Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135332e39322e3138312e302f32342d3234203d3e20323031333431.roa
File: 3135332e39322e3138312e302f32342d3234203d3e20323031333431.roa (raw, json)
Hash identifier: LzzBPyCnVDk8DKi+F7euswcHVwoFN9Rlq6EBXxPS4gA=
Subject key identifier: 64:55:F1:A5:6F:B8:8E:1E:71:5E:AA:DB:59:56:C8:76:71:77:50:11
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 4BDD9CFAB22AF92692947CFEB20F0F492ED1DD60
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135332e39322e3138312e302f32342d3234203d3e20323031333431.roa
Signing time: Mon 26 Feb 2024 08:53:32 +0000
ROA not before: Mon 26 Feb 2024 08:48:32 +0000
ROA not after: Mon 24 Feb 2025 08:53:32 +0000
asID: 201341
IP address blocks: 153.92.181.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 May 2024 08:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4b:dd:9c:fa:b2:2a:f9:26:92:94:7c:fe:b2:0f:0f:49:2e:d1:dd:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Feb 26 08:48:32 2024 GMT
Not After : Feb 24 08:53:32 2025 GMT
Subject: CN=6455F1A56FB88E1E715EAADB5956C87671775011
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:f3:86:e7:e2:b1:d0:64:fc:cd:87:1e:5c:2b:
b9:b1:94:ee:26:d0:ef:18:16:32:53:25:a3:18:67:
bf:0f:4e:15:5a:94:98:7f:de:c0:c9:f8:df:c2:be:
c2:20:3e:b2:a9:55:3b:2b:74:30:72:02:f6:1a:68:
75:4b:07:c2:70:6b:fe:3d:de:9f:d3:dd:de:45:b9:
b1:79:ca:5d:ab:9d:6d:42:db:8e:22:3e:17:4e:04:
33:f6:03:fc:9c:28:72:c5:91:b4:84:f3:c4:1c:36:
5b:b8:e7:ef:34:aa:e6:2a:e8:f7:71:e4:d1:eb:f4:
41:2e:8c:57:03:14:72:4d:52:80:9e:91:3a:d5:bd:
e0:c5:ac:dd:55:16:76:92:c5:22:d8:fb:79:b6:6f:
78:ba:9c:62:0b:ab:75:9e:49:f5:7c:98:54:4c:ed:
06:21:52:75:c6:9e:99:54:14:c7:88:5a:5c:1c:5e:
96:16:24:5b:2d:de:29:9a:78:20:75:07:bb:c9:b7:
de:d0:83:3c:ff:c3:b1:83:ea:7b:2d:47:a4:b7:72:
55:f2:7b:f2:da:cb:56:a2:db:a7:17:6a:ad:b9:11:
f6:32:b2:0e:d6:ae:c2:d2:32:2a:b9:bb:9c:9c:bd:
67:ea:a3:ff:3e:e1:fc:54:e0:7b:b6:11:c5:aa:2a:
9d:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:55:F1:A5:6F:B8:8E:1E:71:5E:AA:DB:59:56:C8:76:71:77:50:11
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135332e39322e3138312e302f32342d3234203d3e20323031333431.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
153.92.181.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:0d:02:ab:56:23:3a:3c:17:62:73:5c:48:91:65:10:79:10:
2b:59:76:66:24:65:b0:c3:4a:bb:14:0b:e2:d6:57:d0:86:22:
67:c9:37:50:e2:c3:ac:fa:b3:e9:87:2c:d3:c8:47:f8:14:90:
fb:00:30:bb:96:cc:bd:88:2c:ea:9b:2d:aa:8c:3b:4a:4e:78:
42:7f:5d:e0:d5:42:f7:ce:93:52:d4:53:be:96:96:0a:0c:ca:
eb:d3:95:a3:7a:f4:26:71:ce:8a:eb:33:56:97:44:34:43:3a:
19:c5:41:09:9a:1e:6f:58:0e:4a:e1:c9:d2:90:91:cb:55:15:
5b:04:d4:fb:d4:fc:d6:c8:fc:6c:da:51:f5:c3:b6:cd:a6:16:
6b:3e:b5:b9:a5:38:6b:a1:cc:4b:ba:0e:18:05:30:70:b3:31:
ce:c8:5e:5e:64:af:e4:0b:78:9c:52:73:14:6d:78:7e:50:76:
69:79:c7:94:00:67:8e:99:6f:8c:58:0c:d5:64:7f:c6:2c:55:
85:5b:5c:c9:51:38:26:bc:39:49:72:f8:86:64:34:5b:ba:52:
e9:5d:80:c4:43:52:f6:bf:61:1f:3c:b2:d9:2e:3f:26:fb:f1:
94:c4:e1:0c:a7:15:c0:23:84:cf:08:0b:a3:70:56:68:6e:8c:
94:06:d4:d6
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUS92c+rIq+SaSlHz+sg8PSS7R3WAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDAyMjYwODQ4MzJaFw0yNTAyMjQwODUzMzJaMDMxMTAvBgNV
BAMTKDY0NTVGMUE1NkZCODhFMUU3MTVFQUFEQjU5NTZDODc2NzE3NzUwMTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDB84bn4rHQZPzNhx5cK7mxlO4m
0O8YFjJTJaMYZ78PThValJh/3sDJ+N/CvsIgPrKpVTsrdDByAvYaaHVLB8Jwa/49
3p/T3d5FubF5yl2rnW1C244iPhdOBDP2A/ycKHLFkbSE88QcNlu45+80quYq6Pdx
5NHr9EEujFcDFHJNUoCekTrVveDFrN1VFnaSxSLY+3m2b3i6nGILq3WeSfV8mFRM
7QYhUnXGnplUFMeIWlwcXpYWJFst3imaeCB1B7vJt97Qgzz/w7GD6nstR6S3clXy
e/Lay1ai26cXaq25EfYysg7WrsLSMiq5u5ycvWfqo/8+4fxU4Hu2EcWqKp3bAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUZFXxpW+4jh5xXqrbWVbIdnF3UBEwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNTMzMmUzOTMyMmUzMTM4
MzEyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMwMzEzMzM0MzEucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACZXLUwDQYJKoZIhvcNAQELBQADggEBAH8NAqtWIzo8F2JzXEiRZRB5ECtZdmYk
ZbDDSrsUC+LWV9CGImfJN1Diw6z6s+mHLNPIR/gUkPsAMLuWzL2ILOqbLaqMO0pO
eEJ/XeDVQvfOk1LUU76WlgoMyuvTlaN69CZxzorrM1aXRDRDOhnFQQmaHm9YDkrh
ydKQkctVFVsE1PvU/NbI/GzaUfXDts2mFms+tbmlOGuhzEu6DhgFMHCzMc7IXl5k
r+QLeJxScxRteH5Qdml5x5QAZ46Zb4xYDNVkf8YsVYVbXMlROCa8OUly+IZkNFu6
UuldgMRDUva/YR88stkuPyb78ZTE4QynFcAjhM8IC6NwVmhujJQG1NY=
-----END CERTIFICATE-----
Generated at Mon May 20 13:47:06 2024 by rpki-client on console-ams.rpki-client.org