJxtW8RE4eo.roa (raw, json)
Hash identifier: GDRdYgmwqR/8cmIcSo9mtVpLWe+BPUg+Ymiy8VwGofg=
Subject key identifier: 4D:21:89:07:09:94:1F:AC:F3:71:29:39:04:9C:6D:5B:C4:44:E1:EA
Certificate issuer: /CN=14c66a786e6ef31674bec6833c78aebec1633972
Certificate serial: 019424B268572015F2F12924353BBF06A1A7
Authority key identifier: 14:C6:6A:78:6E:6E:F3:16:74:BE:C6:83:3C:78:AE:BE:C1:63:39:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FMZqeG5u8xZ0vsaDPHiuvsFjOXI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/a16c4e-b5ad-47d7-8b5b-39e76db2f808/1/TSGJBwmUH6zzcSk5BJxtW8RE4eo.roa
Signing time: Thu 02 Jan 2025 01:47:39 +0000
ROA not before: Thu 02 Jan 2025 01:47:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 28685
IP address blocks: 37.0.80.0/20 maxlen: 24
37.153.192.0/18 maxlen: 24
46.44.128.0/18 maxlen: 24
84.246.0.0/18 maxlen: 24
89.146.0.0/18 maxlen: 24
212.121.96.0/19 maxlen: 24
213.144.224.0/19 maxlen: 24
213.247.64.0/18 maxlen: 24
2a02:22a0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4a/a16c4e-b5ad-47d7-8b5b-39e76db2f808/1/FMZqeG5u8xZ0vsaDPHiuvsFjOXI.crl
rsync://rpki.ripe.net/repository/DEFAULT/4a/a16c4e-b5ad-47d7-8b5b-39e76db2f808/1/FMZqeG5u8xZ0vsaDPHiuvsFjOXI.mft
rsync://rpki.ripe.net/repository/DEFAULT/FMZqeG5u8xZ0vsaDPHiuvsFjOXI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 09 Mar 2025 16:00:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b2:68:57:20:15:f2:f1:29:24:35:3b:bf:06:a1:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=14c66a786e6ef31674bec6833c78aebec1633972
Validity
Not Before: Jan 2 01:47:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4d21890709941facf3712939049c6d5bc444e1ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:17:8b:45:53:0d:6b:52:ad:9e:17:49:8f:ec:
7d:45:04:15:a1:4d:a8:de:20:a6:c1:a2:53:19:e9:
fc:8b:32:87:25:6c:af:bd:ea:a2:84:8f:b1:e3:c6:
90:33:cc:6c:16:e1:e1:2e:c3:11:03:42:85:8b:6d:
91:33:91:9f:ac:f5:ca:f5:7b:95:67:03:ef:b6:81:
f5:47:7a:48:9a:9c:54:10:e3:16:f8:7f:24:01:cc:
a6:91:bc:56:cd:73:42:3d:6d:5e:3c:f9:c7:5f:8b:
2c:5d:e8:f3:f5:b2:0e:60:5d:7e:1a:59:2a:ea:24:
82:49:6d:b8:b6:35:fd:66:4e:af:72:91:5f:ee:9f:
c5:54:f7:c8:8e:b5:37:c0:cb:62:ba:c8:11:74:b9:
de:47:c6:3c:e7:93:fd:0d:99:63:5f:96:dd:f2:83:
78:11:5b:32:fa:ea:43:49:f1:2d:90:db:76:56:60:
ed:fc:22:60:2a:4e:f5:3a:ef:bf:79:49:1e:3b:98:
e6:0e:73:d2:fd:05:a9:86:11:73:69:f9:75:55:7f:
a0:a0:89:35:ea:a3:7c:03:39:ba:42:15:26:0b:7a:
54:58:dd:10:2f:5c:18:3e:b2:ce:c5:06:bf:51:cc:
91:67:f0:32:83:27:cf:11:f7:9e:1d:da:6f:e0:f7:
b9:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:21:89:07:09:94:1F:AC:F3:71:29:39:04:9C:6D:5B:C4:44:E1:EA
X509v3 Authority Key Identifier:
keyid:14:C6:6A:78:6E:6E:F3:16:74:BE:C6:83:3C:78:AE:BE:C1:63:39:72
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FMZqeG5u8xZ0vsaDPHiuvsFjOXI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/a16c4e-b5ad-47d7-8b5b-39e76db2f808/1/TSGJBwmUH6zzcSk5BJxtW8RE4eo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/a16c4e-b5ad-47d7-8b5b-39e76db2f808/1/FMZqeG5u8xZ0vsaDPHiuvsFjOXI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.0.80.0/20
37.153.192.0/18
46.44.128.0/18
84.246.0.0/18
89.146.0.0/18
212.121.96.0/19
213.144.224.0/19
213.247.64.0/18
IPv6:
2a02:22a0::/32
Signature Algorithm: sha256WithRSAEncryption
04:f5:c1:60:a9:70:bc:60:79:f4:ae:be:e9:d3:bf:07:3d:76:
ac:f1:27:9c:f0:b2:8a:05:27:bf:d7:35:d5:44:35:71:ba:79:
f1:49:f1:de:7f:dc:c5:93:9d:a6:d5:4c:cb:59:1d:3b:06:b2:
40:a7:d3:9e:e2:ab:fa:c8:c1:9a:5d:8f:b1:63:bd:d2:ae:e7:
38:4b:5f:38:4c:8a:a9:0c:ca:32:7a:13:07:d3:26:74:d2:0e:
32:c9:7c:31:e6:7e:e6:0b:16:65:44:a6:61:77:ef:b7:48:cc:
56:ef:5d:3b:10:06:d1:17:95:10:91:c3:f2:06:9c:1f:41:cd:
71:6b:00:b2:e8:9c:ab:a8:8c:07:c8:0e:7b:3c:62:1c:65:91:
b8:a0:47:41:80:82:42:4a:ec:54:af:57:da:dd:2d:c4:37:ac:
38:f2:ef:c6:4a:9c:ed:79:a4:60:90:1a:4f:01:40:0d:c5:d4:
42:0b:06:b1:16:93:62:c1:d7:08:53:e2:c6:fc:0b:8c:cd:c4:
c0:33:97:23:e9:7b:fa:82:46:c9:31:a2:98:59:ae:3b:91:39:
1c:f0:ba:ba:80:cb:87:2e:14:5e:39:97:99:64:87:c4:3a:0f:
0d:00:d6:b3:b1:d3:34:4c:b6:97:8e:00:cd:b6:e2:b9:2d:a6:
85:88:52:86
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAZQksmhXIBXy8SkkNTu/BqGnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE0YzY2YTc4NmU2ZWYzMTY3NGJlYzY4MzNjNzhhZWJlYzE2
MzM5NzIwHhcNMjUwMTAyMDE0NzM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDIxODkwNzA5OTQxZmFjZjM3MTI5MzkwNDljNmQ1YmM0NDRlMWVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvheLRVMNa1KtnhdJj+x9RQQVoU2o
3iCmwaJTGen8izKHJWyvveqihI+x48aQM8xsFuHhLsMRA0KFi22RM5GfrPXK9XuV
ZwPvtoH1R3pImpxUEOMW+H8kAcymkbxWzXNCPW1ePPnHX4ssXejz9bIOYF1+Glkq
6iSCSW24tjX9Zk6vcpFf7p/FVPfIjrU3wMtiusgRdLneR8Y855P9DZljX5bd8oN4
EVsy+upDSfEtkNt2VmDt/CJgKk71Ou+/eUkeO5jmDnPS/QWphhFzafl1VX+goIk1
6qN8Azm6QhUmC3pUWN0QL1wYPrLOxQa/UcyRZ/AygyfPEfeeHdpv4Pe5MQIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFE0hiQcJlB+s83EpOQScbVvEROHqMB8GA1UdIwQY
MBaAFBTGanhubvMWdL7Ggzx4rr7BYzlyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRk1acWVHNXU4eFowdnNhRFBIaXV2c0ZqT1hJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS9hMTZjNGUtYjVhZC00N2Q3LThiNWIt
MzllNzZkYjJmODA4LzEvVFNHSkJ3bVVINnp6Y1NrNUJKeHRXOFJFNGVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS9hMTZjNGUtYjVhZC00N2Q3LThiNWItMzllNzZkYjJmODA4
LzEvRk1acWVHNXU4eFowdnNhRFBIaXV2c0ZqT1hJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQEJQBQAwQG
JZnAAwQGLiyAAwQGVPYAAwQGWZIAAwQF1HlgAwQF1ZDgAwQG1fdAMA0EAgACMAcD
BQAqAiKgMA0GCSqGSIb3DQEBCwUAA4IBAQAE9cFgqXC8YHn0rr7p078HPXas8Sec
8LKKBSe/1zXVRDVxunnxSfHef9zFk52m1UzLWR07BrJAp9Oe4qv6yMGaXY+xY73S
ruc4S184TIqpDMoyehMH0yZ00g4yyXwx5n7mCxZlRKZhd++3SMxW7107EAbRF5UQ
kcPyBpwfQc1xawCy6JyrqIwHyA57PGIcZZG4oEdBgIJCSuxUr1fa3S3EN6w48u/G
SpzteaRgkBpPAUANxdRCCwaxFpNiwdcIU+LG/AuMzcTAM5cj6Xv6gkbJMaKYWa47
kTkc8Lq6gMuHLhReOZeZZIfEOg8NANazsdM0TLaXjgDNtuK5LaaFiFKG
-----END CERTIFICATE-----
Generated at Sun Mar 9 01:47:58 2025 by rpki-client