Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/2a5574-7b12-4da2-a064-5e1b0788923b/1/IrWkvc_9LZmRQ7ASYMX8evmbIzA.roa
File: IrWkvc_9LZmRQ7ASYMX8evmbIzA.roa (raw, json)
Hash identifier: 5FDwftDdPftyUBzii2sGIgmTwZ4cge7nIT86naMcwpM=
Subject key identifier: 22:B5:A4:BD:CF:FD:2D:99:91:43:B0:12:60:C5:FC:7A:F9:9B:23:30
Certificate issuer: /CN=3d6c2958145f45fad5daeeb38b75b52c09661046
Certificate serial: 018F30C157C73D810E6E1D4F1EA00B9E05AD
Authority key identifier: 3D:6C:29:58:14:5F:45:FA:D5:DA:EE:B3:8B:75:B5:2C:09:66:10:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PWwpWBRfRfrV2u6zi3W1LAlmEEY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/2a5574-7b12-4da2-a064-5e1b0788923b/1/IrWkvc_9LZmRQ7ASYMX8evmbIzA.roa
Signing time: Tue 30 Apr 2024 20:45:28 +0000
ROA not before: Tue 30 Apr 2024 20:45:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199326
IP address blocks: 2a13:7700::/40 maxlen: 40
2a13:7705::/40 maxlen: 40
2a13:7705::/48 maxlen: 48
2a13:7705:a::/48 maxlen: 48
2a13:7705:10::/48 maxlen: 48
2a13:7705:80::/48 maxlen: 48
2a13:7705:90::/48 maxlen: 48
2a13:7705:ff00::/40 maxlen: 40
2a13:7705:ff00::/48 maxlen: 48
2a13:7705:ff01::/48 maxlen: 48
2a13:7705:ff04::/48 maxlen: 48
2a13:7705:ff08::/48 maxlen: 48
2a13:7705:ff10::/48 maxlen: 48
2a13:7705:ff14::/48 maxlen: 48
2a13:7705:ff18::/48 maxlen: 48
2a13:7705:ff1c::/48 maxlen: 48
2a13:7705:ff20::/48 maxlen: 48
2a13:7705:ff24::/48 maxlen: 48
2a13:7705:ff28::/48 maxlen: 48
2a13:7705:ff2c::/48 maxlen: 48
2a13:7705:ff30::/48 maxlen: 48
2a13:7705:ff34::/48 maxlen: 48
2a13:7705:ff38::/48 maxlen: 48
2a13:7705:ff3c::/48 maxlen: 48
2a13:7705:ff40::/48 maxlen: 48
2a13:7705:ff44::/48 maxlen: 48
2a13:7705:ff4c::/48 maxlen: 48
2a13:7705:ff50::/48 maxlen: 48
2a13:7705:ff54::/48 maxlen: 48
2a13:7705:ff58::/48 maxlen: 48
2a13:7705:ff5c::/48 maxlen: 48
2a13:7705:ff60::/48 maxlen: 48
2a13:7705:ff64::/48 maxlen: 48
2a13:7705:ff68::/48 maxlen: 48
2a13:7705:ff6c::/48 maxlen: 48
2a13:7705:ff70::/48 maxlen: 48
2a13:7705:ff74::/48 maxlen: 48
2a13:7705:ff78::/48 maxlen: 48
2a13:7705:ff7c::/48 maxlen: 48
2a13:7705:ff80::/48 maxlen: 48
2a13:7705:ff84::/48 maxlen: 48
2a13:7705:ff88::/48 maxlen: 48
2a13:7705:ff8c::/48 maxlen: 48
2a13:7705:ff90::/48 maxlen: 48
2a13:7705:ffff::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/11/2a5574-7b12-4da2-a064-5e1b0788923b/1/PWwpWBRfRfrV2u6zi3W1LAlmEEY.crl
rsync://rpki.ripe.net/repository/DEFAULT/11/2a5574-7b12-4da2-a064-5e1b0788923b/1/PWwpWBRfRfrV2u6zi3W1LAlmEEY.mft
rsync://rpki.ripe.net/repository/DEFAULT/PWwpWBRfRfrV2u6zi3W1LAlmEEY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Jun 2024 04:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:30:c1:57:c7:3d:81:0e:6e:1d:4f:1e:a0:0b:9e:05:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3d6c2958145f45fad5daeeb38b75b52c09661046
Validity
Not Before: Apr 30 20:45:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=22b5a4bdcffd2d999143b01260c5fc7af99b2330
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:c2:b1:f5:68:d4:24:b2:a8:d5:c4:a2:4b:1e:
8b:6b:8b:a9:a4:b0:5b:64:b2:3d:78:6b:bb:c9:b0:
f3:89:07:ae:c9:7f:28:4c:ee:11:e1:f8:ab:16:b9:
1e:03:4c:83:15:1a:0c:cb:15:42:a1:44:ca:51:0b:
54:86:f9:06:d7:42:94:08:53:8f:6f:33:cb:51:dc:
75:f2:5b:5b:31:f1:c7:01:53:99:7a:3a:8e:65:6b:
f8:c4:fd:70:d0:6a:08:fe:b5:bd:80:ec:3f:ef:bf:
c7:63:2f:2d:0f:56:d8:99:60:14:f5:7a:e1:41:97:
12:4d:6d:a0:8c:9b:0d:6f:59:ba:51:3d:39:c4:f8:
63:a0:40:a0:e6:c7:da:86:f1:5e:5e:08:2a:30:1c:
43:e8:8f:9c:ed:c6:33:ec:24:47:dd:57:58:c8:2c:
ce:02:c8:b9:79:39:e8:b0:dc:dc:d0:c6:b9:88:e1:
20:2b:a7:06:fe:19:fe:7d:a4:b6:b8:6c:0e:a8:94:
c4:c4:d5:21:52:b3:1b:34:52:24:f9:b0:30:4d:a7:
c6:8b:a3:d7:5f:c8:28:34:43:07:16:bc:95:01:e5:
68:f4:7b:f3:b9:20:28:b7:4c:99:d7:5c:b0:fe:ab:
94:0b:08:2a:fc:88:e2:8d:ee:6d:e1:fc:70:32:27:
d6:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:B5:A4:BD:CF:FD:2D:99:91:43:B0:12:60:C5:FC:7A:F9:9B:23:30
X509v3 Authority Key Identifier:
keyid:3D:6C:29:58:14:5F:45:FA:D5:DA:EE:B3:8B:75:B5:2C:09:66:10:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PWwpWBRfRfrV2u6zi3W1LAlmEEY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/2a5574-7b12-4da2-a064-5e1b0788923b/1/IrWkvc_9LZmRQ7ASYMX8evmbIzA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/2a5574-7b12-4da2-a064-5e1b0788923b/1/PWwpWBRfRfrV2u6zi3W1LAlmEEY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:7700::/40
2a13:7705::/40
2a13:7705:ff00::/40
Signature Algorithm: sha256WithRSAEncryption
83:5b:38:d4:e9:5d:c1:95:01:3a:34:a5:9d:2e:8d:fc:9a:28:
71:36:dd:75:4d:98:6e:7b:15:c6:3b:d6:7e:7e:87:3c:65:4e:
94:fe:6b:6d:30:0d:9a:b7:75:34:7b:8d:03:ae:f1:71:68:7f:
9f:84:64:ae:2e:ce:da:11:90:62:03:ad:f8:be:a9:85:9c:63:
b8:88:26:1e:b3:9c:3c:b7:d5:4a:29:fd:7e:b5:0d:ef:a2:90:
bb:79:5f:cc:8f:83:38:e5:03:1b:4a:09:c3:35:f3:46:45:d7:
35:87:8e:0b:1f:e7:23:20:c3:04:01:91:f3:0c:cb:49:64:65:
90:e8:ab:67:f7:dd:71:54:fd:29:03:e1:ab:f4:ab:12:47:8a:
f1:aa:67:07:99:56:04:4c:d1:ba:c6:6c:7b:6a:c1:55:da:f0:
5e:d5:1b:5a:45:cd:fd:60:47:8e:51:aa:d1:27:3c:e5:6a:19:
eb:72:30:1a:46:49:92:27:1b:17:41:03:27:e9:ae:ec:fa:2d:
d4:2d:b4:43:48:6c:be:ad:91:dd:5e:73:16:01:63:10:b0:c3:
d4:85:80:49:c4:b3:6a:83:d7:43:62:ea:59:b2:4d:b5:de:b9:
82:a1:44:ed:f5:c5:70:db:c4:97:8e:74:a9:f8:75:0f:f2:7d:
ad:56:36:7a
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY8wwVfHPYEObh1PHqALngWtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkNmMyOTU4MTQ1ZjQ1ZmFkNWRhZWViMzhiNzViNTJjMDk2
NjEwNDYwHhcNMjQwNDMwMjA0NTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMmI1YTRiZGNmZmQyZDk5OTE0M2IwMTI2MGM1ZmM3YWY5OWIyMzMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlcKx9WjUJLKo1cSiSx6La4uppLBb
ZLI9eGu7ybDziQeuyX8oTO4R4firFrkeA0yDFRoMyxVCoUTKUQtUhvkG10KUCFOP
bzPLUdx18ltbMfHHAVOZejqOZWv4xP1w0GoI/rW9gOw/77/HYy8tD1bYmWAU9Xrh
QZcSTW2gjJsNb1m6UT05xPhjoECg5sfahvFeXggqMBxD6I+c7cYz7CRH3VdYyCzO
Asi5eTnosNzc0Ma5iOEgK6cG/hn+faS2uGwOqJTExNUhUrMbNFIk+bAwTafGi6PX
X8goNEMHFryVAeVo9HvzuSAot0yZ11yw/quUCwgq/Ijije5t4fxwMifW8QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFCK1pL3P/S2ZkUOwEmDF/Hr5myMwMB8GA1UdIwQY
MBaAFD1sKVgUX0X61drus4t1tSwJZhBGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFd3cFdCUmZSZnJWMnU2emkzVzFMQWxtRUVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS8yYTU1NzQtN2IxMi00ZGEyLWEwNjQt
NWUxYjA3ODg5MjNiLzEvSXJXa3ZjXzlMWm1SUTdBU1lNWDhldm1iSXpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS8yYTU1NzQtN2IxMi00ZGEyLWEwNjQtNWUxYjA3ODg5MjNi
LzEvUFd3cFdCUmZSZnJWMnU2emkzVzFMQWxtRUVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAAjAYAwYAKhN3AAAD
BgAqE3cFAAMGACoTdwX/MA0GCSqGSIb3DQEBCwUAA4IBAQCDWzjU6V3BlQE6NKWd
Lo38mihxNt11TZhuexXGO9Z+foc8ZU6U/mttMA2at3U0e40DrvFxaH+fhGSuLs7a
EZBiA634vqmFnGO4iCYes5w8t9VKKf1+tQ3vopC7eV/Mj4M45QMbSgnDNfNGRdc1
h44LH+cjIMMEAZHzDMtJZGWQ6Ktn991xVP0pA+Gr9KsSR4rxqmcHmVYETNG6xmx7
asFV2vBe1RtaRc39YEeOUarRJzzlahnrcjAaRkmSJxsXQQMn6a7s+i3ULbRDSGy+
rZHdXnMWAWMQsMPUhYBJxLNqg9dDYupZsk213rmCoUTt9cVw28SXjnSp+HUP8n2t
VjZ6
-----END CERTIFICATE-----
Generated at Sun Jun 2 12:49:28 2024 by rpki-client on console-ams.rpki-client.org