Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/Twk3h9dcMCJOqQL1PY7rBA_4-30.roa
File: Twk3h9dcMCJOqQL1PY7rBA_4-30.roa (raw, json)
Hash identifier: 5oZyZBaLHFIW1aqLzo9F7lg0LvpP1C7gzJxno2BChyM=
Subject key identifier: 4F:09:37:87:D7:5C:30:22:4E:A9:02:F5:3D:8E:EB:04:0F:F8:FB:7D
Certificate issuer: /CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Certificate serial: 01912280FEBFD9E88079EE3A7FE3BAA9C855
Authority key identifier: 2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/Twk3h9dcMCJOqQL1PY7rBA_4-30.roa
Signing time: Mon 05 Aug 2024 12:26:04 +0000
ROA not before: Mon 05 Aug 2024 12:26:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209854
IP address blocks: 45.141.232.0/24 maxlen: 24
45.141.235.0/24 maxlen: 24
91.92.47.0/24 maxlen: 24
93.152.205.0/24 maxlen: 24
93.152.206.0/24 maxlen: 24
93.152.208.0/24 maxlen: 24
93.152.209.0/24 maxlen: 24
93.152.210.0/24 maxlen: 24
93.152.211.0/24 maxlen: 24
93.152.212.0/24 maxlen: 24
93.152.213.0/24 maxlen: 24
93.152.214.0/24 maxlen: 24
93.152.215.0/24 maxlen: 24
93.152.216.0/24 maxlen: 24
93.152.220.0/24 maxlen: 24
93.152.221.0/24 maxlen: 24
93.152.223.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.crl
rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.mft
rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:22:80:fe:bf:d9:e8:80:79:ee:3a:7f:e3:ba:a9:c8:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Validity
Not Before: Aug 5 12:26:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4f093787d75c30224ea902f53d8eeb040ff8fb7d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:dc:d1:44:66:6e:30:53:f0:2a:f2:b3:37:24:
a5:7e:40:45:2b:b3:28:f0:d0:9c:7a:de:21:39:b4:
84:c8:66:74:94:f9:74:05:3f:c1:07:00:f5:e9:a4:
63:fb:6c:3e:fb:80:4b:68:29:a6:2d:ea:65:9b:47:
8c:f0:7c:57:ca:26:38:8e:90:64:78:82:f7:65:e2:
6a:f5:a3:a1:14:4c:65:17:d0:87:93:14:d1:79:63:
90:22:1b:7b:8c:a8:48:3f:22:60:b3:d6:b5:c8:1d:
b6:a6:a7:a1:5b:ae:ef:d7:5d:02:e0:b0:e1:e8:27:
84:37:9e:7a:d9:c7:b1:e1:0a:c8:b6:58:08:5e:27:
18:fb:3b:ca:d5:77:af:95:5c:0a:77:d9:7c:bd:e3:
fc:0a:57:1b:54:99:7e:e8:7e:e8:0a:63:4e:7c:c6:
9b:bc:31:23:16:77:66:2e:dd:b5:64:f7:3f:cd:d7:
3d:c2:86:1d:09:df:0a:0c:62:84:3a:c1:05:bb:8b:
2f:0e:d9:a6:17:e4:37:7b:2b:ab:7b:fd:a4:07:29:
12:96:2e:0a:d5:92:63:5f:1a:a6:b9:45:2f:de:ec:
97:fb:53:1e:dd:d1:6a:8e:f5:1b:27:a6:22:02:44:
c9:c9:1f:ff:b7:6b:35:7a:44:5c:ab:ff:b7:e2:61:
6f:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:09:37:87:D7:5C:30:22:4E:A9:02:F5:3D:8E:EB:04:0F:F8:FB:7D
X509v3 Authority Key Identifier:
keyid:2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/Twk3h9dcMCJOqQL1PY7rBA_4-30.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.232.0/24
45.141.235.0/24
91.92.47.0/24
93.152.205.0-93.152.206.255
93.152.208.0-93.152.216.255
93.152.220.0/23
93.152.223.0/24
Signature Algorithm: sha256WithRSAEncryption
0b:71:d4:71:98:a9:db:f3:2b:39:6b:50:fe:b7:04:dd:75:bf:
9f:e9:90:49:53:1e:78:4c:45:d9:37:76:04:46:4f:31:76:a1:
48:79:ca:f6:3c:4d:4c:88:65:b8:c7:90:f6:7f:04:57:3d:36:
dd:e7:89:69:7f:83:39:6c:87:e9:84:72:04:ba:2b:1f:3b:1a:
f2:05:8e:d3:09:99:00:71:dd:cd:a6:2e:5e:ae:55:1c:d7:39:
ec:4b:a2:75:79:d8:10:e5:9a:1c:73:ce:15:33:0a:b7:da:39:
81:4f:5e:30:35:db:37:82:d7:ad:85:03:3e:56:5c:aa:d4:a5:
b0:d3:ef:5e:4c:9c:aa:a7:fb:28:47:94:4e:37:09:87:c1:7a:
67:2e:5b:6b:2f:28:3a:27:31:b4:0d:38:55:2a:9d:28:06:55:
02:84:a7:0c:12:9b:a6:10:ac:3b:e3:5f:e2:4b:30:ff:0b:27:
ca:22:3b:a2:f9:ec:31:ff:50:8d:ba:f0:23:74:be:13:7f:ae:
27:88:47:f7:d0:c9:47:31:2f:50:7e:b1:98:c4:73:d2:63:4d:
7c:04:70:4f:f1:66:ab:85:0b:86:37:ca:35:21:57:71:59:56:
01:a0:f1:6a:45:e7:82:25:47:6d:15:5f:aa:10:8f:b3:a7:7a:
bf:d7:09:95
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAZEigP6/2eiAee46f+O6qchVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkMWNhYTY5MzU4ZjhjOThmN2E3MTlmMjU5N2Q1ZGFkZGJk
MDAxOGMwHhcNMjQwODA1MTIyNjA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjA5Mzc4N2Q3NWMzMDIyNGVhOTAyZjUzZDhlZWIwNDBmZjhmYjdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw9zRRGZuMFPwKvKzNySlfkBFK7Mo
8NCcet4hObSEyGZ0lPl0BT/BBwD16aRj+2w++4BLaCmmLeplm0eM8HxXyiY4jpBk
eIL3ZeJq9aOhFExlF9CHkxTReWOQIht7jKhIPyJgs9a1yB22pqehW67v110C4LDh
6CeEN5562cex4QrItlgIXicY+zvK1XevlVwKd9l8veP8ClcbVJl+6H7oCmNOfMab
vDEjFndmLt21ZPc/zdc9woYdCd8KDGKEOsEFu4svDtmmF+Q3eyure/2kBykSli4K
1ZJjXxqmuUUv3uyX+1Me3dFqjvUbJ6YiAkTJyR//t2s1ekRcq/+34mFveQIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFE8JN4fXXDAiTqkC9T2O6wQP+Pt9MB8GA1UdIwQY
MBaAFC0cqmk1j4yY96cZ8ll9Xa3b0AGMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2Yjct
MjliMDg1ZGQyM2FkLzEvVHdrM2g5ZGNNQ0pPcVFMMVBZN3JCQV80LTMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2YjctMjliMDg1ZGQyM2Fk
LzEvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjBABAIAATA6AwQALY3oAwQA
LY3rAwQAW1wvMAwDBABdmM0DBABdmM4wDAMEBF2Y0AMEAF2Y2AMEAV2Y3AMEAF2Y
3zANBgkqhkiG9w0BAQsFAAOCAQEAC3HUcZip2/MrOWtQ/rcE3XW/n+mQSVMeeExF
2Td2BEZPMXahSHnK9jxNTIhluMeQ9n8EVz023eeJaX+DOWyH6YRyBLorHzsa8gWO
0wmZAHHdzaYuXq5VHNc57EuidXnYEOWaHHPOFTMKt9o5gU9eMDXbN4LXrYUDPlZc
qtSlsNPvXkycqqf7KEeUTjcJh8F6Zy5bay8oOicxtA04VSqdKAZVAoSnDBKbphCs
O+Nf4ksw/wsnyiI7ovnsMf9QjbrwI3S+E3+uJ4hH99DJRzEvUH6xmMRz0mNNfARw
T/Fmq4ULhjfKNSFXcVlWAaDxakXngiVHbRVfqhCPs6d6v9cJlQ==
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:11:03 2024 by rpki-client on console-fra.rpki-client.org