Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135362e36372e3130302e302f32342d3234203d3e20313336373837.roa
File: 3135362e36372e3130302e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: 2j9IpP2Q7VWInLkgraZP8yiauu4mkaX7GdZvmHsgycQ=
Subject key identifier: 2B:BE:9C:9E:8A:32:09:1B:1A:CA:4C:14:DE:A6:01:BF:34:3C:FC:EC
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 0DA854534B3FE3352EBA76F3983C5E7A8B30DDE3
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135362e36372e3130302e302f32342d3234203d3e20313336373837.roa
Signing time: Sun 12 May 2024 11:03:39 +0000
ROA not before: Sun 12 May 2024 10:58:39 +0000
ROA not after: Sun 11 May 2025 11:03:39 +0000
asID: 136787
IP address blocks: 156.67.100.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0d:a8:54:53:4b:3f:e3:35:2e:ba:76:f3:98:3c:5e:7a:8b:30:dd:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: May 12 10:58:39 2024 GMT
Not After : May 11 11:03:39 2025 GMT
Subject: CN=2BBE9C9E8A32091B1ACA4C14DEA601BF343CFCEC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:2c:3e:eb:8d:5f:90:95:d0:6d:8b:b5:2f:6f:
80:99:27:27:00:5c:63:14:e3:07:c7:71:12:4d:b3:
6a:0c:81:84:69:ad:c8:6f:5a:7b:7f:95:27:84:b6:
cf:e1:06:3d:c4:85:dc:65:ed:82:44:65:cc:d8:8a:
47:ea:1e:b0:47:13:37:7b:fd:ee:f6:7c:bd:44:a1:
44:e3:46:c2:6d:37:25:94:75:23:10:5c:10:20:9a:
a5:d4:59:30:94:72:f0:04:58:d1:9e:3f:16:68:15:
af:d6:4f:61:b4:8d:95:49:35:ef:ed:69:15:07:14:
81:18:4a:69:54:b4:1a:d4:1a:c3:0d:9d:03:50:01:
04:97:d3:f5:72:04:a6:fe:e4:b3:41:25:d7:a9:87:
6e:53:e4:f2:c1:12:16:c9:9c:86:4b:39:d3:73:27:
97:57:39:40:01:b9:5a:14:2a:bf:88:39:22:bd:94:
d6:c5:fb:6a:5b:e6:38:a1:e9:12:fc:80:85:f7:dc:
4a:c0:01:46:e9:c2:71:55:8c:ba:8a:c2:90:41:a2:
c1:a3:cc:69:d6:88:ca:f1:e2:78:c4:64:4c:99:f4:
71:e6:84:7d:c6:bd:55:d9:dc:65:74:2d:dc:84:84:
99:0e:17:5c:d8:38:4e:c8:fc:42:ec:54:5e:64:ba:
64:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:BE:9C:9E:8A:32:09:1B:1A:CA:4C:14:DE:A6:01:BF:34:3C:FC:EC
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135362e36372e3130302e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
156.67.100.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:10:90:9b:8a:e1:20:3f:3b:6e:d4:49:05:ce:24:b1:0a:7f:
ae:a5:59:52:9f:98:25:9c:38:28:d0:65:92:b2:62:86:c9:29:
3f:e6:08:7b:b9:65:e4:d5:f8:70:85:71:f4:38:26:b0:da:1b:
cc:00:8f:0e:fe:e9:a1:f2:4a:cd:e8:73:3b:4d:f3:78:8f:fa:
e4:9b:80:11:5a:66:ca:58:62:a4:2b:d4:02:30:5c:9c:3f:fa:
3c:21:2f:33:99:1a:96:2b:16:ac:c0:4f:20:91:59:fe:03:7a:
20:c9:8b:51:ff:24:11:65:b6:5f:c6:d0:69:0e:7c:92:bf:55:
78:9d:aa:56:62:f6:c8:ee:ee:46:44:3c:a0:f2:6f:25:fa:93:
eb:e1:59:17:90:4d:3c:fb:35:72:87:3f:7e:fd:a0:9a:a7:c2:
9c:ee:54:02:a2:27:7a:d7:56:79:8e:54:2b:c6:db:c1:b3:9e:
4d:4a:8f:d5:92:44:24:54:4d:8f:de:48:80:50:49:02:c1:20:
c0:43:ac:a9:2c:be:42:57:31:3e:db:22:9d:3e:5e:76:55:41:
8d:fd:c5:45:df:e8:58:5d:55:e3:33:7c:bb:9d:04:26:e7:c2:
e7:17:ae:eb:44:41:35:a1:58:d5:34:5b:69:d3:d0:3d:e7:4d:
3a:ee:11:f0
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUDahUU0s/4zUuunbzmDxeeosw3eMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDA1MTIxMDU4MzlaFw0yNTA1MTExMTAzMzlaMDMxMTAvBgNV
BAMTKDJCQkU5QzlFOEEzMjA5MUIxQUNBNEMxNERFQTYwMUJGMzQzQ0ZDRUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCwLD7rjV+QldBti7Uvb4CZJycA
XGMU4wfHcRJNs2oMgYRprchvWnt/lSeEts/hBj3Ehdxl7YJEZczYikfqHrBHEzd7
/e72fL1EoUTjRsJtNyWUdSMQXBAgmqXUWTCUcvAEWNGePxZoFa/WT2G0jZVJNe/t
aRUHFIEYSmlUtBrUGsMNnQNQAQSX0/VyBKb+5LNBJdeph25T5PLBEhbJnIZLOdNz
J5dXOUABuVoUKr+IOSK9lNbF+2pb5jih6RL8gIX33ErAAUbpwnFVjLqKwpBBosGj
zGnWiMrx4njEZEyZ9HHmhH3GvVXZ3GV0LdyEhJkOF1zYOE7I/ELsVF5kumQLAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUK76cnooyCRsaykwU3qYBvzQ8/OwwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNTM2MmUzNjM3MmUzMTMw
MzAyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACcQ2QwDQYJKoZIhvcNAQELBQADggEBAJsQkJuK4SA/O27USQXOJLEKf66lWVKf
mCWcOCjQZZKyYobJKT/mCHu5ZeTV+HCFcfQ4JrDaG8wAjw7+6aHySs3ocztN83iP
+uSbgBFaZspYYqQr1AIwXJw/+jwhLzOZGpYrFqzATyCRWf4DeiDJi1H/JBFltl/G
0GkOfJK/VXidqlZi9sju7kZEPKDybyX6k+vhWReQTTz7NXKHP379oJqnwpzuVAKi
J3rXVnmOVCvG28Gznk1Kj9WSRCRUTY/eSIBQSQLBIMBDrKksvkJXMT7bIp0+XnZV
QY39xUXf6FhdVeMzfLudBCbnwucXrutEQTWhWNU0W2nT0D3nTTruEfA=
-----END CERTIFICATE-----
Generated at Mon Nov 25 03:29:12 2024 by rpki-client on console-ams.rpki-client.org