Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135362e36372e3130302e302f32342d3234203d3e20313336373837.roa
File: 3135362e36372e3130302e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: ZgyyF77sG91jkuzx+xmNh8x78jGGJYnSLMqxBPWm0RE=
Subject key identifier: CE:0D:0B:B8:53:E3:92:2B:F9:D5:87:6B:06:2A:85:86:E5:2B:8B:90
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 03EF9D6A20CD22E866E112B961F97409D88AF695
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135362e36372e3130302e302f32342d3234203d3e20313336373837.roa
Signing time: Sun 11 Jun 2023 11:01:16 +0000
ROA not before: Sun 11 Jun 2023 10:56:16 +0000
ROA not after: Sun 09 Jun 2024 11:01:16 +0000
asID: 136787
IP address blocks: 156.67.100.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 08 May 2024 14:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
03:ef:9d:6a:20:cd:22:e8:66:e1:12:b9:61:f9:74:09:d8:8a:f6:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jun 11 10:56:16 2023 GMT
Not After : Jun 9 11:01:16 2024 GMT
Subject: CN=CE0D0BB853E3922BF9D5876B062A8586E52B8B90
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:61:94:06:73:73:a3:95:04:d8:0b:46:58:f1:
8d:d5:0d:3e:fc:56:f7:bc:bf:70:40:35:ed:92:38:
36:b3:4a:24:e8:ff:f3:ba:16:be:02:16:55:6f:ed:
c2:58:b3:72:4c:86:35:9d:da:e3:19:a2:ae:35:80:
eb:ee:c7:fe:22:86:d1:51:cd:39:6d:f9:0d:5d:18:
47:80:e9:8a:07:cc:bf:7c:7e:97:23:19:95:ab:49:
87:c4:a1:6c:5b:31:75:f3:d5:63:74:c8:ad:bc:af:
8a:6d:e0:e7:50:57:0d:6c:08:77:2d:25:e3:83:f2:
49:48:c0:34:e1:be:02:19:eb:74:b9:f9:79:65:89:
f4:35:22:7d:39:34:31:f9:a1:98:c8:82:0b:75:5c:
f1:7f:c7:1b:14:e0:1b:a0:60:a8:d8:53:cc:a1:f4:
30:7f:8e:4b:39:b7:4c:81:33:73:95:e1:d0:e7:64:
ae:b1:d6:91:db:f6:6e:1a:12:e6:0d:da:40:59:69:
5e:61:2c:f1:a1:8e:a8:f4:ef:7d:a3:b0:01:6e:bf:
3e:38:a3:53:05:c9:35:ef:80:fa:95:26:f5:65:b5:
97:ce:e0:00:dc:74:68:c0:61:fc:dd:6f:ea:cd:ab:
a6:d8:7f:f5:fb:9f:58:f6:87:9c:d3:36:36:9e:31:
23:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:0D:0B:B8:53:E3:92:2B:F9:D5:87:6B:06:2A:85:86:E5:2B:8B:90
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135362e36372e3130302e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
156.67.100.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:fb:53:af:b4:57:f3:51:46:e0:c7:cf:58:88:62:4d:9d:0a:
ec:e2:cb:9f:73:03:c9:1c:05:91:80:64:8a:f1:25:50:f5:0c:
86:12:b3:42:ca:e4:d3:ad:55:8b:17:60:71:9f:9c:35:da:ec:
e2:01:f0:4c:8d:9d:8c:91:e9:b0:54:75:cc:72:62:8f:44:4b:
f7:7a:2b:bf:29:66:34:6d:e7:ae:ae:54:6d:b4:10:17:c6:d6:
d7:d1:ff:06:3f:c2:b3:1f:9c:45:9c:6f:62:7b:be:70:9f:92:
f6:79:70:16:66:70:85:1b:d7:f1:3d:b7:d9:94:5d:12:d3:ae:
1f:54:6a:96:15:da:ce:ad:e3:3f:da:9c:ff:81:e5:d6:ae:3d:
da:eb:c2:4c:8f:14:b1:c7:06:c1:19:5c:f0:04:29:84:25:7e:
56:a8:3f:e3:13:7d:38:95:8c:f8:cb:4e:ac:1c:c9:c9:15:d0:
a3:bf:eb:eb:9b:35:34:87:99:db:8c:16:4f:72:ce:80:8d:d6:
87:93:21:e6:f4:e5:66:37:84:7d:f5:bb:ce:a2:37:cf:91:c0:
40:20:e2:3e:9f:ed:88:ab:a6:aa:35:ee:87:86:ef:96:23:2c:
7d:e7:aa:36:96:cc:2e:32:a7:5e:a1:0e:fc:6d:74:e9:25:0e:
be:b3:65:18
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUA++daiDNIuhm4RK5Yfl0CdiK9pUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yMzA2MTExMDU2MTZaFw0yNDA2MDkxMTAxMTZaMDMxMTAvBgNV
BAMTKENFMEQwQkI4NTNFMzkyMkJGOUQ1ODc2QjA2MkE4NTg2RTUyQjhCOTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMYZQGc3OjlQTYC0ZY8Y3VDT78
Vve8v3BANe2SODazSiTo//O6Fr4CFlVv7cJYs3JMhjWd2uMZoq41gOvux/4ihtFR
zTlt+Q1dGEeA6YoHzL98fpcjGZWrSYfEoWxbMXXz1WN0yK28r4pt4OdQVw1sCHct
JeOD8klIwDThvgIZ63S5+XllifQ1In05NDH5oZjIggt1XPF/xxsU4BugYKjYU8yh
9DB/jks5t0yBM3OV4dDnZK6x1pHb9m4aEuYN2kBZaV5hLPGhjqj0732jsAFuvz44
o1MFyTXvgPqVJvVltZfO4ADcdGjAYfzdb+rNq6bYf/X7n1j2h5zTNjaeMSPXAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUzg0LuFPjkiv51YdrBiqFhuUri5AwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNTM2MmUzNjM3MmUzMTMw
MzAyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACcQ2QwDQYJKoZIhvcNAQELBQADggEBACz7U6+0V/NRRuDHz1iIYk2dCuziy59z
A8kcBZGAZIrxJVD1DIYSs0LK5NOtVYsXYHGfnDXa7OIB8EyNnYyR6bBUdcxyYo9E
S/d6K78pZjRt566uVG20EBfG1tfR/wY/wrMfnEWcb2J7vnCfkvZ5cBZmcIUb1/E9
t9mUXRLTrh9UapYV2s6t4z/anP+B5dauPdrrwkyPFLHHBsEZXPAEKYQlflaoP+MT
fTiVjPjLTqwcyckV0KO/6+ubNTSHmduMFk9yzoCN1oeTIeb05WY3hH31u86iN8+R
wEAg4j6f7Yirpqo17oeG75YjLH3nqjaWzC4yp16hDvxtdOklDr6zZRg=
-----END CERTIFICATE-----
Generated at Tue May 7 21:04:27 2024 by rpki-client on console-fra.rpki-client.org