Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/845aee-daac-4641-9f31-9e7f0f941049/1/o8dl_b0cZ8hnqam36onJaqnH89w.roa
File: o8dl_b0cZ8hnqam36onJaqnH89w.roa (raw, json)
Hash identifier: e8aEpVre23vAhQOJaP8wysq/oOtWkVRHB1YfdSAegl4=
Subject key identifier: A3:C7:65:FD:BD:1C:67:C8:67:A9:A9:B7:EA:89:C9:6A:A9:C7:F3:DC
Certificate issuer: /CN=3cfaa40f6263e00d1291698576a617a5b5d68a9c
Certificate serial: 018CC72653AC994BA69AFF4879AF2B873AFE
Authority key identifier: 3C:FA:A4:0F:62:63:E0:0D:12:91:69:85:76:A6:17:A5:B5:D6:8A:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PPqkD2Jj4A0SkWmFdqYXpbXWipw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/845aee-daac-4641-9f31-9e7f0f941049/1/o8dl_b0cZ8hnqam36onJaqnH89w.roa
Signing time: Mon 01 Jan 2024 22:30:26 +0000
ROA not before: Mon 01 Jan 2024 22:30:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212377
IP address blocks: 2001:67c:98c::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/50/845aee-daac-4641-9f31-9e7f0f941049/1/PPqkD2Jj4A0SkWmFdqYXpbXWipw.crl
rsync://rpki.ripe.net/repository/DEFAULT/50/845aee-daac-4641-9f31-9e7f0f941049/1/PPqkD2Jj4A0SkWmFdqYXpbXWipw.mft
rsync://rpki.ripe.net/repository/DEFAULT/PPqkD2Jj4A0SkWmFdqYXpbXWipw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 04:00:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:26:53:ac:99:4b:a6:9a:ff:48:79:af:2b:87:3a:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3cfaa40f6263e00d1291698576a617a5b5d68a9c
Validity
Not Before: Jan 1 22:30:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a3c765fdbd1c67c867a9a9b7ea89c96aa9c7f3dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:0a:90:fd:4f:ce:70:8e:bd:ee:05:db:9f:00:
d8:aa:fe:21:47:d6:e5:da:b3:8a:65:e1:03:3e:a5:
04:b9:b0:50:c1:2a:c3:cc:89:80:c9:f3:81:87:10:
2b:4d:58:3b:b6:96:22:62:44:86:2a:17:a7:ca:f3:
74:1e:e1:3f:16:39:fa:dc:83:f4:b5:8a:42:4e:96:
fd:16:6e:d4:f8:5f:18:0d:fc:f9:ab:f1:64:0d:73:
51:44:89:21:88:0e:b5:b4:45:73:14:3c:c5:cb:40:
60:fd:a8:c7:2f:a9:dc:e1:a1:64:84:04:fe:a8:ce:
0b:13:a3:4c:b7:9a:df:26:96:97:2a:36:cb:44:f9:
0e:9f:fd:ea:2c:22:6c:d2:6a:4d:e5:18:6d:ac:ad:
03:f4:38:a9:9d:6d:3f:cc:f1:7c:06:cb:6c:1e:e7:
16:b1:bf:4b:bc:f6:82:4b:dc:9d:7a:27:bd:43:56:
e4:b1:c9:c6:bd:05:23:51:fb:a9:09:5c:8e:20:44:
d2:03:87:69:26:7e:af:ff:d1:f8:b0:98:ef:f5:a6:
7e:bf:81:62:e9:30:34:17:fb:d3:bb:58:64:2a:a7:
cf:f2:be:ac:a0:f8:99:70:3e:1c:86:8b:3b:c1:a2:
8e:a7:df:d1:16:2f:0a:50:4b:52:ea:f4:94:25:82:
4f:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:C7:65:FD:BD:1C:67:C8:67:A9:A9:B7:EA:89:C9:6A:A9:C7:F3:DC
X509v3 Authority Key Identifier:
keyid:3C:FA:A4:0F:62:63:E0:0D:12:91:69:85:76:A6:17:A5:B5:D6:8A:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PPqkD2Jj4A0SkWmFdqYXpbXWipw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/845aee-daac-4641-9f31-9e7f0f941049/1/o8dl_b0cZ8hnqam36onJaqnH89w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/845aee-daac-4641-9f31-9e7f0f941049/1/PPqkD2Jj4A0SkWmFdqYXpbXWipw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:98c::/48
Signature Algorithm: sha256WithRSAEncryption
35:ed:9c:15:36:e9:03:43:41:83:ce:ca:91:2e:5a:2b:5a:2c:
9a:b6:b1:a0:93:35:37:dd:cf:0d:02:a3:e1:63:9a:91:82:93:
bd:a4:e3:84:e9:63:03:17:70:06:cf:53:d7:bf:bb:f4:55:44:
ed:32:f2:b0:fa:0a:0a:6b:14:8f:0f:0f:bf:71:f4:d4:c9:13:
19:08:e5:a5:4b:97:77:71:41:8c:75:d9:55:3d:a8:a5:f4:87:
a0:c2:03:1b:38:36:11:08:97:a6:74:39:30:2e:9b:16:d5:a1:
37:91:83:16:77:14:28:33:f2:9c:f4:39:4c:7d:9c:1c:ea:48:
fd:80:f4:f2:e1:3c:ef:07:5e:cc:4d:bb:fd:32:e4:ec:89:92:
73:62:b2:0b:97:3f:a2:25:25:6c:43:f8:6f:85:7f:d6:85:c2:
6e:77:c4:e4:b5:3a:4f:94:7a:f8:3f:4c:63:c4:77:68:5a:73:
f4:4b:a9:61:92:ec:d2:17:d4:1c:0a:31:56:6d:ba:92:3b:46:
55:e6:a8:92:c1:46:44:f9:1e:01:31:24:0f:60:36:74:90:43:
3f:55:36:35:f9:8e:12:9e:fe:8f:95:ef:ee:6d:42:b5:c3:95:
35:81:fb:26:f5:06:80:78:0e:e3:50:eb:94:d5:49:38:60:53:
56:0a:d0:33
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzHJlOsmUummv9Iea8rhzr+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjZmFhNDBmNjI2M2UwMGQxMjkxNjk4NTc2YTYxN2E1YjVk
NjhhOWMwHhcNMjQwMTAxMjIzMDI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhM2M3NjVmZGJkMWM2N2M4NjdhOWE5YjdlYTg5Yzk2YWE5YzdmM2RjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2AqQ/U/OcI697gXbnwDYqv4hR9bl
2rOKZeEDPqUEubBQwSrDzImAyfOBhxArTVg7tpYiYkSGKhenyvN0HuE/Fjn63IP0
tYpCTpb9Fm7U+F8YDfz5q/FkDXNRRIkhiA61tEVzFDzFy0Bg/ajHL6nc4aFkhAT+
qM4LE6NMt5rfJpaXKjbLRPkOn/3qLCJs0mpN5RhtrK0D9DipnW0/zPF8BstsHucW
sb9LvPaCS9ydeie9Q1bkscnGvQUjUfupCVyOIETSA4dpJn6v/9H4sJjv9aZ+v4Fi
6TA0F/vTu1hkKqfP8r6soPiZcD4chos7waKOp9/RFi8KUEtS6vSUJYJPuQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFKPHZf29HGfIZ6mpt+qJyWqpx/PcMB8GA1UdIwQY
MBaAFDz6pA9iY+ANEpFphXamF6W11oqcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFBxa0QySmo0QTBTa1dtRmRxWVhwYlhXaXB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC84NDVhZWUtZGFhYy00NjQxLTlmMzEt
OWU3ZjBmOTQxMDQ5LzEvbzhkbF9iMGNaOGhucWFtMzZvbkphcW5IODl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC84NDVhZWUtZGFhYy00NjQxLTlmMzEtOWU3ZjBmOTQxMDQ5
LzEvUFBxa0QySmo0QTBTa1dtRmRxWVhwYlhXaXB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfAmM
MA0GCSqGSIb3DQEBCwUAA4IBAQA17ZwVNukDQ0GDzsqRLlorWiyatrGgkzU33c8N
AqPhY5qRgpO9pOOE6WMDF3AGz1PXv7v0VUTtMvKw+goKaxSPDw+/cfTUyRMZCOWl
S5d3cUGMddlVPail9IegwgMbODYRCJemdDkwLpsW1aE3kYMWdxQoM/Kc9DlMfZwc
6kj9gPTy4TzvB17MTbv9MuTsiZJzYrILlz+iJSVsQ/hvhX/WhcJud8TktTpPlHr4
P0xjxHdoWnP0S6lhkuzSF9QcCjFWbbqSO0ZV5qiSwUZE+R4BMSQPYDZ0kEM/VTY1
+Y4Snv6Ple/ubUK1w5U1gfsm9QaAeA7jUOuU1Uk4YFNWCtAz
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:39:51 2024 by rpki-client on console-ams.rpki-client.org