Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135352e3133332e39312e302f32342d3234203d3e20313336373837.roa
File: 3135352e3133332e39312e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: tZrSodZb0EkmwwoxU/BPiphLzo7axSGny4V2hpIZWtI=
Subject key identifier: 89:8F:D3:F8:03:A6:4C:54:63:AA:98:E1:AA:82:2F:EC:24:6D:6D:7B
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 5F7020F29C2ED849C74617CABDF490EC114BE675
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135352e3133332e39312e302f32342d3234203d3e20313336373837.roa
Signing time: Sun 26 Nov 2023 19:48:35 +0000
ROA not before: Sun 26 Nov 2023 19:43:35 +0000
ROA not after: Sun 24 Nov 2024 19:48:35 +0000
asID: 136787
IP address blocks: 155.133.91.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 08 May 2024 14:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5f:70:20:f2:9c:2e:d8:49:c7:46:17:ca:bd:f4:90:ec:11:4b:e6:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Nov 26 19:43:35 2023 GMT
Not After : Nov 24 19:48:35 2024 GMT
Subject: CN=898FD3F803A64C5463AA98E1AA822FEC246D6D7B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:ff:34:b7:02:89:41:86:97:ef:d9:86:2a:9c:
fc:bc:6a:4d:25:df:cc:22:55:38:51:25:00:d9:76:
20:82:d9:e5:c8:bb:9d:48:a9:01:1f:96:51:99:b1:
02:a8:82:53:bd:f1:f1:f1:92:10:97:10:e9:ba:fc:
40:1d:17:fb:d8:26:62:d7:46:08:a4:92:e6:83:f9:
21:89:2b:94:51:91:dd:72:6f:68:4a:4a:19:d9:62:
c8:65:44:7a:11:51:5a:98:d8:13:b2:a6:13:51:5e:
be:c0:ce:43:40:e9:a6:90:da:86:0f:43:47:7c:60:
46:fe:b7:02:56:56:38:c2:53:9a:4a:9d:12:64:89:
d5:bd:81:3f:39:49:5d:b5:56:60:c7:b3:b5:c1:9f:
e4:dd:c2:6f:73:b2:91:8a:db:69:8e:47:3d:63:a9:
ce:fd:b1:ac:eb:54:f3:cc:91:f5:b8:00:e1:84:8a:
05:e8:e2:ec:e2:c3:1d:17:66:ba:c7:6c:aa:fc:0c:
1d:f9:0c:10:ab:6c:28:5b:6f:d4:e4:f6:98:6e:20:
7d:38:e0:a9:3b:09:27:4c:cb:ff:63:29:2c:ea:b5:
00:df:a2:3b:d9:c9:ee:53:a0:61:f6:28:a3:35:6f:
84:c9:cd:0c:e0:c9:c2:6a:ab:0b:76:34:7b:d2:23:
ea:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:8F:D3:F8:03:A6:4C:54:63:AA:98:E1:AA:82:2F:EC:24:6D:6D:7B
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135352e3133332e39312e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
155.133.91.0/24
Signature Algorithm: sha256WithRSAEncryption
a1:b2:9c:35:3a:75:52:38:9c:45:16:4a:44:d3:df:82:07:00:
29:8f:4d:36:d5:5c:98:c5:e0:36:67:a8:d9:2b:e2:b4:cf:10:
b8:17:da:c6:58:25:91:1a:1d:c0:b5:97:7c:12:87:f2:13:54:
70:2c:01:34:72:d8:82:c1:fd:47:1c:21:c2:9d:f0:c9:e1:2d:
21:6d:20:7d:94:f4:43:de:50:da:2e:bc:ea:5a:a5:aa:e9:a7:
28:76:29:a9:1e:9a:e5:ac:02:41:df:a7:60:3a:86:d1:46:88:
40:b1:cd:e9:8b:64:ff:fd:61:05:81:b4:37:04:84:3e:8c:ff:
1a:d9:d4:26:44:c0:f2:36:8b:81:3c:84:19:09:40:c1:18:51:
75:73:2b:60:92:2f:0e:cf:dd:9c:09:a4:55:bf:29:29:d9:71:
1d:40:f6:35:bc:b5:b4:88:24:fc:fb:43:8f:ce:3a:48:49:3f:
7a:10:84:ca:32:10:60:8e:ed:5e:3b:13:5b:89:83:e3:dd:e3:
26:f0:c7:b2:59:2d:28:bf:e0:9d:51:b9:41:cb:ca:66:d0:8c:
9f:52:24:8c:f6:e4:8d:ab:37:a3:da:51:6f:83:7a:dd:06:f3:
5f:1d:a1:6c:47:d9:83:85:7b:19:83:ff:60:7a:22:4c:0f:62:
0b:e2:9a:a3
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUX3Ag8pwu2EnHRhfKvfSQ7BFL5nUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yMzExMjYxOTQzMzVaFw0yNDExMjQxOTQ4MzVaMDMxMTAvBgNV
BAMTKDg5OEZEM0Y4MDNBNjRDNTQ2M0FBOThFMUFBODIyRkVDMjQ2RDZEN0IwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCt/zS3AolBhpfv2YYqnPy8ak0l
38wiVThRJQDZdiCC2eXIu51IqQEfllGZsQKoglO98fHxkhCXEOm6/EAdF/vYJmLX
RgikkuaD+SGJK5RRkd1yb2hKShnZYshlRHoRUVqY2BOyphNRXr7AzkNA6aaQ2oYP
Q0d8YEb+twJWVjjCU5pKnRJkidW9gT85SV21VmDHs7XBn+Tdwm9zspGK22mORz1j
qc79sazrVPPMkfW4AOGEigXo4uziwx0XZrrHbKr8DB35DBCrbChbb9Tk9phuIH04
4Kk7CSdMy/9jKSzqtQDfojvZye5ToGH2KKM1b4TJzQzgycJqqwt2NHvSI+qdAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUiY/T+AOmTFRjqpjhqoIv7CRtbXswHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNTM1MmUzMTMzMzMyZTM5
MzEyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACbhVswDQYJKoZIhvcNAQELBQADggEBAKGynDU6dVI4nEUWSkTT34IHACmPTTbV
XJjF4DZnqNkr4rTPELgX2sZYJZEaHcC1l3wSh/ITVHAsATRy2ILB/UccIcKd8Mnh
LSFtIH2U9EPeUNouvOpaparppyh2KakemuWsAkHfp2A6htFGiECxzemLZP/9YQWB
tDcEhD6M/xrZ1CZEwPI2i4E8hBkJQMEYUXVzK2CSLw7P3ZwJpFW/KSnZcR1A9jW8
tbSIJPz7Q4/OOkhJP3oQhMoyEGCO7V47E1uJg+Pd4ybwx7JZLSi/4J1RuUHLymbQ
jJ9SJIz25I2rN6PaUW+Det0G818doWxH2YOFexmD/2B6IkwPYgvimqM=
-----END CERTIFICATE-----
Generated at Tue May 7 21:49:14 2024 by rpki-client on console-ams.rpki-client.org