Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/cfa2ae-e524-4bd0-875b-89ace38220fb/1/tgbdLwekXuvVdgg5GtF4wLKdQVY.roa
File: tgbdLwekXuvVdgg5GtF4wLKdQVY.roa (raw, json)
Hash identifier: uTMV7mXiMEuwkA/BmqQlStt1WcDSEX+WJq5XIKNNE4M=
Subject key identifier: B6:06:DD:2F:07:A4:5E:EB:D5:76:08:39:1A:D1:78:C0:B2:9D:41:56
Certificate issuer: /CN=46ba3f80039b9e784cfb24bf2c7ddb24e1900a76
Certificate serial: 018CC348FBE22813B0B28CEB7A310BDADE44
Authority key identifier: 46:BA:3F:80:03:9B:9E:78:4C:FB:24:BF:2C:7D:DB:24:E1:90:0A:76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Rro_gAObnnhM-yS_LH3bJOGQCnY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/cfa2ae-e524-4bd0-875b-89ace38220fb/1/tgbdLwekXuvVdgg5GtF4wLKdQVY.roa
Signing time: Mon 01 Jan 2024 04:29:49 +0000
ROA not before: Mon 01 Jan 2024 04:29:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57073
IP address blocks: 176.101.88.0/21 maxlen: 24
85.198.76.0/22 maxlen: 24
185.138.253.0/24 maxlen: 24
185.138.252.0/22 maxlen: 24
185.138.252.0/24 maxlen: 24
185.138.254.0/24 maxlen: 24
185.138.255.0/24 maxlen: 24
194.1.214.0/24 maxlen: 24
213.184.154.0/24 maxlen: 24
213.184.154.0/23 maxlen: 24
213.184.156.0/22 maxlen: 24
94.141.112.0/22 maxlen: 24
185.62.200.0/23 maxlen: 24
185.62.202.0/24 maxlen: 24
91.230.107.0/24 maxlen: 24
2a03:720::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/85/cfa2ae-e524-4bd0-875b-89ace38220fb/1/Rro_gAObnnhM-yS_LH3bJOGQCnY.crl
rsync://rpki.ripe.net/repository/DEFAULT/85/cfa2ae-e524-4bd0-875b-89ace38220fb/1/Rro_gAObnnhM-yS_LH3bJOGQCnY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Rro_gAObnnhM-yS_LH3bJOGQCnY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:fb:e2:28:13:b0:b2:8c:eb:7a:31:0b:da:de:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=46ba3f80039b9e784cfb24bf2c7ddb24e1900a76
Validity
Not Before: Jan 1 04:29:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b606dd2f07a45eebd57608391ad178c0b29d4156
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:5c:b4:1b:8d:13:b4:c0:95:c7:0e:01:5c:47:
63:19:f6:e0:bf:08:26:07:4f:e7:8e:b5:c2:25:5b:
3f:1c:e5:fa:3f:83:22:23:aa:06:21:c5:f4:85:24:
02:cb:7d:43:a8:10:11:e3:84:78:fe:29:93:c9:fa:
61:57:21:0f:f6:c8:53:7d:d6:6f:8a:43:cd:51:76:
fb:fc:4b:fe:7d:96:5f:bf:e4:fd:e3:fe:cf:84:c9:
9d:7b:32:60:19:68:bf:12:6e:cf:2a:cc:e9:80:fa:
8e:56:d6:16:74:98:f2:1a:d0:9b:14:7a:3e:71:6e:
d6:2d:3c:88:f6:d9:f9:0a:05:3f:a9:91:54:87:b7:
bc:b3:8e:12:79:e3:60:0c:d5:61:82:db:c7:d4:b1:
85:29:6e:f6:73:2f:2d:a5:56:8e:ef:26:a4:73:62:
21:b8:11:1b:e3:ae:1c:dc:fd:f2:e6:1b:26:ba:e2:
5b:3a:df:2d:70:27:fa:ed:1d:6b:03:41:b8:32:ba:
9a:65:a9:9f:c8:7a:a9:fa:80:d5:f0:c3:c5:4d:40:
61:54:41:08:39:5e:1d:01:27:d7:54:97:18:04:09:
d8:09:9e:f2:42:3d:94:cf:3d:9b:8a:9f:57:ee:ca:
8f:b8:49:48:b0:5d:98:a9:a8:9e:57:69:99:cb:79:
d7:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:06:DD:2F:07:A4:5E:EB:D5:76:08:39:1A:D1:78:C0:B2:9D:41:56
X509v3 Authority Key Identifier:
keyid:46:BA:3F:80:03:9B:9E:78:4C:FB:24:BF:2C:7D:DB:24:E1:90:0A:76
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Rro_gAObnnhM-yS_LH3bJOGQCnY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/cfa2ae-e524-4bd0-875b-89ace38220fb/1/tgbdLwekXuvVdgg5GtF4wLKdQVY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/85/cfa2ae-e524-4bd0-875b-89ace38220fb/1/Rro_gAObnnhM-yS_LH3bJOGQCnY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.198.76.0/22
91.230.107.0/24
94.141.112.0/22
176.101.88.0/21
185.62.200.0-185.62.202.255
185.138.252.0/22
194.1.214.0/24
213.184.154.0-213.184.159.255
IPv6:
2a03:720::/32
Signature Algorithm: sha256WithRSAEncryption
92:0f:4f:1f:03:f9:58:b0:07:e2:0e:5f:68:0b:f7:3c:c5:21:
c8:98:d0:ef:55:cf:ff:fa:30:44:52:eb:14:79:c2:06:13:ac:
62:3e:16:18:89:e9:c8:cc:f0:55:8e:52:45:68:ef:ca:0b:ef:
e1:6e:97:82:77:04:89:98:59:d7:21:dc:09:b1:05:96:e8:bc:
bf:1f:f7:be:f4:84:0d:42:14:36:7d:c2:7a:d2:9b:fd:6c:1b:
73:f8:1f:34:93:13:f3:ab:d5:05:c0:2b:c9:37:81:62:59:9c:
e8:df:0c:7a:6a:f3:e3:b4:47:46:16:04:94:d7:39:db:b4:f7:
47:dd:5f:5a:19:19:00:c8:f5:b2:d9:1d:e3:a2:32:74:59:95:
26:a6:02:6a:28:c6:ea:5f:2b:f8:a9:ce:ef:bd:52:ab:7d:3b:
42:46:e6:35:d4:8e:f5:6f:52:69:c2:04:8b:79:fe:20:ce:e3:
90:a6:10:58:a9:be:a4:a4:d0:b9:cd:44:d5:29:06:22:f0:f0:
eb:a3:68:8b:78:26:42:60:1d:f1:96:0d:45:1f:d5:5c:f6:06:
07:aa:44:74:42:86:ff:d3:c3:78:a1:cb:06:70:66:e3:f5:ca:
c1:f9:c2:a5:45:63:1f:3f:2b:81:f1:1d:99:97:70:45:e7:1b:
70:84:f5:55
-----BEGIN CERTIFICATE-----
MIIFRjCCBC6gAwIBAgISAYzDSPviKBOwsozrejEL2t5EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2YmEzZjgwMDM5YjllNzg0Y2ZiMjRiZjJjN2RkYjI0ZTE5
MDBhNzYwHhcNMjQwMTAxMDQyOTQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjA2ZGQyZjA3YTQ1ZWViZDU3NjA4MzkxYWQxNzhjMGIyOWQ0MTU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArFy0G40TtMCVxw4BXEdjGfbgvwgm
B0/njrXCJVs/HOX6P4MiI6oGIcX0hSQCy31DqBAR44R4/imTyfphVyEP9shTfdZv
ikPNUXb7/Ev+fZZfv+T94/7PhMmdezJgGWi/Em7PKszpgPqOVtYWdJjyGtCbFHo+
cW7WLTyI9tn5CgU/qZFUh7e8s44SeeNgDNVhgtvH1LGFKW72cy8tpVaO7yakc2Ih
uBEb464c3P3y5hsmuuJbOt8tcCf67R1rA0G4MrqaZamfyHqp+oDV8MPFTUBhVEEI
OV4dASfXVJcYBAnYCZ7yQj2Uzz2bip9X7sqPuElIsF2YqaieV2mZy3nXsQIDAQAB
o4ICUjCCAk4wHQYDVR0OBBYEFLYG3S8HpF7r1XYIORrReMCynUFWMB8GA1UdIwQY
MBaAFEa6P4ADm554TPskvyx92yThkAp2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUnJvX2dBT2JubmhNLXlTX0xIM2JKT0dRQ25ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS9jZmEyYWUtZTUyNC00YmQwLTg3NWIt
ODlhY2UzODIyMGZiLzEvdGdiZEx3ZWtYdXZWZGdnNUd0RjR3TEtkUVZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NS9jZmEyYWUtZTUyNC00YmQwLTg3NWItODlhY2UzODIyMGZi
LzEvUnJvX2dBT2JubmhNLXlTX0xIM2JKT0dRQ25ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGgGCCsGAQUFBwEHAQH/BFkwVzBGBAIAATBAAwQCVcZMAwQA
W+ZrAwQCXo1wAwQDsGVYMAwDBAO5PsgDBAC5PsoDBAK5ivwDBADCAdYwDAMEAdW4
mgMEBdW4gDANBAIAAjAHAwUAKgMHIDANBgkqhkiG9w0BAQsFAAOCAQEAkg9PHwP5
WLAH4g5faAv3PMUhyJjQ71XP//owRFLrFHnCBhOsYj4WGInpyMzwVY5SRWjvygvv
4W6XgncEiZhZ1yHcCbEFlui8vx/3vvSEDUIUNn3CetKb/Wwbc/gfNJMT86vVBcAr
yTeBYlmc6N8Memrz47RHRhYElNc527T3R91fWhkZAMj1stkd46IydFmVJqYCaijG
6l8r+KnO771Sq307QkbmNdSO9W9SacIEi3n+IM7jkKYQWKm+pKTQuc1E1SkGIvDw
66Noi3gmQmAd8ZYNRR/VXPYGB6pEdEKG/9PDeKHLBnBm4/XKwfnCpUVjHz8rgfEd
mZdwRecbcIT1VQ==
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:43:55 2024 by rpki-client on console-ams.rpki-client.org