Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135352e3133332e32302e302f32342d3234203d3e203632323430.roa
File: 3135352e3133332e32302e302f32342d3234203d3e203632323430.roa (raw, json)
Hash identifier: bmd54qrKppw3FkS6POWN1agMnF4tSxLFtLGoRheQB/g=
Subject key identifier: B0:E3:39:C9:3C:5C:D6:0C:AA:0C:90:E9:9F:8A:DB:30:CE:B4:0C:52
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 61C13B257D751AB05FC3ADF009EAD7485FF573DE
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135352e3133332e32302e302f32342d3234203d3e203632323430.roa
Signing time: Tue 05 Mar 2024 14:05:17 +0000
ROA not before: Tue 05 Mar 2024 14:00:17 +0000
ROA not after: Tue 04 Mar 2025 14:05:17 +0000
asID: 62240
IP address blocks: 155.133.20.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
61:c1:3b:25:7d:75:1a:b0:5f:c3:ad:f0:09:ea:d7:48:5f:f5:73:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Mar 5 14:00:17 2024 GMT
Not After : Mar 4 14:05:17 2025 GMT
Subject: CN=B0E339C93C5CD60CAA0C90E99F8ADB30CEB40C52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:82:14:90:8e:c2:db:15:4f:a3:38:3e:e8:f3:
eb:6c:1d:56:ac:fa:61:82:64:78:8e:5a:bf:3f:83:
18:e0:b4:3b:e8:85:1c:1e:ac:1b:37:6f:36:3d:fb:
9f:00:b8:00:70:fb:25:f0:10:11:8a:0a:2d:2a:9e:
89:e2:55:9b:55:23:c9:60:ce:a4:c3:db:db:c2:d9:
f2:e8:32:00:dc:91:4f:e5:58:14:c6:a7:66:af:f2:
fb:8b:53:b8:eb:78:77:d2:0f:9f:14:dc:dd:a1:77:
a6:b4:f0:31:ff:26:57:6b:50:d6:2e:17:1d:6e:bc:
1a:1c:42:1f:23:36:29:01:df:9e:f2:05:26:61:0b:
2d:2f:e7:f4:c1:59:33:7d:a6:4d:04:9e:fe:0e:e5:
e7:22:e7:20:da:bc:eb:e8:a9:8e:26:f8:71:17:2a:
0f:78:45:cc:07:07:25:37:5d:4f:33:40:a0:69:cf:
1b:44:36:20:2a:59:4a:ed:fd:09:5f:53:df:fe:8c:
e7:78:50:05:8a:7b:85:65:ef:6a:67:10:7e:ef:0a:
71:7f:17:85:ea:5c:b9:b8:91:e5:0d:34:fd:fa:2e:
6a:90:2d:3a:24:20:0f:d0:68:c6:43:e7:32:af:de:
6f:c2:0c:cf:32:7a:64:91:51:b1:77:f6:0c:f4:57:
87:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:E3:39:C9:3C:5C:D6:0C:AA:0C:90:E9:9F:8A:DB:30:CE:B4:0C:52
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135352e3133332e32302e302f32342d3234203d3e203632323430.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
155.133.20.0/24
Signature Algorithm: sha256WithRSAEncryption
21:ef:58:a4:50:52:0e:82:8f:5b:65:47:6f:3a:d0:bd:ca:46:
ba:d0:b7:0c:3c:93:c0:bb:51:98:e6:a5:cd:c4:89:b4:b1:4f:
6d:7e:f2:77:5e:24:29:41:d6:d5:69:eb:9f:3c:2a:f1:74:22:
ef:4e:e9:7a:8e:89:20:e0:e0:e8:7e:c8:98:df:1d:44:a4:4b:
e0:ce:6f:2b:f5:85:02:cb:17:6d:97:12:bd:de:5b:e3:20:03:
bc:21:c5:cb:bc:ed:c3:31:42:d5:19:4c:7d:8f:01:fe:b1:60:
59:67:be:cb:cb:2e:23:10:49:e0:02:49:36:b3:69:15:9b:05:
29:44:c2:10:29:85:1c:25:1a:a8:19:1f:0c:f2:42:ce:54:c1:
fd:7b:84:ba:b3:e6:31:e9:e4:e5:7b:b2:ca:5c:71:17:28:4f:
b8:29:3a:6c:57:81:76:c1:be:11:a3:52:9e:5a:c6:4e:55:23:
89:ea:2e:2c:e0:14:1c:5d:32:e3:67:d8:ca:95:6d:9d:07:9f:
d9:55:43:93:a9:56:ac:15:38:4d:0a:49:7f:06:0f:2d:4c:fd:
80:b3:9d:f7:a7:b5:62:62:2e:65:11:6b:38:ec:40:ec:c7:de:
c7:1e:97:40:d1:43:98:0d:8c:d4:1d:d6:c1:67:90:7e:60:e8:
c5:5a:92:b6
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUYcE7JX11GrBfw63wCerXSF/1c94wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDAzMDUxNDAwMTdaFw0yNTAzMDQxNDA1MTdaMDMxMTAvBgNV
BAMTKEIwRTMzOUM5M0M1Q0Q2MENBQTBDOTBFOTlGOEFEQjMwQ0VCNDBDNTIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDighSQjsLbFU+jOD7o8+tsHVas
+mGCZHiOWr8/gxjgtDvohRwerBs3bzY9+58AuABw+yXwEBGKCi0qnoniVZtVI8lg
zqTD29vC2fLoMgDckU/lWBTGp2av8vuLU7jreHfSD58U3N2hd6a08DH/JldrUNYu
Fx1uvBocQh8jNikB357yBSZhCy0v5/TBWTN9pk0Env4O5eci5yDavOvoqY4m+HEX
Kg94RcwHByU3XU8zQKBpzxtENiAqWUrt/QlfU9/+jOd4UAWKe4Vl72pnEH7vCnF/
F4XqXLm4keUNNP36LmqQLTokIA/QaMZD5zKv3m/CDM8yemSRUbF39gz0V4cbAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUsOM5yTxc1gyqDJDpn4rbMM60DFIwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNTM1MmUzMTMzMzMyZTMy
MzAyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNjMyMzIzNDMwLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
m4UUMA0GCSqGSIb3DQEBCwUAA4IBAQAh71ikUFIOgo9bZUdvOtC9yka60LcMPJPA
u1GY5qXNxIm0sU9tfvJ3XiQpQdbVaeufPCrxdCLvTul6jokg4ODofsiY3x1EpEvg
zm8r9YUCyxdtlxK93lvjIAO8IcXLvO3DMULVGUx9jwH+sWBZZ77Lyy4jEEngAkk2
s2kVmwUpRMIQKYUcJRqoGR8M8kLOVMH9e4S6s+Yx6eTle7LKXHEXKE+4KTpsV4F2
wb4Ro1KeWsZOVSOJ6i4s4BQcXTLjZ9jKlW2dB5/ZVUOTqVasFThNCkl/Bg8tTP2A
s533p7ViYi5lEWs47EDsx97HHpdA0UOYDYzUHdbBZ5B+YOjFWpK2
-----END CERTIFICATE-----
Generated at Thu Nov 21 18:06:15 2024 by rpki-client on console-fra.rpki-client.org