Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135352e3133332e31352e302f32342d3234203d3e20313336373837.roa
File: 3135352e3133332e31352e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: nICWRclt5W0mDxIl9VzPdjTsbHKtRlhOkneP1OauUd0=
Subject key identifier: 21:CB:51:52:A1:5C:FE:A8:B4:9A:2D:63:F0:60:37:A2:5B:26:A5:95
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 1D01D5A7E4AA2F837B787B8200AE9D7A2602192E
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135352e3133332e31352e302f32342d3234203d3e20313336373837.roa
Signing time: Mon 26 Feb 2024 08:53:19 +0000
ROA not before: Mon 26 Feb 2024 08:48:19 +0000
ROA not after: Mon 24 Feb 2025 08:53:19 +0000
asID: 136787
IP address blocks: 155.133.15.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1d:01:d5:a7:e4:aa:2f:83:7b:78:7b:82:00:ae:9d:7a:26:02:19:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Feb 26 08:48:19 2024 GMT
Not After : Feb 24 08:53:19 2025 GMT
Subject: CN=21CB5152A15CFEA8B49A2D63F06037A25B26A595
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:26:24:07:51:6d:f2:e2:48:a4:06:39:36:ad:
5d:b6:0a:a8:5d:6e:dc:44:e0:57:ad:f9:8a:74:ed:
38:a7:78:70:51:14:64:30:c0:92:b5:a0:6e:af:a0:
02:5c:6e:ab:3e:09:05:15:77:2f:f2:7c:36:da:d1:
9e:f3:b5:b7:61:4d:8a:18:91:85:2e:75:ab:cc:53:
e5:a9:df:75:c7:48:85:90:52:8d:57:51:f9:9c:df:
fd:db:de:32:0a:3c:7d:3e:f8:74:32:0c:52:89:f8:
97:1a:ad:31:a0:e3:d1:9b:4b:04:54:9d:dd:88:c0:
71:5d:ca:2f:68:f5:6c:96:a3:4f:e7:e6:56:8f:3b:
3f:7e:ee:57:b2:c3:f2:95:06:03:6e:8d:89:88:25:
3c:3d:3a:28:0f:d2:20:3a:86:e9:8d:e0:77:3d:dd:
a0:c9:c4:f5:8f:ac:4a:be:cf:f7:5e:4e:80:94:d1:
7b:51:9f:50:ee:e8:25:ec:5f:1d:79:92:c4:fd:0b:
c4:95:a8:60:1c:69:7c:c7:d4:6f:e0:db:97:b0:8b:
40:bb:f3:72:14:06:8e:18:d5:1f:b2:11:c2:29:83:
be:8b:c8:5c:57:89:03:87:cc:d5:2f:16:1e:09:00:
07:38:fc:72:cf:96:1d:26:e0:03:72:57:4e:be:33:
14:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:CB:51:52:A1:5C:FE:A8:B4:9A:2D:63:F0:60:37:A2:5B:26:A5:95
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135352e3133332e31352e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
155.133.15.0/24
Signature Algorithm: sha256WithRSAEncryption
32:b1:35:85:80:b6:97:01:9a:fc:da:9b:57:49:1d:5d:3f:4e:
a7:fd:c8:97:77:4e:33:a4:06:cf:4d:e0:cc:4b:91:73:a0:27:
e1:33:d0:da:cd:76:b5:28:4a:c4:94:9e:47:e0:0c:93:78:f8:
dc:24:cc:cd:21:1b:a8:8e:55:49:76:81:5e:8f:e3:b8:4e:df:
2e:7e:9b:82:29:b4:27:dc:c2:38:43:5d:df:cd:da:95:81:2b:
97:ef:ae:fe:59:cd:bd:be:e8:df:73:58:a4:ba:74:41:22:13:
34:73:89:28:71:85:5e:97:84:d0:b5:e2:c9:e7:28:ab:10:60:
52:4d:d9:8f:b2:7a:0d:a7:5a:74:e5:7f:7d:6f:fb:67:a2:8b:
8f:61:51:a0:c8:95:1f:7f:44:84:23:cf:79:db:73:17:4d:20:
81:e5:50:33:b4:e3:71:07:85:0d:6e:34:53:40:24:7a:fc:1a:
2e:da:af:07:fe:08:fb:30:4b:77:fc:04:7c:3a:e3:d2:ab:b5:
d2:6e:a5:95:22:54:e7:40:48:57:df:ce:40:f9:95:7e:db:61:
72:b8:bb:48:38:0b:4e:5f:08:6f:2b:95:2a:b4:24:cb:7b:7e:
4c:8e:d2:a1:6c:3c:36:1d:b5:8a:ad:d7:c8:36:b1:1a:4b:b9:
53:3e:47:27
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUHQHVp+SqL4N7eHuCAK6deiYCGS4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDAyMjYwODQ4MTlaFw0yNTAyMjQwODUzMTlaMDMxMTAvBgNV
BAMTKDIxQ0I1MTUyQTE1Q0ZFQThCNDlBMkQ2M0YwNjAzN0EyNUIyNkE1OTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCaJiQHUW3y4kikBjk2rV22Cqhd
btxE4Fet+Yp07TineHBRFGQwwJK1oG6voAJcbqs+CQUVdy/yfDba0Z7ztbdhTYoY
kYUudavMU+Wp33XHSIWQUo1XUfmc3/3b3jIKPH0++HQyDFKJ+JcarTGg49GbSwRU
nd2IwHFdyi9o9WyWo0/n5laPOz9+7leyw/KVBgNujYmIJTw9OigP0iA6humN4Hc9
3aDJxPWPrEq+z/deToCU0XtRn1Du6CXsXx15ksT9C8SVqGAcaXzH1G/g25ewi0C7
83IUBo4Y1R+yEcIpg76LyFxXiQOHzNUvFh4JAAc4/HLPlh0m4ANyV06+MxRbAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUIctRUqFc/qi0mi1j8GA3olsmpZUwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNTM1MmUzMTMzMzMyZTMx
MzUyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACbhQ8wDQYJKoZIhvcNAQELBQADggEBADKxNYWAtpcBmvzam1dJHV0/Tqf9yJd3
TjOkBs9N4MxLkXOgJ+Ez0NrNdrUoSsSUnkfgDJN4+NwkzM0hG6iOVUl2gV6P47hO
3y5+m4IptCfcwjhDXd/N2pWBK5fvrv5Zzb2+6N9zWKS6dEEiEzRziShxhV6XhNC1
4snnKKsQYFJN2Y+yeg2nWnTlf31v+2eii49hUaDIlR9/RIQjz3nbcxdNIIHlUDO0
43EHhQ1uNFNAJHr8Gi7arwf+CPswS3f8BHw649KrtdJupZUiVOdASFffzkD5lX7b
YXK4u0g4C05fCG8rlSq0JMt7fkyO0qFsPDYdtYqt18g2sRpLuVM+Ryc=
-----END CERTIFICATE-----
Generated at Wed May 8 11:32:58 2024 by rpki-client on console-ams.rpki-client.org