Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135352e3133332e31372e302f32342d3234203d3e203632323430.roa
File: 3135352e3133332e31372e302f32342d3234203d3e203632323430.roa (raw, json)
Hash identifier: r6d5NigtE+4xbHvrQxPoDLKeNPKQ4QqAewjIL187NTc=
Subject key identifier: 83:C7:5B:D7:4B:1E:F0:12:71:26:8F:42:A6:79:97:43:12:BE:50:7E
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 293AF98875E6A07A5607A6F6C1B9CB29C45E1EA9
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135352e3133332e31372e302f32342d3234203d3e203632323430.roa
Signing time: Tue 05 Nov 2024 09:05:28 +0000
ROA not before: Tue 05 Nov 2024 09:00:28 +0000
ROA not after: Tue 04 Nov 2025 09:05:28 +0000
asID: 62240
IP address blocks: 155.133.17.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
29:3a:f9:88:75:e6:a0:7a:56:07:a6:f6:c1:b9:cb:29:c4:5e:1e:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Nov 5 09:00:28 2024 GMT
Not After : Nov 4 09:05:28 2025 GMT
Subject: CN=83C75BD74B1EF01271268F42A679974312BE507E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:7a:38:db:f7:1e:77:bb:11:63:81:c8:00:42:
e2:df:4f:78:b8:0f:3b:51:99:3e:91:aa:5c:c1:4b:
ba:40:52:62:45:ab:ac:2e:81:12:ff:77:f1:2c:9b:
f0:49:f5:5a:16:04:68:3c:23:31:6a:a6:4e:97:c7:
83:e5:82:87:b9:29:15:7a:81:96:fe:df:8e:40:ad:
79:93:c6:66:a2:e5:7c:37:61:fa:93:aa:80:46:91:
05:f0:5c:cd:43:6b:da:f5:9a:89:f3:11:3a:b4:bb:
48:4d:13:24:81:6f:7f:4a:8e:5a:73:57:d8:ff:8f:
65:a1:25:af:19:dd:3d:e7:5c:57:cb:07:13:dd:4b:
87:0e:5c:c6:3e:95:88:bd:ce:d9:09:52:27:dd:72:
04:25:88:9e:17:98:da:26:eb:98:0a:21:7b:7e:d7:
d5:d1:6b:f2:59:b7:77:14:8b:75:e3:c0:06:28:90:
43:7a:e1:68:11:e0:84:ea:8d:a1:98:f2:ff:c6:42:
42:8a:cc:47:bc:6e:f5:24:3a:f9:48:73:f9:e4:fc:
f7:e5:d5:e0:18:f2:91:c3:7b:7e:16:4e:cc:ec:2a:
f5:4a:f3:0f:58:53:97:51:85:4a:95:9a:ef:cd:ab:
69:f2:1a:f6:6a:1a:82:5d:84:55:f8:0e:d2:ff:41:
d1:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:C7:5B:D7:4B:1E:F0:12:71:26:8F:42:A6:79:97:43:12:BE:50:7E
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135352e3133332e31372e302f32342d3234203d3e203632323430.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
155.133.17.0/24
Signature Algorithm: sha256WithRSAEncryption
9f:23:3b:5f:40:2f:d8:23:fd:b5:bf:cf:77:ae:bf:c9:2d:10:
b1:fd:4d:5d:e5:07:19:9a:e2:ac:dc:71:0f:9e:d1:b2:3f:f1:
84:d3:d5:44:96:91:9c:e9:a6:4b:20:6c:87:24:25:6a:af:70:
c2:3d:e2:25:40:89:24:87:1d:9c:bb:c8:0c:c6:b7:87:de:f0:
e6:0a:96:0b:b1:b6:cb:b2:df:fc:92:72:3e:f5:81:56:3b:95:
7a:3a:71:ee:bd:8a:a3:88:31:58:ed:fc:ae:14:8c:ed:9e:d6:
ba:1e:4e:ee:b0:7d:5c:fb:da:06:d3:f1:a1:06:63:9b:e5:b8:
ec:f6:c7:5d:0b:e8:1f:8c:11:08:d7:32:ee:10:99:d1:52:c6:
4c:2b:26:1f:3e:b0:d0:42:fe:be:18:31:63:e7:07:f8:0b:7f:
47:ad:0a:73:a7:61:49:f1:fe:03:3c:c9:78:a3:80:b5:b9:f4:
8e:45:33:7f:fd:c2:46:91:32:88:09:d7:48:ff:13:20:3d:44:
77:f7:bd:73:bd:5d:0e:dd:c6:54:13:0a:14:f8:64:75:b3:97:
a9:4f:b1:80:aa:8c:54:5c:b9:e2:ac:bc:fa:48:37:37:c5:49:
0f:18:86:ba:3a:09:42:a2:07:3e:20:d8:4b:37:ec:a6:6b:f0:
38:8e:c2:43
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUKTr5iHXmoHpWB6b2wbnLKcReHqkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDExMDUwOTAwMjhaFw0yNTExMDQwOTA1MjhaMDMxMTAvBgNV
BAMTKDgzQzc1QkQ3NEIxRUYwMTI3MTI2OEY0MkE2Nzk5NzQzMTJCRTUwN0UwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC4ejjb9x53uxFjgcgAQuLfT3i4
DztRmT6RqlzBS7pAUmJFq6wugRL/d/Esm/BJ9VoWBGg8IzFqpk6Xx4Plgoe5KRV6
gZb+345ArXmTxmai5Xw3YfqTqoBGkQXwXM1Da9r1monzETq0u0hNEySBb39Kjlpz
V9j/j2WhJa8Z3T3nXFfLBxPdS4cOXMY+lYi9ztkJUifdcgQliJ4XmNom65gKIXt+
19XRa/JZt3cUi3XjwAYokEN64WgR4ITqjaGY8v/GQkKKzEe8bvUkOvlIc/nk/Pfl
1eAY8pHDe34WTszsKvVK8w9YU5dRhUqVmu/Nq2nyGvZqGoJdhFX4DtL/QdH3AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUg8db10se8BJxJo9CpnmXQxK+UH4wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNTM1MmUzMTMzMzMyZTMx
MzcyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNjMyMzIzNDMwLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
m4URMA0GCSqGSIb3DQEBCwUAA4IBAQCfIztfQC/YI/21v893rr/JLRCx/U1d5QcZ
muKs3HEPntGyP/GE09VElpGc6aZLIGyHJCVqr3DCPeIlQIkkhx2cu8gMxreH3vDm
CpYLsbbLst/8knI+9YFWO5V6OnHuvYqjiDFY7fyuFIztnta6Hk7usH1c+9oG0/Gh
BmOb5bjs9sddC+gfjBEI1zLuEJnRUsZMKyYfPrDQQv6+GDFj5wf4C39HrQpzp2FJ
8f4DPMl4o4C1ufSORTN//cJGkTKICddI/xMgPUR3971zvV0O3cZUEwoU+GR1s5ep
T7GAqoxUXLnirLz6SDc3xUkPGIa6OglCogc+INhLN+yma/A4jsJD
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:35:25 2024 by rpki-client on console-ams.rpki-client.org