Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/5c5859-75c0-4345-bd29-45c568f8a27c/1/Fa8M-uIzF0MinUfAOUTsZAtlJ9o.roa
File: Fa8M-uIzF0MinUfAOUTsZAtlJ9o.roa (raw, json)
Hash identifier: jEOaalorcs9tmFUY2wrhp9TXmW2yZSVNxwzEr+KYpXQ=
Subject key identifier: 15:AF:0C:FA:E2:33:17:43:22:9D:47:C0:39:44:EC:64:0B:65:27:DA
Certificate issuer: /CN=f3ac8c7e32baf778b8c451a2d24cc68196964bfc
Certificate serial: 018CC7273C8AB8E1287F10262EE7866BA7FB
Authority key identifier: F3:AC:8C:7E:32:BA:F7:78:B8:C4:51:A2:D2:4C:C6:81:96:96:4B:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/86yMfjK693i4xFGi0kzGgZaWS_w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/5c5859-75c0-4345-bd29-45c568f8a27c/1/Fa8M-uIzF0MinUfAOUTsZAtlJ9o.roa
Signing time: Mon 01 Jan 2024 22:31:26 +0000
ROA not before: Mon 01 Jan 2024 22:31:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49225
IP address blocks: 195.160.172.0/23 maxlen: 24
195.160.172.0/24 maxlen: 24
195.160.173.0/24 maxlen: 24
2001:678:560::/48 maxlen: 48
2001:678:760::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/76/5c5859-75c0-4345-bd29-45c568f8a27c/1/86yMfjK693i4xFGi0kzGgZaWS_w.crl
rsync://rpki.ripe.net/repository/DEFAULT/76/5c5859-75c0-4345-bd29-45c568f8a27c/1/86yMfjK693i4xFGi0kzGgZaWS_w.mft
rsync://rpki.ripe.net/repository/DEFAULT/86yMfjK693i4xFGi0kzGgZaWS_w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 26 May 2024 05:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:3c:8a:b8:e1:28:7f:10:26:2e:e7:86:6b:a7:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f3ac8c7e32baf778b8c451a2d24cc68196964bfc
Validity
Not Before: Jan 1 22:31:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=15af0cfae2331743229d47c03944ec640b6527da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:26:18:14:94:ac:ee:c5:f0:01:03:df:d1:c1:
88:ed:e7:29:f1:81:30:57:21:86:3b:0d:d8:2f:41:
fe:22:4b:8d:61:47:4d:a1:8a:5d:43:9b:13:b3:2d:
26:f7:d5:99:73:98:55:79:43:fe:a3:54:25:46:51:
99:e5:53:f5:63:78:78:5d:13:b3:c5:b6:5f:3f:87:
d8:5c:68:1d:53:5c:e2:9d:82:08:9a:ea:cc:92:fd:
17:ae:af:e0:ee:f5:b3:27:2c:c9:c8:3a:86:a3:2a:
f1:06:ea:36:fb:68:cf:2d:6e:33:e1:d2:df:e3:1d:
f3:7d:1b:68:82:56:eb:ed:18:2c:2c:f3:31:94:eb:
e2:2a:c6:b4:1c:77:c4:1b:a3:15:c9:97:71:c8:0d:
e2:d2:c1:77:db:43:73:c3:f5:49:76:95:72:82:01:
a9:58:1b:30:d9:91:43:e0:18:a2:35:3f:99:67:c2:
d6:01:32:0e:71:49:4a:01:60:3d:b4:50:7d:4f:84:
0a:b2:a9:2d:65:e6:14:ba:b9:e7:2b:ff:18:45:fb:
a7:b0:d0:80:e4:eb:cd:e6:87:e5:26:34:3c:23:0d:
ed:34:96:9e:53:86:54:ea:69:89:f0:e4:06:b1:c4:
79:c2:be:db:75:02:a6:cb:ee:3e:d1:92:14:7f:b8:
5b:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:AF:0C:FA:E2:33:17:43:22:9D:47:C0:39:44:EC:64:0B:65:27:DA
X509v3 Authority Key Identifier:
keyid:F3:AC:8C:7E:32:BA:F7:78:B8:C4:51:A2:D2:4C:C6:81:96:96:4B:FC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/86yMfjK693i4xFGi0kzGgZaWS_w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/5c5859-75c0-4345-bd29-45c568f8a27c/1/Fa8M-uIzF0MinUfAOUTsZAtlJ9o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/5c5859-75c0-4345-bd29-45c568f8a27c/1/86yMfjK693i4xFGi0kzGgZaWS_w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.160.172.0/23
IPv6:
2001:678:560::/48
2001:678:760::/48
Signature Algorithm: sha256WithRSAEncryption
91:80:18:19:ba:2f:e1:0a:43:b6:6a:28:aa:6c:aa:da:51:8a:
df:ca:6b:24:ec:7d:2e:69:b5:86:c3:c1:0e:40:6b:f8:5a:05:
0b:9e:bf:ba:f3:1e:b6:30:13:db:1e:12:22:95:38:b3:75:52:
b2:85:ae:39:9b:e8:da:65:1d:9a:a0:fe:2b:01:74:c7:94:64:
fa:67:99:ef:31:48:e1:d6:2c:0c:c8:ba:30:3a:19:b9:61:09:
13:cf:b9:09:f7:4b:a0:42:50:c4:da:0c:82:49:27:ba:5b:67:
9f:3e:79:b8:ce:f1:96:9f:e2:c8:8a:63:a8:1a:12:56:d1:c9:
6b:ea:1f:2d:f1:c2:19:36:c1:fd:10:11:4e:91:fb:10:c3:be:
37:6a:cb:31:40:e3:7e:f1:91:99:a6:21:82:c6:81:e2:44:24:
c6:40:bb:4d:ab:05:43:19:c1:2a:96:d6:b4:69:6a:42:4e:25:
1f:8a:c2:b8:76:65:ac:c2:a4:f9:a6:72:47:6e:25:87:7b:4e:
d9:78:c3:fd:94:ad:11:d0:68:ed:4e:fc:12:11:f6:7b:42:f4:
e6:28:ea:d4:e2:2f:cd:f8:86:50:cb:ab:20:51:69:96:35:1e:
26:1e:ff:e4:fe:c7:2f:2d:1f:e0:95:29:9b:8f:78:2a:ca:8a:
68:de:f7:67
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYzHJzyKuOEofxAmLueGa6f7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzYWM4YzdlMzJiYWY3NzhiOGM0NTFhMmQyNGNjNjgxOTY5
NjRiZmMwHhcNMjQwMTAxMjIzMTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNWFmMGNmYWUyMzMxNzQzMjI5ZDQ3YzAzOTQ0ZWM2NDBiNjUyN2RhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAliYYFJSs7sXwAQPf0cGI7ecp8YEw
VyGGOw3YL0H+IkuNYUdNoYpdQ5sTsy0m99WZc5hVeUP+o1QlRlGZ5VP1Y3h4XROz
xbZfP4fYXGgdU1zinYIImurMkv0Xrq/g7vWzJyzJyDqGoyrxBuo2+2jPLW4z4dLf
4x3zfRtoglbr7RgsLPMxlOviKsa0HHfEG6MVyZdxyA3i0sF320Nzw/VJdpVyggGp
WBsw2ZFD4BiiNT+ZZ8LWATIOcUlKAWA9tFB9T4QKsqktZeYUurnnK/8YRfunsNCA
5OvN5oflJjQ8Iw3tNJaeU4ZU6mmJ8OQGscR5wr7bdQKmy+4+0ZIUf7hbsQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFBWvDPriMxdDIp1HwDlE7GQLZSfaMB8GA1UdIwQY
MBaAFPOsjH4yuvd4uMRRotJMxoGWlkv8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvODZ5TWZqSzY5M2k0eEZHaTBrekdnWmFXU193LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni81YzU4NTktNzVjMC00MzQ1LWJkMjkt
NDVjNTY4ZjhhMjdjLzEvRmE4TS11SXpGME1pblVmQU9VVHNaQXRsSjlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni81YzU4NTktNzVjMC00MzQ1LWJkMjktNDVjNTY4ZjhhMjdj
LzEvODZ5TWZqSzY5M2k0eEZHaTBrekdnWmFXU193LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQBw6CsMBgE
AgACMBIDBwAgAQZ4BWADBwAgAQZ4B2AwDQYJKoZIhvcNAQELBQADggEBAJGAGBm6
L+EKQ7ZqKKpsqtpRit/KayTsfS5ptYbDwQ5Aa/haBQuev7rzHrYwE9seEiKVOLN1
UrKFrjmb6NplHZqg/isBdMeUZPpnme8xSOHWLAzIujA6GblhCRPPuQn3S6BCUMTa
DIJJJ7pbZ58+ebjO8Zaf4siKY6gaElbRyWvqHy3xwhk2wf0QEU6R+xDDvjdqyzFA
437xkZmmIYLGgeJEJMZAu02rBUMZwSqW1rRpakJOJR+Kwrh2ZazCpPmmckduJYd7
Ttl4w/2UrRHQaO1O/BIR9ntC9OYo6tTiL834hlDLqyBRaZY1HiYe/+T+xy8tH+CV
KZuPeCrKimje92c=
-----END CERTIFICATE-----
Generated at Sat May 25 09:10:02 2024 by rpki-client on console-fra.rpki-client.org