Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135352e3133332e31362e302f32342d3234203d3e20313336373837.roa
File: 3135352e3133332e31362e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: RRZSCA3aN6Ji1o6Tx3zTm95larWB+iE8VKpOHpGy65E=
Subject key identifier: 8D:CF:1F:3C:3A:D1:B7:31:8F:5A:BD:2B:7A:9F:64:E6:F5:FD:AE:34
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 6D939089717A0F91C913E700F5D7074777EE9481
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135352e3133332e31362e302f32342d3234203d3e20313336373837.roa
Signing time: Sun 27 Oct 2024 20:05:20 +0000
ROA not before: Sun 27 Oct 2024 20:00:20 +0000
ROA not after: Sun 26 Oct 2025 20:05:20 +0000
asID: 136787
IP address blocks: 155.133.16.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6d:93:90:89:71:7a:0f:91:c9:13:e7:00:f5:d7:07:47:77:ee:94:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Oct 27 20:00:20 2024 GMT
Not After : Oct 26 20:05:20 2025 GMT
Subject: CN=8DCF1F3C3AD1B7318F5ABD2B7A9F64E6F5FDAE34
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:65:d2:f7:47:73:68:db:10:df:36:30:d5:1d:
6f:07:10:ef:5c:6f:df:dc:2a:0b:06:19:f4:ee:da:
f2:af:2d:af:d2:af:d5:70:81:4e:a4:c6:56:50:36:
9b:93:64:df:02:92:57:ca:e2:b0:98:09:cb:9d:70:
8a:a0:6c:3d:bb:18:50:90:d9:7e:51:1b:81:03:79:
97:82:3f:0b:08:7b:dc:80:1c:04:e3:83:cb:27:57:
be:57:66:2b:38:35:cd:3a:28:84:a0:7f:e9:a3:14:
3a:4b:c3:77:4d:80:51:f0:22:3f:f6:81:b9:04:b7:
49:95:75:bb:a6:22:3c:7f:86:d3:28:07:ef:ab:e8:
ce:1c:07:04:80:b9:74:a5:83:df:71:f9:ef:dc:5b:
60:60:dd:7d:11:b2:f4:a9:55:8d:1f:2f:a8:3c:58:
90:01:a7:95:95:2a:a4:24:c6:0f:5e:01:91:85:16:
66:21:2b:1a:84:53:26:2d:e1:5d:09:67:6b:98:ff:
bd:79:e5:97:2e:5f:67:ff:83:ee:a0:7a:11:1a:aa:
68:20:42:8f:96:6e:56:c5:cd:6b:5b:48:f6:05:3a:
68:e0:f8:17:0c:c2:76:26:d8:1d:35:26:98:2c:46:
4b:86:5a:5d:89:a6:4d:74:d5:cd:ef:33:1c:3b:39:
ff:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:CF:1F:3C:3A:D1:B7:31:8F:5A:BD:2B:7A:9F:64:E6:F5:FD:AE:34
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135352e3133332e31362e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
155.133.16.0/24
Signature Algorithm: sha256WithRSAEncryption
66:8d:2d:6c:65:ff:d5:ea:61:26:8a:21:c0:8f:d1:d7:c0:83:
27:e2:43:58:d8:32:02:f8:a6:05:0c:b2:dc:c6:48:83:31:df:
7f:20:ae:f7:ed:ac:4b:b7:47:c6:20:d7:59:75:33:e7:a5:85:
61:d3:9d:92:f1:1f:b3:c5:c2:83:db:39:fd:8a:ab:1c:bb:00:
e6:d2:1f:52:7d:55:4b:79:8c:8f:ff:df:61:87:79:93:e6:9d:
3f:ed:72:09:3e:73:35:d4:57:53:6e:f6:65:85:6c:06:cb:91:
0c:ed:51:e5:33:c5:ef:a0:ee:a1:54:ea:14:61:bb:47:45:4a:
ea:23:27:6f:40:31:65:58:30:b4:c1:c0:00:dd:b7:ce:1d:65:
e9:53:df:ab:38:99:9a:62:65:be:bf:95:ac:16:2f:68:aa:59:
c2:e1:d7:cf:34:2b:71:40:6d:fe:a4:ff:81:d7:ec:b3:f9:ca:
7e:ab:2c:b4:b8:64:22:43:c1:77:bf:3e:e0:71:9b:03:a2:02:
55:49:66:c8:6c:b2:8b:80:d6:d6:3e:92:f4:94:4b:b3:ad:74:
43:7a:0f:c6:dd:f0:f7:30:10:41:91:b7:1b:e2:69:54:1a:1c:
8c:6f:11:46:da:36:08:b0:a5:f2:50:74:4a:14:81:8b:0f:4a:
1f:e6:78:65
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUbZOQiXF6D5HJE+cA9dcHR3fulIEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDEwMjcyMDAwMjBaFw0yNTEwMjYyMDA1MjBaMDMxMTAvBgNV
BAMTKDhEQ0YxRjNDM0FEMUI3MzE4RjVBQkQyQjdBOUY2NEU2RjVGREFFMzQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCiZdL3R3No2xDfNjDVHW8HEO9c
b9/cKgsGGfTu2vKvLa/Sr9VwgU6kxlZQNpuTZN8CklfK4rCYCcudcIqgbD27GFCQ
2X5RG4EDeZeCPwsIe9yAHATjg8snV75XZis4Nc06KISgf+mjFDpLw3dNgFHwIj/2
gbkEt0mVdbumIjx/htMoB++r6M4cBwSAuXSlg99x+e/cW2Bg3X0RsvSpVY0fL6g8
WJABp5WVKqQkxg9eAZGFFmYhKxqEUyYt4V0JZ2uY/7155ZcuX2f/g+6gehEaqmgg
Qo+WblbFzWtbSPYFOmjg+BcMwnYm2B01JpgsRkuGWl2Jpk101c3vMxw7Of9NAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUjc8fPDrRtzGPWr0rep9k5vX9rjQwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNTM1MmUzMTMzMzMyZTMx
MzYyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACbhRAwDQYJKoZIhvcNAQELBQADggEBAGaNLWxl/9XqYSaKIcCP0dfAgyfiQ1jY
MgL4pgUMstzGSIMx338grvftrEu3R8Yg11l1M+elhWHTnZLxH7PFwoPbOf2Kqxy7
AObSH1J9VUt5jI//32GHeZPmnT/tcgk+czXUV1Nu9mWFbAbLkQztUeUzxe+g7qFU
6hRhu0dFSuojJ29AMWVYMLTBwADdt84dZelT36s4mZpiZb6/lawWL2iqWcLh1880
K3FAbf6k/4HX7LP5yn6rLLS4ZCJDwXe/PuBxmwOiAlVJZshssouA1tY+kvSUS7Ot
dEN6D8bd8PcwEEGRtxviaVQaHIxvEUbaNgiwpfJQdEoUgYsPSh/meGU=
-----END CERTIFICATE-----
Generated at Mon Nov 25 03:42:54 2024 by rpki-client on console-fra.rpki-client.org