Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135352e3133332e37362e302f32342d3234203d3e20313336373837.roa
File: 3135352e3133332e37362e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: IObaUzuKCEV2Kaw3GsBBKCcfw01/F7xfz29CtP5OgkM=
Subject key identifier: 2B:AF:A5:83:20:FE:D3:24:33:CE:0B:23:08:9A:D9:70:96:10:2B:8F
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 27C936BC4E0907DC5521D78B576932FF1DBF9638
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135352e3133332e37362e302f32342d3234203d3e20313336373837.roa
Signing time: Mon 26 Feb 2024 08:53:19 +0000
ROA not before: Mon 26 Feb 2024 08:48:19 +0000
ROA not after: Mon 24 Feb 2025 08:53:19 +0000
asID: 136787
IP address blocks: 155.133.76.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
27:c9:36:bc:4e:09:07:dc:55:21:d7:8b:57:69:32:ff:1d:bf:96:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Feb 26 08:48:19 2024 GMT
Not After : Feb 24 08:53:19 2025 GMT
Subject: CN=2BAFA58320FED32433CE0B23089AD97096102B8F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:91:1b:7e:9c:78:90:41:37:00:65:c1:5e:bb:
51:4f:b6:0a:54:08:14:90:9f:cb:6e:73:17:4f:67:
50:a2:7f:64:a5:06:19:88:26:f5:09:2a:03:4d:8a:
da:c6:21:2a:7b:26:2c:04:f4:b2:db:da:a8:88:79:
3b:aa:80:4b:eb:7c:70:a7:e6:aa:8b:f7:f2:2c:76:
6a:8b:02:cc:cc:f5:26:52:84:77:74:54:08:79:70:
6d:03:f4:fc:a1:18:bb:88:18:b0:b6:ea:15:56:ab:
0e:5b:66:e9:44:57:d0:cd:30:69:7b:50:fd:59:39:
9a:09:35:1d:62:51:8a:da:65:24:ed:d8:0f:d8:56:
40:0c:1e:a2:22:9d:e6:50:a0:62:e1:ab:93:53:30:
59:9d:3f:34:ac:36:10:91:dc:ee:0a:ad:25:50:0a:
82:d6:c0:67:36:e6:39:88:ed:4e:9c:56:13:fd:2f:
0c:bf:8b:62:95:95:12:4c:d1:46:b3:ab:55:0c:5c:
fd:a4:8e:e8:2b:c7:8e:41:85:33:22:2d:74:01:6e:
6b:bb:9e:af:aa:fe:46:bf:68:eb:a7:c2:cc:80:c7:
f5:c0:70:ba:c4:e1:ad:3f:6e:49:1d:ca:2c:ec:10:
e8:2d:84:72:8a:fc:ee:d8:3c:b2:cc:e5:50:96:7b:
ec:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:AF:A5:83:20:FE:D3:24:33:CE:0B:23:08:9A:D9:70:96:10:2B:8F
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135352e3133332e37362e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
155.133.76.0/24
Signature Algorithm: sha256WithRSAEncryption
79:2b:0b:68:60:6c:e2:e4:a1:35:89:f4:bf:34:00:7e:06:26:
aa:b5:14:1b:5a:72:86:78:54:d1:a1:ef:b8:9a:9a:34:9d:b6:
ae:92:06:de:66:aa:0f:2d:40:fb:46:0c:fd:7c:26:f1:95:4d:
61:74:4d:42:dd:05:b8:ce:7b:d9:fa:b4:aa:eb:3f:2c:1e:c7:
d0:e3:b9:e0:ae:cd:44:18:ff:ef:3a:a7:54:40:b5:ef:8a:d4:
87:d9:1b:a9:1f:87:a5:5b:10:56:14:27:df:0e:29:5a:d9:48:
a2:0f:b9:7d:e9:76:3c:47:84:e7:fd:0d:6d:cf:c9:4a:48:d7:
68:23:2e:c0:49:7d:f9:41:67:92:6e:fe:83:b2:b7:00:73:d1:
03:12:31:e4:8e:7c:81:4c:d8:d1:a8:06:36:30:a1:1b:20:af:
45:06:c4:c6:7d:74:85:8e:f6:31:45:08:12:65:46:d7:eb:9c:
0c:11:47:c7:4b:1a:96:8d:e7:f2:ef:e0:d4:ed:ab:e9:3c:47:
46:25:06:fa:23:ec:d4:47:f9:f5:70:c6:ba:18:3b:e8:59:64:
04:36:a4:59:12:81:7d:b4:15:66:17:54:dc:1e:5b:2a:b6:38:
8a:94:0a:e2:c9:c7:7e:be:5f:e2:7c:fd:5a:9e:07:9f:8a:d6:
30:94:c8:a6
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUJ8k2vE4JB9xVIdeLV2ky/x2/ljgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDAyMjYwODQ4MTlaFw0yNTAyMjQwODUzMTlaMDMxMTAvBgNV
BAMTKDJCQUZBNTgzMjBGRUQzMjQzM0NFMEIyMzA4OUFEOTcwOTYxMDJCOEYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDckRt+nHiQQTcAZcFeu1FPtgpU
CBSQn8tucxdPZ1Cif2SlBhmIJvUJKgNNitrGISp7JiwE9LLb2qiIeTuqgEvrfHCn
5qqL9/IsdmqLAszM9SZShHd0VAh5cG0D9PyhGLuIGLC26hVWqw5bZulEV9DNMGl7
UP1ZOZoJNR1iUYraZSTt2A/YVkAMHqIineZQoGLhq5NTMFmdPzSsNhCR3O4KrSVQ
CoLWwGc25jmI7U6cVhP9Lwy/i2KVlRJM0Uazq1UMXP2kjugrx45BhTMiLXQBbmu7
nq+q/ka/aOunwsyAx/XAcLrE4a0/bkkdyizsEOgthHKK/O7YPLLM5VCWe+whAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUK6+lgyD+0yQzzgsjCJrZcJYQK48wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNTM1MmUzMTMzMzMyZTM3
MzYyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACbhUwwDQYJKoZIhvcNAQELBQADggEBAHkrC2hgbOLkoTWJ9L80AH4GJqq1FBta
coZ4VNGh77iamjSdtq6SBt5mqg8tQPtGDP18JvGVTWF0TULdBbjOe9n6tKrrPywe
x9DjueCuzUQY/+86p1RAte+K1IfZG6kfh6VbEFYUJ98OKVrZSKIPuX3pdjxHhOf9
DW3PyUpI12gjLsBJfflBZ5Ju/oOytwBz0QMSMeSOfIFM2NGoBjYwoRsgr0UGxMZ9
dIWO9jFFCBJlRtfrnAwRR8dLGpaN5/Lv4NTtq+k8R0YlBvoj7NRH+fVwxroYO+hZ
ZAQ2pFkSgX20FWYXVNweWyq2OIqUCuLJx36+X+J8/VqeB5+K1jCUyKY=
-----END CERTIFICATE-----
Generated at Wed May 8 11:32:58 2024 by rpki-client on console-ams.rpki-client.org