Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/tgTBKIP3EEogRqElPL6wOb0I8ak.roa
File: tgTBKIP3EEogRqElPL6wOb0I8ak.roa (raw, json)
Hash identifier: N5nSxLlebd4+pFLXBTio+NBd5elmr8FWVasEFc9jvcA=
Subject key identifier: B6:04:C1:28:83:F7:10:4A:20:46:A1:25:3C:BE:B0:39:BD:08:F1:A9
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018E6A347018162DCD3EC99A016A89A0E78F
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/tgTBKIP3EEogRqElPL6wOb0I8ak.roa
Signing time: Sat 23 Mar 2024 07:26:45 +0000
ROA not before: Sat 23 Mar 2024 07:26:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 54103
IP address blocks: 5.10.193.0/24 maxlen: 24
5.10.195.0/24 maxlen: 24
5.10.197.0/24 maxlen: 24
5.10.199.0/24 maxlen: 24
45.134.129.0/24 maxlen: 24
45.134.131.0/24 maxlen: 24
62.197.129.0/24 maxlen: 24
89.31.218.0/24 maxlen: 24
89.35.154.0/23 maxlen: 24
89.40.76.0/24 maxlen: 24
93.115.109.0/24 maxlen: 24
178.239.197.0/24 maxlen: 24
185.67.137.0/24 maxlen: 24
185.67.139.0/24 maxlen: 24
185.163.208.0/22 maxlen: 22
185.216.1.0/24 maxlen: 24
185.216.3.0/24 maxlen: 24
185.244.220.0/24 maxlen: 24
188.240.230.0/24 maxlen: 24
188.240.232.0/23 maxlen: 24
188.241.110.0/24 maxlen: 24
188.241.242.0/23 maxlen: 24
193.26.112.0/23 maxlen: 24
193.84.134.0/24 maxlen: 24
194.76.132.0/23 maxlen: 24
203.159.85.0/24 maxlen: 24
203.159.87.0/24 maxlen: 24
203.159.89.0/24 maxlen: 24
203.159.91.0/24 maxlen: 24
223.27.114.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.mft
rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 12:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:6a:34:70:18:16:2d:cd:3e:c9:9a:01:6a:89:a0:e7:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Mar 23 07:26:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b604c12883f7104a2046a1253cbeb039bd08f1a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:71:6a:91:75:e6:bf:9e:be:c0:b1:16:e8:b1:
82:62:61:37:4a:c8:0a:85:2f:7c:4c:97:5b:88:89:
db:31:97:d2:06:c5:1c:6c:67:a1:d1:97:62:29:b6:
e1:5a:87:39:e6:1e:bb:84:0d:d5:6c:45:d5:ee:03:
5f:10:9d:fc:4f:94:c4:b5:93:de:dd:41:a7:81:7a:
9b:d9:50:15:7c:1f:fe:db:91:22:08:72:49:90:c4:
17:19:b9:48:4d:51:be:bd:2f:b9:13:59:84:ab:73:
e2:39:f7:5a:44:43:cc:fa:0f:48:0a:41:3c:c0:a9:
cf:7e:80:c7:8c:f6:8e:10:c4:4e:40:c0:41:74:58:
86:1d:24:74:b8:50:71:76:ce:ef:64:f0:d4:cf:a4:
6f:e7:cb:5a:37:19:19:8e:92:2c:7f:5c:48:b8:78:
76:dc:9e:bd:3d:44:e1:94:4c:37:46:b8:2d:be:ed:
82:a2:03:d0:03:1c:c8:cf:ad:17:99:60:02:e0:f1:
d1:32:a4:0a:69:f6:13:84:0c:c6:9a:ce:ff:83:ee:
96:42:80:8e:34:17:6c:d7:45:e9:44:6d:7d:4f:99:
5c:8f:bc:1d:8e:bc:2e:36:b5:bf:29:cc:f6:ba:4b:
b6:b3:76:67:3f:98:b7:f9:5d:b6:27:9d:a2:7b:51:
a3:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:04:C1:28:83:F7:10:4A:20:46:A1:25:3C:BE:B0:39:BD:08:F1:A9
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/tgTBKIP3EEogRqElPL6wOb0I8ak.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.10.193.0/24
5.10.195.0/24
5.10.197.0/24
5.10.199.0/24
45.134.129.0/24
45.134.131.0/24
62.197.129.0/24
89.31.218.0/24
89.35.154.0/23
89.40.76.0/24
93.115.109.0/24
178.239.197.0/24
185.67.137.0/24
185.67.139.0/24
185.163.208.0/22
185.216.1.0/24
185.216.3.0/24
185.244.220.0/24
188.240.230.0/24
188.240.232.0/23
188.241.110.0/24
188.241.242.0/23
193.26.112.0/23
193.84.134.0/24
194.76.132.0/23
203.159.85.0/24
203.159.87.0/24
203.159.89.0/24
203.159.91.0/24
223.27.114.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:38:24:6a:c1:c9:c4:15:89:ed:de:90:97:c4:84:41:63:aa:
4a:03:47:56:d0:19:0e:4c:05:c7:b8:81:80:63:ef:a8:93:4d:
87:88:dd:60:08:ba:a6:b9:00:90:46:58:86:c4:5e:de:26:4b:
78:83:00:df:47:52:49:4b:ff:f7:6f:b9:61:bd:e0:8f:e3:e9:
cb:53:13:89:c8:03:97:be:57:7b:c0:76:bf:dc:f0:29:fc:2f:
0a:9d:3a:d7:42:60:6f:5f:34:22:e3:9b:14:2c:75:12:1f:ce:
3e:af:b8:79:c0:56:ef:04:31:93:8e:35:6b:71:6e:7e:73:f1:
d0:9a:89:24:26:07:4f:e2:e8:d5:82:9f:10:66:51:ed:ac:dd:
a4:19:e5:64:d0:7c:a9:5f:e1:fb:18:a0:16:47:fd:e1:8e:50:
9f:2e:0c:77:7a:7b:0a:fd:30:c1:df:c5:84:64:f2:67:9b:ea:
74:a7:9a:ad:60:84:59:f5:f4:d0:6b:9d:11:1d:53:9f:52:3a:
fe:de:f6:e4:24:60:39:b3:f2:cb:2a:a2:95:86:1f:e0:cf:b2:
2e:85:0f:29:33:09:b7:56:8e:ff:03:18:3a:dc:e8:20:c9:b5:
60:32:bf:65:33:3b:31:db:f7:44:a7:ad:68:c5:d0:4e:b9:a1:
41:2f:2e:6d
-----BEGIN CERTIFICATE-----
MIIFsDCCBJigAwIBAgISAY5qNHAYFi3NPsmaAWqJoOePMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjQwMzIzMDcyNjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjA0YzEyODgzZjcxMDRhMjA0NmExMjUzY2JlYjAzOWJkMDhmMWE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi3FqkXXmv56+wLEW6LGCYmE3SsgK
hS98TJdbiInbMZfSBsUcbGeh0ZdiKbbhWoc55h67hA3VbEXV7gNfEJ38T5TEtZPe
3UGngXqb2VAVfB/+25EiCHJJkMQXGblITVG+vS+5E1mEq3PiOfdaREPM+g9ICkE8
wKnPfoDHjPaOEMROQMBBdFiGHSR0uFBxds7vZPDUz6Rv58taNxkZjpIsf1xIuHh2
3J69PUThlEw3Rrgtvu2CogPQAxzIz60XmWAC4PHRMqQKafYThAzGms7/g+6WQoCO
NBds10XpRG19T5lcj7wdjrwuNrW/Kcz2uku2s3ZnP5i3+V22J52ie1GjBQIDAQAB
o4ICvDCCArgwHQYDVR0OBBYEFLYEwSiD9xBKIEahJTy+sDm9CPGpMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvdGdUQktJUDNFRW9nUnFFbFBMNndPYjBJOGFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHRBggrBgEFBQcBBwEB/wSBwTCBvjCBuwQCAAEwgbQDBAAF
CsEDBAAFCsMDBAAFCsUDBAAFCscDBAAthoEDBAAthoMDBAA+xYEDBABZH9oDBAFZ
I5oDBABZKEwDBABdc20DBACy78UDBAC5Q4kDBAC5Q4sDBAK5o9ADBAC52AEDBAC5
2AMDBAC59NwDBAC88OYDBAG88OgDBAC88W4DBAG88fIDBAHBGnADBADBVIYDBAHC
TIQDBADLn1UDBADLn1cDBADLn1kDBADLn1sDBADfG3IwDQYJKoZIhvcNAQELBQAD
ggEBAC04JGrBycQVie3ekJfEhEFjqkoDR1bQGQ5MBce4gYBj76iTTYeI3WAIuqa5
AJBGWIbEXt4mS3iDAN9HUklL//dvuWG94I/j6ctTE4nIA5e+V3vAdr/c8Cn8Lwqd
OtdCYG9fNCLjmxQsdRIfzj6vuHnAVu8EMZOONWtxbn5z8dCaiSQmB0/i6NWCnxBm
Ue2s3aQZ5WTQfKlf4fsYoBZH/eGOUJ8uDHd6ewr9MMHfxYRk8meb6nSnmq1ghFn1
9NBrnREdU59SOv7e9uQkYDmz8ssqopWGH+DPsi6FDykzCbdWjv8DGDrc6CDJtWAy
v2UzOzHb90SnrWjF0E65oUEvLm0=
-----END CERTIFICATE-----
Generated at Mon Nov 25 19:48:00 2024 by rpki-client on console-ams.rpki-client.org