Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/8a2ced-87ae-41ea-b3b0-dcebf6197e0e/1/8KNcQqeSpz31Saljo2AW6T_RDf0.roa
File: 8KNcQqeSpz31Saljo2AW6T_RDf0.roa (raw, json)
Hash identifier: 3qKmT0W1wOO9A7DwsHV3CDLH54RwK2tCFoR9dROxRqs=
Subject key identifier: F0:A3:5C:42:A7:92:A7:3D:F5:49:A9:63:A3:60:16:E9:3F:D1:0D:FD
Certificate issuer: /CN=d09da99a73ba7202418f73718932dc8d7c153e32
Certificate serial: 018CC4245A6F2968342615052742A3C5AF72
Authority key identifier: D0:9D:A9:9A:73:BA:72:02:41:8F:73:71:89:32:DC:8D:7C:15:3E:32
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0J2pmnO6cgJBj3NxiTLcjXwVPjI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/8a2ced-87ae-41ea-b3b0-dcebf6197e0e/1/8KNcQqeSpz31Saljo2AW6T_RDf0.roa
Signing time: Mon 01 Jan 2024 08:29:25 +0000
ROA not before: Mon 01 Jan 2024 08:29:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198185
IP address blocks: 130.255.8.0/21 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/78/8a2ced-87ae-41ea-b3b0-dcebf6197e0e/1/0J2pmnO6cgJBj3NxiTLcjXwVPjI.crl
rsync://rpki.ripe.net/repository/DEFAULT/78/8a2ced-87ae-41ea-b3b0-dcebf6197e0e/1/0J2pmnO6cgJBj3NxiTLcjXwVPjI.mft
rsync://rpki.ripe.net/repository/DEFAULT/0J2pmnO6cgJBj3NxiTLcjXwVPjI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 01:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:5a:6f:29:68:34:26:15:05:27:42:a3:c5:af:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d09da99a73ba7202418f73718932dc8d7c153e32
Validity
Not Before: Jan 1 08:29:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f0a35c42a792a73df549a963a36016e93fd10dfd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:d7:94:46:4c:f2:eb:15:9b:85:32:a9:7c:e0:
18:5a:59:70:2c:cf:1d:33:81:ee:14:6f:29:fc:37:
59:e2:a8:b7:a2:7c:ca:c0:16:f6:89:17:ff:ec:b0:
5e:5c:7d:24:86:70:5b:80:61:42:39:fb:45:9b:68:
a4:87:8d:d0:8c:66:d8:72:b7:0c:f7:11:c4:ed:c0:
7e:18:24:46:6b:31:20:42:af:1b:4c:f7:7c:83:f5:
59:c8:3e:b5:57:af:e3:50:61:d4:83:81:f1:95:ab:
4f:22:57:ee:31:39:df:54:31:21:f7:67:af:e8:35:
58:37:50:35:db:2d:33:cb:d0:b4:f5:d4:61:3e:9a:
4a:21:ca:e6:1a:ca:f5:eb:5e:ed:a1:61:c2:48:cb:
a8:6e:51:4e:e0:2a:40:63:25:cd:ac:5a:c6:0e:cd:
d7:29:56:e4:13:c6:61:9f:30:a2:c4:42:a9:e5:03:
ad:95:ee:b7:43:04:6a:62:ba:71:f6:7c:42:6c:f5:
cb:c2:48:a0:f8:81:fc:ab:11:4a:d7:e6:a5:99:9a:
8a:5e:cb:e0:85:91:b3:35:cd:a0:6f:fd:db:4e:77:
eb:7b:9d:82:1b:1e:b9:37:43:9d:54:b1:89:3e:51:
e0:b8:fa:96:e3:67:30:1b:7f:ae:13:68:41:7a:a2:
1a:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:A3:5C:42:A7:92:A7:3D:F5:49:A9:63:A3:60:16:E9:3F:D1:0D:FD
X509v3 Authority Key Identifier:
keyid:D0:9D:A9:9A:73:BA:72:02:41:8F:73:71:89:32:DC:8D:7C:15:3E:32
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0J2pmnO6cgJBj3NxiTLcjXwVPjI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/8a2ced-87ae-41ea-b3b0-dcebf6197e0e/1/8KNcQqeSpz31Saljo2AW6T_RDf0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/8a2ced-87ae-41ea-b3b0-dcebf6197e0e/1/0J2pmnO6cgJBj3NxiTLcjXwVPjI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
130.255.8.0/21
Signature Algorithm: sha256WithRSAEncryption
cc:5c:ec:41:50:0d:65:79:43:db:d7:2e:72:b9:02:97:85:ed:
7a:18:ce:d7:4c:eb:8f:b9:a3:08:e3:21:ad:a2:64:45:b2:68:
ad:2f:dd:8d:76:5e:d0:b7:5a:38:31:d0:39:68:ef:c5:eb:7d:
87:6f:48:58:b1:d5:dc:7c:6a:4a:ca:30:14:2c:cd:9b:fb:ae:
f6:a8:aa:7c:86:5b:5c:98:25:69:9d:58:ca:ee:1c:34:73:12:
23:4f:46:f8:ef:4c:02:96:14:5c:10:56:8b:b4:dc:11:2e:71:
85:bd:fa:2b:b8:44:74:0d:17:cc:fc:03:32:b9:95:a2:1c:94:
6e:0e:da:30:ab:6f:a3:30:37:28:7a:a1:2d:e8:bf:3c:bb:ba:
eb:71:6f:29:99:e9:17:08:df:20:94:02:5e:12:f2:57:a1:11:
dd:2f:e5:8f:73:0a:bb:7c:1e:18:02:68:63:2a:4d:3f:f7:fe:
a2:07:94:a5:3e:39:5b:03:69:07:93:dc:94:f2:7b:0b:9a:dc:
61:b2:ce:67:ad:15:58:8c:c4:9e:93:3c:a5:0c:a6:fb:d5:6a:
31:a3:05:9b:5e:75:a5:4f:57:e7:2c:d6:35:9f:e5:54:3d:aa:
4e:64:54:99:39:75:9e:f3:88:75:98:31:47:22:45:6d:2e:8a:
71:bf:eb:d4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEJFpvKWg0JhUFJ0Kjxa9yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwOWRhOTlhNzNiYTcyMDI0MThmNzM3MTg5MzJkYzhkN2Mx
NTNlMzIwHhcNMjQwMTAxMDgyOTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMGEzNWM0MmE3OTJhNzNkZjU0OWE5NjNhMzYwMTZlOTNmZDEwZGZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvNeURkzy6xWbhTKpfOAYWllwLM8d
M4HuFG8p/DdZ4qi3onzKwBb2iRf/7LBeXH0khnBbgGFCOftFm2ikh43QjGbYcrcM
9xHE7cB+GCRGazEgQq8bTPd8g/VZyD61V6/jUGHUg4HxlatPIlfuMTnfVDEh92ev
6DVYN1A12y0zy9C09dRhPppKIcrmGsr1617toWHCSMuoblFO4CpAYyXNrFrGDs3X
KVbkE8ZhnzCixEKp5QOtle63QwRqYrpx9nxCbPXLwkig+IH8qxFK1+almZqKXsvg
hZGzNc2gb/3bTnfre52CGx65N0OdVLGJPlHguPqW42cwG3+uE2hBeqIa+QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPCjXEKnkqc99UmpY6NgFuk/0Q39MB8GA1UdIwQY
MBaAFNCdqZpzunICQY9zcYky3I18FT4yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEoycG1uTzZjZ0pCajNOeGlUTGNqWHdWUGpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC84YTJjZWQtODdhZS00MWVhLWIzYjAt
ZGNlYmY2MTk3ZTBlLzEvOEtOY1FxZVNwejMxU2Fsam8yQVc2VF9SRGYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC84YTJjZWQtODdhZS00MWVhLWIzYjAtZGNlYmY2MTk3ZTBl
LzEvMEoycG1uTzZjZ0pCajNOeGlUTGNqWHdWUGpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDgv8IMA0G
CSqGSIb3DQEBCwUAA4IBAQDMXOxBUA1leUPb1y5yuQKXhe16GM7XTOuPuaMI4yGt
omRFsmitL92Ndl7Qt1o4MdA5aO/F632Hb0hYsdXcfGpKyjAULM2b+672qKp8hltc
mCVpnVjK7hw0cxIjT0b470wClhRcEFaLtNwRLnGFvforuER0DRfM/AMyuZWiHJRu
Dtowq2+jMDcoeqEt6L88u7rrcW8pmekXCN8glAJeEvJXoRHdL+WPcwq7fB4YAmhj
Kk0/9/6iB5SlPjlbA2kHk9yU8nsLmtxhss5nrRVYjMSekzylDKb71WoxowWbXnWl
T1fnLNY1n+VUPapOZFSZOXWe84h1mDFHIkVtLopxv+vU
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:42:54 2024 by rpki-client on console-ams.rpki-client.org