Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/ec48be-9250-4f7c-9c87-641b8e60d3e2/1/Ttwr_AOmuAJNU7xfvE7vQ7yxn68.roa
File: Ttwr_AOmuAJNU7xfvE7vQ7yxn68.roa (raw, json)
Hash identifier: DAsTgoaDez+skEZJSCYeQvPGbwIh0OkqI0SchCswLSA=
Subject key identifier: 4E:DC:2B:FC:03:A6:B8:02:4D:53:BC:5F:BC:4E:EF:43:BC:B1:9F:AF
Certificate issuer: /CN=94948e5f2fa04b222a6e96883b840f7124531556
Certificate serial: 01978C5CD501557C69B2E6E223CEF70C6211
Authority key identifier: 94:94:8E:5F:2F:A0:4B:22:2A:6E:96:88:3B:84:0F:71:24:53:15:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lJSOXy-gSyIqbpaIO4QPcSRTFVY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/ec48be-9250-4f7c-9c87-641b8e60d3e2/1/Ttwr_AOmuAJNU7xfvE7vQ7yxn68.roa
Signing time: Fri 20 Jun 2025 08:03:03 +0000
ROA not before: Fri 20 Jun 2025 08:03:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60117
IP address blocks: 185.45.192.0/24 maxlen: 24
185.45.194.0/24 maxlen: 24
185.45.195.0/24 maxlen: 24
185.82.200.0/24 maxlen: 24
185.82.202.0/24 maxlen: 24
185.106.120.0/24 maxlen: 24
185.106.122.0/24 maxlen: 24
185.106.123.0/24 maxlen: 24
185.117.72.0/24 maxlen: 24
185.117.73.0/24 maxlen: 24
185.141.24.0/24 maxlen: 24
185.141.27.0/24 maxlen: 24
185.183.97.0/24 maxlen: 24
185.183.98.0/24 maxlen: 24
185.198.56.0/24 maxlen: 24
185.198.58.0/24 maxlen: 24
185.198.59.0/24 maxlen: 24
185.244.148.0/24 maxlen: 24
185.244.149.0/24 maxlen: 24
185.244.151.0/24 maxlen: 24
188.116.36.0/24 maxlen: 24
194.36.188.0/24 maxlen: 24
194.36.190.0/24 maxlen: 24
194.36.191.0/24 maxlen: 24
212.8.251.0/24 maxlen: 24
2a03:660::/32 maxlen: 32
2a04:dd00::/29 maxlen: 29
2a04:dd00::/32 maxlen: 32
2a04:dd01::/32 maxlen: 32
2a04:dd02::/32 maxlen: 32
2a05:9340::/29 maxlen: 29
2a05:9340::/32 maxlen: 32
2a05:9341::/32 maxlen: 32
2a05:9342::/32 maxlen: 32
2a06:3d80::/29 maxlen: 29
2a0e:df40::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/ec48be-9250-4f7c-9c87-641b8e60d3e2/1/lJSOXy-gSyIqbpaIO4QPcSRTFVY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/ec48be-9250-4f7c-9c87-641b8e60d3e2/1/lJSOXy-gSyIqbpaIO4QPcSRTFVY.mft
rsync://rpki.ripe.net/repository/DEFAULT/lJSOXy-gSyIqbpaIO4QPcSRTFVY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:8c:5c:d5:01:55:7c:69:b2:e6:e2:23:ce:f7:0c:62:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94948e5f2fa04b222a6e96883b840f7124531556
Validity
Not Before: Jun 20 08:03:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4edc2bfc03a6b8024d53bc5fbc4eef43bcb19faf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:b0:ba:04:9a:39:b8:e8:a7:61:57:8f:5e:0f:
40:af:2c:3f:30:50:e3:c1:49:4d:91:e2:5f:6f:77:
56:a5:da:f3:f6:7e:3e:5a:70:c9:35:f5:19:09:50:
44:e9:47:40:4a:66:91:de:4f:05:34:66:b5:91:d2:
18:e3:6c:66:2a:c1:62:c8:d3:75:da:b2:c7:52:bc:
38:66:23:6b:5c:2e:80:a9:c0:c6:06:01:6c:78:cb:
e2:ed:26:07:fc:79:44:42:c4:85:7f:57:09:9b:28:
66:1a:d3:05:24:8a:d8:6e:a9:d5:a9:77:ab:77:e6:
70:31:8b:45:ef:0e:f7:3c:f2:94:4a:41:d6:43:8b:
25:87:d5:d7:d5:fb:86:a8:d4:bd:ea:c5:72:0b:69:
ce:29:b0:d9:d5:ff:6d:d2:f9:68:60:39:fa:38:ac:
8a:2f:fb:59:12:2d:aa:23:bc:c0:53:b1:a6:82:18:
ce:51:7c:db:b6:9e:0d:9f:9b:e8:83:8f:d3:7a:27:
d5:d2:d0:7b:45:a6:24:15:0b:61:ba:71:3d:1a:2b:
ac:51:1f:64:d9:c0:b7:a4:9c:8e:0b:64:71:35:fa:
1a:a0:33:e3:4a:27:d3:3d:29:75:3d:fa:50:ca:60:
f1:4e:e7:e4:da:b3:c1:36:a1:e0:9f:e1:4e:02:c8:
50:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:DC:2B:FC:03:A6:B8:02:4D:53:BC:5F:BC:4E:EF:43:BC:B1:9F:AF
X509v3 Authority Key Identifier:
keyid:94:94:8E:5F:2F:A0:4B:22:2A:6E:96:88:3B:84:0F:71:24:53:15:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lJSOXy-gSyIqbpaIO4QPcSRTFVY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/ec48be-9250-4f7c-9c87-641b8e60d3e2/1/Ttwr_AOmuAJNU7xfvE7vQ7yxn68.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/ec48be-9250-4f7c-9c87-641b8e60d3e2/1/lJSOXy-gSyIqbpaIO4QPcSRTFVY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.45.192.0/24
185.45.194.0/23
185.82.200.0/24
185.82.202.0/24
185.106.120.0/24
185.106.122.0/23
185.117.72.0/23
185.141.24.0/24
185.141.27.0/24
185.183.97.0-185.183.98.255
185.198.56.0/24
185.198.58.0/23
185.244.148.0/23
185.244.151.0/24
188.116.36.0/24
194.36.188.0/24
194.36.190.0/23
212.8.251.0/24
IPv6:
2a03:660::/32
2a04:dd00::/29
2a05:9340::/29
2a06:3d80::/29
2a0e:df40::/32
Signature Algorithm: sha256WithRSAEncryption
4b:01:47:ed:f6:b7:96:6b:64:56:9a:72:18:99:83:6a:42:5f:
4d:b8:06:49:50:cd:f9:de:a1:bf:a3:63:a8:b9:a4:b4:c2:13:
6c:0d:67:c2:55:2c:71:9d:a6:36:5d:81:fe:ed:b3:ee:0a:fa:
00:f9:ec:c2:e4:91:db:1a:2b:05:cc:6c:71:28:36:27:b1:5b:
a6:a1:c0:77:4b:4e:c2:c9:d9:2d:86:5e:ee:0e:52:15:17:ed:
5a:ed:96:64:ff:31:04:79:df:08:c5:5a:71:32:e8:18:e8:e6:
ae:71:17:a4:76:ad:fd:36:32:2b:94:74:5f:c1:02:27:9d:17:
53:86:b2:e5:7d:e5:c5:95:77:92:aa:f1:df:4c:d9:3e:62:c0:
d0:33:4a:b9:6e:3e:28:44:64:a8:c2:dd:2e:aa:04:20:2f:2b:
e5:db:5b:18:f8:fd:b0:63:c8:42:6e:90:3a:3e:cf:3d:2b:e1:
44:bd:35:24:ca:36:00:86:8f:ef:86:3a:45:66:f5:1a:3a:4c:
c4:be:8a:de:4d:f8:7e:66:18:b6:9d:a1:8f:3f:f1:3f:33:5b:
67:6f:7c:ca:4a:a0:b5:f8:3a:37:ab:4b:f1:6b:6b:d3:e0:fb:
7c:2d:7d:59:1b:e8:59:c3:fb:2d:4e:57:87:c8:bc:3b:8f:0e:
6f:9f:38:fa
-----BEGIN CERTIFICATE-----
MIIFmTCCBIGgAwIBAgISAZeMXNUBVXxpsubiI873DGIRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0OTQ4ZTVmMmZhMDRiMjIyYTZlOTY4ODNiODQwZjcxMjQ1
MzE1NTYwHhcNMjUwNjIwMDgwMzAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZWRjMmJmYzAzYTZiODAyNGQ1M2JjNWZiYzRlZWY0M2JjYjE5ZmFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvLC6BJo5uOinYVePXg9Aryw/MFDj
wUlNkeJfb3dWpdrz9n4+WnDJNfUZCVBE6UdASmaR3k8FNGa1kdIY42xmKsFiyNN1
2rLHUrw4ZiNrXC6AqcDGBgFseMvi7SYH/HlEQsSFf1cJmyhmGtMFJIrYbqnVqXer
d+ZwMYtF7w73PPKUSkHWQ4slh9XX1fuGqNS96sVyC2nOKbDZ1f9t0vloYDn6OKyK
L/tZEi2qI7zAU7GmghjOUXzbtp4Nn5vog4/TeifV0tB7RaYkFQthunE9GiusUR9k
2cC3pJyOC2RxNfoaoDPjSifTPSl1PfpQymDxTufk2rPBNqHgn+FOAshQ7wIDAQAB
o4ICpTCCAqEwHQYDVR0OBBYEFE7cK/wDprgCTVO8X7xO70O8sZ+vMB8GA1UdIwQY
MBaAFJSUjl8voEsiKm6WiDuED3EkUxVWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEpTT1h5LWdTeUlxYnBhSU80UVBjU1JURlZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9lYzQ4YmUtOTI1MC00ZjdjLTljODct
NjQxYjhlNjBkM2UyLzEvVHR3cl9BT211QUpOVTd4ZnZFN3ZRN3l4bjY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy9lYzQ4YmUtOTI1MC00ZjdjLTljODctNjQxYjhlNjBkM2Uy
LzEvbEpTT1h5LWdTeUlxYnBhSU80UVBjU1JURlZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG6BggrBgEFBQcBBwEB/wSBqjCBpzB6BAIAATB0AwQAuS3A
AwQBuS3CAwQAuVLIAwQAuVLKAwQAuWp4AwQBuWp6AwQBuXVIAwQAuY0YAwQAuY0b
MAwDBAC5t2EDBAC5t2IDBAC5xjgDBAG5xjoDBAG59JQDBAC59JcDBAC8dCQDBADC
JLwDBAHCJL4DBADUCPswKQQCAAIwIwMFACoDBmADBQMqBN0AAwUDKgWTQAMFAyoG
PYADBQAqDt9AMA0GCSqGSIb3DQEBCwUAA4IBAQBLAUft9reWa2RWmnIYmYNqQl9N
uAZJUM353qG/o2OouaS0whNsDWfCVSxxnaY2XYH+7bPuCvoA+ezC5JHbGisFzGxx
KDYnsVumocB3S07Cydkthl7uDlIVF+1a7ZZk/zEEed8IxVpxMugY6OaucRekdq39
NjIrlHRfwQInnRdThrLlfeXFlXeSqvHfTNk+YsDQM0q5bj4oRGSowt0uqgQgLyvl
21sY+P2wY8hCbpA6Ps89K+FEvTUkyjYAho/vhjpFZvUaOkzEvoreTfh+Zhi2naGP
P/E/M1tnb3zKSqC1+Do3q0vxa2vT4Pt8LX1ZG+hZw/stTleHyLw7jw5vnzj6
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:28:14 2025 by rpki-client