Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/a168e9-d070-44e0-94a4-6c8fd84bb5f5/1/TMNSKyVX4LpobgHg4CNCCGUl98Y.roa
File: TMNSKyVX4LpobgHg4CNCCGUl98Y.roa (raw, json)
Hash identifier: po+r42F1HfrHn/Wl22NntOY2suaIZLbUhmmqENjIvPM=
Subject key identifier: 4C:C3:52:2B:25:57:E0:BA:68:6E:01:E0:E0:23:42:08:65:25:F7:C6
Certificate issuer: /CN=5e8d07b45f7d83124c9f8c0fac03bec02468b37e
Certificate serial: 018CC86EFF404F4AB7C5FD9EE86064CAF146
Authority key identifier: 5E:8D:07:B4:5F:7D:83:12:4C:9F:8C:0F:AC:03:BE:C0:24:68:B3:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xo0HtF99gxJMn4wPrAO-wCRos34.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/a168e9-d070-44e0-94a4-6c8fd84bb5f5/1/TMNSKyVX4LpobgHg4CNCCGUl98Y.roa
Signing time: Tue 02 Jan 2024 04:29:26 +0000
ROA not before: Tue 02 Jan 2024 04:29:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8330
IP address blocks: 5.57.88.0/21 maxlen: 21
193.203.5.0/24 maxlen: 24
2001:7f8:17::/48 maxlen: 48
2a00:eb20:abcd::/48 maxlen: 48
2a00:eb20::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/12/a168e9-d070-44e0-94a4-6c8fd84bb5f5/1/Xo0HtF99gxJMn4wPrAO-wCRos34.crl
rsync://rpki.ripe.net/repository/DEFAULT/12/a168e9-d070-44e0-94a4-6c8fd84bb5f5/1/Xo0HtF99gxJMn4wPrAO-wCRos34.mft
rsync://rpki.ripe.net/repository/DEFAULT/Xo0HtF99gxJMn4wPrAO-wCRos34.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 22:02:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6e:ff:40:4f:4a:b7:c5:fd:9e:e8:60:64:ca:f1:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5e8d07b45f7d83124c9f8c0fac03bec02468b37e
Validity
Not Before: Jan 2 04:29:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4cc3522b2557e0ba686e01e0e02342086525f7c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:48:a4:86:d9:61:e6:75:d4:e2:31:1e:61:29:
29:6f:77:ff:d5:24:87:f7:61:04:03:62:00:0b:83:
f1:24:a2:a5:07:87:37:81:b4:83:b4:cc:0b:57:be:
04:33:58:8c:09:f4:8a:e5:9e:21:52:fd:c7:94:15:
0c:8f:cf:8d:b0:19:ea:ed:b3:0e:17:5e:55:f7:f4:
40:f7:a1:ac:89:20:2a:12:7a:9d:5e:28:4a:7b:c1:
fd:5b:52:12:f8:35:e0:74:80:95:a2:b3:25:0b:7a:
1c:21:c8:bf:a3:1d:36:e7:e7:d2:98:33:4a:b4:18:
ff:dc:27:5b:29:03:15:b5:ca:2c:a1:6e:35:21:cd:
e0:ea:7e:04:8e:be:79:f1:50:11:c8:9c:e8:60:16:
a9:4b:a7:0a:30:51:39:b6:16:3e:0f:a3:64:8b:e8:
f3:8a:07:ac:18:77:c6:85:8d:ce:e7:41:37:ac:81:
ed:3c:fd:cb:48:0e:b5:7c:15:2d:16:a8:a7:0b:8f:
d2:6b:b8:85:bb:38:a4:18:b3:6e:8f:89:04:ca:9f:
28:5e:a6:8e:80:04:96:75:52:32:0c:67:1d:bc:3d:
8b:bc:dc:83:f6:73:57:e8:f4:4c:f8:15:7a:c2:c8:
14:bf:0f:53:63:16:54:70:a1:90:e4:92:a4:68:26:
9d:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:C3:52:2B:25:57:E0:BA:68:6E:01:E0:E0:23:42:08:65:25:F7:C6
X509v3 Authority Key Identifier:
keyid:5E:8D:07:B4:5F:7D:83:12:4C:9F:8C:0F:AC:03:BE:C0:24:68:B3:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xo0HtF99gxJMn4wPrAO-wCRos34.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/a168e9-d070-44e0-94a4-6c8fd84bb5f5/1/TMNSKyVX4LpobgHg4CNCCGUl98Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/a168e9-d070-44e0-94a4-6c8fd84bb5f5/1/Xo0HtF99gxJMn4wPrAO-wCRos34.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.57.88.0/21
193.203.5.0/24
IPv6:
2001:7f8:17::/48
2a00:eb20::/32
Signature Algorithm: sha256WithRSAEncryption
85:4b:ed:32:56:c7:0e:ac:c4:62:21:a8:5f:d1:37:d4:23:30:
ff:30:73:63:ea:9d:29:3d:37:7b:3c:71:18:e2:eb:f2:7f:84:
4a:9f:41:6e:64:2e:f9:42:c8:ab:f1:51:58:82:d1:4e:05:9c:
f6:ea:75:d8:0c:ae:84:19:59:92:f6:b9:75:7a:65:66:d9:03:
ca:7f:e2:af:4a:ed:16:3c:6c:4f:ab:1a:86:3d:77:5b:53:89:
5e:7b:32:5e:d7:4f:8a:be:66:9f:4c:8d:31:c1:af:c2:19:3c:
b6:63:62:cf:06:5e:76:c1:c1:a8:b6:32:e7:73:63:52:5c:a0:
0b:65:8b:5b:d5:54:05:b8:f6:76:39:bc:e0:ff:dd:e6:a5:0e:
3e:8d:96:08:ff:59:71:bd:73:68:dd:a0:20:0e:08:8f:65:47:
32:f4:8e:68:e7:8d:97:52:15:37:72:c2:15:32:e7:35:b1:d7:
31:25:9e:49:60:b3:87:60:96:68:5f:c0:86:97:5d:54:df:0c:
f7:09:4d:e8:7f:0a:94:fa:ec:78:6e:41:0e:54:c5:47:e3:a5:
8c:6d:37:a5:ee:18:ea:ec:a9:11:30:4b:3d:64:3b:1c:a8:fd:
01:22:b3:fd:bd:13:61:05:f8:66:9b:1c:dd:3b:c5:2b:fb:52:
24:1a:5f:2a
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYzIbv9AT0q3xf2e6GBkyvFGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlOGQwN2I0NWY3ZDgzMTI0YzlmOGMwZmFjMDNiZWMwMjQ2
OGIzN2UwHhcNMjQwMTAyMDQyOTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Y2MzNTIyYjI1NTdlMGJhNjg2ZTAxZTBlMDIzNDIwODY1MjVmN2M2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5kikhtlh5nXU4jEeYSkpb3f/1SSH
92EEA2IAC4PxJKKlB4c3gbSDtMwLV74EM1iMCfSK5Z4hUv3HlBUMj8+NsBnq7bMO
F15V9/RA96GsiSAqEnqdXihKe8H9W1IS+DXgdICVorMlC3ocIci/ox025+fSmDNK
tBj/3CdbKQMVtcosoW41Ic3g6n4Ejr558VARyJzoYBapS6cKMFE5thY+D6Nki+jz
igesGHfGhY3O50E3rIHtPP3LSA61fBUtFqinC4/Sa7iFuzikGLNuj4kEyp8oXqaO
gASWdVIyDGcdvD2LvNyD9nNX6PRM+BV6wsgUvw9TYxZUcKGQ5JKkaCadLQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFEzDUislV+C6aG4B4OAjQghlJffGMB8GA1UdIwQY
MBaAFF6NB7RffYMSTJ+MD6wDvsAkaLN+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWG8wSHRGOTlneEpNbjR3UHJBTy13Q1JvczM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9hMTY4ZTktZDA3MC00NGUwLTk0YTQt
NmM4ZmQ4NGJiNWY1LzEvVE1OU0t5Vlg0THBvYmdIZzRDTkNDR1VsOThZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi9hMTY4ZTktZDA3MC00NGUwLTk0YTQtNmM4ZmQ4NGJiNWY1
LzEvWG8wSHRGOTlneEpNbjR3UHJBTy13Q1JvczM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDASBAIAATAMAwQDBTlYAwQA
wcsFMBYEAgACMBADBwAgAQf4ABcDBQAqAOsgMA0GCSqGSIb3DQEBCwUAA4IBAQCF
S+0yVscOrMRiIahf0TfUIzD/MHNj6p0pPTd7PHEY4uvyf4RKn0FuZC75Qsir8VFY
gtFOBZz26nXYDK6EGVmS9rl1emVm2QPKf+KvSu0WPGxPqxqGPXdbU4leezJe10+K
vmafTI0xwa/CGTy2Y2LPBl52wcGotjLnc2NSXKALZYtb1VQFuPZ2Obzg/93mpQ4+
jZYI/1lxvXNo3aAgDgiPZUcy9I5o542XUhU3csIVMuc1sdcxJZ5JYLOHYJZoX8CG
l11U3wz3CU3ofwqU+ux4bkEOVMVH46WMbTel7hjq7KkRMEs9ZDscqP0BIrP9vRNh
BfhmmxzdO8Ur+1IkGl8q
-----END CERTIFICATE-----
Generated at Mon May 20 04:57:54 2024 by rpki-client on console-ams.rpki-client.org