Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/iMnUvgG_3_BEkzEIT_vuxHxBKh0.roa
File: iMnUvgG_3_BEkzEIT_vuxHxBKh0.roa (raw, json)
Hash identifier: gD3HY92XTG+pfgdGpBPqFIbtjzhibf4XyOs0q6gZVds=
Subject key identifier: 88:C9:D4:BE:01:BF:DF:F0:44:93:31:08:4F:FB:EE:C4:7C:41:2A:1D
Certificate issuer: /CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Certificate serial: 018CC5DC98D26C2421A156ABB79B1BE90153
Authority key identifier: 7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/iMnUvgG_3_BEkzEIT_vuxHxBKh0.roa
Signing time: Mon 01 Jan 2024 16:30:17 +0000
ROA not before: Mon 01 Jan 2024 16:30:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42532
IP address blocks: 37.128.204.0/22 maxlen: 22
188.64.12.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fQakK7JEblHxkuo3W99-7FpRx38.crl
rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fQakK7JEblHxkuo3W99-7FpRx38.mft
rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:12:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:98:d2:6c:24:21:a1:56:ab:b7:9b:1b:e9:01:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Validity
Not Before: Jan 1 16:30:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=88c9d4be01bfdff0449331084ffbeec47c412a1d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:8a:ca:84:44:a7:5f:cf:36:ae:4a:ed:af:54:
4a:b4:61:79:d6:b4:c8:a1:db:41:22:9f:3f:51:73:
bd:ce:b4:51:a9:4b:45:c5:43:46:27:b2:dc:06:23:
3e:80:62:0a:54:cd:7c:9b:1a:e1:41:d5:70:2e:36:
d0:04:e1:09:a5:cb:e5:32:e7:20:49:25:97:99:11:
ae:0b:64:1c:d6:e4:05:d4:8b:63:cb:f6:85:a1:31:
30:e8:18:2d:48:7a:8b:6d:58:61:ca:74:88:7a:cb:
e5:b7:6c:af:9b:3f:2f:e6:42:33:f9:09:1c:02:d0:
fc:33:40:6d:15:68:33:1c:fc:e6:d2:8a:8e:b0:ab:
39:f2:bd:55:58:e0:c5:ee:e0:84:de:9e:e9:88:d8:
77:75:2a:3d:79:2a:aa:53:dd:6a:32:32:1d:e5:08:
0c:e2:7e:13:46:7a:d3:17:21:e6:b2:c5:62:90:50:
f6:2a:a1:30:a3:40:45:27:d2:52:80:71:68:de:bb:
14:1a:ad:94:9d:20:5e:c5:98:89:3c:36:d5:a9:3b:
4c:f6:97:05:68:a4:2a:4d:ca:00:21:a0:63:5e:51:
cf:75:56:8b:86:5b:8e:60:75:b8:06:ac:6f:66:e3:
e8:b5:7f:fe:0f:ce:a2:e8:20:ec:3e:78:98:90:67:
f5:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:C9:D4:BE:01:BF:DF:F0:44:93:31:08:4F:FB:EE:C4:7C:41:2A:1D
X509v3 Authority Key Identifier:
keyid:7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/iMnUvgG_3_BEkzEIT_vuxHxBKh0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fQakK7JEblHxkuo3W99-7FpRx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.128.204.0/22
188.64.12.0/22
Signature Algorithm: sha256WithRSAEncryption
db:3b:b0:45:f8:e7:d7:f0:1b:3e:a1:a7:cd:f2:e7:a5:73:ad:
5a:83:d7:5d:0c:70:88:e4:e5:18:29:59:ce:f0:c3:b1:73:6d:
d6:74:fc:e4:c1:71:67:48:cc:48:0f:ea:9b:5e:0c:88:81:5c:
f3:79:62:4f:95:b9:80:64:55:75:70:3b:45:64:ea:51:75:de:
1f:5a:bc:c4:b7:f7:dd:66:70:11:af:09:17:4d:93:e9:e5:7c:
d8:0f:4d:72:e7:29:32:44:d0:6b:1e:63:11:ff:95:96:d8:dc:
24:de:8e:66:f9:ea:cb:a5:b1:b3:73:0d:a1:2a:f7:10:78:06:
09:b4:99:24:25:fb:e9:2f:94:94:a7:82:e9:6d:88:e4:64:44:
b7:7e:28:4b:17:89:be:fc:56:93:8f:aa:32:56:4d:78:3e:31:
7a:79:87:96:7c:22:a1:ff:e7:88:9f:4b:78:c2:32:5c:ed:fd:
f3:6a:e8:74:22:98:ff:ce:cf:5e:f4:0a:8f:16:6e:a4:23:11:
46:50:b8:58:d4:2a:88:38:54:48:ec:29:6b:f2:f6:f6:f9:ca:
3c:81:23:59:bd:16:cc:bb:45:62:fc:c6:e7:0f:f2:20:ee:9c:
7d:f3:24:9c:32:29:3d:42:55:71:c1:76:2b:85:59:b4:ea:dd:
bc:73:01:4e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzF3JjSbCQhoVart5sb6QFTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMDZhNDJiYjI0NDZlNTFmMTkyZWEzNzViZGY3ZWVjNWE1
MWM3N2YwHhcNMjQwMTAxMTYzMDE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OGM5ZDRiZTAxYmZkZmYwNDQ5MzMxMDg0ZmZiZWVjNDdjNDEyYTFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn4rKhESnX882rkrtr1RKtGF51rTI
odtBIp8/UXO9zrRRqUtFxUNGJ7LcBiM+gGIKVM18mxrhQdVwLjbQBOEJpcvlMucg
SSWXmRGuC2Qc1uQF1Itjy/aFoTEw6BgtSHqLbVhhynSIesvlt2yvmz8v5kIz+Qkc
AtD8M0BtFWgzHPzm0oqOsKs58r1VWODF7uCE3p7piNh3dSo9eSqqU91qMjId5QgM
4n4TRnrTFyHmssVikFD2KqEwo0BFJ9JSgHFo3rsUGq2UnSBexZiJPDbVqTtM9pcF
aKQqTcoAIaBjXlHPdVaLhluOYHW4BqxvZuPotX/+D86i6CDsPniYkGf1mwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIjJ1L4Bv9/wRJMxCE/77sR8QSodMB8GA1UdIwQY
MBaAFH0GpCuyRG5R8ZLqN1vffuxaUcd/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUt
MmNmODA2YjJkMGYyLzEvaU1uVXZnR18zX0JFa3pFSVRfdnV4SHhCS2gwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUtMmNmODA2YjJkMGYy
LzEvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCJYDMAwQC
vEAMMA0GCSqGSIb3DQEBCwUAA4IBAQDbO7BF+OfX8Bs+oafN8uelc61ag9ddDHCI
5OUYKVnO8MOxc23WdPzkwXFnSMxID+qbXgyIgVzzeWJPlbmAZFV1cDtFZOpRdd4f
WrzEt/fdZnARrwkXTZPp5XzYD01y5ykyRNBrHmMR/5WW2Nwk3o5m+erLpbGzcw2h
KvcQeAYJtJkkJfvpL5SUp4LpbYjkZES3fihLF4m+/FaTj6oyVk14PjF6eYeWfCKh
/+eIn0t4wjJc7f3zauh0Ipj/zs9e9AqPFm6kIxFGULhY1CqIOFRI7Clr8vb2+co8
gSNZvRbMu0Vi/MbnD/Ig7px98yScMik9QlVxwXYrhVm06t28cwFO
-----END CERTIFICATE-----
Generated at Mon Nov 25 22:19:37 2024 by rpki-client on console-ams.rpki-client.org