Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135352e3133332e38372e302f32342d3234203d3e20313336373837.roa
File: 3135352e3133332e38372e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: TaOBODEf1mHubD+3jnsgfaq0EH3rmcrrWIlALjW4SKo=
Subject key identifier: A2:39:A3:1E:55:19:D4:C8:9B:BE:EB:FB:DF:1D:65:D1:45:D2:62:32
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 03E96995518AA57614647E83BC9F8C354CB6F170
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135352e3133332e38372e302f32342d3234203d3e20313336373837.roa
Signing time: Sun 26 Nov 2023 19:48:24 +0000
ROA not before: Sun 26 Nov 2023 19:43:24 +0000
ROA not after: Sun 24 Nov 2024 19:48:24 +0000
asID: 136787
IP address blocks: 155.133.87.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 08 May 2024 14:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
03:e9:69:95:51:8a:a5:76:14:64:7e:83:bc:9f:8c:35:4c:b6:f1:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Nov 26 19:43:24 2023 GMT
Not After : Nov 24 19:48:24 2024 GMT
Subject: CN=A239A31E5519D4C89BBEEBFBDF1D65D145D26232
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:34:a6:61:3d:9a:b0:41:12:1b:91:74:eb:48:
d9:d9:d8:6f:ae:60:8b:5e:5f:95:39:fa:60:54:c1:
4c:6f:08:53:f0:e4:0d:7d:0d:65:0c:ef:53:5a:d9:
be:16:3f:12:8a:77:4b:5f:ba:e4:ed:82:93:cd:5c:
b2:a4:9a:9e:e7:07:bd:47:50:31:37:f4:a9:17:45:
e5:02:5f:e1:c0:ce:39:ca:a5:2e:a4:7a:99:03:c8:
56:58:68:cb:ab:e4:4a:10:50:f6:aa:99:a4:2e:84:
69:97:5d:85:a0:6f:78:00:89:82:f1:9d:b4:c2:f8:
c5:4c:8d:74:f7:c5:97:1b:5e:d7:95:96:98:fc:07:
df:57:09:ab:67:2f:a7:e4:a0:ea:91:d3:42:cd:b9:
57:e0:ee:10:35:1c:26:8d:f2:c0:44:9f:b0:ae:e1:
93:52:95:0d:a8:7f:06:ad:a8:f2:9f:14:94:f6:00:
c0:58:83:9e:07:88:47:b2:6d:7d:1d:00:cf:97:b0:
ee:31:ad:2a:4f:a8:f9:a1:43:7e:6e:42:4f:a5:7c:
61:80:90:a2:79:8d:6c:8a:ff:d1:17:96:05:6c:8d:
c2:60:a1:52:10:53:fc:aa:02:c2:08:0a:7f:12:c5:
62:0f:22:58:1a:b7:26:3c:14:4d:98:0e:4c:b5:bb:
83:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:39:A3:1E:55:19:D4:C8:9B:BE:EB:FB:DF:1D:65:D1:45:D2:62:32
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135352e3133332e38372e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
155.133.87.0/24
Signature Algorithm: sha256WithRSAEncryption
50:13:48:57:42:bb:b3:64:f4:7c:d4:cd:26:74:38:0d:3a:04:
8c:df:0d:01:bb:1b:8e:d3:92:c8:16:01:47:cf:62:a2:f5:0f:
6a:6d:dd:85:5c:89:2b:ee:94:62:b8:23:4a:b4:eb:74:d4:04:
8b:9e:27:12:db:c4:fc:d6:ab:0c:ec:b1:3e:c4:1f:3a:40:d3:
6c:b9:cc:0d:a2:96:9f:b9:9b:ae:5e:e0:e0:ab:77:db:33:3e:
37:a5:45:d0:55:75:16:50:77:d1:51:bb:e7:be:53:1c:6c:c0:
e2:53:59:6a:0a:db:18:98:0a:7b:b9:66:c2:e0:c8:c1:82:4a:
02:dc:84:e6:9c:28:71:fd:0b:44:2d:43:69:22:ed:ce:e4:cf:
21:b2:66:29:68:c4:16:5d:a9:4f:02:f5:dd:7f:27:43:b9:bc:
7a:04:6a:d3:4f:b6:63:28:b9:cf:bd:b9:ea:0f:a2:2a:d7:1f:
7a:6a:cc:d1:8f:c1:6f:f6:b9:a5:88:41:7d:36:97:f5:91:ea:
5b:53:13:5c:d4:9b:54:34:3c:dc:0b:02:b8:5c:bf:1c:dc:08:
58:f5:f3:38:91:5f:56:75:c8:d1:fd:30:48:e6:55:e7:86:77:
b5:41:3f:6c:96:2a:92:04:31:09:9c:08:67:b1:cf:ce:3c:fa:
8b:40:97:ec
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUA+lplVGKpXYUZH6DvJ+MNUy28XAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yMzExMjYxOTQzMjRaFw0yNDExMjQxOTQ4MjRaMDMxMTAvBgNV
BAMTKEEyMzlBMzFFNTUxOUQ0Qzg5QkJFRUJGQkRGMUQ2NUQxNDVEMjYyMzIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDENKZhPZqwQRIbkXTrSNnZ2G+u
YIteX5U5+mBUwUxvCFPw5A19DWUM71Na2b4WPxKKd0tfuuTtgpPNXLKkmp7nB71H
UDE39KkXReUCX+HAzjnKpS6kepkDyFZYaMur5EoQUPaqmaQuhGmXXYWgb3gAiYLx
nbTC+MVMjXT3xZcbXteVlpj8B99XCatnL6fkoOqR00LNuVfg7hA1HCaN8sBEn7Cu
4ZNSlQ2ofwatqPKfFJT2AMBYg54HiEeybX0dAM+XsO4xrSpPqPmhQ35uQk+lfGGA
kKJ5jWyK/9EXlgVsjcJgoVIQU/yqAsIICn8SxWIPIlgatyY8FE2YDky1u4NlAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUojmjHlUZ1Mibvuv73x1l0UXSYjIwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNTM1MmUzMTMzMzMyZTM4
MzcyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACbhVcwDQYJKoZIhvcNAQELBQADggEBAFATSFdCu7Nk9HzUzSZ0OA06BIzfDQG7
G47TksgWAUfPYqL1D2pt3YVciSvulGK4I0q063TUBIueJxLbxPzWqwzssT7EHzpA
02y5zA2ilp+5m65e4OCrd9szPjelRdBVdRZQd9FRu+e+UxxswOJTWWoK2xiYCnu5
ZsLgyMGCSgLchOacKHH9C0QtQ2ki7c7kzyGyZiloxBZdqU8C9d1/J0O5vHoEatNP
tmMouc+9ueoPoirXH3pqzNGPwW/2uaWIQX02l/WR6ltTE1zUm1Q0PNwLArhcvxzc
CFj18ziRX1Z1yNH9MEjmVeeGd7VBP2yWKpIEMQmcCGexz848+otAl+w=
-----END CERTIFICATE-----
Generated at Tue May 7 21:49:14 2024 by rpki-client on console-ams.rpki-client.org