Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/O-8ti_JrAXg0yeTy70UsW1FRGEI.roa
File: O-8ti_JrAXg0yeTy70UsW1FRGEI.roa (raw, json)
Hash identifier: jJ2eiTyu2wJYyB43RXJNf6Nn43dBw08nrCHtrcct/k0=
Subject key identifier: 3B:EF:2D:8B:F2:6B:01:78:34:C9:E4:F2:EF:45:2C:5B:51:51:18:42
Certificate issuer: /CN=f77705e89bb65b472e4e0184d6fe9bfb8c58635a
Certificate serial: 0191C3EAAD6EF66AE2C3DB57026C6C6DF5EF
Authority key identifier: F7:77:05:E8:9B:B6:5B:47:2E:4E:01:84:D6:FE:9B:FB:8C:58:63:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/93cF6Ju2W0cuTgGE1v6b-4xYY1o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/O-8ti_JrAXg0yeTy70UsW1FRGEI.roa
Signing time: Thu 05 Sep 2024 20:40:22 +0000
ROA not before: Thu 05 Sep 2024 20:40:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210335
IP address blocks: 2a03:5840:170::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/93cF6Ju2W0cuTgGE1v6b-4xYY1o.crl
rsync://rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/93cF6Ju2W0cuTgGE1v6b-4xYY1o.mft
rsync://rpki.ripe.net/repository/DEFAULT/93cF6Ju2W0cuTgGE1v6b-4xYY1o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 11:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:c3:ea:ad:6e:f6:6a:e2:c3:db:57:02:6c:6c:6d:f5:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f77705e89bb65b472e4e0184d6fe9bfb8c58635a
Validity
Not Before: Sep 5 20:40:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3bef2d8bf26b017834c9e4f2ef452c5b51511842
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:99:29:ab:fb:0d:f2:2f:2d:11:53:5e:81:11:
92:be:fa:a5:76:f6:89:2c:77:ea:53:f7:30:1d:ea:
84:c8:2f:a8:2c:3b:4b:de:4d:41:c1:60:6b:1c:03:
57:e6:d1:7b:a8:a7:92:62:6c:d7:d1:2c:6f:92:a4:
47:5e:66:63:fd:80:1f:a3:87:44:ef:18:45:c5:10:
68:df:18:99:32:3d:a2:73:13:e3:2f:ae:8c:14:e9:
8d:4b:93:a6:e1:ef:4f:e2:06:28:60:e5:15:5e:bd:
15:73:2d:cf:9f:9b:f0:85:d1:8c:9d:3c:dc:e0:db:
bb:85:0e:91:f3:41:14:18:3a:13:1f:64:10:34:ed:
54:58:d5:9a:a5:11:81:3c:ea:16:fb:5f:e8:07:e2:
f4:3e:a5:f4:ba:79:c8:60:56:a9:0e:46:ba:3f:fc:
f7:98:f0:c5:49:14:8b:2c:1c:e5:69:cf:9e:ac:5c:
72:11:02:09:71:07:b0:ec:bb:23:68:9c:36:d8:99:
ed:e0:5b:41:3e:86:97:7e:4f:19:fb:97:2a:d6:2d:
ca:3f:d8:de:8c:c8:60:53:7c:07:87:fd:5a:cf:a9:
62:a8:27:61:b6:ca:b2:5b:dd:48:52:ea:3b:68:18:
45:15:a3:8a:95:fd:ea:b9:2d:2c:a0:4b:69:1c:9d:
c2:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:EF:2D:8B:F2:6B:01:78:34:C9:E4:F2:EF:45:2C:5B:51:51:18:42
X509v3 Authority Key Identifier:
keyid:F7:77:05:E8:9B:B6:5B:47:2E:4E:01:84:D6:FE:9B:FB:8C:58:63:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/93cF6Ju2W0cuTgGE1v6b-4xYY1o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/O-8ti_JrAXg0yeTy70UsW1FRGEI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/022839-6984-40d4-8716-6cb89791d7fd/1/93cF6Ju2W0cuTgGE1v6b-4xYY1o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a03:5840:170::/44
Signature Algorithm: sha256WithRSAEncryption
3a:1c:93:5f:60:9a:13:56:de:45:c0:a6:a3:ec:d9:6a:e9:4a:
82:f7:30:a1:93:c1:59:27:82:ce:98:07:9d:fd:5c:61:31:40:
14:49:00:c8:43:7e:e5:88:df:11:51:ae:58:4e:d6:87:49:23:
35:ff:f5:82:7e:86:4e:12:45:34:70:02:6f:df:66:0a:dc:ec:
f1:88:7e:91:16:52:0b:5b:ac:a0:22:6a:5d:d5:31:ab:4f:23:
20:07:e1:61:89:ef:b5:91:41:f1:fa:e9:fa:17:92:b1:dc:d2:
36:82:ad:cb:11:41:1f:d9:2c:94:4c:0c:7b:97:52:b6:3b:9f:
49:33:53:e6:68:42:3f:48:d4:42:19:72:1f:32:a0:dd:c5:56:
e0:70:1b:de:2b:41:50:b8:c6:8a:08:dd:06:7e:74:60:b8:c5:
aa:f4:87:18:40:4c:e2:81:22:7d:e0:ed:c0:64:60:7e:86:0d:
e2:1d:cc:28:2d:fa:49:77:24:d0:ec:f3:e3:ee:2d:ad:8c:95:
70:13:9b:34:ca:78:4c:3d:f7:20:85:6b:f7:93:71:0d:c6:30:
65:c4:8a:46:e8:8d:ea:8f:20:33:97:cd:9a:f0:48:bd:e1:a4:
0d:1c:2e:ba:69:ab:dd:cc:18:7e:59:9c:96:3f:0b:db:1a:4e:
52:24:f9:63
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZHD6q1u9mriw9tXAmxsbfXvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3NzcwNWU4OWJiNjViNDcyZTRlMDE4NGQ2ZmU5YmZiOGM1
ODYzNWEwHhcNMjQwOTA1MjA0MDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmVmMmQ4YmYyNmIwMTc4MzRjOWU0ZjJlZjQ1MmM1YjUxNTExODQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Jkpq/sN8i8tEVNegRGSvvqldvaJ
LHfqU/cwHeqEyC+oLDtL3k1BwWBrHANX5tF7qKeSYmzX0SxvkqRHXmZj/YAfo4dE
7xhFxRBo3xiZMj2icxPjL66MFOmNS5Om4e9P4gYoYOUVXr0Vcy3Pn5vwhdGMnTzc
4Nu7hQ6R80EUGDoTH2QQNO1UWNWapRGBPOoW+1/oB+L0PqX0unnIYFapDka6P/z3
mPDFSRSLLBzlac+erFxyEQIJcQew7LsjaJw22Jnt4FtBPoaXfk8Z+5cq1i3KP9je
jMhgU3wHh/1az6liqCdhtsqyW91IUuo7aBhFFaOKlf3quS0soEtpHJ3CJQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDvvLYvyawF4NMnk8u9FLFtRURhCMB8GA1UdIwQY
MBaAFPd3BeibtltHLk4BhNb+m/uMWGNaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTNjRjZKdTJXMGN1VGdHRTF2NmItNHhZWTFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy8wMjI4MzktNjk4NC00MGQ0LTg3MTYt
NmNiODk3OTFkN2ZkLzEvTy04dGlfSnJBWGcweWVUeTcwVXNXMUZSR0VJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy8wMjI4MzktNjk4NC00MGQ0LTg3MTYtNmNiODk3OTFkN2Zk
LzEvOTNjRjZKdTJXMGN1VGdHRTF2NmItNHhZWTFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgNYQAFw
MA0GCSqGSIb3DQEBCwUAA4IBAQA6HJNfYJoTVt5FwKaj7Nlq6UqC9zChk8FZJ4LO
mAed/VxhMUAUSQDIQ37liN8RUa5YTtaHSSM1//WCfoZOEkU0cAJv32YK3OzxiH6R
FlILW6ygImpd1TGrTyMgB+Fhie+1kUHx+un6F5Kx3NI2gq3LEUEf2SyUTAx7l1K2
O59JM1PmaEI/SNRCGXIfMqDdxVbgcBveK0FQuMaKCN0GfnRguMWq9IcYQEzigSJ9
4O3AZGB+hg3iHcwoLfpJdyTQ7PPj7i2tjJVwE5s0ynhMPfcghWv3k3ENxjBlxIpG
6I3qjyAzl82a8Ei94aQNHC66aavdzBh+WZyWPwvbGk5SJPlj
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:11:42 2024 by rpki-client on console-ams.rpki-client.org