Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135352e3133332e38392e302f32342d3234203d3e20313336373837.roa
File: 3135352e3133332e38392e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: VUYiHN9Fb21lXIZ/jNUCwZ4mpn03nFLC2LH+T5Slp0w=
Subject key identifier: 1F:FD:7F:2C:97:8C:79:73:DA:A5:46:A5:4B:ED:55:8F:90:EA:66:A6
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 786AA7B9A8EB658BCFF0BFB7060764336E7D35ED
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135352e3133332e38392e302f32342d3234203d3e20313336373837.roa
Signing time: Mon 26 Feb 2024 08:53:16 +0000
ROA not before: Mon 26 Feb 2024 08:48:16 +0000
ROA not after: Mon 24 Feb 2025 08:53:16 +0000
asID: 136787
IP address blocks: 155.133.89.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:6a:a7:b9:a8:eb:65:8b:cf:f0:bf:b7:06:07:64:33:6e:7d:35:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Feb 26 08:48:16 2024 GMT
Not After : Feb 24 08:53:16 2025 GMT
Subject: CN=1FFD7F2C978C7973DAA546A54BED558F90EA66A6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:c2:e4:19:a5:29:0a:38:e2:26:74:50:bb:b5:
05:4e:fe:26:35:7b:fb:11:b8:8f:bd:74:b9:b2:49:
ac:e1:6e:00:61:10:28:05:bc:71:57:8d:1f:ab:17:
5a:a8:49:b7:d9:53:ac:c8:e6:fc:12:ba:12:7f:0b:
77:84:de:61:56:79:44:b9:76:02:e6:14:6e:14:2f:
10:bd:7d:b1:dc:71:ba:e3:24:c2:99:57:0b:71:3c:
14:c7:06:dd:7f:f1:5b:00:50:c9:c5:e1:ca:d0:ec:
99:30:73:a2:c7:5f:71:0f:1d:a2:67:8d:fd:aa:b4:
ce:dd:1c:c1:b2:1f:5a:49:1b:88:72:53:fe:94:7a:
2b:80:1e:ec:94:51:a9:7c:81:ce:26:b9:c0:bd:d1:
1e:0f:08:0a:af:15:9a:e2:4c:fe:3d:18:87:90:e7:
b5:d8:49:c7:ac:c5:a8:07:b5:ad:fd:1a:a7:42:37:
9a:d5:2c:87:1b:66:05:69:60:fd:40:03:12:ef:7b:
11:8d:95:88:ab:26:85:a8:58:15:b5:cb:0c:11:1a:
cb:ba:6c:72:8f:c7:b5:99:4e:a6:f6:7e:ed:03:f8:
d3:b4:d2:8a:4a:82:4d:cc:e9:a9:f5:23:2d:b3:ba:
fc:24:07:47:5d:ae:55:c0:e4:83:6f:d1:37:a1:3a:
fd:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:FD:7F:2C:97:8C:79:73:DA:A5:46:A5:4B:ED:55:8F:90:EA:66:A6
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135352e3133332e38392e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
155.133.89.0/24
Signature Algorithm: sha256WithRSAEncryption
11:3a:7c:8f:04:87:ef:be:f6:42:d6:f1:24:9d:51:83:35:0a:
6e:a2:87:e5:0f:0a:74:c1:13:5c:df:6a:15:3e:c1:97:26:35:
1f:43:59:fd:d5:ab:8c:a4:40:3e:33:1f:e6:bb:14:b8:49:36:
62:1d:08:be:fd:f4:ab:86:9e:bc:c0:ca:b4:ce:6b:86:72:ce:
f2:ef:63:33:ab:79:d7:40:99:a3:f4:c4:cd:c3:e5:3a:68:44:
5e:82:8e:63:c0:29:61:67:e4:6d:09:84:0f:ec:cb:45:ef:f3:
50:08:3b:1f:5c:a4:b3:56:b8:8c:a0:9a:2a:04:16:2d:10:6c:
b0:06:fa:94:33:f9:1b:03:ef:35:cd:6c:61:e1:34:0f:d9:7d:
00:a0:8c:a9:b1:a8:ca:c8:59:b2:c6:5f:b6:72:57:0e:ea:c8:
9b:80:64:9f:95:63:e8:8d:52:12:50:5d:3e:34:8d:74:2e:35:
f1:2d:9d:c1:df:7f:b2:bc:64:16:6a:e3:43:e7:8d:a6:26:53:
1b:dd:d3:da:79:b6:a7:29:09:cb:ea:16:0a:ee:61:e1:5a:be:
b7:0f:d3:7e:9f:e5:16:87:84:cd:7c:3c:90:67:d9:15:3a:d9:
16:69:5c:03:6f:25:ee:7d:64:26:88:7e:f2:84:d7:fa:3a:fa:
bc:dc:74:38
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUeGqnuajrZYvP8L+3BgdkM259Ne0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDAyMjYwODQ4MTZaFw0yNTAyMjQwODUzMTZaMDMxMTAvBgNV
BAMTKDFGRkQ3RjJDOTc4Qzc5NzNEQUE1NDZBNTRCRUQ1NThGOTBFQTY2QTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvwuQZpSkKOOImdFC7tQVO/iY1
e/sRuI+9dLmySazhbgBhECgFvHFXjR+rF1qoSbfZU6zI5vwSuhJ/C3eE3mFWeUS5
dgLmFG4ULxC9fbHccbrjJMKZVwtxPBTHBt1/8VsAUMnF4crQ7Jkwc6LHX3EPHaJn
jf2qtM7dHMGyH1pJG4hyU/6UeiuAHuyUUal8gc4mucC90R4PCAqvFZriTP49GIeQ
57XYScesxagHta39GqdCN5rVLIcbZgVpYP1AAxLvexGNlYirJoWoWBW1ywwRGsu6
bHKPx7WZTqb2fu0D+NO00opKgk3M6an1Iy2zuvwkB0ddrlXA5INv0TehOv0pAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUH/1/LJeMeXPapUalS+1Vj5DqZqYwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNTM1MmUzMTMzMzMyZTM4
MzkyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACbhVkwDQYJKoZIhvcNAQELBQADggEBABE6fI8Eh+++9kLW8SSdUYM1Cm6ih+UP
CnTBE1zfahU+wZcmNR9DWf3Vq4ykQD4zH+a7FLhJNmIdCL799KuGnrzAyrTOa4Zy
zvLvYzOreddAmaP0xM3D5TpoRF6CjmPAKWFn5G0JhA/sy0Xv81AIOx9cpLNWuIyg
mioEFi0QbLAG+pQz+RsD7zXNbGHhNA/ZfQCgjKmxqMrIWbLGX7ZyVw7qyJuAZJ+V
Y+iNUhJQXT40jXQuNfEtncHff7K8ZBZq40PnjaYmUxvd09p5tqcpCcvqFgruYeFa
vrcP036f5RaHhM18PJBn2RU62RZpXANvJe59ZCaIfvKE1/o6+rzcdDg=
-----END CERTIFICATE-----
Generated at Mon Nov 25 03:29:12 2024 by rpki-client on console-ams.rpki-client.org