Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135352e3133332e38332e302f32342d3234203d3e20313336373837.roa
File: 3135352e3133332e38332e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: JcmBUsroTnyStKVg0g1kVFRYwDePwns4N5JF8OjfuNk=
Subject key identifier: BA:36:E7:2B:5D:13:DA:84:5E:49:D9:2B:40:77:AE:12:20:D7:A7:7F
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 0A851F99B0E71CA35CC12BAC6B22D6E0B25FC90D
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135352e3133332e38332e302f32342d3234203d3e20313336373837.roa
Signing time: Sun 26 Nov 2023 19:48:19 +0000
ROA not before: Sun 26 Nov 2023 19:43:19 +0000
ROA not after: Sun 24 Nov 2024 19:48:19 +0000
asID: 136787
IP address blocks: 155.133.83.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 08 May 2024 14:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0a:85:1f:99:b0:e7:1c:a3:5c:c1:2b:ac:6b:22:d6:e0:b2:5f:c9:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Nov 26 19:43:19 2023 GMT
Not After : Nov 24 19:48:19 2024 GMT
Subject: CN=BA36E72B5D13DA845E49D92B4077AE1220D7A77F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:a1:aa:ec:e9:b1:d0:01:8a:a1:ee:66:29:3e:
65:da:b0:ee:d8:b8:c3:15:91:50:31:93:41:cb:0f:
c3:c0:6e:be:40:46:51:b0:88:dd:87:a4:90:f3:22:
bb:c7:f9:9c:f2:41:7f:2a:2d:33:28:48:92:44:79:
7b:dc:f0:cd:21:52:2f:2b:f8:70:17:f9:a5:af:d4:
25:8d:93:a0:37:6b:bd:d7:28:cf:a3:31:24:d7:22:
c6:e6:47:37:b0:10:71:b0:77:22:f0:00:e3:7e:15:
5a:a1:a2:a2:28:b4:99:ac:5d:9a:e4:2d:a2:7a:6e:
48:e5:16:b2:aa:c7:f7:87:66:0b:2a:b6:81:b5:bc:
9d:70:76:8f:a0:1e:34:a6:c2:a6:00:c0:1a:c2:69:
ae:ae:a8:7e:45:ee:57:1d:9f:c5:a2:6a:a7:85:67:
41:a1:39:9f:38:c7:9c:f5:c0:2f:f8:c4:c0:42:ca:
c7:c3:34:c2:b9:4b:0e:d9:f9:cc:af:1d:de:f4:ce:
1f:5f:7c:03:ad:95:d6:b5:dd:0d:af:e1:3a:c1:02:
70:5a:8a:d8:7e:bb:01:be:e6:93:55:68:da:da:4b:
48:77:00:b7:0a:27:c2:8b:2a:59:f0:d3:4b:72:1c:
10:5b:d0:90:f2:9c:c2:3c:9d:87:5c:bc:39:8c:d7:
17:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:36:E7:2B:5D:13:DA:84:5E:49:D9:2B:40:77:AE:12:20:D7:A7:7F
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135352e3133332e38332e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
155.133.83.0/24
Signature Algorithm: sha256WithRSAEncryption
27:eb:14:71:15:ca:ad:a0:bc:eb:28:1d:fe:11:51:f4:8e:c0:
62:0c:68:35:16:37:5b:55:21:d0:21:bc:28:83:2b:57:85:3a:
3f:de:74:21:bd:8d:9e:c2:64:36:07:3c:6c:a6:95:2b:3f:b5:
95:5c:6a:98:69:1c:f8:85:94:e4:6e:dc:b2:2a:95:cc:22:c8:
25:67:0b:dd:c9:ce:fc:83:51:45:d3:14:e3:1a:b5:76:71:28:
b3:28:c8:a5:84:90:9f:e5:3f:e1:07:60:39:33:a9:33:b2:1f:
21:0f:7b:d4:e2:59:79:f9:82:81:98:84:3a:5b:2e:a0:3d:ca:
69:6d:b9:82:ec:f8:d5:f1:8f:40:d5:00:b3:ef:fa:3b:6a:57:
b9:48:dc:e8:bc:34:25:57:d0:78:00:01:f6:ee:30:89:6c:eb:
2a:39:8c:cd:8f:43:78:69:cd:ea:1f:ff:2c:6b:d8:7d:89:75:
b5:85:cc:5c:af:ca:f0:c0:ed:a5:7e:bd:5a:42:d1:7a:84:92:
66:85:8a:f6:04:09:fb:8d:63:58:76:68:77:7d:25:00:b4:2b:
e1:ec:8d:dd:dc:eb:e3:16:00:f1:b6:0f:88:ea:6c:b6:14:03:
24:29:c2:7d:86:c3:f1:da:15:1f:60:5f:fb:d1:f1:0e:b2:7c:
91:99:0b:2c
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUCoUfmbDnHKNcwSusayLW4LJfyQ0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yMzExMjYxOTQzMTlaFw0yNDExMjQxOTQ4MTlaMDMxMTAvBgNV
BAMTKEJBMzZFNzJCNUQxM0RBODQ1RTQ5RDkyQjQwNzdBRTEyMjBEN0E3N0YwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC1oars6bHQAYqh7mYpPmXasO7Y
uMMVkVAxk0HLD8PAbr5ARlGwiN2HpJDzIrvH+ZzyQX8qLTMoSJJEeXvc8M0hUi8r
+HAX+aWv1CWNk6A3a73XKM+jMSTXIsbmRzewEHGwdyLwAON+FVqhoqIotJmsXZrk
LaJ6bkjlFrKqx/eHZgsqtoG1vJ1wdo+gHjSmwqYAwBrCaa6uqH5F7lcdn8WiaqeF
Z0GhOZ84x5z1wC/4xMBCysfDNMK5Sw7Z+cyvHd70zh9ffAOtlda13Q2v4TrBAnBa
ith+uwG+5pNVaNraS0h3ALcKJ8KLKlnw00tyHBBb0JDynMI8nYdcvDmM1xeBAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUujbnK10T2oReSdkrQHeuEiDXp38wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNTM1MmUzMTMzMzMyZTM4
MzMyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACbhVMwDQYJKoZIhvcNAQELBQADggEBACfrFHEVyq2gvOsoHf4RUfSOwGIMaDUW
N1tVIdAhvCiDK1eFOj/edCG9jZ7CZDYHPGymlSs/tZVcaphpHPiFlORu3LIqlcwi
yCVnC93JzvyDUUXTFOMatXZxKLMoyKWEkJ/lP+EHYDkzqTOyHyEPe9TiWXn5goGY
hDpbLqA9ymltuYLs+NXxj0DVALPv+jtqV7lI3Oi8NCVX0HgAAfbuMIls6yo5jM2P
Q3hpzeof/yxr2H2JdbWFzFyvyvDA7aV+vVpC0XqEkmaFivYECfuNY1h2aHd9JQC0
K+Hsjd3c6+MWAPG2D4jqbLYUAyQpwn2Gw/HaFR9gX/vR8Q6yfJGZCyw=
-----END CERTIFICATE-----
Generated at Tue May 7 21:49:14 2024 by rpki-client on console-ams.rpki-client.org