Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135352e3133332e38312e302f32342d3234203d3e20313336373837.roa
File: 3135352e3133332e38312e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: 5btF8Zrk9bmL9rdIypDJbjJCXneLyh+KF37dlc3XWBA=
Subject key identifier: 3F:02:90:41:8E:64:D7:5E:83:23:A7:89:EF:00:A6:EB:A0:39:3C:B7
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 2881151664AD70E268AE880FAF82E31E3A6A4941
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135352e3133332e38312e302f32342d3234203d3e20313336373837.roa
Signing time: Sat 02 Mar 2024 21:54:11 +0000
ROA not before: Sat 02 Mar 2024 21:49:11 +0000
ROA not after: Sat 01 Mar 2025 21:54:11 +0000
asID: 136787
IP address blocks: 155.133.81.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 08 May 2024 14:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
28:81:15:16:64:ad:70:e2:68:ae:88:0f:af:82:e3:1e:3a:6a:49:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Mar 2 21:49:11 2024 GMT
Not After : Mar 1 21:54:11 2025 GMT
Subject: CN=3F0290418E64D75E8323A789EF00A6EBA0393CB7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:3a:0f:26:da:eb:f8:2f:48:31:82:39:36:f9:
37:e5:6b:8d:56:29:06:e0:39:31:d7:03:69:79:8b:
05:4c:ef:5f:f8:03:d7:7d:dd:06:7a:b2:9a:81:e2:
51:15:6c:a4:0a:da:e4:d7:1d:c0:50:c7:b4:2f:c5:
02:9d:46:50:41:36:31:11:6e:8f:44:29:61:e5:6f:
cd:3f:da:64:ba:66:a3:6f:4f:69:56:da:57:b7:e4:
51:57:6b:d3:05:ab:25:e2:85:48:68:f6:a5:73:d4:
7d:9b:d6:69:04:44:9a:52:a5:0f:54:f9:6f:90:a2:
44:31:cc:e3:e9:94:93:8a:20:3a:5b:21:94:9f:f3:
9c:67:89:db:bf:0b:49:ba:bd:be:c1:95:66:88:01:
49:74:d3:a5:42:b4:ea:74:1e:ef:2b:a6:08:b1:e8:
22:8f:a2:e6:18:60:15:c2:2a:be:25:d9:2a:1f:b8:
3c:17:aa:b9:57:da:29:d4:9d:35:ee:4d:28:ea:c2:
dc:00:46:b1:73:02:30:56:0b:f4:da:d0:95:b8:05:
ca:c0:51:d3:38:15:6b:c1:48:f3:de:6a:ec:b2:7a:
25:4a:1a:a4:73:fa:18:10:02:f9:f2:51:f9:69:cd:
3b:10:ac:6f:ec:34:ee:09:86:9a:9c:10:4e:cb:22:
06:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:02:90:41:8E:64:D7:5E:83:23:A7:89:EF:00:A6:EB:A0:39:3C:B7
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135352e3133332e38312e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
155.133.81.0/24
Signature Algorithm: sha256WithRSAEncryption
77:6e:30:cc:61:db:65:95:44:0a:24:c1:1e:14:8e:5c:a3:ae:
0c:de:82:3c:5c:33:a3:2f:ed:92:1e:6a:c6:56:e6:4e:5d:68:
a7:18:76:47:e0:1f:6e:3a:f2:92:9e:8b:d5:5e:fb:87:73:df:
b3:9b:cf:ca:e3:2d:82:ab:65:b7:30:9f:aa:b5:ef:be:a0:0b:
c5:51:5d:e4:cb:7c:ec:41:9c:75:9c:b7:9b:ef:45:22:a2:24:
d8:84:c8:02:6e:c5:08:3b:09:56:80:db:c3:8a:45:75:c0:1c:
c4:25:81:ba:9f:03:bb:27:b8:30:f3:3c:71:b1:9b:72:b0:c2:
44:2a:9b:d2:cc:cf:42:e0:96:02:6f:a5:a4:24:45:35:8a:6f:
70:d0:c6:62:33:81:e2:38:25:42:13:8a:77:db:4e:3b:7e:03:
5e:42:fc:90:06:e8:c2:99:f4:2f:61:d7:85:b4:e0:2d:e8:3c:
db:4b:fb:34:89:42:d9:d9:99:e7:15:82:39:83:bd:73:1a:d0:
be:d4:42:5f:1a:eb:0a:26:b4:c1:7f:71:92:29:f4:88:82:25:
88:7b:4f:47:20:26:e6:84:73:63:87:b5:f0:42:58:b5:cf:cf:
2f:95:a7:b6:37:a1:28:dd:05:97:87:e3:a6:db:35:c8:22:fb:
a0:74:5a:11
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUKIEVFmStcOJorogPr4LjHjpqSUEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDAzMDIyMTQ5MTFaFw0yNTAzMDEyMTU0MTFaMDMxMTAvBgNV
BAMTKDNGMDI5MDQxOEU2NEQ3NUU4MzIzQTc4OUVGMDBBNkVCQTAzOTNDQjcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKOg8m2uv4L0gxgjk2+Tfla41W
KQbgOTHXA2l5iwVM71/4A9d93QZ6spqB4lEVbKQK2uTXHcBQx7QvxQKdRlBBNjER
bo9EKWHlb80/2mS6ZqNvT2lW2le35FFXa9MFqyXihUho9qVz1H2b1mkERJpSpQ9U
+W+QokQxzOPplJOKIDpbIZSf85xnidu/C0m6vb7BlWaIAUl006VCtOp0Hu8rpgix
6CKPouYYYBXCKr4l2SofuDwXqrlX2inUnTXuTSjqwtwARrFzAjBWC/Ta0JW4BcrA
UdM4FWvBSPPeauyyeiVKGqRz+hgQAvnyUflpzTsQrG/sNO4JhpqcEE7LIgYxAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUPwKQQY5k116DI6eJ7wCm66A5PLcwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNTM1MmUzMTMzMzMyZTM4
MzEyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACbhVEwDQYJKoZIhvcNAQELBQADggEBAHduMMxh22WVRAokwR4Ujlyjrgzegjxc
M6Mv7ZIeasZW5k5daKcYdkfgH2468pKei9Ve+4dz37Obz8rjLYKrZbcwn6q1776g
C8VRXeTLfOxBnHWct5vvRSKiJNiEyAJuxQg7CVaA28OKRXXAHMQlgbqfA7snuDDz
PHGxm3KwwkQqm9LMz0LglgJvpaQkRTWKb3DQxmIzgeI4JUITinfbTjt+A15C/JAG
6MKZ9C9h14W04C3oPNtL+zSJQtnZmecVgjmDvXMa0L7UQl8a6womtMF/cZIp9IiC
JYh7T0cgJuaEc2OHtfBCWLXPzy+Vp7Y3oSjdBZeH46bbNcgi+6B0WhE=
-----END CERTIFICATE-----
Generated at Tue May 7 21:49:14 2024 by rpki-client on console-ams.rpki-client.org