Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/ebbeba-1b50-41e2-a8d3-ed466735ab27/1/IMGKhPxydezS6lv0VXyFe8rG74U.roa
File: IMGKhPxydezS6lv0VXyFe8rG74U.roa (raw, json)
Hash identifier: TQS7ZS80SVe9FvXofiQf6qiaXTqTRWUA0Pq38RNyAGw=
Subject key identifier: 20:C1:8A:84:FC:72:75:EC:D2:EA:5B:F4:55:7C:85:7B:CA:C6:EF:85
Certificate issuer: /CN=7b0978c412dab61efb2db5411b06960c09e17a77
Certificate serial: 018CC2DAB78C267418910618961E88EC2B58
Authority key identifier: 7B:09:78:C4:12:DA:B6:1E:FB:2D:B5:41:1B:06:96:0C:09:E1:7A:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ewl4xBLath77LbVBGwaWDAnhenc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/ebbeba-1b50-41e2-a8d3-ed466735ab27/1/IMGKhPxydezS6lv0VXyFe8rG74U.roa
Signing time: Mon 01 Jan 2024 02:29:22 +0000
ROA not before: Mon 01 Jan 2024 02:29:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48710
IP address blocks: 94.125.136.0/24 maxlen: 24
94.125.142.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/32/ebbeba-1b50-41e2-a8d3-ed466735ab27/1/ewl4xBLath77LbVBGwaWDAnhenc.crl
rsync://rpki.ripe.net/repository/DEFAULT/32/ebbeba-1b50-41e2-a8d3-ed466735ab27/1/ewl4xBLath77LbVBGwaWDAnhenc.mft
rsync://rpki.ripe.net/repository/DEFAULT/ewl4xBLath77LbVBGwaWDAnhenc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 05:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:b7:8c:26:74:18:91:06:18:96:1e:88:ec:2b:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b0978c412dab61efb2db5411b06960c09e17a77
Validity
Not Before: Jan 1 02:29:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=20c18a84fc7275ecd2ea5bf4557c857bcac6ef85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:ef:22:a4:69:be:6c:20:91:ce:cd:db:12:0a:
7a:02:2a:48:06:44:37:27:83:98:b5:ea:9c:7a:b3:
76:50:56:37:ff:1a:8b:79:0a:0a:8f:57:e2:34:3a:
83:6a:aa:92:e0:9c:90:8f:01:e8:fc:21:f4:82:79:
84:e6:07:6c:2e:be:4b:a8:33:99:fe:47:ab:7d:4f:
e1:47:c9:6d:90:4e:c7:70:ac:fb:1d:1a:56:9f:4d:
1e:50:14:53:5c:b7:ae:db:3c:7e:50:d4:1d:3f:e6:
f2:6f:6c:8d:ec:de:24:f6:81:eb:7d:3e:69:37:8c:
5a:3f:0c:e2:f4:0b:bd:9a:61:e3:d0:ed:5d:74:6e:
4d:b9:18:02:f8:49:92:c2:d1:4d:b6:03:0a:ea:58:
e7:dd:22:92:1c:db:8f:82:75:40:c0:de:f8:f3:5d:
cb:97:80:40:b7:6b:1a:ce:ea:72:1a:8c:c3:d2:02:
b9:16:25:8f:c7:e1:b7:5b:de:2f:11:c4:7c:5b:3f:
ec:ed:aa:38:df:44:ad:0a:5c:bb:b1:8e:eb:62:ed:
a9:71:82:48:63:ea:4f:76:b0:fe:02:ed:13:ef:50:
65:0a:e0:e1:d4:de:bf:50:dd:90:d4:5a:15:fb:a4:
4a:76:95:1e:7a:94:92:c7:16:1c:30:05:92:bd:b5:
25:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:C1:8A:84:FC:72:75:EC:D2:EA:5B:F4:55:7C:85:7B:CA:C6:EF:85
X509v3 Authority Key Identifier:
keyid:7B:09:78:C4:12:DA:B6:1E:FB:2D:B5:41:1B:06:96:0C:09:E1:7A:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ewl4xBLath77LbVBGwaWDAnhenc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/ebbeba-1b50-41e2-a8d3-ed466735ab27/1/IMGKhPxydezS6lv0VXyFe8rG74U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/ebbeba-1b50-41e2-a8d3-ed466735ab27/1/ewl4xBLath77LbVBGwaWDAnhenc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.125.136.0/24
94.125.142.0/24
Signature Algorithm: sha256WithRSAEncryption
58:73:90:66:d9:d5:0e:aa:9a:6f:fc:e1:4b:85:ec:83:df:c3:
7b:06:fd:b3:aa:07:29:53:bf:f1:fb:7b:18:c6:fe:99:2c:19:
0f:1c:4d:89:09:4b:7b:70:19:87:e3:8f:ec:7b:0a:6d:7e:78:
15:93:0e:9c:e5:e5:ee:dd:a2:4a:67:ae:4e:86:5e:8e:26:24:
c9:41:a1:aa:ea:6e:0e:6f:86:b4:ee:57:13:72:b0:43:fd:df:
47:c5:50:84:49:dd:66:c9:c9:02:7f:48:68:2c:0e:fd:ba:6a:
94:24:d3:d1:b0:74:a3:b2:bc:68:57:a3:2c:5a:7c:3f:b6:ca:
3a:d4:01:75:5a:03:df:ec:3a:f2:28:db:f9:95:f7:b6:4d:c9:
76:11:45:87:ce:19:8a:5b:59:e2:a7:ca:cf:ba:a2:96:ec:b5:
dc:a0:fe:99:3c:11:1e:a7:fe:0f:6c:da:2d:d6:a1:75:1b:03:
71:94:1f:ec:ad:a0:25:26:1a:3a:9f:3e:83:3c:24:37:fa:21:
83:48:96:9e:a4:5f:21:70:79:70:ef:b2:b0:3b:5f:65:92:01:
f2:9d:2b:27:7e:6a:c4:70:ab:4f:01:c6:2d:8a:05:af:07:39:
28:21:e5:46:14:c9:8c:30:5a:c5:3d:27:40:5d:ff:77:a7:00:
31:62:c1:21
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzC2reMJnQYkQYYlh6I7CtYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiMDk3OGM0MTJkYWI2MWVmYjJkYjU0MTFiMDY5NjBjMDll
MTdhNzcwHhcNMjQwMTAxMDIyOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMGMxOGE4NGZjNzI3NWVjZDJlYTViZjQ1NTdjODU3YmNhYzZlZjg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6+8ipGm+bCCRzs3bEgp6AipIBkQ3
J4OYteqcerN2UFY3/xqLeQoKj1fiNDqDaqqS4JyQjwHo/CH0gnmE5gdsLr5LqDOZ
/kerfU/hR8ltkE7HcKz7HRpWn00eUBRTXLeu2zx+UNQdP+byb2yN7N4k9oHrfT5p
N4xaPwzi9Au9mmHj0O1ddG5NuRgC+EmSwtFNtgMK6ljn3SKSHNuPgnVAwN74813L
l4BAt2sazupyGozD0gK5FiWPx+G3W94vEcR8Wz/s7ao430StCly7sY7rYu2pcYJI
Y+pPdrD+Au0T71BlCuDh1N6/UN2Q1FoV+6RKdpUeepSSxxYcMAWSvbUlOwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCDBioT8cnXs0upb9FV8hXvKxu+FMB8GA1UdIwQY
MBaAFHsJeMQS2rYe+y21QRsGlgwJ4Xp3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXdsNHhCTGF0aDc3TGJWQkd3YVdEQW5oZW5jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi9lYmJlYmEtMWI1MC00MWUyLWE4ZDMt
ZWQ0NjY3MzVhYjI3LzEvSU1HS2hQeHlkZXpTNmx2MFZYeUZlOHJHNzRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi9lYmJlYmEtMWI1MC00MWUyLWE4ZDMtZWQ0NjY3MzVhYjI3
LzEvZXdsNHhCTGF0aDc3TGJWQkd3YVdEQW5oZW5jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAXn2IAwQA
Xn2OMA0GCSqGSIb3DQEBCwUAA4IBAQBYc5Bm2dUOqppv/OFLheyD38N7Bv2zqgcp
U7/x+3sYxv6ZLBkPHE2JCUt7cBmH44/sewptfngVkw6c5eXu3aJKZ65Ohl6OJiTJ
QaGq6m4Ob4a07lcTcrBD/d9HxVCESd1myckCf0hoLA79umqUJNPRsHSjsrxoV6Ms
Wnw/tso61AF1WgPf7DryKNv5lfe2Tcl2EUWHzhmKW1nip8rPuqKW7LXcoP6ZPBEe
p/4PbNot1qF1GwNxlB/sraAlJho6nz6DPCQ3+iGDSJaepF8hcHlw77KwO19lkgHy
nSsnfmrEcKtPAcYtigWvBzkoIeVGFMmMMFrFPSdAXf93pwAxYsEh
-----END CERTIFICATE-----
Generated at Fri Jun 7 13:08:17 2024 by rpki-client on console-ams.rpki-client.org