Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135352e3133332e37372e302f32342d3234203d3e20313336373837.roa
File: 3135352e3133332e37372e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: WEGi+bjKJPoUk+okD+9pflTacvhCTHyDMlF0C8iHuRI=
Subject key identifier: 27:1C:87:C2:F6:33:E0:A4:B4:02:E4:EB:CB:46:39:42:54:C7:05:23
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 2314369A07BE92A8D557647565800009FFFDAFBD
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135352e3133332e37372e302f32342d3234203d3e20313336373837.roa
Signing time: Mon 26 Feb 2024 08:53:28 +0000
ROA not before: Mon 26 Feb 2024 08:48:28 +0000
ROA not after: Mon 24 Feb 2025 08:53:28 +0000
asID: 136787
IP address blocks: 155.133.77.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Jun 2024 22:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
23:14:36:9a:07:be:92:a8:d5:57:64:75:65:80:00:09:ff:fd:af:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Feb 26 08:48:28 2024 GMT
Not After : Feb 24 08:53:28 2025 GMT
Subject: CN=271C87C2F633E0A4B402E4EBCB46394254C70523
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:8c:e1:3f:15:eb:85:c1:d4:67:27:cd:bc:88:
fb:88:da:12:7a:a4:71:4b:de:03:08:5b:2f:8f:e3:
09:a7:ab:d9:c7:0c:e6:10:58:10:47:be:6b:46:be:
f5:ae:67:64:7e:5f:bd:a3:7a:5e:41:40:19:db:fb:
0f:ee:ef:f0:c6:f5:98:dc:38:a1:b6:4d:83:d8:08:
0b:4b:b1:b7:f9:e9:c4:4f:e8:54:db:6a:e8:66:20:
ec:42:e8:45:f8:42:bd:72:a8:48:3b:df:7e:d0:5b:
be:ef:6b:af:81:14:b4:8c:68:4a:61:65:77:c1:1d:
a5:a4:bc:29:3a:33:10:b2:79:06:c0:24:7f:2c:d3:
64:cc:41:14:86:35:5b:a4:48:7b:15:a7:3e:bb:b0:
28:c9:2c:1e:a0:fd:f8:be:d7:b6:97:d2:86:58:b1:
15:6e:4b:d5:cd:de:ab:78:e8:86:ab:f8:b8:a4:8a:
e6:c0:a9:0e:21:f8:af:f1:3e:bf:4c:c4:f1:2a:f8:
06:7e:83:38:cb:fc:6f:ef:a9:1a:fb:e8:e0:6e:a7:
8a:eb:6a:32:63:ce:35:1b:53:1e:2a:0f:78:f7:85:
5d:64:5e:4d:e1:14:38:8c:ff:3f:26:b6:d4:64:8a:
0c:7a:1a:66:31:76:c8:6c:63:3b:3d:d4:4f:98:51:
b1:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:1C:87:C2:F6:33:E0:A4:B4:02:E4:EB:CB:46:39:42:54:C7:05:23
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135352e3133332e37372e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
155.133.77.0/24
Signature Algorithm: sha256WithRSAEncryption
6d:48:02:fe:4d:80:65:78:0d:af:4e:93:a8:73:5e:46:24:8c:
92:af:6f:b1:17:a1:a4:98:64:85:c7:8a:d7:8f:25:a6:61:0e:
f3:f8:9b:e0:0c:a3:72:de:3b:dd:c8:f1:8c:52:5c:1e:e8:0a:
26:3a:20:17:ca:b0:9e:d8:1a:bc:44:99:5d:24:27:66:30:af:
23:aa:52:13:11:9d:23:c4:77:db:67:28:98:62:ce:aa:c4:4e:
72:b1:6a:1e:70:b2:e0:37:5b:11:f4:e6:f8:17:94:00:56:2c:
c3:9c:4c:d6:9f:ec:c5:71:7e:c1:96:f4:9f:40:c2:6d:8d:c8:
59:d5:4c:ed:67:95:3e:0a:f4:08:ae:36:2f:94:6f:53:15:ee:
7d:9b:01:9d:19:ac:85:5a:e8:f7:63:60:87:ff:28:35:31:91:
6a:50:81:d7:36:31:b6:57:23:af:2e:cf:24:b0:f9:d7:73:c1:
1e:65:1a:46:53:bc:dc:34:09:5f:ff:53:fa:a3:75:cf:11:94:
7a:3f:9c:68:a3:e5:e5:1d:02:7b:da:d6:b9:79:0a:34:4a:25:
85:8c:46:81:41:71:a3:9d:b9:46:d2:01:b2:7d:9c:50:9d:fc:
7c:85:e4:56:0c:3d:98:8e:1e:e8:b1:30:08:c0:05:13:55:5f:
3e:dd:dd:8d
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUIxQ2mge+kqjVV2R1ZYAACf/9r70wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDAyMjYwODQ4MjhaFw0yNTAyMjQwODUzMjhaMDMxMTAvBgNV
BAMTKDI3MUM4N0MyRjYzM0UwQTRCNDAyRTRFQkNCNDYzOTQyNTRDNzA1MjMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDQjOE/FeuFwdRnJ828iPuI2hJ6
pHFL3gMIWy+P4wmnq9nHDOYQWBBHvmtGvvWuZ2R+X72jel5BQBnb+w/u7/DG9Zjc
OKG2TYPYCAtLsbf56cRP6FTbauhmIOxC6EX4Qr1yqEg7337QW77va6+BFLSMaEph
ZXfBHaWkvCk6MxCyeQbAJH8s02TMQRSGNVukSHsVpz67sCjJLB6g/fi+17aX0oZY
sRVuS9XN3qt46Iar+LikiubAqQ4h+K/xPr9MxPEq+AZ+gzjL/G/vqRr76OBup4rr
ajJjzjUbUx4qD3j3hV1kXk3hFDiM/z8mttRkigx6GmYxdshsYzs91E+YUbEBAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUJxyHwvYz4KS0AuTry0Y5QlTHBSMwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNTM1MmUzMTMzMzMyZTM3
MzcyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACbhU0wDQYJKoZIhvcNAQELBQADggEBAG1IAv5NgGV4Da9Ok6hzXkYkjJKvb7EX
oaSYZIXHitePJaZhDvP4m+AMo3LeO93I8YxSXB7oCiY6IBfKsJ7YGrxEmV0kJ2Yw
ryOqUhMRnSPEd9tnKJhizqrETnKxah5wsuA3WxH05vgXlABWLMOcTNaf7MVxfsGW
9J9Awm2NyFnVTO1nlT4K9AiuNi+Ub1MV7n2bAZ0ZrIVa6PdjYIf/KDUxkWpQgdc2
MbZXI68uzySw+ddzwR5lGkZTvNw0CV//U/qjdc8RlHo/nGij5eUdAnva1rl5CjRK
JYWMRoFBcaOduUbSAbJ9nFCd/HyF5FYMPZiOHuixMAjABRNVXz7d3Y0=
-----END CERTIFICATE-----
Generated at Mon Jun 3 02:59:37 2024 by rpki-client on console-ams.rpki-client.org