Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/0466f8-330d-4ac9-ac18-920b52a9f6a5/1/S-Y0C7F9cfOt_lEfPSBf4khUPRQ.roa
File: S-Y0C7F9cfOt_lEfPSBf4khUPRQ.roa (raw, json)
Hash identifier: 0+EEYM3V598fmGLxiSFOJuJ1CXpFmYOTFZhNam/jw5M=
Subject key identifier: 4B:E6:34:0B:B1:7D:71:F3:AD:FE:51:1F:3D:20:5F:E2:48:54:3D:14
Certificate issuer: /CN=faa16909ca4da39935eab9af038b58a5233122b3
Certificate serial: 018CC2DB0FE5FE9C419B9D60DF8A4F2EBE8C
Authority key identifier: FA:A1:69:09:CA:4D:A3:99:35:EA:B9:AF:03:8B:58:A5:23:31:22:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-qFpCcpNo5k16rmvA4tYpSMxIrM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/0466f8-330d-4ac9-ac18-920b52a9f6a5/1/S-Y0C7F9cfOt_lEfPSBf4khUPRQ.roa
Signing time: Mon 01 Jan 2024 02:29:45 +0000
ROA not before: Mon 01 Jan 2024 02:29:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2852
IP address blocks: 160.216.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/42/0466f8-330d-4ac9-ac18-920b52a9f6a5/1/1-qFpCcpNo5k16rmvA4tYpSMxIrM.crl
rsync://rpki.ripe.net/repository/DEFAULT/42/0466f8-330d-4ac9-ac18-920b52a9f6a5/1/1-qFpCcpNo5k16rmvA4tYpSMxIrM.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-qFpCcpNo5k16rmvA4tYpSMxIrM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 23 May 2024 22:03:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:0f:e5:fe:9c:41:9b:9d:60:df:8a:4f:2e:be:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=faa16909ca4da39935eab9af038b58a5233122b3
Validity
Not Before: Jan 1 02:29:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4be6340bb17d71f3adfe511f3d205fe248543d14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:66:5e:db:25:53:5d:31:06:a1:93:85:e2:0c:
b6:6e:e1:44:ef:83:b5:32:49:aa:0b:58:37:83:bc:
d1:b1:81:f2:60:7c:e8:92:f8:9a:fa:e0:6f:43:e4:
ad:9a:ff:9e:db:3a:7b:77:03:5e:f2:fd:f6:4a:e7:
ec:7a:fc:58:19:3a:80:1a:a3:50:0f:c6:ac:1e:db:
08:ec:59:d3:48:0c:a7:f4:a8:db:82:cd:8a:60:84:
0a:cf:88:27:bc:e4:d5:8d:6c:45:1b:81:9b:d2:fb:
d5:2b:e4:5b:0e:01:c2:2a:06:85:2a:5c:ec:9e:f2:
cc:c8:1f:3d:2b:6f:39:7c:48:cc:6d:1e:7d:a0:1b:
b5:1d:82:9f:5d:2d:fe:eb:5a:8f:da:4b:15:ba:30:
ea:a5:8b:ab:f3:f4:28:83:fe:dc:e8:3d:1d:05:e7:
60:a5:f5:4f:9c:7a:df:af:15:1f:1d:fb:d5:8c:31:
7f:f8:1c:93:85:bf:46:cf:28:ff:42:18:32:42:09:
1e:6a:f9:ad:08:d2:cd:02:76:58:98:d2:46:bd:64:
ab:7e:1b:fc:6b:c1:53:2d:f5:f0:6b:ae:54:3b:84:
f5:d2:1e:31:07:c1:ed:2a:f0:39:a5:00:8c:ce:7c:
d7:92:23:ac:21:bf:bd:8d:16:1e:3a:b4:ba:fa:cc:
bf:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:E6:34:0B:B1:7D:71:F3:AD:FE:51:1F:3D:20:5F:E2:48:54:3D:14
X509v3 Authority Key Identifier:
keyid:FA:A1:69:09:CA:4D:A3:99:35:EA:B9:AF:03:8B:58:A5:23:31:22:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-qFpCcpNo5k16rmvA4tYpSMxIrM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/0466f8-330d-4ac9-ac18-920b52a9f6a5/1/S-Y0C7F9cfOt_lEfPSBf4khUPRQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/0466f8-330d-4ac9-ac18-920b52a9f6a5/1/1-qFpCcpNo5k16rmvA4tYpSMxIrM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
160.216.0.0/16
Signature Algorithm: sha256WithRSAEncryption
6e:f8:d6:7d:ea:f0:17:e6:78:69:f7:b0:0e:6b:ac:e0:84:3b:
3a:5c:d6:27:ff:79:11:d4:79:e6:97:71:32:e3:e4:42:f1:47:
40:d4:6f:35:f5:81:72:2e:cf:cf:b3:bf:58:32:1a:c6:c3:1a:
23:14:ba:30:20:fb:34:53:c4:a1:d8:98:9e:07:a6:ab:8e:b2:
48:a0:11:7d:2d:27:85:aa:b6:39:67:19:bd:74:1f:5b:97:11:
2a:bc:b5:a9:ae:ed:f4:42:8e:2e:48:37:2e:ad:92:80:d8:58:
4f:32:a7:d4:85:6b:d7:c7:8f:cc:dc:28:b8:f6:9b:1b:c1:df:
9a:17:36:6a:b4:57:ab:62:4f:27:ea:dd:0a:04:da:8e:bd:2a:
ff:a5:86:92:47:e3:27:ef:5f:8b:63:21:3c:58:32:4f:ab:4a:
f8:96:59:2e:32:93:0a:05:45:ce:6f:2f:a5:e2:ea:01:0b:d9:
08:30:6f:0b:fb:69:39:ab:a9:f5:8a:45:be:9c:0a:31:10:47:
c1:c5:31:4e:2c:35:67:0b:52:ab:79:2d:09:17:61:05:96:7c:
21:78:67:54:5a:6d:60:98:0d:27:2a:3a:18:b1:e5:80:d1:b2:
6b:37:4a:da:37:0b:e4:1e:3a:a2:eb:d9:f1:05:1a:20:23:17:
7f:ac:ab:5e
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzC2w/l/pxBm51g34pPLr6MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhYTE2OTA5Y2E0ZGEzOTkzNWVhYjlhZjAzOGI1OGE1MjMz
MTIyYjMwHhcNMjQwMTAxMDIyOTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YmU2MzQwYmIxN2Q3MWYzYWRmZTUxMWYzZDIwNWZlMjQ4NTQzZDE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt2Ze2yVTXTEGoZOF4gy2buFE74O1
MkmqC1g3g7zRsYHyYHzokvia+uBvQ+Stmv+e2zp7dwNe8v32SufsevxYGTqAGqNQ
D8asHtsI7FnTSAyn9Kjbgs2KYIQKz4gnvOTVjWxFG4Gb0vvVK+RbDgHCKgaFKlzs
nvLMyB89K285fEjMbR59oBu1HYKfXS3+61qP2ksVujDqpYur8/Qog/7c6D0dBedg
pfVPnHrfrxUfHfvVjDF/+ByThb9Gzyj/QhgyQgkeavmtCNLNAnZYmNJGvWSrfhv8
a8FTLfXwa65UO4T10h4xB8HtKvA5pQCMznzXkiOsIb+9jRYeOrS6+sy/wwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFEvmNAuxfXHzrf5RHz0gX+JIVD0UMB8GA1UdIwQY
MBaAFPqhaQnKTaOZNeq5rwOLWKUjMSKzMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1xRnBDY3BObzVrMTZybXZBNHRZcFNNeElyTS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDIvMDQ2NmY4LTMzMGQtNGFjOS1hYzE4
LTkyMGI1MmE5ZjZhNS8xL1MtWTBDN0Y5Y2ZPdF9sRWZQU0JmNGtoVVBSUS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNDIvMDQ2NmY4LTMzMGQtNGFjOS1hYzE4LTkyMGI1MmE5ZjZh
NS8xLzEtcUZwQ2NwTm81azE2cm12QTR0WXBTTXhJck0uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgABMAUDAwCg2DAN
BgkqhkiG9w0BAQsFAAOCAQEAbvjWferwF+Z4afewDmus4IQ7OlzWJ/95EdR55pdx
MuPkQvFHQNRvNfWBci7Pz7O/WDIaxsMaIxS6MCD7NFPEodiYngemq46ySKARfS0n
haq2OWcZvXQfW5cRKry1qa7t9EKOLkg3Lq2SgNhYTzKn1IVr18ePzNwouPabG8Hf
mhc2arRXq2JPJ+rdCgTajr0q/6WGkkfjJ+9fi2MhPFgyT6tK+JZZLjKTCgVFzm8v
peLqAQvZCDBvC/tpOaup9YpFvpwKMRBHwcUxTiw1ZwtSq3ktCRdhBZZ8IXhnVFpt
YJgNJyo6GLHlgNGyazdK2jcL5B46ouvZ8QUaICMXf6yrXg==
-----END CERTIFICATE-----
Generated at Wed May 22 23:52:57 2024 by rpki-client on console-fra.rpki-client.org