Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135352e3133332e31332e302f32342d3234203d3e20313336373837.roa
File: 3135352e3133332e31332e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: KiQF2KplpIIp6hOaQVWxb8HYKU/LnJ7WauB3gmK8zms=
Subject key identifier: 13:A2:9F:F2:59:C5:02:6B:C4:E6:4C:6C:67:57:DA:EC:B8:09:AC:5B
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 1ED84F9F4423706EC3D10D13959CBDBE721553C7
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135352e3133332e31332e302f32342d3234203d3e20313336373837.roa
Signing time: Sat 02 Mar 2024 21:54:06 +0000
ROA not before: Sat 02 Mar 2024 21:49:06 +0000
ROA not after: Sat 01 Mar 2025 21:54:06 +0000
asID: 136787
IP address blocks: 155.133.13.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1e:d8:4f:9f:44:23:70:6e:c3:d1:0d:13:95:9c:bd:be:72:15:53:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Mar 2 21:49:06 2024 GMT
Not After : Mar 1 21:54:06 2025 GMT
Subject: CN=13A29FF259C5026BC4E64C6C6757DAECB809AC5B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:ad:c1:3b:94:3d:58:03:0a:cd:b2:27:11:a9:
81:01:63:f4:3a:94:d6:73:d0:b0:22:44:4d:8c:6f:
d3:e7:43:b5:44:df:0f:77:80:ea:89:7b:6f:a6:3f:
09:42:4d:b8:80:29:b6:d9:2e:2d:29:0c:63:2c:2a:
45:18:0f:58:0b:f7:f0:89:a6:bb:53:d1:74:65:96:
aa:a2:61:4d:51:2d:b7:8b:4a:05:b7:8c:45:01:b2:
b0:d1:94:08:e0:a5:12:e1:55:8b:7f:bd:38:d8:e1:
c7:54:a6:ef:b1:56:b1:53:4e:14:7e:89:1e:9c:94:
3b:c8:e7:a5:08:2d:93:da:39:17:8a:fc:96:56:f7:
6b:a2:e8:13:63:82:76:92:2c:77:56:e4:c5:a7:f2:
7d:38:b9:53:e1:b4:04:7a:dc:55:76:e9:db:5a:ff:
ad:0d:98:e6:d2:f6:e1:3a:8c:58:17:e3:ef:46:88:
83:8b:80:0d:ca:3f:50:a9:51:53:a7:a5:11:e3:ec:
bc:84:ed:f4:8b:2f:92:ca:8c:7e:32:bc:37:ed:45:
be:27:29:65:c8:9f:a9:7c:23:46:d7:9e:fd:37:d5:
11:89:02:3e:b6:f9:22:89:04:9e:4e:f4:d1:05:6a:
7f:78:15:e3:b3:f2:9f:26:90:4a:dc:0b:4e:d0:75:
24:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:A2:9F:F2:59:C5:02:6B:C4:E6:4C:6C:67:57:DA:EC:B8:09:AC:5B
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135352e3133332e31332e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
155.133.13.0/24
Signature Algorithm: sha256WithRSAEncryption
13:61:90:c2:1b:d2:9b:6c:e5:b8:35:d0:9b:08:1f:5b:5f:f3:
fb:34:ad:2c:49:d2:6b:05:9d:75:d1:0a:b5:8c:dc:4e:28:2d:
d5:78:04:3b:a7:32:f8:bb:72:55:c1:93:c3:38:c6:74:1a:49:
b9:bf:ad:7d:99:56:36:9e:9d:ce:33:0c:e7:ed:13:43:29:d0:
e2:7e:09:ea:16:c6:45:12:fb:1a:db:a8:4c:e5:d7:4a:25:30:
74:22:0e:e4:f7:fc:e7:ab:4f:63:9c:f6:19:c8:6b:91:d7:9b:
24:c7:31:bf:1b:86:ae:7c:5a:b9:4c:c0:25:5a:54:9c:94:e8:
37:14:f5:57:ca:11:01:84:6b:0e:90:35:67:91:cc:bf:a1:a2:
2f:3f:0c:70:8e:59:b6:35:03:8d:40:6a:e1:b2:70:39:2d:7f:
fe:96:21:37:ef:1a:36:c9:cf:2f:c5:6e:2a:c7:73:83:fb:40:
94:3f:dd:de:d8:43:64:b1:73:b3:48:65:43:77:e5:fe:52:03:
b7:9d:5a:44:00:0d:1b:2d:a6:27:55:8f:74:e6:c4:f7:bc:67:
17:4c:0c:1d:1d:d9:d7:f2:8f:ce:4e:de:b6:0c:30:17:93:34:
51:7f:4f:d9:49:0c:cf:fd:e4:5d:e7:87:b8:ad:b5:d1:29:9d:
84:b3:3b:74
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUHthPn0QjcG7D0Q0TlZy9vnIVU8cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDAzMDIyMTQ5MDZaFw0yNTAzMDEyMTU0MDZaMDMxMTAvBgNV
BAMTKDEzQTI5RkYyNTlDNTAyNkJDNEU2NEM2QzY3NTdEQUVDQjgwOUFDNUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvrcE7lD1YAwrNsicRqYEBY/Q6
lNZz0LAiRE2Mb9PnQ7VE3w93gOqJe2+mPwlCTbiAKbbZLi0pDGMsKkUYD1gL9/CJ
prtT0XRllqqiYU1RLbeLSgW3jEUBsrDRlAjgpRLhVYt/vTjY4cdUpu+xVrFTThR+
iR6clDvI56UILZPaOReK/JZW92ui6BNjgnaSLHdW5MWn8n04uVPhtAR63FV26dta
/60NmObS9uE6jFgX4+9GiIOLgA3KP1CpUVOnpRHj7LyE7fSLL5LKjH4yvDftRb4n
KWXIn6l8I0bXnv031RGJAj62+SKJBJ5O9NEFan94FeOz8p8mkErcC07QdSRRAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUE6Kf8lnFAmvE5kxsZ1fa7LgJrFswHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNTM1MmUzMTMzMzMyZTMx
MzMyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACbhQ0wDQYJKoZIhvcNAQELBQADggEBABNhkMIb0pts5bg10JsIH1tf8/s0rSxJ
0msFnXXRCrWM3E4oLdV4BDunMvi7clXBk8M4xnQaSbm/rX2ZVjaenc4zDOftE0Mp
0OJ+CeoWxkUS+xrbqEzl10olMHQiDuT3/OerT2Oc9hnIa5HXmyTHMb8bhq58WrlM
wCVaVJyU6DcU9VfKEQGEaw6QNWeRzL+hoi8/DHCOWbY1A41AauGycDktf/6WITfv
GjbJzy/FbirHc4P7QJQ/3d7YQ2Sxc7NIZUN35f5SA7edWkQADRstpidVj3TmxPe8
ZxdMDB0d2dfyj85O3rYMMBeTNFF/T9lJDM/95F3nh7ittdEpnYSzO3Q=
-----END CERTIFICATE-----
Generated at Wed May 8 11:54:23 2024 by rpki-client on console-fra.rpki-client.org