Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135352e3133332e31382e302f32342d3234203d3e20313336373837.roa
File: 3135352e3133332e31382e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: 9KvYfNQVKDxB54ihe3tjTQFjc9zzUSq9RhyAzcbI16A=
Subject key identifier: 2A:30:C9:EA:F2:89:CE:83:33:A6:19:6F:FF:78:B2:3D:89:75:1E:18
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 38517A1598BE8787AD754498A8369886CFFE8851
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135352e3133332e31382e302f32342d3234203d3e20313336373837.roa
Signing time: Sat 02 Mar 2024 21:54:07 +0000
ROA not before: Sat 02 Mar 2024 21:49:07 +0000
ROA not after: Sat 01 Mar 2025 21:54:07 +0000
asID: 136787
IP address blocks: 155.133.18.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
38:51:7a:15:98:be:87:87:ad:75:44:98:a8:36:98:86:cf:fe:88:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Mar 2 21:49:07 2024 GMT
Not After : Mar 1 21:54:07 2025 GMT
Subject: CN=2A30C9EAF289CE8333A6196FFF78B23D89751E18
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:b0:da:30:32:de:12:0b:22:2c:ad:b8:20:23:
fe:2e:4a:50:43:58:db:27:3b:2e:74:a4:eb:49:5f:
5b:37:16:62:89:3a:63:f2:74:4f:2e:86:84:58:00:
70:41:90:52:a8:91:51:94:04:e9:5c:61:43:39:64:
2b:dc:87:68:01:c3:18:cd:fe:e1:aa:7e:62:ab:e1:
05:10:7c:a1:b0:b1:e8:c8:bf:b8:f0:14:56:50:6d:
b0:70:27:a6:7d:98:bd:6a:48:3c:82:f5:25:7a:93:
f7:0d:18:2a:ac:e3:a5:db:36:99:2a:31:3e:b2:89:
b9:21:f4:aa:8c:7b:02:9d:e5:cb:b6:4f:d9:c3:d5:
61:c5:35:55:60:0f:1e:c9:db:39:94:27:72:cd:5b:
a9:de:3f:d8:e7:77:92:1f:47:c6:21:2e:3a:a6:af:
34:db:17:55:e3:48:ef:ff:c1:b7:2c:13:6c:9e:42:
60:07:e8:4b:a9:e7:2b:0d:75:99:a6:e9:24:c9:9c:
7c:b8:46:b0:3d:74:61:c2:ca:3b:20:4b:a0:7e:29:
4b:bc:10:6b:d6:25:5a:24:df:3a:7c:98:4e:ab:b7:
3c:3f:82:60:54:73:5d:a0:6d:1e:16:56:d0:5f:0a:
9f:15:87:a9:5f:62:40:93:a6:4d:ef:91:91:6b:10:
91:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:30:C9:EA:F2:89:CE:83:33:A6:19:6F:FF:78:B2:3D:89:75:1E:18
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135352e3133332e31382e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
155.133.18.0/24
Signature Algorithm: sha256WithRSAEncryption
37:30:f6:2e:e6:b0:de:c7:20:f8:81:b5:5f:08:23:45:65:7f:
fb:0d:97:fb:1d:0e:1f:37:c8:91:4d:c1:4d:43:e8:e5:93:9d:
1c:f1:d2:8d:8a:b8:9b:98:ce:2d:62:a7:65:8b:16:44:5d:0a:
e4:92:2f:08:22:db:a7:97:b6:8b:d4:8a:7c:99:2b:a5:ff:74:
30:d8:4a:dc:64:6b:b7:4c:db:d5:b4:22:58:6f:63:4f:35:47:
54:c4:36:3e:13:eb:0f:53:35:69:d0:e2:cb:99:80:f5:30:55:
d1:ce:c9:e7:fe:d3:e0:53:fe:c9:19:9c:1c:3d:b8:01:29:ec:
ff:d6:b1:c1:40:3b:5d:24:2f:79:fe:10:22:59:18:3d:14:ba:
24:24:a1:61:e2:c8:6b:c7:bf:00:26:ac:4f:dd:ee:0d:9f:29:
9f:73:87:97:48:f9:78:bd:86:1e:d3:c2:9b:9d:13:11:ef:c9:
f8:2c:34:0f:69:c4:f9:8a:cb:15:ea:8b:0a:ce:90:6f:bf:72:
b7:e5:bb:79:b2:cc:3f:2a:9f:f3:78:d1:3d:53:04:4c:6c:f5:
fd:4d:27:1f:04:cb:87:b0:94:57:db:81:28:0e:76:23:4f:fc:
61:47:b9:6b:43:28:4f:1b:de:c0:56:ab:4d:68:fe:41:66:ab:
dc:87:69:4b
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUOFF6FZi+h4etdUSYqDaYhs/+iFEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDAzMDIyMTQ5MDdaFw0yNTAzMDEyMTU0MDdaMDMxMTAvBgNV
BAMTKDJBMzBDOUVBRjI4OUNFODMzM0E2MTk2RkZGNzhCMjNEODk3NTFFMTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCpsNowMt4SCyIsrbggI/4uSlBD
WNsnOy50pOtJX1s3FmKJOmPydE8uhoRYAHBBkFKokVGUBOlcYUM5ZCvch2gBwxjN
/uGqfmKr4QUQfKGwsejIv7jwFFZQbbBwJ6Z9mL1qSDyC9SV6k/cNGCqs46XbNpkq
MT6yibkh9KqMewKd5cu2T9nD1WHFNVVgDx7J2zmUJ3LNW6neP9jnd5IfR8YhLjqm
rzTbF1XjSO//wbcsE2yeQmAH6Eup5ysNdZmm6STJnHy4RrA9dGHCyjsgS6B+KUu8
EGvWJVok3zp8mE6rtzw/gmBUc12gbR4WVtBfCp8Vh6lfYkCTpk3vkZFrEJH5AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUKjDJ6vKJzoMzphlv/3iyPYl1HhgwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNTM1MmUzMTMzMzMyZTMx
MzgyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACbhRIwDQYJKoZIhvcNAQELBQADggEBADcw9i7msN7HIPiBtV8II0Vlf/sNl/sd
Dh83yJFNwU1D6OWTnRzx0o2KuJuYzi1ip2WLFkRdCuSSLwgi26eXtovUinyZK6X/
dDDYStxka7dM29W0IlhvY081R1TENj4T6w9TNWnQ4suZgPUwVdHOyef+0+BT/skZ
nBw9uAEp7P/WscFAO10kL3n+ECJZGD0UuiQkoWHiyGvHvwAmrE/d7g2fKZ9zh5dI
+Xi9hh7TwpudExHvyfgsNA9pxPmKyxXqiwrOkG+/crflu3myzD8qn/N40T1TBExs
9f1NJx8Ey4ewlFfbgSgOdiNP/GFHuWtDKE8b3sBWq01o/kFmq9yHaUs=
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:07:02 2024 by rpki-client on console-fra.rpki-client.org