Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/0f2da9-f3d5-4ab4-babe-79d91ef827ce/1/H8Hgbzgx0A7FcofaefkTfVc8Xz0.roa
File: H8Hgbzgx0A7FcofaefkTfVc8Xz0.roa (raw, json)
Hash identifier: 1i3t+G4LlCk005AGKE/RTc337vB1zniPnJjKB0owze0=
Subject key identifier: 1F:C1:E0:6F:38:31:D0:0E:C5:72:87:DA:79:F9:13:7D:57:3C:5F:3D
Certificate issuer: /CN=0a35575b9947ace25ce87774c82775f18977fd19
Certificate serial: 01941FFA37A1BBEBBA24A957A35DBBAAB223
Authority key identifier: 0A:35:57:5B:99:47:AC:E2:5C:E8:77:74:C8:27:75:F1:89:77:FD:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CjVXW5lHrOJc6Hd0yCd18Yl3_Rk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/0f2da9-f3d5-4ab4-babe-79d91ef827ce/1/H8Hgbzgx0A7FcofaefkTfVc8Xz0.roa
Signing time: Wed 01 Jan 2025 03:47:59 +0000
ROA not before: Wed 01 Jan 2025 03:47:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 766
IP address blocks: 2001:678:508::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/0f2da9-f3d5-4ab4-babe-79d91ef827ce/1/CjVXW5lHrOJc6Hd0yCd18Yl3_Rk.crl
rsync://rpki.ripe.net/repository/DEFAULT/40/0f2da9-f3d5-4ab4-babe-79d91ef827ce/1/CjVXW5lHrOJc6Hd0yCd18Yl3_Rk.mft
rsync://rpki.ripe.net/repository/DEFAULT/CjVXW5lHrOJc6Hd0yCd18Yl3_Rk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:37:a1:bb:eb:ba:24:a9:57:a3:5d:bb:aa:b2:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a35575b9947ace25ce87774c82775f18977fd19
Validity
Not Before: Jan 1 03:47:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1fc1e06f3831d00ec57287da79f9137d573c5f3d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:95:b8:f5:2a:03:50:82:46:77:b9:77:3a:85:
57:63:e6:f9:3b:82:b8:66:67:25:27:b4:c0:8e:b1:
54:23:d5:92:80:20:eb:b2:43:92:38:da:81:15:55:
1b:ea:2d:82:fb:ee:26:7a:7d:a4:39:3f:35:87:e1:
e5:33:12:ed:ec:09:d6:5c:75:d6:c6:3a:e9:b6:aa:
e4:5c:ee:30:ff:6c:1d:d0:4b:6a:3e:05:8b:74:fc:
2d:df:05:dd:a4:0b:c3:40:7f:57:05:6c:61:c6:29:
ea:e4:c4:e1:78:a9:0d:c6:1f:7d:da:14:32:76:fb:
ee:cd:bd:80:c7:e9:87:0e:7c:7f:25:16:6c:2b:ef:
0a:e5:73:9b:7a:97:38:07:24:d4:15:2d:ea:99:71:
88:40:25:e4:b0:d2:2a:8f:8a:35:c4:29:40:84:87:
9b:51:92:be:d4:37:16:a3:b6:91:04:ce:08:52:b8:
bb:bf:c5:ee:36:2b:ed:e6:03:78:e8:8c:67:1b:1c:
2e:e3:1c:be:d5:a5:6c:3a:ec:da:c6:9f:a0:58:86:
6d:c9:46:47:1f:8f:37:1b:f6:96:f0:31:70:6b:a8:
0e:a3:ff:b4:08:9b:57:7e:33:48:ed:da:ec:e8:08:
d6:d0:3f:15:bd:1a:3b:49:16:89:d4:00:d4:db:71:
52:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:C1:E0:6F:38:31:D0:0E:C5:72:87:DA:79:F9:13:7D:57:3C:5F:3D
X509v3 Authority Key Identifier:
keyid:0A:35:57:5B:99:47:AC:E2:5C:E8:77:74:C8:27:75:F1:89:77:FD:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CjVXW5lHrOJc6Hd0yCd18Yl3_Rk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/0f2da9-f3d5-4ab4-babe-79d91ef827ce/1/H8Hgbzgx0A7FcofaefkTfVc8Xz0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/0f2da9-f3d5-4ab4-babe-79d91ef827ce/1/CjVXW5lHrOJc6Hd0yCd18Yl3_Rk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:508::/48
Signature Algorithm: sha256WithRSAEncryption
a6:49:84:99:98:16:23:a6:75:9e:49:5d:84:ce:6e:ba:0c:09:
2b:db:a0:c9:c4:d8:1e:a5:08:ea:3c:bf:34:8f:08:f7:f8:e8:
5a:a7:9a:9b:e4:53:53:46:7c:39:47:a8:47:2f:4e:82:a0:64:
1b:2c:a2:bd:8e:0e:a2:24:19:d7:df:b4:73:c8:a1:d4:04:7f:
3f:9c:c6:c9:6c:fb:d0:d5:3c:1c:d1:85:e0:a2:8b:6f:1e:fe:
31:72:53:f8:76:ac:9e:f5:94:38:12:ee:93:08:d1:20:7c:a4:
f6:93:63:0a:64:a5:b6:26:10:5f:6c:6b:f5:aa:14:0a:cb:94:
2f:cc:0d:18:21:8a:7c:77:e8:a3:c2:68:d4:07:8d:0a:79:3b:
24:32:e8:d0:b2:f8:5b:00:5e:8c:a6:91:4b:7e:fc:ea:a2:38:
25:3d:3e:3e:8f:ff:c4:56:83:ac:62:d5:3e:86:17:e3:a5:8e:
2b:4d:f2:48:83:85:9e:4d:08:87:05:94:5f:a9:e2:9d:b3:ec:
77:c8:94:76:17:eb:ef:0d:c4:f5:05:c1:cb:5b:3b:c6:c9:dd:
7e:22:26:09:38:7e:2c:96:6d:85:be:67:a1:cb:43:d0:80:05:
17:ea:c6:5e:e6:2f:87:67:65:b4:70:48:82:45:bb:b6:1b:c0:
14:cd:d0:7d
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQf+jehu+u6JKlXo127qrIjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhMzU1NzViOTk0N2FjZTI1Y2U4Nzc3NGM4Mjc3NWYxODk3
N2ZkMTkwHhcNMjUwMTAxMDM0NzU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZmMxZTA2ZjM4MzFkMDBlYzU3Mjg3ZGE3OWY5MTM3ZDU3M2M1ZjNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8JW49SoDUIJGd7l3OoVXY+b5O4K4
ZmclJ7TAjrFUI9WSgCDrskOSONqBFVUb6i2C++4men2kOT81h+HlMxLt7AnWXHXW
xjrptqrkXO4w/2wd0EtqPgWLdPwt3wXdpAvDQH9XBWxhxinq5MTheKkNxh992hQy
dvvuzb2Ax+mHDnx/JRZsK+8K5XObepc4ByTUFS3qmXGIQCXksNIqj4o1xClAhIeb
UZK+1DcWo7aRBM4IUri7v8XuNivt5gN46IxnGxwu4xy+1aVsOuzaxp+gWIZtyUZH
H483G/aW8DFwa6gOo/+0CJtXfjNI7drs6AjW0D8VvRo7SRaJ1ADU23FSzQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFB/B4G84MdAOxXKH2nn5E31XPF89MB8GA1UdIwQY
MBaAFAo1V1uZR6ziXOh3dMgndfGJd/0ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2pWWFc1bEhyT0pjNkhkMHlDZDE4WWwzX1JrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8wZjJkYTktZjNkNS00YWI0LWJhYmUt
NzlkOTFlZjgyN2NlLzEvSDhIZ2J6Z3gwQTdGY29mYWVma1RmVmM4WHowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8wZjJkYTktZjNkNS00YWI0LWJhYmUtNzlkOTFlZjgyN2Nl
LzEvQ2pWWFc1bEhyT0pjNkhkMHlDZDE4WWwzX1JrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeAUI
MA0GCSqGSIb3DQEBCwUAA4IBAQCmSYSZmBYjpnWeSV2Ezm66DAkr26DJxNgepQjq
PL80jwj3+Ohap5qb5FNTRnw5R6hHL06CoGQbLKK9jg6iJBnX37RzyKHUBH8/nMbJ
bPvQ1Twc0YXgootvHv4xclP4dqye9ZQ4Eu6TCNEgfKT2k2MKZKW2JhBfbGv1qhQK
y5QvzA0YIYp8d+ijwmjUB40KeTskMujQsvhbAF6MppFLfvzqojglPT4+j//EVoOs
YtU+hhfjpY4rTfJIg4WeTQiHBZRfqeKds+x3yJR2F+vvDcT1BcHLWzvGyd1+IiYJ
OH4slm2Fvmehy0PQgAUX6sZe5i+HZ2W0cEiCRbu2G8AUzdB9
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:31:52 2025 by rpki-client