Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135352e3133332e36382e302f32342d3234203d3e20313336373837.roa
File: 3135352e3133332e36382e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: +QKsOgbGNnbXieVD0jTte3P9QdO3p18QRbTMmx9ACj0=
Subject key identifier: 5E:1C:49:40:FE:1F:65:D8:FE:1D:89:2F:77:C4:FC:EE:CC:D3:30:5D
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 276D5F09D7FE991C7183A53223FCA3B0F20AB269
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135352e3133332e36382e302f32342d3234203d3e20313336373837.roa
Signing time: Sun 27 Oct 2024 20:05:20 +0000
ROA not before: Sun 27 Oct 2024 20:00:20 +0000
ROA not after: Sun 26 Oct 2025 20:05:20 +0000
asID: 136787
IP address blocks: 155.133.68.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
27:6d:5f:09:d7:fe:99:1c:71:83:a5:32:23:fc:a3:b0:f2:0a:b2:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Oct 27 20:00:20 2024 GMT
Not After : Oct 26 20:05:20 2025 GMT
Subject: CN=5E1C4940FE1F65D8FE1D892F77C4FCEECCD3305D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:7e:ef:e6:56:e0:50:8e:3e:bc:e4:3b:0b:5e:
6a:ea:b2:c9:93:9a:12:cb:d0:7c:ed:c5:80:08:36:
f0:dd:ad:59:b0:4d:74:18:1a:c9:5b:5c:8c:82:77:
8b:7b:6a:f6:d1:6e:8a:f6:fb:9a:b3:df:f7:b2:e7:
e1:04:5d:79:f2:1b:a4:75:d3:ba:04:ca:c5:53:77:
d6:e1:97:95:f4:e6:a5:3a:dc:d5:e5:41:a0:f4:98:
82:ab:6b:5d:4c:82:2d:25:06:56:7f:54:c3:05:d1:
fd:cf:ae:f5:b2:46:e3:86:16:83:85:57:0c:a5:67:
1a:4f:1d:f4:a8:46:27:a1:30:1e:71:8b:e2:48:61:
52:9a:33:08:a6:e1:95:73:43:1a:e2:10:8f:20:20:
6a:6a:8d:dd:9d:39:8c:72:13:5f:3b:47:74:7d:46:
f2:c7:2d:e6:03:f2:cb:0f:4a:f4:be:db:e7:8f:5b:
d6:31:51:9a:5a:90:68:fb:31:fb:09:42:b1:83:6c:
eb:b2:3c:af:28:53:57:35:9e:d8:d1:e2:e1:f1:a7:
33:98:7c:4e:d1:f0:b4:1a:6e:72:4d:74:f6:84:64:
86:a2:44:f2:ae:69:7c:55:2e:c0:6c:ba:cf:56:73:
fd:0f:87:0f:c7:28:77:9b:81:04:33:63:6c:45:6a:
11:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:1C:49:40:FE:1F:65:D8:FE:1D:89:2F:77:C4:FC:EE:CC:D3:30:5D
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135352e3133332e36382e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
155.133.68.0/24
Signature Algorithm: sha256WithRSAEncryption
78:39:25:f3:54:70:be:ba:b8:4b:00:8e:fe:bc:7d:6e:ce:70:
55:2b:99:80:3b:a1:ac:df:47:ed:16:08:20:5d:6d:a7:9c:d4:
7a:46:84:c6:44:05:56:67:68:a1:f5:47:b5:3f:c7:32:98:40:
f4:4e:a1:cc:c5:42:2e:63:b2:cd:23:4b:92:77:a9:fd:e8:87:
5f:fd:a9:b3:7e:74:cb:4a:27:5e:75:a0:96:d5:a5:78:22:ba:
8d:7e:79:9a:18:b8:60:57:49:38:b3:4b:c8:95:23:9e:54:9e:
7f:c2:6d:a9:01:4f:27:45:97:74:ac:5d:b8:75:6b:8d:b8:7c:
78:d1:c7:6b:34:51:3c:77:d2:59:e0:e9:f0:13:bb:a0:f3:d7:
96:a1:9b:86:37:f8:3e:f2:1c:07:d3:21:e1:8f:34:e1:a1:c5:
a7:ff:fd:68:4a:87:23:7c:eb:8b:9a:e6:dd:86:28:7d:5c:dd:
8a:80:34:ce:0b:b8:5c:f2:2d:8f:2c:8b:c0:c2:bf:de:60:69:
90:e0:0c:f9:54:5a:5c:d9:c3:9c:59:d6:9b:1d:e2:61:59:bf:
01:bc:39:18:36:30:af:42:a6:a0:4c:63:41:5e:cb:13:81:29:
24:a7:9f:06:de:8f:77:4a:ad:cc:f9:da:eb:dd:04:1a:a9:9f:
ac:e3:4e:67
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUJ21fCdf+mRxxg6UyI/yjsPIKsmkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDEwMjcyMDAwMjBaFw0yNTEwMjYyMDA1MjBaMDMxMTAvBgNV
BAMTKDVFMUM0OTQwRkUxRjY1RDhGRTFEODkyRjc3QzRGQ0VFQ0NEMzMwNUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKfu/mVuBQjj685DsLXmrqssmT
mhLL0HztxYAINvDdrVmwTXQYGslbXIyCd4t7avbRbor2+5qz3/ey5+EEXXnyG6R1
07oEysVTd9bhl5X05qU63NXlQaD0mIKra11Mgi0lBlZ/VMMF0f3PrvWyRuOGFoOF
VwylZxpPHfSoRiehMB5xi+JIYVKaMwim4ZVzQxriEI8gIGpqjd2dOYxyE187R3R9
RvLHLeYD8ssPSvS+2+ePW9YxUZpakGj7MfsJQrGDbOuyPK8oU1c1ntjR4uHxpzOY
fE7R8LQabnJNdPaEZIaiRPKuaXxVLsBsus9Wc/0Phw/HKHebgQQzY2xFahERAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUXhxJQP4fZdj+HYkvd8T87szTMF0wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNTM1MmUzMTMzMzMyZTM2
MzgyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACbhUQwDQYJKoZIhvcNAQELBQADggEBAHg5JfNUcL66uEsAjv68fW7OcFUrmYA7
oazfR+0WCCBdbaec1HpGhMZEBVZnaKH1R7U/xzKYQPROoczFQi5jss0jS5J3qf3o
h1/9qbN+dMtKJ151oJbVpXgiuo1+eZoYuGBXSTizS8iVI55Unn/CbakBTydFl3Ss
Xbh1a424fHjRx2s0UTx30lng6fATu6Dz15ahm4Y3+D7yHAfTIeGPNOGhxaf//WhK
hyN864ua5t2GKH1c3YqANM4LuFzyLY8si8DCv95gaZDgDPlUWlzZw5xZ1psd4mFZ
vwG8ORg2MK9CpqBMY0FeyxOBKSSnnwbej3dKrcz52uvdBBqpn6zjTmc=
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:15:44 2024 by rpki-client on console-ams.rpki-client.org