Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/ttJaBHrt88xI7ARWLg2evLOXoIM.roa
File: ttJaBHrt88xI7ARWLg2evLOXoIM.roa (raw, json)
Hash identifier: pyFF0NqN1vOAvb1UZ+DfJnIFIpofIl/kLqLsl5HARm0=
Subject key identifier: B6:D2:5A:04:7A:ED:F3:CC:48:EC:04:56:2E:0D:9E:BC:B3:97:A0:83
Certificate issuer: /CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Certificate serial: 018CC26D57B0F3E7C854C06B89DADBC5E718
Authority key identifier: EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/ttJaBHrt88xI7ARWLg2evLOXoIM.roa
Signing time: Mon 01 Jan 2024 00:29:54 +0000
ROA not before: Mon 01 Jan 2024 00:29:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21769
IP address blocks: 185.199.116.0/22 maxlen: 22
103.41.44.0/22 maxlen: 22
194.93.4.0/22 maxlen: 22
103.63.28.0/22 maxlen: 22
45.127.248.0/22 maxlen: 22
185.195.212.0/22 maxlen: 22
103.71.61.0/24 maxlen: 24
185.195.220.0/22 maxlen: 22
185.196.188.0/22 maxlen: 22
2a09:1e80::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl
rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.mft
rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 May 2024 23:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:57:b0:f3:e7:c8:54:c0:6b:89:da:db:c5:e7:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Validity
Not Before: Jan 1 00:29:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b6d25a047aedf3cc48ec04562e0d9ebcb397a083
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:85:68:b9:32:06:d8:b4:8d:e9:8a:3b:97:0d:
8f:20:2f:9f:7d:97:62:66:9e:f4:a0:b1:41:72:95:
e4:5f:69:1c:e4:d7:88:c2:39:dd:18:b8:6c:21:5d:
8c:be:59:a2:d5:4f:95:f0:7a:c1:3c:df:34:cf:6c:
86:ab:8d:84:20:6e:33:06:86:2b:42:da:0a:5e:7b:
84:37:72:ca:a7:22:7c:40:00:5a:fb:1c:14:fa:8e:
1d:af:e6:74:aa:45:62:07:4c:82:80:16:b2:da:d3:
03:b0:46:de:2c:f8:de:59:cf:5c:aa:fc:a8:e6:33:
fc:b4:22:5d:76:3c:b3:d9:70:4c:86:4f:f3:a0:48:
9f:af:6c:65:22:e2:69:f1:bf:6b:99:30:86:1b:6c:
93:21:8d:b5:b8:c2:33:ec:b1:d0:97:f0:79:d2:0e:
f9:ba:fd:01:b3:ca:5c:77:b7:e1:cd:2d:ff:71:b7:
d6:27:59:87:e6:80:ea:59:ea:ee:cf:dd:f0:64:c3:
09:18:52:b2:d6:55:24:f5:02:33:e5:a2:f4:8b:a3:
93:d3:7d:f5:42:64:4c:cf:91:f4:78:73:3c:72:5b:
f1:94:1b:a6:37:74:29:d9:94:3b:4c:55:42:a6:83:
01:67:6a:2f:d6:ba:ab:c6:c1:0a:28:4d:31:f5:ea:
00:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:D2:5A:04:7A:ED:F3:CC:48:EC:04:56:2E:0D:9E:BC:B3:97:A0:83
X509v3 Authority Key Identifier:
keyid:EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/ttJaBHrt88xI7ARWLg2evLOXoIM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.127.248.0/22
103.41.44.0/22
103.63.28.0/22
103.71.61.0/24
185.195.212.0/22
185.195.220.0/22
185.196.188.0/22
185.199.116.0/22
194.93.4.0/22
IPv6:
2a09:1e80::/29
Signature Algorithm: sha256WithRSAEncryption
9d:63:a5:c3:9d:da:23:65:2d:e5:4b:04:aa:4a:b1:d0:3a:0f:
31:b1:44:e9:71:ab:f2:28:f9:f1:4d:1e:10:56:7d:66:48:c8:
5b:90:ab:f0:8d:38:8f:0b:b1:27:5e:4e:10:f8:7f:5b:7f:f3:
7e:e4:0a:6f:c9:d5:61:de:6d:0d:2f:2e:77:f4:40:86:ae:6d:
8c:1f:c6:a8:39:76:9c:cc:54:ae:d5:cc:8b:25:46:8b:c6:dc:
eb:85:ea:0c:62:44:71:d1:c7:3b:6b:73:79:09:a5:7e:91:5d:
69:f4:16:6e:ca:78:07:30:82:9b:e3:74:73:42:76:63:6a:00:
98:ce:0a:d6:1f:ff:0f:f0:ed:87:02:1d:04:97:df:1e:c0:ad:
00:b3:b4:7f:2f:f4:c6:a1:98:45:c1:59:d4:58:2a:8b:cd:94:
84:a6:e4:60:e6:5e:bb:8b:80:bc:dc:0a:72:c3:c4:ed:0e:79:
0c:2c:d8:9f:1a:50:eb:56:f3:f8:17:d9:ae:0e:2a:6a:0e:12:
fe:29:08:b0:b3:0d:10:ab:14:97:7e:2d:3a:1c:d9:6a:35:cb:
6b:60:a6:06:40:98:c6:5d:7c:40:b9:b6:46:50:01:fa:1d:b9:
6c:96:3b:f0:7f:95:4e:e9:83:0c:d1:aa:51:97:ba:41:c1:66:
22:f1:b3:5e
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAYzCbVew8+fIVMBridrbxecYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMWMzNDcyYzI1YWNkMzQ3MzY0YjdkNjMxMjYxOGFhMzUz
MGNiNjMwHhcNMjQwMTAxMDAyOTU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNmQyNWEwNDdhZWRmM2NjNDhlYzA0NTYyZTBkOWViY2IzOTdhMDgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmoVouTIG2LSN6Yo7lw2PIC+ffZdi
Zp70oLFBcpXkX2kc5NeIwjndGLhsIV2Mvlmi1U+V8HrBPN80z2yGq42EIG4zBoYr
QtoKXnuEN3LKpyJ8QABa+xwU+o4dr+Z0qkViB0yCgBay2tMDsEbeLPjeWc9cqvyo
5jP8tCJddjyz2XBMhk/zoEifr2xlIuJp8b9rmTCGG2yTIY21uMIz7LHQl/B50g75
uv0Bs8pcd7fhzS3/cbfWJ1mH5oDqWeruz93wZMMJGFKy1lUk9QIz5aL0i6OT0331
QmRMz5H0eHM8clvxlBumN3Qp2ZQ7TFVCpoMBZ2ov1rqrxsEKKE0x9eoAnwIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFLbSWgR67fPMSOwEVi4Nnryzl6CDMB8GA1UdIwQY
MBaAFO4cNHLCWs00c2S31jEmGKo1MMtjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYt
YjRiOGRiMjBiMWZiLzEvdHRKYUJIcnQ4OHhJN0FSV0xnMmV2TE9Yb0lNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYtYjRiOGRiMjBiMWZi
LzEvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTA8BAIAATA2AwQCLX/4AwQC
ZyksAwQCZz8cAwQAZ0c9AwQCucPUAwQCucPcAwQCucS8AwQCucd0AwQCwl0EMA0E
AgACMAcDBQMqCR6AMA0GCSqGSIb3DQEBCwUAA4IBAQCdY6XDndojZS3lSwSqSrHQ
Og8xsUTpcavyKPnxTR4QVn1mSMhbkKvwjTiPC7EnXk4Q+H9bf/N+5ApvydVh3m0N
Ly539ECGrm2MH8aoOXaczFSu1cyLJUaLxtzrheoMYkRx0cc7a3N5CaV+kV1p9BZu
yngHMIKb43RzQnZjagCYzgrWH/8P8O2HAh0El98ewK0As7R/L/TGoZhFwVnUWCqL
zZSEpuRg5l67i4C83Apyw8TtDnkMLNifGlDrVvP4F9muDipqDhL+KQiwsw0QqxSX
fi06HNlqNctrYKYGQJjGXXxAubZGUAH6Hblsljvwf5VO6YMM0apRl7pBwWYi8bNe
-----END CERTIFICATE-----
Generated at Fri May 17 07:52:58 2024 by rpki-client on console-ams.rpki-client.org