Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/caeeb6-8017-4c22-a81c-64075c2ae463/1/TTkJwDOEGa_qOqQDnu9NVrOJWEI.roa
File: TTkJwDOEGa_qOqQDnu9NVrOJWEI.roa (raw, json)
Hash identifier: 4+8ZRksJGKVtzFYMJx2y0TSxI9LTK7gq3i+ZQ0Vjdik=
Subject key identifier: 4D:39:09:C0:33:84:19:AF:EA:3A:A4:03:9E:EF:4D:56:B3:89:58:42
Certificate issuer: /CN=f26681caa1d37e5899ba27dfbc36960e06b5d3f2
Certificate serial: 018CC4936E932AB61E689F5CC3E2C1D4A15E
Authority key identifier: F2:66:81:CA:A1:D3:7E:58:99:BA:27:DF:BC:36:96:0E:06:B5:D3:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8maByqHTfliZuiffvDaWDga10_I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/caeeb6-8017-4c22-a81c-64075c2ae463/1/TTkJwDOEGa_qOqQDnu9NVrOJWEI.roa
Signing time: Mon 01 Jan 2024 10:30:45 +0000
ROA not before: Mon 01 Jan 2024 10:30:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57595
IP address blocks: 176.221.77.0/24 maxlen: 24
185.22.144.0/24 maxlen: 24
185.22.144.0/22 maxlen: 22
185.22.145.0/24 maxlen: 24
176.221.75.0/24 maxlen: 24
176.221.76.0/24 maxlen: 24
176.221.73.0/24 maxlen: 24
176.221.72.0/21 maxlen: 21
176.221.74.0/24 maxlen: 24
176.221.78.0/24 maxlen: 24
176.221.72.0/24 maxlen: 24
185.22.147.0/24 maxlen: 24
185.22.146.0/24 maxlen: 24
176.221.79.0/24 maxlen: 24
2a00:4440::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/caeeb6-8017-4c22-a81c-64075c2ae463/1/8maByqHTfliZuiffvDaWDga10_I.crl
rsync://rpki.ripe.net/repository/DEFAULT/bf/caeeb6-8017-4c22-a81c-64075c2ae463/1/8maByqHTfliZuiffvDaWDga10_I.mft
rsync://rpki.ripe.net/repository/DEFAULT/8maByqHTfliZuiffvDaWDga10_I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 25 May 2024 21:44:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:6e:93:2a:b6:1e:68:9f:5c:c3:e2:c1:d4:a1:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f26681caa1d37e5899ba27dfbc36960e06b5d3f2
Validity
Not Before: Jan 1 10:30:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4d3909c0338419afea3aa4039eef4d56b3895842
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:9f:08:6f:05:85:92:f7:42:3a:62:12:ef:36:
33:06:db:06:3c:34:ea:9f:cb:10:bb:91:b2:ef:80:
b9:53:50:a4:55:ec:e3:68:e8:ba:88:a8:63:d0:6f:
4d:ae:e8:b2:fb:4d:fe:6e:0c:53:12:37:cb:a3:17:
5a:7f:84:53:52:74:48:d3:46:fb:fe:76:f6:15:82:
42:dc:71:8a:c4:55:b5:70:f5:78:db:0f:e9:c6:19:
05:54:54:79:d2:2e:73:66:7a:36:33:12:fe:a8:83:
43:2b:08:b0:dc:6d:2d:a7:9f:94:f1:61:53:d3:99:
fc:8c:51:42:38:12:96:ac:b9:b1:5b:c0:d0:30:88:
59:2c:43:7a:ef:0f:b7:e5:94:f0:93:12:38:16:64:
b9:a0:47:5e:a5:49:dc:7c:f3:67:e0:7b:36:8c:b9:
1a:ca:bd:70:a8:4f:62:5f:cc:ed:ca:bb:a1:e1:f1:
2f:9f:14:c9:eb:95:29:a0:65:a9:0d:20:09:cf:7b:
a1:d5:43:1a:9b:d8:5b:e0:50:a2:c6:5c:b8:32:ba:
3a:ca:2c:e4:f2:f8:0f:f9:db:e1:de:df:36:85:b7:
76:e1:67:db:52:c2:3c:7e:a5:24:d9:62:8f:3a:4f:
a6:1c:ec:64:44:27:0b:83:36:3c:ce:33:c1:a5:7a:
50:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:39:09:C0:33:84:19:AF:EA:3A:A4:03:9E:EF:4D:56:B3:89:58:42
X509v3 Authority Key Identifier:
keyid:F2:66:81:CA:A1:D3:7E:58:99:BA:27:DF:BC:36:96:0E:06:B5:D3:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8maByqHTfliZuiffvDaWDga10_I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/caeeb6-8017-4c22-a81c-64075c2ae463/1/TTkJwDOEGa_qOqQDnu9NVrOJWEI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/caeeb6-8017-4c22-a81c-64075c2ae463/1/8maByqHTfliZuiffvDaWDga10_I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.221.72.0/21
185.22.144.0/22
IPv6:
2a00:4440::/32
Signature Algorithm: sha256WithRSAEncryption
c9:a9:00:ce:8f:5d:30:a8:25:63:94:ba:e6:0b:bd:f1:01:cf:
e6:46:a2:04:6a:4e:7b:95:16:df:9a:57:93:65:4b:58:e6:15:
34:56:9e:04:76:47:d3:d5:b7:81:94:47:8e:a7:19:95:24:7e:
26:fe:e1:d3:7a:cd:1a:be:21:8a:0b:ef:0d:48:17:0f:e5:bc:
ac:68:b5:9e:49:3f:df:a9:bf:1e:f2:93:d2:f2:ae:50:64:1a:
90:5c:b8:71:24:7e:07:10:d5:79:72:34:d6:8b:3c:08:11:b7:
f8:08:08:d1:15:90:1b:d4:81:2f:82:da:78:62:15:8b:f7:7a:
3d:70:08:7f:bd:9b:eb:60:fc:f0:fe:22:fd:bf:67:5d:31:9e:
37:e6:a2:ab:4c:3f:22:81:20:5e:09:b8:a1:48:d0:4e:f5:1d:
8b:82:90:18:d6:e8:7f:f7:2e:f5:ea:44:a4:8a:bc:84:ba:d4:
ad:b2:cc:3c:a5:56:6e:09:98:62:4a:d6:14:93:5e:00:1b:12:
a7:c9:44:37:da:bf:55:34:5b:8b:33:b1:2b:e0:99:b6:58:ec:
48:93:6b:75:4c:04:07:db:4c:ad:45:20:7a:c0:b8:b6:2f:3d:
76:8a:60:12:bc:83:a0:de:5b:74:8b:24:aa:d5:8c:0b:e5:ca:
b3:ba:54:f5
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzEk26TKrYeaJ9cw+LB1KFeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYyNjY4MWNhYTFkMzdlNTg5OWJhMjdkZmJjMzY5NjBlMDZi
NWQzZjIwHhcNMjQwMTAxMTAzMDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDM5MDljMDMzODQxOWFmZWEzYWE0MDM5ZWVmNGQ1NmIzODk1ODQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqp8IbwWFkvdCOmIS7zYzBtsGPDTq
n8sQu5Gy74C5U1CkVezjaOi6iKhj0G9Nruiy+03+bgxTEjfLoxdaf4RTUnRI00b7
/nb2FYJC3HGKxFW1cPV42w/pxhkFVFR50i5zZno2MxL+qINDKwiw3G0tp5+U8WFT
05n8jFFCOBKWrLmxW8DQMIhZLEN67w+35ZTwkxI4FmS5oEdepUncfPNn4Hs2jLka
yr1wqE9iX8ztyruh4fEvnxTJ65UpoGWpDSAJz3uh1UMam9hb4FCixly4Mro6yizk
8vgP+dvh3t82hbd24WfbUsI8fqUk2WKPOk+mHOxkRCcLgzY8zjPBpXpQyQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFE05CcAzhBmv6jqkA57vTVaziVhCMB8GA1UdIwQY
MBaAFPJmgcqh035Ymbon37w2lg4GtdPyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOG1hQnlxSFRmbGladWlmZnZEYVdEZ2ExMF9JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi9jYWVlYjYtODAxNy00YzIyLWE4MWMt
NjQwNzVjMmFlNDYzLzEvVFRrSndET0VHYV9xT3FRRG51OU5Wck9KV0VJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi9jYWVlYjYtODAxNy00YzIyLWE4MWMtNjQwNzVjMmFlNDYz
LzEvOG1hQnlxSFRmbGladWlmZnZEYVdEZ2ExMF9JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDsN1IAwQC
uRaQMA0EAgACMAcDBQAqAERAMA0GCSqGSIb3DQEBCwUAA4IBAQDJqQDOj10wqCVj
lLrmC73xAc/mRqIEak57lRbfmleTZUtY5hU0Vp4EdkfT1beBlEeOpxmVJH4m/uHT
es0aviGKC+8NSBcP5bysaLWeST/fqb8e8pPS8q5QZBqQXLhxJH4HENV5cjTWizwI
Ebf4CAjRFZAb1IEvgtp4YhWL93o9cAh/vZvrYPzw/iL9v2ddMZ435qKrTD8igSBe
CbihSNBO9R2LgpAY1uh/9y716kSkiryEutStssw8pVZuCZhiStYUk14AGxKnyUQ3
2r9VNFuLM7Er4Jm2WOxIk2t1TAQH20ytRSB6wLi2Lz12imASvIOg3lt0iySq1YwL
5cqzulT1
-----END CERTIFICATE-----
Generated at Sat May 25 06:25:56 2024 by rpki-client on console-ams.rpki-client.org