Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/o-63TArzPgXTisxKAbDII-1gPwA.roa
File: o-63TArzPgXTisxKAbDII-1gPwA.roa (raw, json)
Hash identifier: fOYCQc9HRDpG04j6hEC6OgOhoiaqiWIvkMR2ch05aLg=
Subject key identifier: A3:EE:B7:4C:0A:F3:3E:05:D3:8A:CC:4A:01:B0:C8:23:ED:60:3F:00
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 018CC2DB6484A762240A230D72F3FAF518AF
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/o-63TArzPgXTisxKAbDII-1gPwA.roa
Signing time: Mon 01 Jan 2024 02:30:07 +0000
ROA not before: Mon 01 Jan 2024 02:30:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49492
IP address blocks: 2a12:a342::/33 maxlen: 33
2a12:a347:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.mft
rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:64:84:a7:62:24:0a:23:0d:72:f3:fa:f5:18:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: Jan 1 02:30:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a3eeb74c0af33e05d38acc4a01b0c823ed603f00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:62:63:47:d7:67:ee:a7:5f:7a:99:fc:60:5d:
7e:29:61:ed:b5:15:ad:ce:93:4e:a1:fb:ee:50:12:
2d:1b:b6:7f:dc:5d:15:5e:9a:eb:0f:44:03:43:b4:
44:d1:94:b1:91:5e:da:5c:66:28:f3:4b:9c:05:9b:
1c:1e:e0:54:57:73:1a:f8:6b:0c:02:5d:78:43:11:
b0:d2:a7:c3:27:8e:77:8f:04:88:48:6e:50:b6:ce:
d2:df:73:30:43:50:d3:eb:e4:3b:27:a3:5d:86:5e:
88:56:38:bc:e5:f1:83:d5:04:ae:d5:16:ca:9c:da:
9e:43:36:13:8c:e2:22:d8:da:b6:4a:15:7e:58:4c:
f4:27:6e:94:1e:75:91:cc:99:d8:1d:cb:9b:f6:b9:
e3:ec:c9:f7:e6:5c:cd:05:f1:17:e5:15:fb:d3:c8:
9c:5e:6c:9e:ec:7b:be:f1:54:2d:93:b4:cc:4a:7e:
2d:78:79:cd:f0:c7:22:2f:59:97:16:1d:04:00:93:
35:93:dc:4e:9b:d4:b6:21:48:8f:b1:04:ba:4c:f8:
f0:eb:7f:41:dd:ae:16:e8:b0:0c:59:1c:73:f9:c8:
16:c5:8a:fc:7c:a1:e1:8f:04:e6:7c:fe:1f:07:42:
73:8c:89:bb:45:b7:d4:17:38:81:e8:ac:a6:bd:5a:
97:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:EE:B7:4C:0A:F3:3E:05:D3:8A:CC:4A:01:B0:C8:23:ED:60:3F:00
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/o-63TArzPgXTisxKAbDII-1gPwA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:a342::/33
2a12:a347:1::/48
Signature Algorithm: sha256WithRSAEncryption
31:f4:8d:3f:cb:f1:32:3d:3e:25:c2:b2:d5:63:0d:d1:32:e0:
cc:a8:84:55:55:d4:16:d4:0c:f6:cc:05:aa:e5:24:24:df:c6:
64:f1:45:39:5a:df:b9:4f:3b:b0:86:41:15:a5:6c:c7:57:39:
a8:48:37:85:27:9a:a3:32:a9:b7:01:c3:22:f1:48:46:11:51:
18:8e:32:7a:4e:78:6c:37:fc:57:0e:58:b6:75:99:12:1f:b2:
f0:93:4d:e4:2e:74:9f:70:2e:03:75:db:0c:ce:4d:6f:7c:dd:
2e:b2:20:a3:ce:4d:f0:63:5d:8d:d1:9b:48:0e:92:81:55:2b:
3e:79:e1:9f:14:eb:07:ce:97:cb:a8:03:be:6d:75:28:f4:f4:
1b:74:57:e3:00:d0:ce:7e:01:ea:0a:9c:f9:7b:f0:54:d9:1d:
8e:49:c7:cf:bf:71:ad:41:57:c4:84:13:b5:40:b2:86:f0:bb:
51:96:7a:a5:ab:a1:0d:33:4c:e3:3a:ca:ee:32:3b:eb:30:e9:
5f:3c:cb:60:28:2c:ce:88:b6:22:65:01:4a:cc:07:a3:c6:b2:
20:5e:2c:47:36:58:1d:89:29:e3:cf:72:37:da:87:a0:2a:19:
c9:a8:e1:7a:a3:ab:f0:40:ab:df:bf:68:f9:b8:2b:68:9d:19:
44:43:14:92
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgISAYzC22SEp2IkCiMNcvP69RivMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjQwMTAxMDIzMDA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhM2VlYjc0YzBhZjMzZTA1ZDM4YWNjNGEwMWIwYzgyM2VkNjAzZjAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAomJjR9dn7qdfepn8YF1+KWHttRWt
zpNOofvuUBItG7Z/3F0VXprrD0QDQ7RE0ZSxkV7aXGYo80ucBZscHuBUV3Ma+GsM
Al14QxGw0qfDJ453jwSISG5Qts7S33MwQ1DT6+Q7J6Ndhl6IVji85fGD1QSu1RbK
nNqeQzYTjOIi2Nq2ShV+WEz0J26UHnWRzJnYHcub9rnj7Mn35lzNBfEX5RX708ic
Xmye7Hu+8VQtk7TMSn4teHnN8MciL1mXFh0EAJM1k9xOm9S2IUiPsQS6TPjw639B
3a4W6LAMWRxz+cgWxYr8fKHhjwTmfP4fB0JzjIm7RbfUFziB6KymvVqXqQIDAQAB
o4ICFDCCAhAwHQYDVR0OBBYEFKPut0wK8z4F04rMSgGwyCPtYD8AMB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEvby02M1RBcnpQZ1hUaXN4S0FiRElJLTFnUHdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCoGCCsGAQUFBwEHAQH/BBswGTAXBAIAAjARAwYHKhKjQgAD
BwAqEqNHAAEwDQYJKoZIhvcNAQELBQADggEBADH0jT/L8TI9PiXCstVjDdEy4Myo
hFVV1BbUDPbMBarlJCTfxmTxRTla37lPO7CGQRWlbMdXOahIN4UnmqMyqbcBwyLx
SEYRURiOMnpOeGw3/FcOWLZ1mRIfsvCTTeQudJ9wLgN12wzOTW983S6yIKPOTfBj
XY3Rm0gOkoFVKz554Z8U6wfOl8uoA75tdSj09Bt0V+MA0M5+AeoKnPl78FTZHY5J
x8+/ca1BV8SEE7VAsobwu1GWeqWroQ0zTOM6yu4yO+sw6V88y2AoLM6ItiJlAUrM
B6PGsiBeLEc2WB2JKePPcjfah6AqGcmo4Xqjq/BAq9+/aPm4K2idGURDFJI=
-----END CERTIFICATE-----
Generated at Wed Nov 27 01:04:00 2024 by rpki-client on console-fra.rpki-client.org