Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135352e3133332e31312e302f32342d3234203d3e20313336373837.roa
File: 3135352e3133332e31312e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: 4NMZn828w7I6lDWzZljA3ect+8xpAdIqOjn3deCW8IU=
Subject key identifier: 37:EA:7B:95:3B:A6:75:EB:EC:E7:26:A3:82:51:4D:54:52:55:EB:74
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 7A20E8DC7C459A199965042F2A853223409598DE
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135352e3133332e31312e302f32342d3234203d3e20313336373837.roa
Signing time: Mon 26 Feb 2024 08:53:08 +0000
ROA not before: Mon 26 Feb 2024 08:48:08 +0000
ROA not after: Mon 24 Feb 2025 08:53:08 +0000
asID: 136787
IP address blocks: 155.133.11.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 14:10:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7a:20:e8:dc:7c:45:9a:19:99:65:04:2f:2a:85:32:23:40:95:98:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Feb 26 08:48:08 2024 GMT
Not After : Feb 24 08:53:08 2025 GMT
Subject: CN=37EA7B953BA675EBECE726A382514D545255EB74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:22:5e:52:e0:2e:71:b9:de:d3:91:17:bf:a5:
82:46:63:00:fc:1d:1b:79:33:35:d6:33:65:f1:51:
82:ae:8a:17:a8:0f:d3:60:c0:7a:f6:4c:c3:2d:bc:
1e:cd:47:1c:48:70:02:ef:ed:17:1e:bd:00:5b:5f:
9c:fd:1f:4c:59:f1:41:73:74:9d:1b:3e:6a:09:f2:
78:b3:26:b3:f9:68:22:0a:a4:e5:f7:41:96:29:2d:
1d:e7:66:3f:83:8c:f9:67:e9:f9:df:d5:64:8d:df:
71:f7:d0:dd:d0:b9:13:7b:7f:4c:e7:d4:fe:e3:fc:
1f:76:90:f4:ce:b9:36:13:70:b3:59:a7:e5:79:75:
9d:10:77:c0:82:83:d0:a6:64:f7:bb:72:03:65:fe:
06:cb:42:6b:28:19:df:48:fc:d9:22:a5:da:9b:e3:
95:5f:4e:77:d0:b9:0a:24:82:dd:ce:99:4e:b4:7a:
58:85:61:e9:33:41:4f:26:42:c5:9c:b3:56:f5:f9:
6b:32:dd:27:1f:fa:bf:cf:bb:fc:aa:7c:08:bf:d5:
3f:d4:ea:7f:c4:00:d7:5f:d9:8a:69:05:5e:19:95:
3a:ea:33:3f:1f:22:38:bc:82:29:7f:50:5b:0b:45:
c6:d2:10:f6:70:c6:08:14:f5:39:72:56:7b:75:23:
59:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:EA:7B:95:3B:A6:75:EB:EC:E7:26:A3:82:51:4D:54:52:55:EB:74
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135352e3133332e31312e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
155.133.11.0/24
Signature Algorithm: sha256WithRSAEncryption
33:6a:99:b7:61:19:c0:53:ff:42:ec:ef:24:b1:76:69:b3:08:
92:63:cd:f0:65:0e:d9:df:50:4d:72:3a:f9:f8:3b:25:c1:69:
97:9c:30:6d:17:1c:48:93:e7:22:f4:34:0e:63:10:1e:6b:6e:
9a:8d:da:27:b1:41:94:f3:34:cf:a9:6f:5d:62:52:fe:e3:28:
56:92:7f:d4:e4:88:2f:a2:2c:2a:bf:48:2e:4f:88:dd:51:8d:
d3:d9:f7:1d:0e:52:b6:06:8c:b0:62:12:fa:a7:bb:f3:8d:3a:
f9:3b:9d:c6:b7:01:ca:59:6d:6a:eb:6e:7e:f6:45:ef:1f:4e:
02:b7:e1:5a:41:ed:ce:61:3f:99:5d:5c:8b:d6:45:10:59:18:
28:aa:ba:c2:04:27:ad:9f:17:66:b7:85:f8:ea:f4:d5:aa:21:
91:64:c5:ec:ff:52:ab:c0:28:ab:3a:40:dc:28:85:54:b7:36:
4f:cb:ff:e7:17:b2:fb:7e:15:c5:54:97:2c:af:c0:15:bd:d4:
c7:80:95:77:71:8b:4b:71:8c:9a:1f:10:12:47:7c:a5:1c:fb:
60:0b:a7:ea:44:3c:81:b1:6d:36:9c:22:c3:f9:1e:cc:18:e9:
1a:2f:d1:87:ea:79:3b:d7:b3:e8:b0:72:69:09:e3:26:01:74:
f2:f8:6b:5f
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUeiDo3HxFmhmZZQQvKoUyI0CVmN4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDAyMjYwODQ4MDhaFw0yNTAyMjQwODUzMDhaMDMxMTAvBgNV
BAMTKDM3RUE3Qjk1M0JBNjc1RUJFQ0U3MjZBMzgyNTE0RDU0NTI1NUVCNzQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDPIl5S4C5xud7TkRe/pYJGYwD8
HRt5MzXWM2XxUYKuiheoD9NgwHr2TMMtvB7NRxxIcALv7RcevQBbX5z9H0xZ8UFz
dJ0bPmoJ8nizJrP5aCIKpOX3QZYpLR3nZj+DjPln6fnf1WSN33H30N3QuRN7f0zn
1P7j/B92kPTOuTYTcLNZp+V5dZ0Qd8CCg9CmZPe7cgNl/gbLQmsoGd9I/Nkipdqb
45VfTnfQuQokgt3OmU60eliFYekzQU8mQsWcs1b1+Wsy3Scf+r/Pu/yqfAi/1T/U
6n/EANdf2YppBV4ZlTrqMz8fIji8gil/UFsLRcbSEPZwxggU9TlyVnt1I1kXAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUN+p7lTumdevs5yajglFNVFJV63QwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNTM1MmUzMTMzMzMyZTMx
MzEyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACbhQswDQYJKoZIhvcNAQELBQADggEBADNqmbdhGcBT/0Ls7ySxdmmzCJJjzfBl
DtnfUE1yOvn4OyXBaZecMG0XHEiT5yL0NA5jEB5rbpqN2iexQZTzNM+pb11iUv7j
KFaSf9TkiC+iLCq/SC5PiN1RjdPZ9x0OUrYGjLBiEvqnu/ONOvk7nca3AcpZbWrr
bn72Re8fTgK34VpB7c5hP5ldXIvWRRBZGCiqusIEJ62fF2a3hfjq9NWqIZFkxez/
UqvAKKs6QNwohVS3Nk/L/+cXsvt+FcVUlyyvwBW91MeAlXdxi0txjJofEBJHfKUc
+2ALp+pEPIGxbTacIsP5HswY6Rov0YfqeTvXs+iwcmkJ4yYBdPL4a18=
-----END CERTIFICATE-----
Generated at Fri Apr 26 00:05:19 2024 by rpki-client on console-fra.rpki-client.org