Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/6dbc2f-0f0b-4a2f-b149-b75983122455/1/fPnZr1-8qjbvgXa9sT5mD5Ov8lU.roa
File: fPnZr1-8qjbvgXa9sT5mD5Ov8lU.roa (raw, json)
Hash identifier: 9SxmLttJP4D16sLtG7JFczKMRd95AD77kwUB7JL4B2k=
Subject key identifier: 7C:F9:D9:AF:5F:BC:AA:36:EF:81:76:BD:B1:3E:66:0F:93:AF:F2:55
Certificate issuer: /CN=faf7066da09a56224260e46ea26dc9cb1dba8e37
Certificate serial: 018CC7257CAE28D37BBBE65368EFCED5E11A
Authority key identifier: FA:F7:06:6D:A0:9A:56:22:42:60:E4:6E:A2:6D:C9:CB:1D:BA:8E:37
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-vcGbaCaViJCYORuom3Jyx26jjc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/6dbc2f-0f0b-4a2f-b149-b75983122455/1/fPnZr1-8qjbvgXa9sT5mD5Ov8lU.roa
Signing time: Mon 01 Jan 2024 22:29:31 +0000
ROA not before: Mon 01 Jan 2024 22:29:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57081
IP address blocks: 185.132.112.0/22 maxlen: 22
2a06:e180::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a3/6dbc2f-0f0b-4a2f-b149-b75983122455/1/1-vcGbaCaViJCYORuom3Jyx26jjc.crl
rsync://rpki.ripe.net/repository/DEFAULT/a3/6dbc2f-0f0b-4a2f-b149-b75983122455/1/1-vcGbaCaViJCYORuom3Jyx26jjc.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-vcGbaCaViJCYORuom3Jyx26jjc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 19 May 2024 20:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:25:7c:ae:28:d3:7b:bb:e6:53:68:ef:ce:d5:e1:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=faf7066da09a56224260e46ea26dc9cb1dba8e37
Validity
Not Before: Jan 1 22:29:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7cf9d9af5fbcaa36ef8176bdb13e660f93aff255
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:2d:54:c8:99:80:10:83:bb:8e:54:5a:b6:a7:
72:86:03:14:2c:2d:36:17:b4:77:5f:dc:13:58:8a:
d1:9e:e3:f0:0c:78:a4:fa:a7:9a:94:56:84:c6:29:
c9:65:82:fa:5d:1f:b9:30:68:db:52:d2:03:23:aa:
d2:3d:4d:36:9c:39:10:fe:5c:0b:9a:86:c9:a4:33:
7e:2d:86:f9:cc:dd:f3:f5:dc:8c:50:b1:82:86:66:
9c:37:7d:7b:33:3f:b2:b9:d9:0f:1b:6e:59:83:b1:
9e:e2:b4:78:44:a7:b7:76:a8:5c:38:33:f5:4d:8c:
ae:b1:fd:23:3e:58:20:4e:61:fb:82:52:a3:2e:3e:
b4:94:50:fc:cb:8f:f8:07:35:f2:ea:69:e0:d7:18:
23:f7:5e:a4:f8:d0:c0:3b:48:0e:00:3c:0e:ff:32:
2a:36:66:25:ed:ea:aa:a6:46:80:c2:3d:3f:0c:47:
87:a3:c1:a9:76:06:b1:4c:39:6e:08:80:fb:ac:1a:
39:7c:06:01:82:fd:78:6e:7a:72:ad:2f:6e:c3:98:
ee:ed:53:0f:bc:67:8e:a2:f7:74:a6:ca:a7:26:cd:
e7:32:02:b9:ad:5e:85:98:c0:81:d0:39:1f:d9:25:
e5:33:f8:eb:db:70:fa:62:08:d8:12:20:ad:d7:e0:
11:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:F9:D9:AF:5F:BC:AA:36:EF:81:76:BD:B1:3E:66:0F:93:AF:F2:55
X509v3 Authority Key Identifier:
keyid:FA:F7:06:6D:A0:9A:56:22:42:60:E4:6E:A2:6D:C9:CB:1D:BA:8E:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-vcGbaCaViJCYORuom3Jyx26jjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/6dbc2f-0f0b-4a2f-b149-b75983122455/1/fPnZr1-8qjbvgXa9sT5mD5Ov8lU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/6dbc2f-0f0b-4a2f-b149-b75983122455/1/1-vcGbaCaViJCYORuom3Jyx26jjc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.132.112.0/22
IPv6:
2a06:e180::/29
Signature Algorithm: sha256WithRSAEncryption
91:ef:b6:41:8b:f0:63:25:93:46:e2:7b:22:cb:e6:24:37:89:
6a:54:3c:cd:98:b1:68:34:fd:20:46:a5:39:0c:7e:be:7a:d1:
48:37:05:ac:d4:a2:e9:5d:a4:50:e5:3b:58:88:1c:36:82:7b:
8c:9c:c5:35:97:4a:e0:80:31:a8:7b:65:9c:ed:c7:f4:35:f6:
90:25:0a:ba:87:34:46:5f:bd:09:09:d7:0a:5b:fb:c5:a6:89:
05:21:fa:18:ab:9e:16:48:7f:2e:8d:a6:56:01:42:22:30:73:
54:91:d2:db:55:81:1f:98:a8:9a:f8:62:9c:fb:cf:43:15:71:
6c:55:a6:ed:47:98:71:d6:0a:00:64:f1:78:3e:60:25:8b:30:
c7:fb:2f:3e:68:08:4d:1c:69:19:45:7f:8f:e2:d0:bd:be:21:
37:53:4f:6b:dc:3a:14:b1:21:ce:a7:7c:82:9a:fb:06:83:5c:
3d:9e:a1:18:1d:c0:53:e5:7a:54:54:16:ec:65:ce:49:03:fd:
3c:c9:34:3c:26:56:05:d7:38:63:6f:62:4f:52:ce:5a:ce:fc:
bc:a7:7f:8e:cf:59:23:f6:f0:ab:41:b2:7a:d6:b9:73:40:d4:
2d:4f:52:17:15:f4:16:15:89:10:a0:15:1f:2c:ea:c0:cb:b3:
f8:d7:65:46
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzHJXyuKNN7u+ZTaO/O1eEaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhZjcwNjZkYTA5YTU2MjI0MjYwZTQ2ZWEyNmRjOWNiMWRi
YThlMzcwHhcNMjQwMTAxMjIyOTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Y2Y5ZDlhZjVmYmNhYTM2ZWY4MTc2YmRiMTNlNjYwZjkzYWZmMjU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsy1UyJmAEIO7jlRatqdyhgMULC02
F7R3X9wTWIrRnuPwDHik+qealFaExinJZYL6XR+5MGjbUtIDI6rSPU02nDkQ/lwL
mobJpDN+LYb5zN3z9dyMULGChmacN317Mz+yudkPG25Zg7Ge4rR4RKe3dqhcODP1
TYyusf0jPlggTmH7glKjLj60lFD8y4/4BzXy6mng1xgj916k+NDAO0gOADwO/zIq
NmYl7eqqpkaAwj0/DEeHo8GpdgaxTDluCID7rBo5fAYBgv14bnpyrS9uw5ju7VMP
vGeOovd0psqnJs3nMgK5rV6FmMCB0Dkf2SXlM/jr23D6YgjYEiCt1+ARBwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHz52a9fvKo274F2vbE+Zg+Tr/JVMB8GA1UdIwQY
MBaAFPr3Bm2gmlYiQmDkbqJtycsduo43MA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS12Y0diYUNhVmlKQ1lPUnVvbTNKeXgyNmpqYy5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTMvNmRiYzJmLTBmMGItNGEyZi1iMTQ5
LWI3NTk4MzEyMjQ1NS8xL2ZQblpyMS04cWpidmdYYTlzVDVtRDVPdjhsVS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYTMvNmRiYzJmLTBmMGItNGEyZi1iMTQ5LWI3NTk4MzEyMjQ1
NS8xLzEtdmNHYmFDYVZpSkNZT1J1b20zSnl4MjZqamMuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBAK5hHAw
DQQCAAIwBwMFAyoG4YAwDQYJKoZIhvcNAQELBQADggEBAJHvtkGL8GMlk0bieyLL
5iQ3iWpUPM2YsWg0/SBGpTkMfr560Ug3BazUouldpFDlO1iIHDaCe4ycxTWXSuCA
Mah7ZZztx/Q19pAlCrqHNEZfvQkJ1wpb+8WmiQUh+hirnhZIfy6NplYBQiIwc1SR
0ttVgR+YqJr4Ypz7z0MVcWxVpu1HmHHWCgBk8Xg+YCWLMMf7Lz5oCE0caRlFf4/i
0L2+ITdTT2vcOhSxIc6nfIKa+waDXD2eoRgdwFPlelRUFuxlzkkD/TzJNDwmVgXX
OGNvYk9SzlrO/Lynf47PWSP28KtBsnrWuXNA1C1PUhcV9BYViRCgFR8s6sDLs/jX
ZUY=
-----END CERTIFICATE-----
Generated at Sun May 19 00:47:07 2024 by rpki-client on console-ams.rpki-client.org