Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/525224-78ea-49e4-9749-169431296c59/1/o8RPxWux3cpipeQdFwLl2yNZX_k.roa
File: o8RPxWux3cpipeQdFwLl2yNZX_k.roa (raw, json)
Hash identifier: clnQqQdgxVcQ///RYqkW7wQaNCxrG1ozEoY2cexakoc=
Subject key identifier: A3:C4:4F:C5:6B:B1:DD:CA:62:A5:E4:1D:17:02:E5:DB:23:59:5F:F9
Certificate issuer: /CN=76f311ef1581a00e437cd704b6281ac8621afc56
Certificate serial: 018CC4931D82859587AE801FCF04E64FC01C
Authority key identifier: 76:F3:11:EF:15:81:A0:0E:43:7C:D7:04:B6:28:1A:C8:62:1A:FC:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dvMR7xWBoA5DfNcEtigayGIa_FY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/525224-78ea-49e4-9749-169431296c59/1/o8RPxWux3cpipeQdFwLl2yNZX_k.roa
Signing time: Mon 01 Jan 2024 10:30:24 +0000
ROA not before: Mon 01 Jan 2024 10:30:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 22634
IP address blocks: 2a04:7141::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/525224-78ea-49e4-9749-169431296c59/1/dvMR7xWBoA5DfNcEtigayGIa_FY.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/525224-78ea-49e4-9749-169431296c59/1/dvMR7xWBoA5DfNcEtigayGIa_FY.mft
rsync://rpki.ripe.net/repository/DEFAULT/dvMR7xWBoA5DfNcEtigayGIa_FY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:1d:82:85:95:87:ae:80:1f:cf:04:e6:4f:c0:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=76f311ef1581a00e437cd704b6281ac8621afc56
Validity
Not Before: Jan 1 10:30:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a3c44fc56bb1ddca62a5e41d1702e5db23595ff9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:bf:aa:70:4d:34:1b:b1:59:7f:fb:9d:8b:05:
31:36:22:93:80:40:f8:d9:09:6a:19:c3:4f:46:5b:
45:62:da:c8:da:6f:39:d1:6e:4e:26:69:c7:ae:7c:
12:6e:25:35:aa:6e:e5:83:46:bc:e6:26:8e:d6:a8:
b2:84:e2:93:1f:f4:ac:26:03:53:83:a8:72:ef:a4:
b7:9a:0b:e4:eb:5b:f2:54:17:0f:b3:b7:1d:2d:71:
60:2d:7f:68:40:12:0a:e6:cf:35:1d:d2:db:3b:64:
2a:bb:ca:4d:bd:d4:1b:d8:0b:d3:de:29:d3:d5:ce:
18:93:6f:a0:e4:fb:90:a0:ce:4d:3f:55:81:64:68:
a7:93:25:03:fa:c1:3b:57:84:b2:1d:97:8b:14:45:
c9:7d:76:45:54:84:07:f7:a3:17:e2:bd:b3:03:ab:
03:41:fb:1f:8f:25:dd:98:24:97:4c:31:ce:04:ec:
db:d0:9e:33:fe:28:bb:80:05:b0:01:63:31:5f:4a:
fa:70:49:89:21:09:80:96:8f:5f:e0:e7:2f:58:19:
6c:72:4a:ac:51:9b:74:76:55:0e:91:f2:0e:57:d6:
1a:3d:b5:36:a8:a2:f6:57:5b:c1:35:a5:cf:e3:bf:
4e:65:13:ff:40:ab:d6:87:25:91:80:12:94:2f:0d:
3b:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:C4:4F:C5:6B:B1:DD:CA:62:A5:E4:1D:17:02:E5:DB:23:59:5F:F9
X509v3 Authority Key Identifier:
keyid:76:F3:11:EF:15:81:A0:0E:43:7C:D7:04:B6:28:1A:C8:62:1A:FC:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dvMR7xWBoA5DfNcEtigayGIa_FY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/525224-78ea-49e4-9749-169431296c59/1/o8RPxWux3cpipeQdFwLl2yNZX_k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/525224-78ea-49e4-9749-169431296c59/1/dvMR7xWBoA5DfNcEtigayGIa_FY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:7141::/36
Signature Algorithm: sha256WithRSAEncryption
8c:bd:e3:81:f5:4f:fa:9a:81:24:ca:c7:f5:57:4f:09:ba:45:
a0:4c:7a:73:2b:36:80:7b:82:19:10:16:eb:40:4f:2a:c4:f4:
3e:b3:5f:2c:cd:08:94:af:10:85:59:05:df:7b:72:2a:a7:5a:
6a:67:ae:52:d4:21:55:52:88:02:f7:6b:b5:88:03:58:96:57:
6d:4a:89:5b:47:3e:b4:5c:dc:2c:57:82:6a:cd:ff:0e:24:4c:
70:ee:46:41:95:2f:89:3d:d3:6a:e5:db:cc:6f:9f:59:25:66:
e3:54:36:13:61:61:da:6e:db:18:93:43:af:4d:e8:5c:a3:de:
ab:cc:93:57:89:c7:e8:e6:07:de:77:1f:83:11:c8:a2:24:2a:
de:9f:bb:fe:89:e8:d3:84:b9:11:f6:f7:24:5e:88:a0:65:cd:
44:8c:2f:58:19:18:d2:e4:43:8b:3c:84:4b:c5:28:d7:7f:ee:
1f:4d:43:7b:3d:76:a1:c3:eb:97:c1:ec:63:92:f2:94:8a:94:
30:87:a7:bc:66:e9:89:43:57:d2:67:06:89:df:18:31:c8:26:
11:10:ac:46:d6:22:a2:38:8d:c3:81:ba:fa:29:26:36:5d:3b:
fe:d7:a6:08:c7:6f:c6:59:a1:d1:e3:91:bf:60:47:ad:d2:ce:
5c:f4:c4:86
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYzEkx2ChZWHroAfzwTmT8AcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2ZjMxMWVmMTU4MWEwMGU0MzdjZDcwNGI2MjgxYWM4NjIx
YWZjNTYwHhcNMjQwMTAxMTAzMDI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhM2M0NGZjNTZiYjFkZGNhNjJhNWU0MWQxNzAyZTVkYjIzNTk1ZmY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlr+qcE00G7FZf/udiwUxNiKTgED4
2QlqGcNPRltFYtrI2m850W5OJmnHrnwSbiU1qm7lg0a85iaO1qiyhOKTH/SsJgNT
g6hy76S3mgvk61vyVBcPs7cdLXFgLX9oQBIK5s81HdLbO2Qqu8pNvdQb2AvT3inT
1c4Yk2+g5PuQoM5NP1WBZGinkyUD+sE7V4SyHZeLFEXJfXZFVIQH96MX4r2zA6sD
QfsfjyXdmCSXTDHOBOzb0J4z/ii7gAWwAWMxX0r6cEmJIQmAlo9f4OcvWBlsckqs
UZt0dlUOkfIOV9YaPbU2qKL2V1vBNaXP479OZRP/QKvWhyWRgBKULw07dQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFKPET8Vrsd3KYqXkHRcC5dsjWV/5MB8GA1UdIwQY
MBaAFHbzEe8VgaAOQ3zXBLYoGshiGvxWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHZNUjd4V0JvQTVEZk5jRXRpZ2F5R0lhX0ZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS81MjUyMjQtNzhlYS00OWU0LTk3NDkt
MTY5NDMxMjk2YzU5LzEvbzhSUHhXdXgzY3BpcGVRZEZ3TGwyeU5aWF9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS81MjUyMjQtNzhlYS00OWU0LTk3NDktMTY5NDMxMjk2YzU5
LzEvZHZNUjd4V0JvQTVEZk5jRXRpZ2F5R0lhX0ZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYEKgRxQQAw
DQYJKoZIhvcNAQELBQADggEBAIy944H1T/qagSTKx/VXTwm6RaBMenMrNoB7ghkQ
FutATyrE9D6zXyzNCJSvEIVZBd97ciqnWmpnrlLUIVVSiAL3a7WIA1iWV21KiVtH
PrRc3CxXgmrN/w4kTHDuRkGVL4k902rl28xvn1klZuNUNhNhYdpu2xiTQ69N6Fyj
3qvMk1eJx+jmB953H4MRyKIkKt6fu/6J6NOEuRH29yReiKBlzUSML1gZGNLkQ4s8
hEvFKNd/7h9NQ3s9dqHD65fB7GOS8pSKlDCHp7xm6YlDV9JnBonfGDHIJhEQrEbW
IqI4jcOBuvopJjZdO/7XpgjHb8ZZodHjkb9gR63Szlz0xIY=
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:23:02 2024 by rpki-client on console-ams.rpki-client.org