Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/TpBnLQfCSxdBDCqLyJBDv_TeBBw.roa
File: TpBnLQfCSxdBDCqLyJBDv_TeBBw.roa (raw, json)
Hash identifier: KP0PKvlglBjymTVXNJD7e2zc7upQ6kJkX31lVPTdSEc=
Subject key identifier: 4E:90:67:2D:07:C2:4B:17:41:0C:2A:8B:C8:90:43:BF:F4:DE:04:1C
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 0192BA4108997E9B12E3FFD37C5EA27C769F
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/TpBnLQfCSxdBDCqLyJBDv_TeBBw.roa
Signing time: Wed 23 Oct 2024 16:41:17 +0000
ROA not before: Wed 23 Oct 2024 16:41:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207569
IP address blocks: 5.180.136.0/24 maxlen: 24
5.180.137.0/24 maxlen: 24
5.252.116.0/24 maxlen: 24
45.9.74.0/24 maxlen: 24
45.89.64.0/24 maxlen: 24
45.133.245.0/24 maxlen: 24
45.133.246.0/24 maxlen: 24
46.17.106.0/24 maxlen: 24
85.209.0.0/24 maxlen: 24
95.214.8.0/24 maxlen: 24
139.28.220.0/24 maxlen: 24
139.28.221.0/24 maxlen: 24
185.17.2.0/24 maxlen: 24
185.58.207.0/24 maxlen: 24
185.94.167.0/24 maxlen: 24
185.104.250.0/24 maxlen: 24
185.105.118.0/24 maxlen: 24
185.125.228.0/24 maxlen: 24
185.125.231.0/24 maxlen: 24
185.188.181.0/24 maxlen: 24
193.109.84.0/24 maxlen: 24
193.124.180.0/24 maxlen: 24
193.124.181.0/24 maxlen: 24
194.53.54.0/24 maxlen: 24
194.67.200.0/24 maxlen: 24
195.66.87.0/24 maxlen: 24
2a0a:9300::/32 maxlen: 32
2a0a:9300:1::/48 maxlen: 48
2a0a:9300:aaaa::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.mft
rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 14:57:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:ba:41:08:99:7e:9b:12:e3:ff:d3:7c:5e:a2:7c:76:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Oct 23 16:41:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4e90672d07c24b17410c2a8bc89043bff4de041c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:56:ea:a2:20:90:ad:c3:29:04:fe:c9:9d:ce:
71:17:dc:ef:6a:33:0e:bb:b6:d0:c7:c0:a0:cd:3d:
69:25:c4:83:ed:26:29:f9:c7:63:f1:96:53:c5:b4:
b2:ea:e8:e5:64:4a:98:23:32:87:cc:8b:16:54:a7:
af:4b:e0:9c:95:a5:62:12:a8:fc:f4:c3:39:4e:4c:
cd:e2:28:36:d7:db:d7:c0:db:bd:d5:a4:1d:a5:ae:
a5:28:c1:34:53:12:b9:94:e8:82:3d:81:84:d8:a1:
e6:7f:df:5f:42:96:a5:e6:c1:46:65:28:c4:30:cd:
f1:47:04:12:ef:71:d3:e3:98:64:8b:16:f8:c6:14:
48:75:d8:ac:b7:05:c8:6a:f1:f6:e4:00:67:3e:81:
9f:ab:35:b1:52:a2:31:bd:3f:31:17:af:ed:0e:6a:
23:9d:c8:e9:b8:c9:54:74:c3:d0:6b:3b:a2:11:78:
57:df:0d:97:e5:b0:0f:98:22:bf:f7:c9:f6:42:8d:
56:71:9f:6f:28:3d:4d:bd:6f:b0:1e:55:c1:ce:6c:
8f:62:f2:e5:9d:6c:15:27:18:05:80:86:2d:83:8b:
45:1c:b2:80:b7:59:de:d1:3d:a6:f3:9d:a3:ba:7a:
b9:8b:f1:e0:08:3a:a6:db:6b:86:d3:ae:1b:62:2a:
77:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:90:67:2D:07:C2:4B:17:41:0C:2A:8B:C8:90:43:BF:F4:DE:04:1C
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/TpBnLQfCSxdBDCqLyJBDv_TeBBw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.136.0/23
5.252.116.0/24
45.9.74.0/24
45.89.64.0/24
45.133.245.0-45.133.246.255
46.17.106.0/24
85.209.0.0/24
95.214.8.0/24
139.28.220.0/23
185.17.2.0/24
185.58.207.0/24
185.94.167.0/24
185.104.250.0/24
185.105.118.0/24
185.125.228.0/24
185.125.231.0/24
185.188.181.0/24
193.109.84.0/24
193.124.180.0/23
194.53.54.0/24
194.67.200.0/24
195.66.87.0/24
IPv6:
2a0a:9300::/32
Signature Algorithm: sha256WithRSAEncryption
90:ab:40:31:b6:a7:f1:12:25:66:0e:cf:0c:d1:06:9f:01:f0:
6e:57:39:55:2b:08:98:60:4b:d8:f5:65:77:76:06:a1:f4:b1:
cc:a0:bf:d7:f0:63:f2:31:32:7a:59:2e:97:79:d4:13:26:0e:
3e:3a:66:c7:a7:7e:a2:00:36:70:50:2e:ec:ed:a5:b8:ac:0f:
3b:39:41:47:99:e7:10:bc:49:9c:57:4b:99:94:a2:a5:6f:17:
81:2a:78:7f:eb:f6:af:9a:4e:d4:4e:0a:99:b3:29:78:39:49:
66:df:74:74:68:8d:31:29:c3:29:c7:c5:cb:e9:7e:99:10:92:
1d:c0:af:fe:1b:7a:47:1c:5d:6f:7d:ef:aa:88:01:df:af:f4:
05:0d:ad:16:78:11:d9:cf:da:79:c0:4a:3e:bd:d4:ca:42:4c:
2a:be:cf:3e:5d:41:66:e7:4a:36:10:aa:2c:76:fa:b3:ac:ea:
0a:46:68:e7:7d:a4:7a:63:46:51:4b:85:ed:6d:27:89:11:c3:
ab:39:24:f3:c4:56:44:e6:84:89:21:be:da:3d:26:82:0d:85:
9b:fc:ea:a7:a4:48:2c:16:d4:c4:ca:c2:dd:da:10:bc:0a:1f:
c3:af:36:14:1c:9f:23:98:c4:8e:57:34:97:41:f3:54:e5:16:
0c:de:bc:17
-----BEGIN CERTIFICATE-----
MIIFlzCCBH+gAwIBAgISAZK6QQiZfpsS4//TfF6ifHafMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjQxMDIzMTY0MTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTkwNjcyZDA3YzI0YjE3NDEwYzJhOGJjODkwNDNiZmY0ZGUwNDFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu1bqoiCQrcMpBP7Jnc5xF9zvajMO
u7bQx8CgzT1pJcSD7SYp+cdj8ZZTxbSy6ujlZEqYIzKHzIsWVKevS+CclaViEqj8
9MM5TkzN4ig219vXwNu91aQdpa6lKME0UxK5lOiCPYGE2KHmf99fQpal5sFGZSjE
MM3xRwQS73HT45hkixb4xhRIddistwXIavH25ABnPoGfqzWxUqIxvT8xF6/tDmoj
ncjpuMlUdMPQazuiEXhX3w2X5bAPmCK/98n2Qo1WcZ9vKD1NvW+wHlXBzmyPYvLl
nWwVJxgFgIYtg4tFHLKAt1ne0T2m852junq5i/HgCDqm22uG064bYip3aQIDAQAB
o4ICozCCAp8wHQYDVR0OBBYEFE6QZy0HwksXQQwqi8iQQ7/03gQcMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvVHBCbkxRZkNTeGRCRENxTHlKQkR2X1RlQkJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG4BggrBgEFBQcBBwEB/wSBqDCBpTCBkwQCAAEwgYwDBAEF
tIgDBAAF/HQDBAAtCUoDBAAtWUAwDAMEAC2F9QMEAC2F9gMEAC4RagMEAFXRAAME
AF/WCAMEAYsc3AMEALkRAgMEALk6zwMEALlepwMEALlo+gMEALlpdgMEALl95AME
ALl95wMEALm8tQMEAMFtVAMEAcF8tAMEAMI1NgMEAMJDyAMEAMNCVzANBAIAAjAH
AwUAKgqTADANBgkqhkiG9w0BAQsFAAOCAQEAkKtAMban8RIlZg7PDNEGnwHwblc5
VSsImGBL2PVld3YGofSxzKC/1/Bj8jEyelkul3nUEyYOPjpmx6d+ogA2cFAu7O2l
uKwPOzlBR5nnELxJnFdLmZSipW8XgSp4f+v2r5pO1E4KmbMpeDlJZt90dGiNMSnD
KcfFy+l+mRCSHcCv/ht6Rxxdb33vqogB36/0BQ2tFngR2c/aecBKPr3UykJMKr7P
Pl1BZudKNhCqLHb6s6zqCkZo532kemNGUUuF7W0niRHDqzkk88RWROaEiSG+2j0m
gg2Fm/zqp6RILBbUxMrC3doQvAofw682FByfI5jEjlc0l0HzVOUWDN68Fw==
-----END CERTIFICATE-----
Generated at Mon Nov 25 17:03:04 2024 by rpki-client on console-ams.rpki-client.org