Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/ae18aa-7c15-4775-8fc5-772dcd3af5f6/1/TNkzBPyNieqNtFJ7OZ5WQ2BFAFM.roa
File: TNkzBPyNieqNtFJ7OZ5WQ2BFAFM.roa (raw, json)
Hash identifier: yD3hqpWrk6f2s5tXbai7Hu4KRhgeNHLLkovFRVk/JKU=
Subject key identifier: 4C:D9:33:04:FC:8D:89:EA:8D:B4:52:7B:39:9E:56:43:60:45:00:53
Certificate issuer: /CN=19610d638e2a2f95a3d90e4cff9959a859fac4f0
Certificate serial: 019427A911A216B378EFD6449C54D4D9AC11
Authority key identifier: 19:61:0D:63:8E:2A:2F:95:A3:D9:0E:4C:FF:99:59:A8:59:FA:C4:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GWENY44qL5Wj2Q5M_5lZqFn6xPA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/ae18aa-7c15-4775-8fc5-772dcd3af5f6/1/TNkzBPyNieqNtFJ7OZ5WQ2BFAFM.roa
Signing time: Thu 02 Jan 2025 15:36:19 +0000
ROA not before: Thu 02 Jan 2025 15:36:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 45.144.204.0/24 maxlen: 24
45.144.205.0/24 maxlen: 24
45.144.206.0/24 maxlen: 24
45.144.207.0/24 maxlen: 24
45.152.156.0/24 maxlen: 24
45.152.157.0/24 maxlen: 24
45.152.158.0/24 maxlen: 24
45.152.159.0/24 maxlen: 24
185.158.252.0/24 maxlen: 24
185.158.253.0/24 maxlen: 24
185.158.254.0/24 maxlen: 24
185.158.255.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cd/ae18aa-7c15-4775-8fc5-772dcd3af5f6/1/GWENY44qL5Wj2Q5M_5lZqFn6xPA.crl
rsync://rpki.ripe.net/repository/DEFAULT/cd/ae18aa-7c15-4775-8fc5-772dcd3af5f6/1/GWENY44qL5Wj2Q5M_5lZqFn6xPA.mft
rsync://rpki.ripe.net/repository/DEFAULT/GWENY44qL5Wj2Q5M_5lZqFn6xPA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:a9:11:a2:16:b3:78:ef:d6:44:9c:54:d4:d9:ac:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19610d638e2a2f95a3d90e4cff9959a859fac4f0
Validity
Not Before: Jan 2 15:36:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4cd93304fc8d89ea8db4527b399e564360450053
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:2d:ad:61:3a:b7:77:21:6c:ad:46:b7:99:fd:
e7:ac:24:2b:0d:d3:67:a9:b2:f1:73:ef:8a:6d:64:
db:44:30:52:da:82:d8:87:93:2d:82:a3:45:d9:bf:
03:63:07:bc:5c:bd:06:8e:f3:8c:b4:79:b8:e2:78:
05:b0:85:e7:7d:1d:80:ad:cd:67:d0:99:a3:07:b2:
93:bd:b5:46:88:4a:bb:a1:9f:7c:30:ef:9f:ac:d0:
a6:b8:45:dc:99:97:6c:f9:81:d8:af:ff:6c:70:5c:
36:86:fb:05:e3:a6:98:a9:7a:94:f8:f0:63:72:ce:
26:5c:b3:cc:46:56:6e:31:13:aa:a4:67:5f:6b:01:
43:64:34:7b:5a:09:ed:0d:7e:b3:1b:f6:9c:fd:0c:
46:46:c9:9e:dc:85:7d:43:38:a9:77:56:db:b4:39:
0a:d4:64:64:8a:75:f7:45:45:85:57:5b:59:31:0d:
50:0f:c8:99:7c:c5:bb:ad:70:11:36:b2:8c:db:9e:
1e:54:43:57:0b:23:e0:2c:37:02:16:54:c2:d7:2f:
da:e3:45:e1:9f:a6:1a:67:78:e6:98:84:c0:2d:ec:
6c:b4:37:52:e6:21:0f:14:df:4e:8e:6e:86:30:ee:
0c:81:06:9c:cb:63:73:e1:29:5a:47:c7:a6:01:0f:
e6:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:D9:33:04:FC:8D:89:EA:8D:B4:52:7B:39:9E:56:43:60:45:00:53
X509v3 Authority Key Identifier:
keyid:19:61:0D:63:8E:2A:2F:95:A3:D9:0E:4C:FF:99:59:A8:59:FA:C4:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GWENY44qL5Wj2Q5M_5lZqFn6xPA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/ae18aa-7c15-4775-8fc5-772dcd3af5f6/1/TNkzBPyNieqNtFJ7OZ5WQ2BFAFM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/ae18aa-7c15-4775-8fc5-772dcd3af5f6/1/GWENY44qL5Wj2Q5M_5lZqFn6xPA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.144.204.0/22
45.152.156.0/22
185.158.252.0/22
Signature Algorithm: sha256WithRSAEncryption
13:1f:ab:db:6a:aa:84:a2:3e:7c:ab:e4:ae:69:7e:75:84:1a:
e9:7b:bf:56:f6:66:28:dd:b4:4a:7a:8d:8c:b5:e0:c2:8d:75:
2e:a8:04:fa:3f:e4:68:be:cc:59:46:7f:bf:ab:4a:4d:2f:45:
b2:10:f0:52:db:9f:26:49:d3:88:7d:ba:9f:57:2a:3a:4c:71:
fe:ff:8d:67:36:62:6d:7d:35:ac:64:5f:1b:38:6a:e6:3f:a8:
ba:5b:b5:b7:2f:cc:4b:e4:9f:d9:fa:70:85:fb:b8:80:b2:41:
2e:ab:c3:84:61:dc:54:50:6f:e9:93:e6:03:cc:87:2a:01:98:
c4:4d:00:c5:09:88:1d:33:f9:bb:75:bb:2c:dd:ec:75:99:65:
ee:02:ee:d2:39:1a:98:18:a8:21:5a:ff:56:0b:f7:98:32:21:
0c:d9:df:12:3e:ce:21:5a:2f:7a:ca:83:e2:00:80:a8:32:60:
5b:e0:dc:e9:8f:c6:66:e3:a9:a9:30:3a:83:71:04:0a:4f:35:
80:aa:e3:34:9c:55:ef:b0:f2:2d:60:e1:a4:4a:52:90:07:07:
0e:5b:19:b5:62:fc:67:2a:d4:ad:c0:54:0c:1a:41:d3:0e:91:
d1:4c:7c:5e:fc:89:98:76:70:04:0a:67:bb:0a:33:94:ba:57:
5d:14:21:1c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQnqRGiFrN479ZEnFTU2awRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5NjEwZDYzOGUyYTJmOTVhM2Q5MGU0Y2ZmOTk1OWE4NTlm
YWM0ZjAwHhcNMjUwMTAyMTUzNjE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Y2Q5MzMwNGZjOGQ4OWVhOGRiNDUyN2IzOTllNTY0MzYwNDUwMDUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2y2tYTq3dyFsrUa3mf3nrCQrDdNn
qbLxc++KbWTbRDBS2oLYh5MtgqNF2b8DYwe8XL0GjvOMtHm44ngFsIXnfR2Arc1n
0JmjB7KTvbVGiEq7oZ98MO+frNCmuEXcmZds+YHYr/9scFw2hvsF46aYqXqU+PBj
cs4mXLPMRlZuMROqpGdfawFDZDR7WgntDX6zG/ac/QxGRsme3IV9Qzipd1bbtDkK
1GRkinX3RUWFV1tZMQ1QD8iZfMW7rXARNrKM254eVENXCyPgLDcCFlTC1y/a40Xh
n6YaZ3jmmITALexstDdS5iEPFN9Ojm6GMO4MgQacy2Nz4SlaR8emAQ/mPwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEzZMwT8jYnqjbRSezmeVkNgRQBTMB8GA1UdIwQY
MBaAFBlhDWOOKi+Vo9kOTP+ZWahZ+sTwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR1dFTlk0NHFMNVdqMlE1TV81bFpxRm42eFBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC9hZTE4YWEtN2MxNS00Nzc1LThmYzUt
NzcyZGNkM2FmNWY2LzEvVE5rekJQeU5pZXFOdEZKN09aNVdRMkJGQUZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC9hZTE4YWEtN2MxNS00Nzc1LThmYzUtNzcyZGNkM2FmNWY2
LzEvR1dFTlk0NHFMNVdqMlE1TV81bFpxRm42eFBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCLZDMAwQC
LZicAwQCuZ78MA0GCSqGSIb3DQEBCwUAA4IBAQATH6vbaqqEoj58q+SuaX51hBrp
e79W9mYo3bRKeo2MteDCjXUuqAT6P+RovsxZRn+/q0pNL0WyEPBS258mSdOIfbqf
Vyo6THH+/41nNmJtfTWsZF8bOGrmP6i6W7W3L8xL5J/Z+nCF+7iAskEuq8OEYdxU
UG/pk+YDzIcqAZjETQDFCYgdM/m7dbss3ex1mWXuAu7SORqYGKghWv9WC/eYMiEM
2d8SPs4hWi96yoPiAICoMmBb4Nzpj8Zm46mpMDqDcQQKTzWAquM0nFXvsPItYOGk
SlKQBwcOWxm1YvxnKtStwFQMGkHTDpHRTHxe/ImYdnAECme7CjOUulddFCEc
-----END CERTIFICATE-----
Generated at Sun Feb 2 10:05:14 2025 by rpki-client