Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/b9884b-6fc5-4b3e-b1e8-e01e94124674/1/TMxK7uQYXJj2eT9XSpcQwZsUKLE.roa
File: TMxK7uQYXJj2eT9XSpcQwZsUKLE.roa (raw, json)
Hash identifier: dloaHCx6p37HlXJj+UcX97KEEMmDJU35/ZEUACoiLxk=
Subject key identifier: 4C:CC:4A:EE:E4:18:5C:98:F6:79:3F:57:4A:97:10:C1:9B:14:28:B1
Certificate issuer: /CN=da8f05e3843517cf0971c2bf9cddddd62717e52c
Certificate serial: 018DB706550BF2814B56A145893D3321D3E5
Authority key identifier: DA:8F:05:E3:84:35:17:CF:09:71:C2:BF:9C:DD:DD:D6:27:17:E5:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2o8F44Q1F88JccK_nN3d1icX5Sw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/b9884b-6fc5-4b3e-b1e8-e01e94124674/1/TMxK7uQYXJj2eT9XSpcQwZsUKLE.roa
Signing time: Sat 17 Feb 2024 12:24:21 +0000
ROA not before: Sat 17 Feb 2024 12:24:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44477
IP address blocks: 138.124.0.0/17 maxlen: 24
138.124.125.0/24 maxlen: 24
138.124.245.0/24 maxlen: 24
138.124.246.0/24 maxlen: 24
138.124.247.0/24 maxlen: 24
138.124.251.0/24 maxlen: 24
138.124.252.0/24 maxlen: 24
138.124.253.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5f/b9884b-6fc5-4b3e-b1e8-e01e94124674/1/2o8F44Q1F88JccK_nN3d1icX5Sw.crl
rsync://rpki.ripe.net/repository/DEFAULT/5f/b9884b-6fc5-4b3e-b1e8-e01e94124674/1/2o8F44Q1F88JccK_nN3d1icX5Sw.mft
rsync://rpki.ripe.net/repository/DEFAULT/2o8F44Q1F88JccK_nN3d1icX5Sw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:b7:06:55:0b:f2:81:4b:56:a1:45:89:3d:33:21:d3:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da8f05e3843517cf0971c2bf9cddddd62717e52c
Validity
Not Before: Feb 17 12:24:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4ccc4aeee4185c98f6793f574a9710c19b1428b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:a1:aa:da:1a:8f:11:d1:6f:95:82:98:d9:8b:
3e:fc:58:35:4f:90:b2:7a:10:41:a6:95:83:ea:6f:
39:1e:6b:e6:3b:41:4b:b5:27:58:24:b1:c6:39:f0:
bb:f5:90:92:c4:e5:5a:e3:d1:45:e5:b3:bc:4d:a3:
75:f7:12:1f:70:84:7e:83:ba:40:c9:b9:96:5f:e6:
7f:52:ae:2b:ef:86:ec:5c:f0:cf:19:2c:78:0e:87:
9f:a5:8b:67:17:28:b6:ac:27:52:b2:6c:15:97:36:
cd:c2:be:25:18:1d:d9:00:03:20:f3:18:17:80:4c:
cd:03:f3:2e:07:c8:de:58:59:17:2d:dd:47:16:d9:
95:e9:37:b4:36:5d:c5:c7:e1:81:eb:8a:63:0f:13:
54:00:84:29:58:81:91:dd:32:ef:9f:25:6e:8a:f4:
25:d5:dc:1d:c1:85:8d:2c:c6:e5:4d:9a:89:8e:04:
40:0e:a1:da:c3:73:d6:fd:1b:b2:96:7f:0f:a3:3e:
c5:3d:ce:d6:f2:4d:05:8c:d7:ca:b1:d1:65:a6:9c:
66:c5:72:e8:d0:45:98:42:e1:41:59:6f:41:de:d7:
fb:31:d7:c0:9c:6a:aa:70:6e:b6:54:6e:d4:09:90:
ac:1e:95:21:6f:41:d5:b1:01:a0:fb:5b:6a:bf:73:
5b:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:CC:4A:EE:E4:18:5C:98:F6:79:3F:57:4A:97:10:C1:9B:14:28:B1
X509v3 Authority Key Identifier:
keyid:DA:8F:05:E3:84:35:17:CF:09:71:C2:BF:9C:DD:DD:D6:27:17:E5:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2o8F44Q1F88JccK_nN3d1icX5Sw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b9884b-6fc5-4b3e-b1e8-e01e94124674/1/TMxK7uQYXJj2eT9XSpcQwZsUKLE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b9884b-6fc5-4b3e-b1e8-e01e94124674/1/2o8F44Q1F88JccK_nN3d1icX5Sw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
138.124.0.0/17
138.124.245.0-138.124.247.255
138.124.251.0-138.124.253.255
Signature Algorithm: sha256WithRSAEncryption
bc:6e:d8:d3:67:28:11:78:99:e0:bc:63:bb:37:e0:66:12:64:
59:2a:96:14:e5:bc:8e:5e:17:b5:02:71:47:d7:d2:04:ac:53:
a3:be:14:89:9c:36:d6:99:42:18:1a:f1:2c:b3:67:a1:39:b2:
0a:bf:1a:de:21:3c:ad:fc:93:bf:c1:5e:3b:68:e6:6e:cc:c1:
c1:a3:f4:5d:7e:b9:bc:6d:cf:23:9a:97:ee:ae:95:3f:b5:dc:
b5:f2:19:28:cc:4e:14:9c:77:a0:61:44:b5:a1:a2:6b:76:ce:
69:d5:47:b4:c7:bb:7f:47:cf:bc:61:b0:39:c4:25:d6:53:85:
51:96:bc:1b:a3:b7:84:50:4a:2c:49:13:2a:51:b4:e4:e5:d0:
4d:b7:98:5e:05:eb:80:c7:0c:15:c6:e5:83:ab:0a:4b:c9:b5:
81:78:84:1d:24:15:83:4f:26:6f:76:6f:58:57:d9:33:ec:c1:
4d:09:54:39:a8:47:35:0e:58:59:b4:76:a4:bf:cc:0e:68:3f:
70:7c:0f:20:34:ea:84:09:24:7a:8c:e7:bd:16:6f:39:58:89:
ac:51:65:cc:f9:44:95:44:6b:8d:a7:15:ab:5e:5f:ca:c8:94:
cb:61:0b:b1:18:a5:0c:2a:60:fd:a6:bb:97:39:da:2b:b3:a0:
80:20:03:80
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAY23BlUL8oFLVqFFiT0zIdPlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhOGYwNWUzODQzNTE3Y2YwOTcxYzJiZjljZGRkZGQ2Mjcx
N2U1MmMwHhcNMjQwMjE3MTIyNDIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Y2NjNGFlZWU0MTg1Yzk4ZjY3OTNmNTc0YTk3MTBjMTliMTQyOGIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiqGq2hqPEdFvlYKY2Ys+/Fg1T5Cy
ehBBppWD6m85HmvmO0FLtSdYJLHGOfC79ZCSxOVa49FF5bO8TaN19xIfcIR+g7pA
ybmWX+Z/Uq4r74bsXPDPGSx4DoefpYtnFyi2rCdSsmwVlzbNwr4lGB3ZAAMg8xgX
gEzNA/MuB8jeWFkXLd1HFtmV6Te0Nl3Fx+GB64pjDxNUAIQpWIGR3TLvnyVuivQl
1dwdwYWNLMblTZqJjgRADqHaw3PW/Ruyln8Poz7FPc7W8k0FjNfKsdFlppxmxXLo
0EWYQuFBWW9B3tf7MdfAnGqqcG62VG7UCZCsHpUhb0HVsQGg+1tqv3NbxQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFEzMSu7kGFyY9nk/V0qXEMGbFCixMB8GA1UdIwQY
MBaAFNqPBeOENRfPCXHCv5zd3dYnF+UsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMm84RjQ0UTFGODhKY2NLX25OM2QxaWNYNVN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9iOTg4NGItNmZjNS00YjNlLWIxZTgt
ZTAxZTk0MTI0Njc0LzEvVE14Szd1UVlYSmoyZVQ5WFNwY1F3WnNVS0xFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9iOTg4NGItNmZjNS00YjNlLWIxZTgtZTAxZTk0MTI0Njc0
LzEvMm84RjQ0UTFGODhKY2NLX25OM2QxaWNYNVN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiAwQHinwAMAwD
BACKfPUDBAOKfPAwDAMEAIp8+wMEAYp8/DANBgkqhkiG9w0BAQsFAAOCAQEAvG7Y
02coEXiZ4LxjuzfgZhJkWSqWFOW8jl4XtQJxR9fSBKxTo74UiZw21plCGBrxLLNn
oTmyCr8a3iE8rfyTv8FeO2jmbszBwaP0XX65vG3PI5qX7q6VP7XctfIZKMxOFJx3
oGFEtaGia3bOadVHtMe7f0fPvGGwOcQl1lOFUZa8G6O3hFBKLEkTKlG05OXQTbeY
XgXrgMcMFcblg6sKS8m1gXiEHSQVg08mb3ZvWFfZM+zBTQlUOahHNQ5YWbR2pL/M
Dmg/cHwPIDTqhAkkeoznvRZvOViJrFFlzPlElURrjacVq15fysiUy2ELsRilDCpg
/aa7lznaK7OggCADgA==
-----END CERTIFICATE-----
Generated at Sun May 19 21:15:16 2024 by rpki-client on console-ams.rpki-client.org