Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3137362e3132362e36362e302f32342d3234203d3e2037393739.roa
File: 3137362e3132362e36362e302f32342d3234203d3e2037393739.roa (raw, json)
Hash identifier: EE7WyRrUVghXhEVsxCyGVW0fxLPyD/lII0MDxKlAC1Y=
Subject key identifier: AC:33:53:99:5D:C5:FC:29:AD:D8:5D:7B:2B:EE:3C:D2:58:2C:B3:CE
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 440398FB59EC546EDEDF24C0A170E7CABDF678FB
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3137362e3132362e36362e302f32342d3234203d3e2037393739.roa
Signing time: Mon 26 Feb 2024 08:53:07 +0000
ROA not before: Mon 26 Feb 2024 08:48:07 +0000
ROA not after: Mon 24 Feb 2025 08:53:07 +0000
asID: 7979
IP address blocks: 176.126.66.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 May 2024 08:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
44:03:98:fb:59:ec:54:6e:de:df:24:c0:a1:70:e7:ca:bd:f6:78:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Feb 26 08:48:07 2024 GMT
Not After : Feb 24 08:53:07 2025 GMT
Subject: CN=AC3353995DC5FC29ADD85D7B2BEE3CD2582CB3CE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:b8:8b:20:c8:bc:25:7b:b6:dd:32:68:84:3b:
97:10:f8:d4:94:69:ea:7b:f1:71:93:e6:41:5a:a0:
54:b3:c5:35:9f:fa:3f:46:af:15:76:85:19:4c:bc:
e5:f9:7f:34:69:bc:fd:83:13:ae:9e:ca:01:a6:8f:
d4:e1:52:28:ed:92:d8:ee:6c:40:8c:06:6e:a3:76:
fe:4e:8c:3e:93:2c:68:83:2e:52:78:93:8b:e7:52:
8d:c4:77:43:9b:64:3c:75:56:a0:6b:71:65:a8:14:
fb:76:fd:5c:a4:f2:6c:c5:21:d6:0a:c6:3c:d8:61:
77:a3:ff:24:db:9b:e6:8b:a3:a2:69:84:22:45:d5:
e7:5b:46:dc:56:01:7c:1b:b4:dd:4e:39:cc:90:0a:
74:36:8d:ad:5b:a7:59:9d:92:06:d3:4d:98:1c:21:
6c:a5:37:ff:12:a8:77:6a:89:fc:50:17:77:3b:09:
f4:d5:85:0f:a0:93:1d:7b:3c:b5:6a:09:46:c1:78:
fe:bf:be:e4:08:43:89:b9:48:c1:5d:52:20:5d:3c:
06:e8:41:58:9a:e6:f3:3c:01:e9:7d:28:62:e9:ca:
eb:f2:fd:9d:07:f7:3f:80:8a:98:e8:12:8e:cd:7e:
f9:68:de:da:92:cd:b4:82:cf:e3:61:54:40:2a:59:
28:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:33:53:99:5D:C5:FC:29:AD:D8:5D:7B:2B:EE:3C:D2:58:2C:B3:CE
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3137362e3132362e36362e302f32342d3234203d3e2037393739.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.126.66.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:0c:a9:05:2f:40:8f:90:11:c3:24:fd:3b:75:d8:9d:34:e7:
b3:e3:08:8f:78:04:69:e2:c1:12:5a:19:b4:97:fd:72:36:ff:
95:8f:db:f4:16:2f:bb:79:88:8f:10:37:14:9f:d8:eb:25:f1:
3e:e1:3e:a2:9c:93:97:a3:e2:01:60:3d:e6:7d:b1:a3:4a:46:
aa:fc:9d:c5:8f:3b:2b:60:02:b8:9d:75:e9:b2:6e:ec:1d:1a:
61:39:7a:30:a6:dc:8c:60:46:95:e7:4c:43:d2:ab:94:94:6e:
e5:94:3a:2f:4d:96:40:d6:b7:55:26:d3:15:dd:33:2c:9b:b9:
ba:77:e4:74:e7:ee:11:fd:51:af:9d:c1:26:28:d6:b2:02:53:
d5:d7:6e:ef:4d:29:cc:2f:36:bb:2d:c7:9c:38:4c:57:df:40:
2d:36:49:c5:e8:60:6f:3f:ae:82:4b:ea:68:17:fe:43:67:d9:
96:1d:24:6a:d4:be:49:bf:2f:b0:4d:65:f5:97:1c:c0:70:01:
c4:7f:6c:ae:ac:56:2d:3e:a8:7b:1c:0c:0c:b1:b7:d7:02:a3:
10:2e:f1:f8:72:7f:85:69:bc:22:a6:20:97:2f:26:38:8f:4c:
49:87:18:8f:76:6b:0e:e6:90:af:59:5f:1a:7b:da:c7:11:1d:
e6:1b:32:f8
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIURAOY+1nsVG7e3yTAoXDnyr32ePswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDAyMjYwODQ4MDdaFw0yNTAyMjQwODUzMDdaMDMxMTAvBgNV
BAMTKEFDMzM1Mzk5NURDNUZDMjlBREQ4NUQ3QjJCRUUzQ0QyNTgyQ0IzQ0UwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMuIsgyLwle7bdMmiEO5cQ+NSU
aep78XGT5kFaoFSzxTWf+j9GrxV2hRlMvOX5fzRpvP2DE66eygGmj9ThUijtktju
bECMBm6jdv5OjD6TLGiDLlJ4k4vnUo3Ed0ObZDx1VqBrcWWoFPt2/Vyk8mzFIdYK
xjzYYXej/yTbm+aLo6JphCJF1edbRtxWAXwbtN1OOcyQCnQ2ja1bp1mdkgbTTZgc
IWylN/8SqHdqifxQF3c7CfTVhQ+gkx17PLVqCUbBeP6/vuQIQ4m5SMFdUiBdPAbo
QVia5vM8Ael9KGLpyuvy/Z0H9z+AipjoEo7Nfvlo3tqSzbSCz+NhVEAqWShJAgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQUrDNTmV3F/Cmt2F17K+480lgss84wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNzM2MmUzMTMyMzYyZTM2
MzYyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNzM5MzczOS5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALB+
QjANBgkqhkiG9w0BAQsFAAOCAQEAawypBS9Aj5ARwyT9O3XYnTTns+MIj3gEaeLB
EloZtJf9cjb/lY/b9BYvu3mIjxA3FJ/Y6yXxPuE+opyTl6PiAWA95n2xo0pGqvyd
xY87K2ACuJ116bJu7B0aYTl6MKbcjGBGledMQ9KrlJRu5ZQ6L02WQNa3VSbTFd0z
LJu5unfkdOfuEf1Rr53BJijWsgJT1ddu700pzC82uy3HnDhMV99ALTZJxehgbz+u
gkvqaBf+Q2fZlh0katS+Sb8vsE1l9ZccwHABxH9srqxWLT6oexwMDLG31wKjEC7x
+HJ/hWm8IqYgly8mOI9MSYcYj3ZrDuaQr1lfGnvaxxEd5hsy+A==
-----END CERTIFICATE-----
Generated at Mon May 20 14:35:46 2024 by rpki-client on console-fra.rpki-client.org