Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/8effe4-edbb-4dd4-85d4-48b8b5a9b411/1/TW4DMRPLhQsZqVVYI-SsKOU_Hc0.roa
File: TW4DMRPLhQsZqVVYI-SsKOU_Hc0.roa (raw, json)
Hash identifier: GKS9m4nCp8I8Hhegyj4a9DqTCmMuyThCz6zHCzd6M0c=
Subject key identifier: 4D:6E:03:31:13:CB:85:0B:19:A9:55:58:23:E4:AC:28:E5:3F:1D:CD
Certificate issuer: /CN=ddead919b85a13051d0208b7e28ddccb398b14d6
Certificate serial: 018CC94E5A847DD2CAE2683430C9393699B7
Authority key identifier: DD:EA:D9:19:B8:5A:13:05:1D:02:08:B7:E2:8D:DC:CB:39:8B:14:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3erZGbhaEwUdAgi34o3cyzmLFNY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/8effe4-edbb-4dd4-85d4-48b8b5a9b411/1/TW4DMRPLhQsZqVVYI-SsKOU_Hc0.roa
Signing time: Tue 02 Jan 2024 08:33:24 +0000
ROA not before: Tue 02 Jan 2024 08:33:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42845
IP address blocks: 193.28.233.0/24 maxlen: 24
45.137.144.0/22 maxlen: 22
77.74.208.0/21 maxlen: 24
185.135.124.0/22 maxlen: 22
37.157.224.0/21 maxlen: 24
185.40.224.0/22 maxlen: 22
185.232.224.0/22 maxlen: 22
194.150.92.0/22 maxlen: 22
89.46.96.0/22 maxlen: 24
95.128.144.0/21 maxlen: 24
185.185.116.0/22 maxlen: 22
2a00:7200::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a9/8effe4-edbb-4dd4-85d4-48b8b5a9b411/1/3erZGbhaEwUdAgi34o3cyzmLFNY.crl
rsync://rpki.ripe.net/repository/DEFAULT/a9/8effe4-edbb-4dd4-85d4-48b8b5a9b411/1/3erZGbhaEwUdAgi34o3cyzmLFNY.mft
rsync://rpki.ripe.net/repository/DEFAULT/3erZGbhaEwUdAgi34o3cyzmLFNY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 26 May 2024 05:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:5a:84:7d:d2:ca:e2:68:34:30:c9:39:36:99:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddead919b85a13051d0208b7e28ddccb398b14d6
Validity
Not Before: Jan 2 08:33:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4d6e033113cb850b19a9555823e4ac28e53f1dcd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:ee:4d:89:f3:e4:4a:15:f1:07:df:81:6a:63:
e4:21:a9:51:45:0a:d0:ce:1b:9d:41:c5:9e:45:df:
a7:90:51:34:68:9f:bd:ae:78:74:5f:c0:64:36:bf:
65:a8:b9:30:13:c3:4a:0c:03:36:84:0c:c6:62:77:
a9:03:0f:32:fc:d7:2c:b8:72:d2:38:23:4a:4a:3b:
24:c1:c7:2b:f3:5c:cc:54:2d:42:4e:87:aa:e5:a3:
81:0a:1d:6a:22:3c:bb:d2:bf:54:42:05:f7:68:b1:
2b:99:6e:01:e6:20:7e:a4:e7:1c:3c:c0:78:e2:82:
27:6a:c1:b1:4a:94:ee:03:9b:c6:7c:9b:57:5d:b8:
c4:b6:1f:79:d0:a7:30:bd:87:f9:b9:ca:b1:09:a3:
2d:a3:6f:b4:4e:0b:4a:78:62:67:06:b3:c4:1c:09:
bf:fa:e3:73:a9:83:e7:c6:d0:06:d7:9a:e5:d2:ef:
88:22:3d:62:d7:16:66:88:0c:3f:c0:22:41:b8:bd:
f9:4c:92:ca:73:77:d1:e7:1c:73:47:0e:4b:b8:8a:
34:4c:96:b7:99:cc:78:bc:1e:87:3f:18:03:db:86:
43:30:10:fb:b5:f6:62:e4:68:92:86:8c:a8:5f:23:
22:5f:f6:0c:12:86:32:8a:c3:89:7d:68:6d:a3:31:
97:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:6E:03:31:13:CB:85:0B:19:A9:55:58:23:E4:AC:28:E5:3F:1D:CD
X509v3 Authority Key Identifier:
keyid:DD:EA:D9:19:B8:5A:13:05:1D:02:08:B7:E2:8D:DC:CB:39:8B:14:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3erZGbhaEwUdAgi34o3cyzmLFNY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/8effe4-edbb-4dd4-85d4-48b8b5a9b411/1/TW4DMRPLhQsZqVVYI-SsKOU_Hc0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/8effe4-edbb-4dd4-85d4-48b8b5a9b411/1/3erZGbhaEwUdAgi34o3cyzmLFNY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.157.224.0/21
45.137.144.0/22
77.74.208.0/21
89.46.96.0/22
95.128.144.0/21
185.40.224.0/22
185.135.124.0/22
185.185.116.0/22
185.232.224.0/22
193.28.233.0/24
194.150.92.0/22
IPv6:
2a00:7200::/32
Signature Algorithm: sha256WithRSAEncryption
5d:28:46:7e:eb:43:23:f0:b0:62:86:14:48:8f:3d:ec:3e:d8:
95:06:0d:b5:e9:87:2c:22:8b:c3:85:0f:e2:e7:58:f3:af:85:
74:1d:39:a5:e7:76:cf:1a:25:e1:4d:ca:95:82:f3:6a:61:72:
4a:25:30:d8:81:2c:03:30:0d:24:be:e1:30:be:a4:12:a8:65:
f4:0b:aa:ba:b1:fe:9f:5b:87:45:89:dc:fd:70:d8:d9:f4:29:
ad:14:2d:77:4f:ee:2d:72:5d:8c:25:90:f7:07:5c:97:26:46:
c3:eb:64:58:47:aa:48:65:95:17:c7:d5:ef:90:6b:97:7f:08:
9b:97:14:ef:1b:19:e8:fa:86:cb:92:04:37:bc:68:98:03:56:
84:0a:ec:64:70:58:bd:cc:35:65:f8:91:6d:39:3b:06:dc:2d:
20:35:c1:d1:1d:e6:43:84:eb:68:99:02:4d:fe:1e:b9:35:f4:
9e:ef:2d:14:7c:c9:07:59:ea:a6:d2:fa:69:bf:25:4d:db:08:
79:cb:b1:a4:ce:17:fb:40:fa:14:ad:fe:a5:92:18:9b:ae:f4:
3b:be:be:33:d6:55:15:c1:2a:79:fb:6d:da:56:ea:0a:7f:4a:
67:0e:05:5f:e3:eb:27:17:b3:cd:99:65:3d:65:af:c0:9f:8a:
ac:23:7a:fc
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgISAYzJTlqEfdLK4mg0MMk5Npm3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkZWFkOTE5Yjg1YTEzMDUxZDAyMDhiN2UyOGRkY2NiMzk4
YjE0ZDYwHhcNMjQwMTAyMDgzMzI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDZlMDMzMTEzY2I4NTBiMTlhOTU1NTgyM2U0YWMyOGU1M2YxZGNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAne5NifPkShXxB9+BamPkIalRRQrQ
zhudQcWeRd+nkFE0aJ+9rnh0X8BkNr9lqLkwE8NKDAM2hAzGYnepAw8y/NcsuHLS
OCNKSjskwccr81zMVC1CToeq5aOBCh1qIjy70r9UQgX3aLErmW4B5iB+pOccPMB4
4oInasGxSpTuA5vGfJtXXbjEth950KcwvYf5ucqxCaMto2+0TgtKeGJnBrPEHAm/
+uNzqYPnxtAG15rl0u+IIj1i1xZmiAw/wCJBuL35TJLKc3fR5xxzRw5LuIo0TJa3
mcx4vB6HPxgD24ZDMBD7tfZi5GiShoyoXyMiX/YMEoYyisOJfWhtozGXGwIDAQAB
o4ICVDCCAlAwHQYDVR0OBBYEFE1uAzETy4ULGalVWCPkrCjlPx3NMB8GA1UdIwQY
MBaAFN3q2Rm4WhMFHQIIt+KN3Ms5ixTWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2VyWkdiaGFFd1VkQWdpMzRvM2N5em1MRk5ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS84ZWZmZTQtZWRiYi00ZGQ0LTg1ZDQt
NDhiOGI1YTliNDExLzEvVFc0RE1SUExoUXNacVZWWUktU3NLT1VfSGMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS84ZWZmZTQtZWRiYi00ZGQ0LTg1ZDQtNDhiOGI1YTliNDEx
LzEvM2VyWkdiaGFFd1VkQWdpMzRvM2N5em1MRk5ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGoGCCsGAQUFBwEHAQH/BFswWTBIBAIAATBCAwQDJZ3gAwQC
LYmQAwQDTUrQAwQCWS5gAwQDX4CQAwQCuSjgAwQCuYd8AwQCubl0AwQCuejgAwQA
wRzpAwQCwpZcMA0EAgACMAcDBQAqAHIAMA0GCSqGSIb3DQEBCwUAA4IBAQBdKEZ+
60Mj8LBihhRIjz3sPtiVBg216YcsIovDhQ/i51jzr4V0HTml53bPGiXhTcqVgvNq
YXJKJTDYgSwDMA0kvuEwvqQSqGX0C6q6sf6fW4dFidz9cNjZ9CmtFC13T+4tcl2M
JZD3B1yXJkbD62RYR6pIZZUXx9XvkGuXfwiblxTvGxno+obLkgQ3vGiYA1aECuxk
cFi9zDVl+JFtOTsG3C0gNcHRHeZDhOtomQJN/h65NfSe7y0UfMkHWeqm0vppvyVN
2wh5y7Gkzhf7QPoUrf6lkhibrvQ7vr4z1lUVwSp5+23aVuoKf0pnDgVf4+snF7PN
mWU9Za/An4qsI3r8
-----END CERTIFICATE-----
Generated at Sat May 25 10:36:19 2024 by rpki-client on console-ams.rpki-client.org