Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135352e3133332e36362e302f32342d3234203d3e20313336373837.roa
File: 3135352e3133332e36362e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: K6GUwo67bLqqEW2ziJevEkbqluuga1NXu2w9B0i2jK4=
Subject key identifier: 16:98:41:55:3E:CC:4A:E6:DE:A3:AF:E6:B3:B5:5D:67:0E:F4:B9:FC
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 63E1D760EE8B6102EE2319A184A1C68301B0AD89
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135352e3133332e36362e302f32342d3234203d3e20313336373837.roa
Signing time: Sun 26 Nov 2023 19:47:56 +0000
ROA not before: Sun 26 Nov 2023 19:42:56 +0000
ROA not after: Sun 24 Nov 2024 19:47:56 +0000
asID: 136787
IP address blocks: 155.133.66.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 08 May 2024 14:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
63:e1:d7:60:ee:8b:61:02:ee:23:19:a1:84:a1:c6:83:01:b0:ad:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Nov 26 19:42:56 2023 GMT
Not After : Nov 24 19:47:56 2024 GMT
Subject: CN=169841553ECC4AE6DEA3AFE6B3B55D670EF4B9FC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:f4:a9:64:00:af:24:61:ec:45:ac:a5:23:c2:
f1:1e:e2:bb:2f:6f:2e:47:e4:f5:06:07:56:6e:6f:
af:57:38:35:9a:5f:ae:9f:19:e1:3a:54:9c:e9:c4:
37:be:c5:f2:10:8b:59:06:69:f0:e9:f4:bc:88:01:
67:70:b4:7d:f9:56:9f:c4:1a:82:8f:26:97:89:55:
f4:b5:21:e0:d3:d6:7f:42:b5:3f:9d:b0:55:cc:fa:
3b:06:1e:2e:34:1b:9b:ba:1f:b1:60:27:df:2e:b2:
bf:5f:f7:f2:68:bd:18:1c:ca:98:1e:04:b0:f3:07:
46:6a:dc:30:48:ab:45:7a:23:a9:33:2d:5c:ef:ec:
4b:3c:19:11:6e:7c:aa:4b:82:5b:d7:a9:8d:7a:0a:
ad:56:ac:2b:44:a0:e4:15:7c:64:55:ae:d8:83:a9:
cb:7f:c1:89:90:15:20:37:26:b8:a4:13:39:70:53:
bd:1d:dd:62:77:31:32:3f:c0:96:f1:4c:0a:95:96:
54:19:1f:1a:5b:6f:28:15:f9:c5:eb:b9:3e:fd:e4:
76:92:ee:fa:9f:52:6b:7b:83:18:43:9e:be:47:5f:
89:da:20:ee:77:e2:e8:fd:a3:95:16:88:29:7b:b3:
0b:4a:0e:db:fb:07:bb:73:ea:5f:dd:07:1e:10:13:
6d:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:98:41:55:3E:CC:4A:E6:DE:A3:AF:E6:B3:B5:5D:67:0E:F4:B9:FC
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135352e3133332e36362e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
155.133.66.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:35:e2:f5:8d:c0:66:f4:6c:ae:7f:03:3e:ba:2a:62:bb:69:
a0:40:a5:02:f4:53:39:4b:a1:0c:eb:5d:b0:05:a4:57:31:6a:
78:6b:d8:9e:9b:63:81:57:7f:9b:85:96:17:5a:d4:92:6b:54:
53:c1:fb:2e:c2:a4:97:fa:aa:f7:c8:ac:61:78:82:19:d6:23:
71:54:d0:04:bf:da:64:d3:37:3e:ef:4d:41:04:ff:9e:99:7c:
d4:88:b7:d3:09:f6:95:23:09:a0:d9:6c:d7:6b:52:fb:3c:7e:
4b:67:23:f7:33:67:5a:d7:a1:ba:b5:c8:b8:7d:aa:2f:1b:18:
da:f3:1e:fe:1f:33:4a:7b:82:5f:3d:dc:a6:7b:86:25:8a:9e:
40:ed:32:48:34:ca:b6:90:69:dc:af:be:88:e5:f4:e0:46:d2:
65:5b:ae:93:89:48:88:a0:9a:cf:30:7e:f6:89:0b:3f:ce:c8:
d7:66:5e:09:14:2a:b7:53:be:5d:0a:35:25:f4:3c:4e:c4:93:
02:2a:2a:97:e7:74:62:d6:91:19:3b:83:07:be:d3:c6:7c:3d:
c4:3e:69:fc:07:98:1a:fa:22:0d:86:ef:21:0f:75:13:d8:1c:
44:9d:32:02:31:d3:7e:79:b5:03:91:a1:b8:37:30:0e:51:d3:
0f:89:2b:0d
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUY+HXYO6LYQLuIxmhhKHGgwGwrYkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yMzExMjYxOTQyNTZaFw0yNDExMjQxOTQ3NTZaMDMxMTAvBgNV
BAMTKDE2OTg0MTU1M0VDQzRBRTZERUEzQUZFNkIzQjU1RDY3MEVGNEI5RkMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCp9KlkAK8kYexFrKUjwvEe4rsv
by5H5PUGB1Zub69XODWaX66fGeE6VJzpxDe+xfIQi1kGafDp9LyIAWdwtH35Vp/E
GoKPJpeJVfS1IeDT1n9CtT+dsFXM+jsGHi40G5u6H7FgJ98usr9f9/JovRgcypge
BLDzB0Zq3DBIq0V6I6kzLVzv7Es8GRFufKpLglvXqY16Cq1WrCtEoOQVfGRVrtiD
qct/wYmQFSA3JrikEzlwU70d3WJ3MTI/wJbxTAqVllQZHxpbbygV+cXruT795HaS
7vqfUmt7gxhDnr5HX4naIO534uj9o5UWiCl7swtKDtv7B7tz6l/dBx4QE221AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUFphBVT7MSubeo6/ms7VdZw70ufwwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNTM1MmUzMTMzMzMyZTM2
MzYyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACbhUIwDQYJKoZIhvcNAQELBQADggEBAEo14vWNwGb0bK5/Az66KmK7aaBApQL0
UzlLoQzrXbAFpFcxanhr2J6bY4FXf5uFlhda1JJrVFPB+y7CpJf6qvfIrGF4ghnW
I3FU0AS/2mTTNz7vTUEE/56ZfNSIt9MJ9pUjCaDZbNdrUvs8fktnI/czZ1rXobq1
yLh9qi8bGNrzHv4fM0p7gl893KZ7hiWKnkDtMkg0yraQadyvvojl9OBG0mVbrpOJ
SIigms8wfvaJCz/OyNdmXgkUKrdTvl0KNSX0PE7EkwIqKpfndGLWkRk7gwe+08Z8
PcQ+afwHmBr6Ig2G7yEPdRPYHESdMgIx0355tQORobg3MA5R0w+JKw0=
-----END CERTIFICATE-----
Generated at Tue May 7 21:49:14 2024 by rpki-client on console-ams.rpki-client.org