Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135332e39322e3132372e302f32342d3234203d3e203633343733.roa
File: 3135332e39322e3132372e302f32342d3234203d3e203633343733.roa (raw, json)
Hash identifier: RmjiSdy4f9T23rzQpZdkUtHW7Ux1H95mqZhYqJxh9Pg=
Subject key identifier: 60:1F:9A:BC:DE:8B:D3:37:13:2C:2A:E7:62:7D:A4:49:0F:5C:A5:F5
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 4FA698AEFBC33CE02C77327E77B3B5765747C500
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135332e39322e3132372e302f32342d3234203d3e203633343733.roa
Signing time: Mon 04 Dec 2023 09:34:22 +0000
ROA not before: Mon 04 Dec 2023 09:29:22 +0000
ROA not after: Mon 02 Dec 2024 09:34:22 +0000
asID: 63473
IP address blocks: 153.92.127.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 May 2024 16:11:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4f:a6:98:ae:fb:c3:3c:e0:2c:77:32:7e:77:b3:b5:76:57:47:c5:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Dec 4 09:29:22 2023 GMT
Not After : Dec 2 09:34:22 2024 GMT
Subject: CN=601F9ABCDE8BD337132C2AE7627DA4490F5CA5F5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:70:9e:38:12:0b:31:2a:39:1e:de:2c:f2:3a:
48:08:74:f5:00:bf:73:10:8e:1e:39:21:b1:14:32:
56:c0:ab:58:bb:46:28:ee:cc:ff:4c:e3:55:15:ad:
2d:93:5a:9d:b0:bf:95:e4:29:06:57:de:4e:4a:9a:
cf:b5:af:32:38:3f:f9:05:25:fd:99:41:0a:2a:3c:
0b:69:de:7f:eb:45:30:f3:96:f4:db:52:63:9e:82:
9a:6f:a4:ca:b1:f9:29:42:38:7c:d6:d5:76:2b:4f:
3d:c3:97:a0:9c:79:96:62:58:3b:19:f9:e6:58:03:
4a:82:be:7a:9c:72:64:67:54:fa:8b:bf:7b:19:23:
b3:8f:c2:47:8d:64:e2:a6:4f:85:12:96:c3:ab:76:
c7:fb:6b:3d:cb:64:ea:76:f8:69:7b:9e:1d:b9:d0:
a0:64:3a:15:a3:bc:dd:33:af:33:be:67:22:b0:0f:
63:a0:ae:9d:fa:b4:04:e4:0a:f8:74:25:fa:f5:bb:
40:9b:1a:74:f0:63:93:27:19:6a:1e:1b:68:a6:1f:
4e:e5:2a:17:83:56:62:84:f0:95:fa:88:c9:a3:f0:
2a:96:fd:d9:7f:a8:87:1f:b8:e9:50:2e:1d:c0:cf:
ca:41:3f:6d:d2:1e:fa:4e:4f:06:e1:ab:31:c8:14:
bf:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:1F:9A:BC:DE:8B:D3:37:13:2C:2A:E7:62:7D:A4:49:0F:5C:A5:F5
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135332e39322e3132372e302f32342d3234203d3e203633343733.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
153.92.127.0/24
Signature Algorithm: sha256WithRSAEncryption
32:39:46:e2:f8:25:94:2d:64:4e:57:e0:96:cb:d1:f0:6f:79:
a8:e9:6e:b1:24:36:43:e3:2e:75:d6:53:5a:fb:85:48:2f:f3:
ec:a2:40:7b:78:99:ac:a2:48:05:f2:d2:98:ff:6f:4d:a1:53:
67:22:7b:ee:16:e3:a0:a6:5c:8c:5f:77:ba:3c:27:9c:bb:15:
ea:81:63:ca:12:48:17:5c:ca:24:dd:e9:e5:02:32:5a:db:2d:
d5:92:11:17:33:6d:39:d9:93:f1:08:99:0e:ae:19:5e:85:80:
02:9c:df:f3:8c:bd:aa:80:7a:39:e4:1c:13:77:56:94:a9:ed:
c2:87:a5:bd:6b:f0:d2:e8:e5:6e:7e:68:bb:57:d4:10:e0:90:
42:88:11:cf:ee:33:bd:86:0a:95:85:b4:e7:3f:a7:2e:9a:83:
c9:f5:b5:25:9e:a2:0b:9b:1f:4c:43:c3:07:fc:29:fe:db:57:
87:18:ba:88:f8:4a:55:3e:7e:74:7f:f2:3e:5a:82:6f:9f:a0:
4c:6d:7c:5c:91:34:e5:76:e2:dd:2c:72:86:4a:33:3d:fd:03:
f3:c4:9b:13:c2:e5:09:cb:a6:db:30:2e:b8:aa:09:f3:28:df:
ea:a7:f7:b0:62:c3:bb:86:2a:b5:f8:5d:6c:46:d8:a7:e7:f5:
49:d6:75:60
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUT6aYrvvDPOAsdzJ+d7O1dldHxQAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yMzEyMDQwOTI5MjJaFw0yNDEyMDIwOTM0MjJaMDMxMTAvBgNV
BAMTKDYwMUY5QUJDREU4QkQzMzcxMzJDMkFFNzYyN0RBNDQ5MEY1Q0E1RjUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMcJ44EgsxKjke3izyOkgIdPUA
v3MQjh45IbEUMlbAq1i7RijuzP9M41UVrS2TWp2wv5XkKQZX3k5Kms+1rzI4P/kF
Jf2ZQQoqPAtp3n/rRTDzlvTbUmOegppvpMqx+SlCOHzW1XYrTz3Dl6CceZZiWDsZ
+eZYA0qCvnqccmRnVPqLv3sZI7OPwkeNZOKmT4USlsOrdsf7az3LZOp2+Gl7nh25
0KBkOhWjvN0zrzO+ZyKwD2Ogrp36tATkCvh0Jfr1u0CbGnTwY5MnGWoeG2imH07l
KheDVmKE8JX6iMmj8CqW/dl/qIcfuOlQLh3Az8pBP23SHvpOTwbhqzHIFL/9AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUYB+avN6L0zcTLCrnYn2kSQ9cpfUwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNTMzMmUzOTMyMmUzMTMy
MzcyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNjMzMzQzNzMzLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
mVx/MA0GCSqGSIb3DQEBCwUAA4IBAQAyOUbi+CWULWROV+CWy9Hwb3mo6W6xJDZD
4y511lNa+4VIL/PsokB7eJmsokgF8tKY/29NoVNnInvuFuOgplyMX3e6PCecuxXq
gWPKEkgXXMok3enlAjJa2y3VkhEXM2052ZPxCJkOrhlehYACnN/zjL2qgHo55BwT
d1aUqe3Ch6W9a/DS6OVufmi7V9QQ4JBCiBHP7jO9hgqVhbTnP6cumoPJ9bUlnqIL
mx9MQ8MH/Cn+21eHGLqI+EpVPn50f/I+WoJvn6BMbXxckTTlduLdLHKGSjM9/QPz
xJsTwuUJy6bbMC64qgnzKN/qp/ewYsO7hiq1+F1sRtin5/VJ1nVg
-----END CERTIFICATE-----
Generated at Mon May 20 19:28:03 2024 by rpki-client on console-fra.rpki-client.org