Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/H-pJCNMRhYK6ENm6bS1T-sJp9gk.roa
File: H-pJCNMRhYK6ENm6bS1T-sJp9gk.roa (raw, json)
Hash identifier: 11/VBVwyB1GzlpcH799wX1DlRUoX3DmcVGe49TF8jE0=
Subject key identifier: 1F:EA:49:08:D3:11:85:82:BA:10:D9:BA:6D:2D:53:FA:C2:69:F6:09
Certificate issuer: /CN=798f7b1fd802b3dc6abd7a5cda786a6311e1d63d
Certificate serial: 018CC64B352F5232651BA2CB8C3ECF8B4A6F
Authority key identifier: 79:8F:7B:1F:D8:02:B3:DC:6A:BD:7A:5C:DA:78:6A:63:11:E1:D6:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eY97H9gCs9xqvXpc2nhqYxHh1j0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/H-pJCNMRhYK6ENm6bS1T-sJp9gk.roa
Signing time: Mon 01 Jan 2024 18:31:06 +0000
ROA not before: Mon 01 Jan 2024 18:31:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39753
IP address blocks: 2a12:3fc7:8000::/33 maxlen: 48
2a12:3fc7::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/eY97H9gCs9xqvXpc2nhqYxHh1j0.crl
rsync://rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/eY97H9gCs9xqvXpc2nhqYxHh1j0.mft
rsync://rpki.ripe.net/repository/DEFAULT/eY97H9gCs9xqvXpc2nhqYxHh1j0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 23:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:35:2f:52:32:65:1b:a2:cb:8c:3e:cf:8b:4a:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=798f7b1fd802b3dc6abd7a5cda786a6311e1d63d
Validity
Not Before: Jan 1 18:31:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1fea4908d3118582ba10d9ba6d2d53fac269f609
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:ad:7f:10:46:f5:a9:ac:4a:43:84:96:6e:2a:
7b:e3:77:fd:9f:a8:b5:56:a3:00:7d:bc:62:25:fa:
65:3d:6d:f5:e4:74:96:e4:52:b5:81:4c:7d:5f:fe:
b9:3e:80:82:5e:f5:41:9c:e6:9b:37:1d:d8:4c:f3:
bf:75:0b:36:61:c1:11:7f:e1:35:d3:3f:79:10:8b:
68:3d:e6:df:fb:6e:d9:46:61:c6:c4:08:d5:67:47:
2f:fc:f8:ed:9f:60:f4:4f:01:20:b7:c6:e1:6b:67:
30:ca:6c:d3:97:1e:ed:f3:25:20:70:4d:12:50:97:
b0:7f:88:d5:f3:d9:70:cb:68:25:b4:ea:e0:8f:01:
87:ea:90:a3:a7:f4:87:7a:e0:4a:25:1e:3b:d7:10:
99:f7:d8:c0:0c:9b:c6:dc:e1:39:d5:e9:de:92:1e:
b4:34:66:ef:8a:18:b0:f6:b9:e7:73:03:67:8f:6b:
5c:2c:e1:93:10:91:1e:c5:be:e2:22:96:d7:b4:cf:
ba:4d:89:f7:06:b5:d1:05:50:e1:33:ca:36:de:51:
7f:67:a5:78:94:2a:27:6e:8c:d1:d2:72:e7:dc:dd:
a7:b2:20:cb:50:80:15:bb:51:c8:8f:4f:fa:5d:90:
63:21:d6:88:ad:7b:ed:d6:11:7c:df:29:26:a0:be:
f7:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:EA:49:08:D3:11:85:82:BA:10:D9:BA:6D:2D:53:FA:C2:69:F6:09
X509v3 Authority Key Identifier:
keyid:79:8F:7B:1F:D8:02:B3:DC:6A:BD:7A:5C:DA:78:6A:63:11:E1:D6:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eY97H9gCs9xqvXpc2nhqYxHh1j0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/H-pJCNMRhYK6ENm6bS1T-sJp9gk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/eY97H9gCs9xqvXpc2nhqYxHh1j0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:3fc7::/48
2a12:3fc7:8000::/33
Signature Algorithm: sha256WithRSAEncryption
13:aa:16:2f:08:6e:2a:1a:0d:53:6e:2f:95:0d:54:46:8e:93:
41:cc:48:51:66:99:24:9f:d6:7d:4c:8f:e7:8b:2a:12:ac:73:
bf:79:e0:8a:ee:62:cd:58:93:50:03:02:c0:7e:9e:a9:a2:38:
57:1c:04:85:ad:22:6f:e2:0e:4d:60:db:df:7d:8f:e5:69:09:
41:44:4e:aa:21:7e:71:8b:19:b4:c9:93:da:90:77:6b:33:42:
7d:68:bd:ad:a6:a8:2f:1e:f1:65:6e:af:2d:9d:c0:f8:d9:56:
91:d4:7c:6d:e3:21:3b:86:d4:67:64:25:72:21:0a:1c:dc:be:
de:36:27:a8:bd:7d:fd:bf:6d:15:9f:9e:8c:70:eb:ad:42:11:
0a:a4:9b:59:ce:00:e2:c5:fb:d9:98:22:c3:50:c2:6c:fd:2c:
ff:4a:99:09:34:b0:99:15:66:c3:fc:1a:b5:bb:17:81:e3:85:
78:26:89:cf:62:e5:4e:b7:ee:4f:f2:93:d7:f0:1e:15:e1:2b:
9f:9f:74:c1:85:34:42:cf:41:35:da:c3:76:60:44:ad:52:65:
13:cb:bd:5c:d6:48:b9:65:ef:0e:6b:84:8b:0a:d7:10:85:e0:
04:c1:fc:fc:c4:a6:c1:b2:03:f2:4c:96:bb:94:b2:21:a5:ab:
65:1a:ed:99
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgISAYzGSzUvUjJlG6LLjD7Pi0pvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5OGY3YjFmZDgwMmIzZGM2YWJkN2E1Y2RhNzg2YTYzMTFl
MWQ2M2QwHhcNMjQwMTAxMTgzMTA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZmVhNDkwOGQzMTE4NTgyYmExMGQ5YmE2ZDJkNTNmYWMyNjlmNjA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAka1/EEb1qaxKQ4SWbip743f9n6i1
VqMAfbxiJfplPW315HSW5FK1gUx9X/65PoCCXvVBnOabNx3YTPO/dQs2YcERf+E1
0z95EItoPebf+27ZRmHGxAjVZ0cv/Pjtn2D0TwEgt8bha2cwymzTlx7t8yUgcE0S
UJewf4jV89lwy2gltOrgjwGH6pCjp/SHeuBKJR471xCZ99jADJvG3OE51enekh60
NGbvihiw9rnncwNnj2tcLOGTEJEexb7iIpbXtM+6TYn3BrXRBVDhM8o23lF/Z6V4
lConbozR0nLn3N2nsiDLUIAVu1HIj0/6XZBjIdaIrXvt1hF83ykmoL73lwIDAQAB
o4ICFDCCAhAwHQYDVR0OBBYEFB/qSQjTEYWCuhDZum0tU/rCafYJMB8GA1UdIwQY
MBaAFHmPex/YArPcar16XNp4amMR4dY9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZVk5N0g5Z0NzOXhxdlhwYzJuaHFZeEhoMWowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My8zMDg4M2EtMTZkNy00MjEyLTkxOTkt
MDlkMGFhMjhlNTUxLzEvSC1wSkNOTVJoWUs2RU5tNmJTMVQtc0pwOWdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My8zMDg4M2EtMTZkNy00MjEyLTkxOTktMDlkMGFhMjhlNTUx
LzEvZVk5N0g5Z0NzOXhxdlhwYzJuaHFZeEhoMWowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCoGCCsGAQUFBwEHAQH/BBswGTAXBAIAAjARAwcAKhI/xwAA
AwYHKhI/x4AwDQYJKoZIhvcNAQELBQADggEBABOqFi8IbioaDVNuL5UNVEaOk0HM
SFFmmSSf1n1Mj+eLKhKsc7954IruYs1Yk1ADAsB+nqmiOFccBIWtIm/iDk1g2999
j+VpCUFETqohfnGLGbTJk9qQd2szQn1ova2mqC8e8WVury2dwPjZVpHUfG3jITuG
1GdkJXIhChzcvt42J6i9ff2/bRWfnoxw661CEQqkm1nOAOLF+9mYIsNQwmz9LP9K
mQk0sJkVZsP8GrW7F4HjhXgmic9i5U637k/yk9fwHhXhK5+fdMGFNELPQTXaw3Zg
RK1SZRPLvVzWSLll7w5rhIsK1xCF4ATB/PzEpsGyA/JMlruUsiGlq2Ua7Zk=
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:55:34 2024 by rpki-client on console-ams.rpki-client.org