Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135352e3133332e38372e302f32342d3234203d3e20313336373837.roa
File: 3135352e3133332e38372e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: 2RiLIdszmbnp53y0EB8l2i5959S+IjPedEZM5tkhh/4=
Subject key identifier: B8:A1:97:6C:EA:7A:3A:06:D9:11:ED:38:6B:66:C1:8F:F9:4A:33:07
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 7414199E19FD914E3E087F49FCB692A79AC983F8
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135352e3133332e38372e302f32342d3234203d3e20313336373837.roa
Signing time: Sun 27 Oct 2024 20:05:15 +0000
ROA not before: Sun 27 Oct 2024 20:00:15 +0000
ROA not after: Sun 26 Oct 2025 20:05:15 +0000
asID: 136787
IP address blocks: 155.133.87.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
74:14:19:9e:19:fd:91:4e:3e:08:7f:49:fc:b6:92:a7:9a:c9:83:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Oct 27 20:00:15 2024 GMT
Not After : Oct 26 20:05:15 2025 GMT
Subject: CN=B8A1976CEA7A3A06D911ED386B66C18FF94A3307
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:57:3f:81:e2:91:3b:4b:db:9f:45:0a:1d:eb:
ff:3c:a8:fb:a5:a8:a7:80:5d:3f:b8:cd:6b:63:7c:
d1:54:b6:da:48:34:6a:a0:fc:f2:01:b4:bd:81:85:
27:51:c2:a7:24:bf:bf:3d:42:c3:45:a6:42:a4:e1:
33:bc:37:92:3e:5c:94:73:35:63:17:07:6a:fa:4a:
60:77:31:0b:ff:27:2f:3e:d2:48:cf:4f:2e:65:5f:
69:32:55:11:12:67:35:c2:4f:74:1f:9f:9f:4b:8e:
3f:31:a0:3c:ef:05:40:b6:4b:24:00:45:c7:68:88:
68:d5:7e:9b:5c:1b:bd:1e:b8:e3:55:97:12:a4:53:
f7:b8:aa:f1:54:7b:72:ff:60:b2:16:70:ba:b4:51:
e8:3a:fe:e5:ef:75:e3:12:ba:c2:95:ca:99:cf:19:
e0:fd:54:a6:1d:01:38:0f:55:17:1e:62:ea:32:8f:
d3:12:e6:08:cd:51:33:77:f8:70:29:ea:ed:e7:e4:
b3:38:93:81:26:b6:3d:1d:ae:10:a2:9c:ff:c7:a2:
70:be:f3:48:bf:dd:fe:6d:42:36:6a:41:d6:ec:5e:
a3:68:de:e5:d3:57:ba:29:9a:6c:51:c7:4a:8b:0b:
e5:91:b4:cd:1e:52:ff:8a:1e:5a:8f:b3:95:cc:7a:
76:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:A1:97:6C:EA:7A:3A:06:D9:11:ED:38:6B:66:C1:8F:F9:4A:33:07
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135352e3133332e38372e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
155.133.87.0/24
Signature Algorithm: sha256WithRSAEncryption
75:ac:26:29:72:20:68:1a:ff:29:fd:7c:62:73:12:bf:ed:39:
db:ed:ae:52:b3:b7:12:16:a2:45:93:cc:29:93:23:d7:aa:c7:
d3:26:93:97:33:2f:6b:4f:25:1b:46:c3:16:b2:16:bd:3a:70:
cd:78:0b:62:40:77:3a:b7:a7:40:b0:72:ad:bc:51:37:b2:c3:
92:c7:2c:30:f6:84:21:30:92:29:8a:7d:a4:a5:46:08:7b:58:
e7:db:65:02:27:57:6d:e1:15:4d:48:2f:2e:42:3c:b8:b2:e9:
d6:5e:22:68:43:8b:ae:d3:39:aa:b6:12:d4:2f:ce:72:1f:e7:
1e:15:99:59:33:25:86:9f:60:2f:7f:cb:63:14:5a:ae:d9:c5:
7c:c9:40:cb:03:51:af:c3:46:68:f6:0c:c6:18:07:70:99:b4:
a9:60:cc:5f:9c:f5:91:5e:4d:07:2a:eb:f2:09:34:09:08:49:
20:ab:33:c4:2c:a6:a6:9e:84:6b:7e:de:33:af:6f:92:c3:9c:
64:a2:84:30:26:e0:a4:25:b2:db:fe:37:b2:6b:b2:09:1b:e0:
84:7b:a4:92:04:17:17:76:19:9e:22:a8:c7:ef:88:0e:76:d8:
76:46:da:af:68:48:09:c5:60:f0:63:3c:7e:02:03:f0:49:d6:
eb:53:1b:f4
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUdBQZnhn9kU4+CH9J/LaSp5rJg/gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDEwMjcyMDAwMTVaFw0yNTEwMjYyMDA1MTVaMDMxMTAvBgNV
BAMTKEI4QTE5NzZDRUE3QTNBMDZEOTExRUQzODZCNjZDMThGRjk0QTMzMDcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQClVz+B4pE7S9ufRQod6/88qPul
qKeAXT+4zWtjfNFUttpINGqg/PIBtL2BhSdRwqckv789QsNFpkKk4TO8N5I+XJRz
NWMXB2r6SmB3MQv/Jy8+0kjPTy5lX2kyVRESZzXCT3Qfn59Ljj8xoDzvBUC2SyQA
RcdoiGjVfptcG70euONVlxKkU/e4qvFUe3L/YLIWcLq0Ueg6/uXvdeMSusKVypnP
GeD9VKYdATgPVRceYuoyj9MS5gjNUTN3+HAp6u3n5LM4k4Emtj0drhCinP/HonC+
80i/3f5tQjZqQdbsXqNo3uXTV7opmmxRx0qLC+WRtM0eUv+KHlqPs5XMenZpAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUuKGXbOp6OgbZEe04a2bBj/lKMwcwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNTM1MmUzMTMzMzMyZTM4
MzcyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACbhVcwDQYJKoZIhvcNAQELBQADggEBAHWsJilyIGga/yn9fGJzEr/tOdvtrlKz
txIWokWTzCmTI9eqx9Mmk5czL2tPJRtGwxayFr06cM14C2JAdzq3p0Cwcq28UTey
w5LHLDD2hCEwkimKfaSlRgh7WOfbZQInV23hFU1ILy5CPLiy6dZeImhDi67TOaq2
EtQvznIf5x4VmVkzJYafYC9/y2MUWq7ZxXzJQMsDUa/DRmj2DMYYB3CZtKlgzF+c
9ZFeTQcq6/IJNAkISSCrM8QspqaehGt+3jOvb5LDnGSihDAm4KQlstv+N7Jrsgkb
4IR7pJIEFxd2GZ4iqMfviA522HZG2q9oSAnFYPBjPH4CA/BJ1utTG/Q=
-----END CERTIFICATE-----
Generated at Mon Nov 25 03:42:55 2024 by rpki-client on console-fra.rpki-client.org