Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/341508-a0aa-40c9-ae0c-0379930f8286/1/IGX_r1M8Yg0wS44TZ5oBZWVpWo4.roa
File: IGX_r1M8Yg0wS44TZ5oBZWVpWo4.roa (raw, json)
Hash identifier: FMS01Jmi7oDANk3VjlsYDDbQmBLENrZVzIv8hNqgsbw=
Subject key identifier: 20:65:FF:AF:53:3C:62:0D:30:4B:8E:13:67:9A:01:65:65:69:5A:8E
Certificate issuer: /CN=3753dbc5829ec500b33426a188d0399395b806aa
Certificate serial: 01904E42BAD53EABE95863BE8DE93AA4DF75
Authority key identifier: 37:53:DB:C5:82:9E:C5:00:B3:34:26:A1:88:D0:39:93:95:B8:06:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N1PbxYKexQCzNCahiNA5k5W4Bqo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/341508-a0aa-40c9-ae0c-0379930f8286/1/IGX_r1M8Yg0wS44TZ5oBZWVpWo4.roa
Signing time: Tue 25 Jun 2024 07:18:34 +0000
ROA not before: Tue 25 Jun 2024 07:18:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21277
IP address blocks: 2a03:47c0::/32 maxlen: 32
2a03:47c0:1080::/48 maxlen: 48
2a03:47c0:20c0::/48 maxlen: 48
2a03:47c0:2180::/48 maxlen: 48
2a03:47c0:2280::/48 maxlen: 48
2a03:47c0:2480::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/341508-a0aa-40c9-ae0c-0379930f8286/1/N1PbxYKexQCzNCahiNA5k5W4Bqo.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/341508-a0aa-40c9-ae0c-0379930f8286/1/N1PbxYKexQCzNCahiNA5k5W4Bqo.mft
rsync://rpki.ripe.net/repository/DEFAULT/N1PbxYKexQCzNCahiNA5k5W4Bqo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 25 Jun 2024 23:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:4e:42:ba:d5:3e:ab:e9:58:63:be:8d:e9:3a:a4:df:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3753dbc5829ec500b33426a188d0399395b806aa
Validity
Not Before: Jun 25 07:18:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2065ffaf533c620d304b8e13679a016565695a8e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:db:73:a0:83:c5:8b:9e:fe:35:e1:c8:dd:6e:
4b:fa:b3:d3:ab:16:ca:01:50:c8:b8:fc:2f:b6:b9:
82:88:76:54:6e:84:1f:ef:57:67:4a:cd:ee:42:3b:
f7:e8:f9:98:f9:72:24:cc:fb:a4:80:25:c5:65:e0:
0a:12:d9:a2:f2:f4:aa:97:bc:61:35:84:4e:8a:d0:
f6:3e:f9:55:98:28:f9:83:7d:da:fb:a7:b2:75:0b:
14:b1:e8:19:85:c4:d1:b8:31:54:77:80:8a:c7:de:
41:5d:79:21:a8:8b:5d:44:06:1a:9e:6b:79:19:9f:
4f:bd:62:58:a9:27:47:1f:e5:a4:41:37:c5:5a:4f:
3b:e9:ed:38:77:6c:50:5d:bd:c1:0d:ac:51:2f:cf:
45:51:fd:cd:0c:9c:b4:34:c4:5e:a7:c4:61:e2:91:
07:b8:d6:2f:01:0d:28:4c:1c:0c:c5:32:6d:4c:14:
da:d7:1a:b8:c8:3e:88:c4:f2:39:59:35:8b:c0:74:
d5:87:08:75:1e:ef:09:4e:da:ba:d9:fa:39:24:3a:
fe:b4:a9:26:8c:28:cf:57:b2:3f:1d:81:76:b9:da:
88:bd:cd:bf:59:46:a3:5e:87:0f:34:e7:d0:2b:8b:
24:59:56:89:d2:c5:19:01:28:19:c4:7a:f9:f5:0e:
ca:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:65:FF:AF:53:3C:62:0D:30:4B:8E:13:67:9A:01:65:65:69:5A:8E
X509v3 Authority Key Identifier:
keyid:37:53:DB:C5:82:9E:C5:00:B3:34:26:A1:88:D0:39:93:95:B8:06:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N1PbxYKexQCzNCahiNA5k5W4Bqo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/341508-a0aa-40c9-ae0c-0379930f8286/1/IGX_r1M8Yg0wS44TZ5oBZWVpWo4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/341508-a0aa-40c9-ae0c-0379930f8286/1/N1PbxYKexQCzNCahiNA5k5W4Bqo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a03:47c0::/32
Signature Algorithm: sha256WithRSAEncryption
2e:a6:f6:fb:5f:26:47:6a:da:66:d2:2e:7c:03:f9:c5:50:e8:
f8:0a:b8:ac:08:17:8f:4a:ea:8c:29:f5:52:b9:f1:7f:8d:bc:
38:e0:55:ff:6a:25:10:66:67:d2:7d:a1:77:b3:05:78:75:ee:
e2:8a:0c:ec:88:bb:75:84:0c:0f:cf:1d:41:e4:0b:6a:b7:fc:
b1:c1:e4:58:6f:a3:c1:fa:ad:5b:ce:9f:35:7c:e5:1f:64:2a:
18:74:f8:d4:44:7f:5a:60:dd:a9:db:65:4f:79:40:96:2e:55:
39:30:20:0d:91:51:b1:c7:fa:c4:c7:64:a8:cc:e3:0e:c3:61:
3b:2f:d0:21:5c:65:9d:26:7d:0d:3f:07:58:ab:f3:17:75:7f:
d2:df:de:5c:80:2a:44:3a:df:3b:64:e0:9c:37:d5:d9:e4:ab:
11:e0:a3:fc:c8:f3:34:f9:f9:78:eb:a1:47:93:27:f3:88:fd:
cd:7a:3c:ba:7f:ba:52:0f:07:08:77:12:48:60:4b:ed:22:3e:
c9:5c:cd:94:86:cc:51:84:bb:58:aa:63:3b:35:9e:a4:79:8b:
ab:62:d8:69:66:ab:b3:09:ff:c5:5d:3e:d6:af:60:b2:d4:a0:
cb:b9:cc:9b:7d:fb:7b:d9:2e:5e:68:f0:42:52:4d:78:c4:ee:
bd:84:2f:fa
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZBOQrrVPqvpWGO+jek6pN91MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3NTNkYmM1ODI5ZWM1MDBiMzM0MjZhMTg4ZDAzOTkzOTVi
ODA2YWEwHhcNMjQwNjI1MDcxODM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDY1ZmZhZjUzM2M2MjBkMzA0YjhlMTM2NzlhMDE2NTY1Njk1YThlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlttzoIPFi57+NeHI3W5L+rPTqxbK
AVDIuPwvtrmCiHZUboQf71dnSs3uQjv36PmY+XIkzPukgCXFZeAKEtmi8vSql7xh
NYROitD2PvlVmCj5g33a+6eydQsUsegZhcTRuDFUd4CKx95BXXkhqItdRAYanmt5
GZ9PvWJYqSdHH+WkQTfFWk876e04d2xQXb3BDaxRL89FUf3NDJy0NMRep8Rh4pEH
uNYvAQ0oTBwMxTJtTBTa1xq4yD6IxPI5WTWLwHTVhwh1Hu8JTtq62fo5JDr+tKkm
jCjPV7I/HYF2udqIvc2/WUajXocPNOfQK4skWVaJ0sUZASgZxHr59Q7KGwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFCBl/69TPGINMEuOE2eaAWVlaVqOMB8GA1UdIwQY
MBaAFDdT28WCnsUAszQmoYjQOZOVuAaqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTjFQYnhZS2V4UUN6TkNhaGlOQTVrNVc0QnFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC8zNDE1MDgtYTBhYS00MGM5LWFlMGMt
MDM3OTkzMGY4Mjg2LzEvSUdYX3IxTThZZzB3UzQ0VFo1b0JaV1ZwV280LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC8zNDE1MDgtYTBhYS00MGM5LWFlMGMtMDM3OTkzMGY4Mjg2
LzEvTjFQYnhZS2V4UUN6TkNhaGlOQTVrNVc0QnFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgNHwDAN
BgkqhkiG9w0BAQsFAAOCAQEALqb2+18mR2raZtIufAP5xVDo+Aq4rAgXj0rqjCn1
Urnxf428OOBV/2olEGZn0n2hd7MFeHXu4ooM7Ii7dYQMD88dQeQLarf8scHkWG+j
wfqtW86fNXzlH2QqGHT41ER/WmDdqdtlT3lAli5VOTAgDZFRscf6xMdkqMzjDsNh
Oy/QIVxlnSZ9DT8HWKvzF3V/0t/eXIAqRDrfO2TgnDfV2eSrEeCj/MjzNPn5eOuh
R5Mn84j9zXo8un+6Ug8HCHcSSGBL7SI+yVzNlIbMUYS7WKpjOzWepHmLq2LYaWar
swn/xV0+1q9gstSgy7nMm337e9kuXmjwQlJNeMTuvYQv+g==
-----END CERTIFICATE-----
Generated at Tue Jun 25 10:59:55 2024 by rpki-client on console.sobornost.net