Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/89b3d1-7de3-4c63-a077-82c1b65bed40/1/8dny7u5gUz1Q11qFQNW4vNRdILY.roa
File: 8dny7u5gUz1Q11qFQNW4vNRdILY.roa (raw, json)
Hash identifier: DlDoMPutjlcMxl3gPP/fwyEvZjtLqrc0ErTlaArGTKE=
Subject key identifier: F1:D9:F2:EE:EE:60:53:3D:50:D7:5A:85:40:D5:B8:BC:D4:5D:20:B6
Certificate issuer: /CN=f76e639524bda245b92db4cbbca56bd3a7a4ae0c
Certificate serial: 018CC50072C49DD3CB4BBD10FFD514249544
Authority key identifier: F7:6E:63:95:24:BD:A2:45:B9:2D:B4:CB:BC:A5:6B:D3:A7:A4:AE:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/925jlSS9okW5LbTLvKVr06ekrgw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/89b3d1-7de3-4c63-a077-82c1b65bed40/1/8dny7u5gUz1Q11qFQNW4vNRdILY.roa
Signing time: Mon 01 Jan 2024 12:29:49 +0000
ROA not before: Mon 01 Jan 2024 12:29:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47251
IP address blocks: 2001:678:254::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cf/89b3d1-7de3-4c63-a077-82c1b65bed40/1/925jlSS9okW5LbTLvKVr06ekrgw.crl
rsync://rpki.ripe.net/repository/DEFAULT/cf/89b3d1-7de3-4c63-a077-82c1b65bed40/1/925jlSS9okW5LbTLvKVr06ekrgw.mft
rsync://rpki.ripe.net/repository/DEFAULT/925jlSS9okW5LbTLvKVr06ekrgw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 03:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:72:c4:9d:d3:cb:4b:bd:10:ff:d5:14:24:95:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f76e639524bda245b92db4cbbca56bd3a7a4ae0c
Validity
Not Before: Jan 1 12:29:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f1d9f2eeee60533d50d75a8540d5b8bcd45d20b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:f1:b4:34:b0:b7:d9:57:cd:d2:b2:b0:1b:07:
49:58:33:a0:43:17:04:7d:7b:f5:f2:55:84:56:41:
d6:2c:90:b3:ad:25:c5:c7:91:65:04:a2:d4:3b:79:
7f:e3:89:f5:1d:86:37:2b:22:b4:28:ff:b0:ca:72:
19:7b:36:03:c6:50:28:7b:36:96:f4:29:61:98:37:
94:7d:95:ea:0b:be:d0:94:d0:2c:87:11:ef:4b:97:
50:83:85:99:2e:dc:25:0a:9b:65:d8:e2:15:1c:4a:
2d:96:87:b3:13:ab:21:11:7e:1d:b8:60:69:3e:73:
71:65:00:be:df:34:db:16:f8:15:7a:00:28:81:8b:
ff:e4:a4:b8:3c:76:f1:4c:32:40:c9:fe:7a:42:08:
ee:60:d7:53:4a:b9:e8:d2:bd:53:5b:1b:e4:92:e9:
85:42:80:d5:62:81:41:8d:f7:44:74:5a:22:cb:a1:
45:6c:04:90:e2:d9:a0:e9:de:dd:27:d1:f3:4c:0c:
aa:d0:ed:0b:f0:ef:ec:99:88:9c:41:20:06:1a:44:
fd:08:6b:94:b4:5e:ae:80:8b:90:14:9a:94:30:c7:
5b:1c:52:e0:69:45:88:7e:45:de:f2:91:a9:91:4c:
92:41:7d:cc:c3:32:d6:3e:9f:68:f6:a8:b1:aa:8b:
d0:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:D9:F2:EE:EE:60:53:3D:50:D7:5A:85:40:D5:B8:BC:D4:5D:20:B6
X509v3 Authority Key Identifier:
keyid:F7:6E:63:95:24:BD:A2:45:B9:2D:B4:CB:BC:A5:6B:D3:A7:A4:AE:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/925jlSS9okW5LbTLvKVr06ekrgw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/89b3d1-7de3-4c63-a077-82c1b65bed40/1/8dny7u5gUz1Q11qFQNW4vNRdILY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/89b3d1-7de3-4c63-a077-82c1b65bed40/1/925jlSS9okW5LbTLvKVr06ekrgw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:254::/48
Signature Algorithm: sha256WithRSAEncryption
88:57:f1:78:c2:69:39:41:a4:83:e2:a7:9e:33:c2:00:d9:51:
fd:f9:df:17:73:a1:2d:fc:2a:f4:59:9b:e3:41:7e:cb:08:46:
af:bb:7b:5c:ae:72:94:00:4f:c1:44:0b:74:9d:88:cc:74:8d:
05:a8:bc:e6:c4:7a:71:ba:5f:fa:71:f8:c8:dc:34:f1:46:2b:
d5:86:87:44:62:6d:d7:6d:35:32:56:16:4a:2f:f5:66:24:50:
f9:70:cf:aa:27:70:32:d4:ea:b9:e0:93:cd:02:6d:a9:40:01:
6d:89:6d:dc:09:ce:b0:c6:a5:79:a4:c2:bd:8c:b2:42:f0:e2:
ba:d7:38:0a:cd:ca:52:0f:61:af:51:99:36:28:59:39:18:08:
9b:56:14:82:e0:86:90:82:fb:0f:54:91:e7:be:b7:8c:1c:eb:
0c:6e:f5:f4:8e:8b:ee:85:b7:09:c2:65:2b:40:8f:c1:23:22:
d0:8f:4f:60:72:cb:5e:b6:48:e0:8d:93:0a:3b:f3:22:be:d0:
8b:d1:f3:a9:0a:f0:a6:86:35:4d:ab:a2:9c:f7:82:fa:00:57:
c3:8f:b1:ce:95:ad:e8:24:3f:ad:b8:ea:03:6a:6c:51:aa:6e:
8f:71:93:95:3e:72:03:88:bd:ee:17:10:e5:ed:c1:b3:49:dc:
8e:1d:f7:13
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzFAHLEndPLS70Q/9UUJJVEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3NmU2Mzk1MjRiZGEyNDViOTJkYjRjYmJjYTU2YmQzYTdh
NGFlMGMwHhcNMjQwMTAxMTIyOTQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMWQ5ZjJlZWVlNjA1MzNkNTBkNzVhODU0MGQ1YjhiY2Q0NWQyMGI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArfG0NLC32VfN0rKwGwdJWDOgQxcE
fXv18lWEVkHWLJCzrSXFx5FlBKLUO3l/44n1HYY3KyK0KP+wynIZezYDxlAoezaW
9ClhmDeUfZXqC77QlNAshxHvS5dQg4WZLtwlCptl2OIVHEotloezE6shEX4duGBp
PnNxZQC+3zTbFvgVegAogYv/5KS4PHbxTDJAyf56QgjuYNdTSrno0r1TWxvkkumF
QoDVYoFBjfdEdFoiy6FFbASQ4tmg6d7dJ9HzTAyq0O0L8O/smYicQSAGGkT9CGuU
tF6ugIuQFJqUMMdbHFLgaUWIfkXe8pGpkUySQX3MwzLWPp9o9qixqovQ3wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFPHZ8u7uYFM9UNdahUDVuLzUXSC2MB8GA1UdIwQY
MBaAFPduY5UkvaJFuS20y7yla9OnpK4MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTI1amxTUzlva1c1TGJUTHZLVnIwNmVrcmd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi84OWIzZDEtN2RlMy00YzYzLWEwNzct
ODJjMWI2NWJlZDQwLzEvOGRueTd1NWdVejFRMTFxRlFOVzR2TlJkSUxZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi84OWIzZDEtN2RlMy00YzYzLWEwNzctODJjMWI2NWJlZDQw
LzEvOTI1amxTUzlva1c1TGJUTHZLVnIwNmVrcmd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeAJU
MA0GCSqGSIb3DQEBCwUAA4IBAQCIV/F4wmk5QaSD4qeeM8IA2VH9+d8Xc6Et/Cr0
WZvjQX7LCEavu3tcrnKUAE/BRAt0nYjMdI0FqLzmxHpxul/6cfjI3DTxRivVhodE
Ym3XbTUyVhZKL/VmJFD5cM+qJ3Ay1Oq54JPNAm2pQAFtiW3cCc6wxqV5pMK9jLJC
8OK61zgKzcpSD2GvUZk2KFk5GAibVhSC4IaQgvsPVJHnvreMHOsMbvX0jovuhbcJ
wmUrQI/BIyLQj09gcstetkjgjZMKO/MivtCL0fOpCvCmhjVNq6Kc94L6AFfDj7HO
la3oJD+tuOoDamxRqm6PcZOVPnIDiL3uFxDl7cGzSdyOHfcT
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:57:08 2024 by rpki-client on console-ams.rpki-client.org