Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/7f8f58-d83c-440e-990b-b438b5b88cf2/1/iMH-2vRf9YeMGRgtztJPUn14aQA.roa
File: iMH-2vRf9YeMGRgtztJPUn14aQA.roa (raw, json)
Hash identifier: 76FrL/HDDuxO7pj6zl8q4Zgif4vNwjOmJyQV7tycvQk=
Subject key identifier: 88:C1:FE:DA:F4:5F:F5:87:8C:19:18:2D:CE:D2:4F:52:7D:78:69:00
Certificate issuer: /CN=c77171a5e45506c86c9016bbe5b14b3db8bc6cc3
Certificate serial: 01941F8C79F54DA158E2DBB8A7275D71054A
Authority key identifier: C7:71:71:A5:E4:55:06:C8:6C:90:16:BB:E5:B1:4B:3D:B8:BC:6C:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x3FxpeRVBshskBa75bFLPbi8bMM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/7f8f58-d83c-440e-990b-b438b5b88cf2/1/iMH-2vRf9YeMGRgtztJPUn14aQA.roa
Signing time: Wed 01 Jan 2025 01:48:07 +0000
ROA not before: Wed 01 Jan 2025 01:48:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49250
IP address blocks: 37.1.104.0/21 maxlen: 24
91.212.183.0/24 maxlen: 28
91.223.233.0/24 maxlen: 28
185.191.12.0/22 maxlen: 24
2a00:d540::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/7f8f58-d83c-440e-990b-b438b5b88cf2/1/x3FxpeRVBshskBa75bFLPbi8bMM.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/7f8f58-d83c-440e-990b-b438b5b88cf2/1/x3FxpeRVBshskBa75bFLPbi8bMM.mft
rsync://rpki.ripe.net/repository/DEFAULT/x3FxpeRVBshskBa75bFLPbi8bMM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 16 Apr 2025 07:00:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:79:f5:4d:a1:58:e2:db:b8:a7:27:5d:71:05:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c77171a5e45506c86c9016bbe5b14b3db8bc6cc3
Validity
Not Before: Jan 1 01:48:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=88c1fedaf45ff5878c19182dced24f527d786900
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:fb:09:92:fe:0b:36:ca:14:23:f7:65:b3:c7:
44:2f:d4:4b:c6:4a:85:eb:54:d7:f1:64:b3:96:d3:
2b:cd:33:91:9b:e0:c7:d3:4c:5a:3f:29:ab:eb:5c:
86:1d:ce:83:23:1d:a2:9a:84:4a:dd:e2:bf:df:71:
a8:4b:60:93:33:2e:97:fa:a2:0d:fb:b9:fb:b8:f9:
42:fd:af:6b:f5:d5:8d:9a:6b:3b:1c:79:8a:bf:f5:
69:c2:de:e7:fa:a0:92:24:ae:1c:f7:84:7b:78:e1:
8b:ba:23:95:ac:79:92:4e:9a:34:0a:12:ff:e8:79:
87:5e:e0:e2:a3:a7:ec:57:33:4a:76:05:b5:23:96:
e2:1f:19:86:63:e7:f5:13:45:b3:28:44:8b:5d:d6:
30:67:1e:92:6d:23:d3:db:69:f2:8d:90:44:90:f6:
27:15:67:ac:b4:c2:64:e5:86:0b:08:9b:c1:f0:79:
95:a2:00:95:45:44:93:e8:5d:38:17:5b:ef:75:4b:
0a:57:b2:18:38:19:df:fc:c2:3f:11:49:99:1a:b5:
b7:41:74:2d:b2:93:2f:5f:c4:af:cf:45:2e:c3:72:
f2:5c:80:47:4a:67:44:54:da:c4:b3:7a:a1:9d:f3:
1e:9b:37:6e:af:ae:88:c6:80:54:13:b0:c8:a8:bb:
31:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:C1:FE:DA:F4:5F:F5:87:8C:19:18:2D:CE:D2:4F:52:7D:78:69:00
X509v3 Authority Key Identifier:
keyid:C7:71:71:A5:E4:55:06:C8:6C:90:16:BB:E5:B1:4B:3D:B8:BC:6C:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x3FxpeRVBshskBa75bFLPbi8bMM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/7f8f58-d83c-440e-990b-b438b5b88cf2/1/iMH-2vRf9YeMGRgtztJPUn14aQA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/7f8f58-d83c-440e-990b-b438b5b88cf2/1/x3FxpeRVBshskBa75bFLPbi8bMM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.1.104.0/21
91.212.183.0/24
91.223.233.0/24
185.191.12.0/22
IPv6:
2a00:d540::/29
Signature Algorithm: sha256WithRSAEncryption
58:c9:6a:21:2d:e0:2b:31:18:4e:d1:85:0c:3b:9d:09:5f:08:
7a:3e:e5:2a:ad:34:fc:bf:fd:3f:85:f6:a4:03:94:b8:77:3f:
d9:23:56:57:83:b0:7b:48:2c:fb:11:f1:67:8a:be:8b:56:ba:
91:b5:ea:c7:e7:d9:59:6a:7b:4d:60:5b:2b:3f:2e:fc:d3:ca:
bc:6b:15:7e:fa:0d:d7:9e:55:51:c1:b1:ac:d0:d3:70:2c:ec:
4e:17:c7:1b:ff:05:13:95:e8:25:40:59:de:f1:0c:f1:f0:c1:
00:cf:18:fb:63:b6:64:c4:53:fb:33:bb:68:ee:25:95:99:6b:
0f:93:4b:52:3f:d7:1a:8a:2b:8a:cb:24:70:85:c3:c2:78:80:
34:ec:69:27:43:44:3c:9c:a7:eb:e4:f8:7e:63:ad:15:41:c9:
80:05:61:2d:9e:cd:89:40:df:c6:2a:d0:95:f4:a9:b6:bc:89:
d0:1a:f1:56:3e:15:b4:f5:6a:14:ec:dd:7a:5d:6c:b5:fc:4d:
2c:49:5e:25:bc:04:56:d0:de:ab:b9:94:a6:40:8d:2d:92:be:
39:89:02:34:6e:a8:90:64:5d:54:2d:72:0b:a4:34:ac:c4:70:
b0:da:f4:1d:ce:24:bf:f8:18:c5:bb:4b:26:d9:12:ba:70:4a:
24:04:84:74
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZQfjHn1TaFY4tu4pyddcQVKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3NzE3MWE1ZTQ1NTA2Yzg2YzkwMTZiYmU1YjE0YjNkYjhi
YzZjYzMwHhcNMjUwMTAxMDE0ODA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OGMxZmVkYWY0NWZmNTg3OGMxOTE4MmRjZWQyNGY1MjdkNzg2OTAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsvsJkv4LNsoUI/dls8dEL9RLxkqF
61TX8WSzltMrzTORm+DH00xaPymr61yGHc6DIx2imoRK3eK/33GoS2CTMy6X+qIN
+7n7uPlC/a9r9dWNmms7HHmKv/Vpwt7n+qCSJK4c94R7eOGLuiOVrHmSTpo0ChL/
6HmHXuDio6fsVzNKdgW1I5biHxmGY+f1E0WzKESLXdYwZx6SbSPT22nyjZBEkPYn
FWestMJk5YYLCJvB8HmVogCVRUST6F04F1vvdUsKV7IYOBnf/MI/EUmZGrW3QXQt
spMvX8Svz0Uuw3LyXIBHSmdEVNrEs3qhnfMemzdur66IxoBUE7DIqLsxdwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFIjB/tr0X/WHjBkYLc7ST1J9eGkAMB8GA1UdIwQY
MBaAFMdxcaXkVQbIbJAWu+WxSz24vGzDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveDNGeHBlUlZCc2hza0JhNzViRkxQYmk4Yk1NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy83ZjhmNTgtZDgzYy00NDBlLTk5MGIt
YjQzOGI1Yjg4Y2YyLzEvaU1ILTJ2UmY5WWVNR1JndHp0SlBVbjE0YVFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy83ZjhmNTgtZDgzYy00NDBlLTk5MGItYjQzOGI1Yjg4Y2Yy
LzEveDNGeHBlUlZCc2hza0JhNzViRkxQYmk4Yk1NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQDJQFoAwQA
W9S3AwQAW9/pAwQCub8MMA0EAgACMAcDBQMqANVAMA0GCSqGSIb3DQEBCwUAA4IB
AQBYyWohLeArMRhO0YUMO50JXwh6PuUqrTT8v/0/hfakA5S4dz/ZI1ZXg7B7SCz7
EfFnir6LVrqRterH59lZantNYFsrPy7808q8axV++g3XnlVRwbGs0NNwLOxOF8cb
/wUTleglQFne8Qzx8MEAzxj7Y7ZkxFP7M7to7iWVmWsPk0tSP9caiiuKyyRwhcPC
eIA07GknQ0Q8nKfr5Ph+Y60VQcmABWEtns2JQN/GKtCV9Km2vInQGvFWPhW09WoU
7N16XWy1/E0sSV4lvARW0N6ruZSmQI0tkr45iQI0bqiQZF1ULXILpDSsxHCw2vQd
ziS/+BjFu0sm2RK6cEokBIR0
-----END CERTIFICATE-----
Generated at Tue Apr 15 13:39:36 2025 by rpki-client