Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/09200e-999d-4b45-a741-85a955f2163b/1/TMzi1IVQ71J13Vc5pdXYCWaIVMA.roa
File: TMzi1IVQ71J13Vc5pdXYCWaIVMA.roa (raw, json)
Hash identifier: ujBEo020KSu5+yzi4GP7sIWbkjyOBc7kBqe64svsXdU=
Subject key identifier: 4C:CC:E2:D4:85:50:EF:52:75:DD:57:39:A5:D5:D8:09:66:88:54:C0
Certificate issuer: /CN=dcb65a90ed3cf4ae0452554ee34b92a8476dcf10
Certificate serial: 01906568B2591BF73C2B31301576BD69CFA3
Authority key identifier: DC:B6:5A:90:ED:3C:F4:AE:04:52:55:4E:E3:4B:92:A8:47:6D:CF:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3LZakO089K4EUlVO40uSqEdtzxA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/09200e-999d-4b45-a741-85a955f2163b/1/TMzi1IVQ71J13Vc5pdXYCWaIVMA.roa
Signing time: Sat 29 Jun 2024 19:11:18 +0000
ROA not before: Sat 29 Jun 2024 19:11:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205473
IP address blocks: 37.77.64.0/24 maxlen: 24
37.77.65.0/24 maxlen: 24
37.77.66.0/24 maxlen: 24
37.77.67.0/24 maxlen: 24
37.77.68.0/24 maxlen: 24
37.77.69.0/24 maxlen: 24
37.77.70.0/24 maxlen: 24
37.77.71.0/24 maxlen: 24
37.77.72.0/24 maxlen: 24
37.77.73.0/24 maxlen: 24
37.77.74.0/24 maxlen: 24
37.77.75.0/24 maxlen: 24
37.77.76.0/24 maxlen: 24
37.77.77.0/24 maxlen: 24
37.77.78.0/24 maxlen: 24
37.77.79.0/24 maxlen: 24
185.217.88.0/22 maxlen: 22
185.217.88.0/23 maxlen: 23
185.217.88.0/24 maxlen: 24
185.217.89.0/24 maxlen: 24
185.217.90.0/23 maxlen: 23
185.217.90.0/24 maxlen: 24
185.217.91.0/24 maxlen: 24
194.113.196.0/22 maxlen: 22
194.113.196.0/23 maxlen: 23
194.113.196.0/24 maxlen: 24
194.113.197.0/24 maxlen: 24
194.113.198.0/23 maxlen: 23
194.113.198.0/24 maxlen: 24
194.113.199.0/24 maxlen: 24
2a0b:c640::/32 maxlen: 32
2a0b:c641::/32 maxlen: 32
2a0b:c642::/32 maxlen: 32
2a0b:c643::/32 maxlen: 32
2a0b:c644::/32 maxlen: 32
2a0b:c645::/32 maxlen: 32
2a0b:c646::/32 maxlen: 32
2a0b:c647::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f2/09200e-999d-4b45-a741-85a955f2163b/1/3LZakO089K4EUlVO40uSqEdtzxA.crl
rsync://rpki.ripe.net/repository/DEFAULT/f2/09200e-999d-4b45-a741-85a955f2163b/1/3LZakO089K4EUlVO40uSqEdtzxA.mft
rsync://rpki.ripe.net/repository/DEFAULT/3LZakO089K4EUlVO40uSqEdtzxA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:65:68:b2:59:1b:f7:3c:2b:31:30:15:76:bd:69:cf:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dcb65a90ed3cf4ae0452554ee34b92a8476dcf10
Validity
Not Before: Jun 29 19:11:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4ccce2d48550ef5275dd5739a5d5d809668854c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:c8:da:58:48:88:98:df:85:ed:46:92:17:53:
ec:df:3f:89:b9:ae:f7:2d:68:34:95:5c:33:f5:68:
a6:79:ea:81:a9:b6:39:05:08:3d:5c:8d:f8:0c:72:
0e:bc:a1:70:8f:e3:5e:76:77:2c:15:dc:cd:18:03:
8b:02:d0:b2:12:4e:25:72:1e:4f:1b:bb:8e:2e:cb:
57:60:50:c8:a3:40:90:f4:8a:da:56:e7:3b:21:88:
e7:74:08:aa:d8:3d:5e:af:9f:42:48:d3:45:54:17:
82:66:45:95:7e:50:93:1a:f4:a8:45:3b:a9:1a:d6:
14:3d:88:6b:f8:08:1f:ae:f7:18:4c:84:a9:94:b7:
1f:a5:eb:4a:af:07:ca:9f:84:83:77:1b:7a:2c:08:
98:a3:e0:17:cd:be:c6:12:bc:8a:02:75:40:02:15:
28:b5:20:6a:03:ad:e7:8c:0e:52:3b:e2:18:a8:1a:
a5:03:92:24:39:65:12:e5:ea:c6:81:a6:e6:23:d3:
2a:ce:4c:3b:27:7a:6d:f1:94:3c:e8:20:e2:8d:7c:
28:78:2d:8a:80:e7:af:0c:7c:cc:13:8a:03:e5:47:
20:93:b3:b2:d9:12:b8:a5:48:e5:73:fe:52:ff:ea:
86:f4:fa:2b:d2:2e:d3:f8:04:fd:de:12:99:07:a6:
5e:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:CC:E2:D4:85:50:EF:52:75:DD:57:39:A5:D5:D8:09:66:88:54:C0
X509v3 Authority Key Identifier:
keyid:DC:B6:5A:90:ED:3C:F4:AE:04:52:55:4E:E3:4B:92:A8:47:6D:CF:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3LZakO089K4EUlVO40uSqEdtzxA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/09200e-999d-4b45-a741-85a955f2163b/1/TMzi1IVQ71J13Vc5pdXYCWaIVMA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/09200e-999d-4b45-a741-85a955f2163b/1/3LZakO089K4EUlVO40uSqEdtzxA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.77.64.0/20
185.217.88.0/22
194.113.196.0/22
IPv6:
2a0b:c640::/29
Signature Algorithm: sha256WithRSAEncryption
52:bf:68:a8:1f:da:95:69:82:f8:fd:94:10:ce:8f:70:a0:42:
09:e4:58:a3:dc:75:66:40:80:c1:18:7a:4a:79:00:52:4d:40:
52:65:df:ea:16:c7:33:d7:5a:fe:7f:17:33:6b:2d:0d:09:17:
f7:a8:05:a9:a8:ac:65:cf:08:0c:0a:0d:4e:09:6f:7c:17:2c:
c7:c6:63:e1:7a:fc:14:3c:e6:97:6d:16:1c:8f:37:35:9d:97:
c7:94:fe:78:5f:7f:b6:8d:a9:80:7a:f8:50:da:e2:cc:74:7b:
d0:0d:0a:93:73:c6:ea:a5:54:5c:b8:39:1f:d9:94:0b:c7:5a:
0e:dd:a3:74:31:54:c7:89:99:f2:f6:77:65:9b:88:12:89:e1:
60:5a:20:4b:43:6a:ac:97:18:99:1f:b2:8b:86:49:aa:f8:f8:
49:62:6c:5a:b3:cb:e4:15:c9:16:9a:d5:46:96:e4:d6:8c:e1:
f6:bf:f9:bd:23:39:e9:39:3e:77:8a:0f:ec:a9:f3:52:36:59:
65:97:6d:a0:4d:e6:75:98:be:1d:16:3c:3c:fa:a0:36:9c:ce:
00:e9:65:a9:99:fd:05:d7:e2:f2:ba:69:ff:30:40:56:17:f5:
8d:f2:6a:b2:71:99:22:15:d8:5e:0d:2a:fe:ae:7d:79:26:33:
c5:bb:34:03
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZBlaLJZG/c8KzEwFXa9ac+jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjYjY1YTkwZWQzY2Y0YWUwNDUyNTU0ZWUzNGI5MmE4NDc2
ZGNmMTAwHhcNMjQwNjI5MTkxMTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Y2NjZTJkNDg1NTBlZjUyNzVkZDU3MzlhNWQ1ZDgwOTY2ODg1NGMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0sjaWEiImN+F7UaSF1Ps3z+Jua73
LWg0lVwz9WimeeqBqbY5BQg9XI34DHIOvKFwj+NedncsFdzNGAOLAtCyEk4lch5P
G7uOLstXYFDIo0CQ9IraVuc7IYjndAiq2D1er59CSNNFVBeCZkWVflCTGvSoRTup
GtYUPYhr+AgfrvcYTISplLcfpetKrwfKn4SDdxt6LAiYo+AXzb7GEryKAnVAAhUo
tSBqA63njA5SO+IYqBqlA5IkOWUS5erGgabmI9Mqzkw7J3pt8ZQ86CDijXwoeC2K
gOevDHzME4oD5Ucgk7Oy2RK4pUjlc/5S/+qG9Por0i7T+AT93hKZB6ZeUQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFEzM4tSFUO9Sdd1XOaXV2AlmiFTAMB8GA1UdIwQY
MBaAFNy2WpDtPPSuBFJVTuNLkqhHbc8QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0xaYWtPMDg5SzRFVWxWTzQwdVNxRWR0enhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi8wOTIwMGUtOTk5ZC00YjQ1LWE3NDEt
ODVhOTU1ZjIxNjNiLzEvVE16aTFJVlE3MUoxM1ZjNXBkWFlDV2FJVk1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi8wOTIwMGUtOTk5ZC00YjQ1LWE3NDEtODVhOTU1ZjIxNjNi
LzEvM0xaYWtPMDg5SzRFVWxWTzQwdVNxRWR0enhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQEJU1AAwQC
udlYAwQCwnHEMA0EAgACMAcDBQMqC8ZAMA0GCSqGSIb3DQEBCwUAA4IBAQBSv2io
H9qVaYL4/ZQQzo9woEIJ5Fij3HVmQIDBGHpKeQBSTUBSZd/qFscz11r+fxczay0N
CRf3qAWpqKxlzwgMCg1OCW98FyzHxmPhevwUPOaXbRYcjzc1nZfHlP54X3+2jamA
evhQ2uLMdHvQDQqTc8bqpVRcuDkf2ZQLx1oO3aN0MVTHiZny9ndlm4gSieFgWiBL
Q2qslxiZH7KLhkmq+PhJYmxas8vkFckWmtVGluTWjOH2v/m9IznpOT53ig/sqfNS
Nllll22gTeZ1mL4dFjw8+qA2nM4A6WWpmf0F1+Lyumn/MEBWF/WN8mqycZkiFdhe
DSr+rn15JjPFuzQD
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:42:21 2024 by rpki-client on console-fra.rpki-client.org