Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135362e36372e3130312e302f32342d3234203d3e20313336373837.roa
File: 3135362e36372e3130312e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: SvAO3AGTXUgxYCyBIYKBCJZW19BmZrBe5dzgwUNOcQA=
Subject key identifier: 5D:A4:38:73:D2:B1:F4:5F:CE:AA:4A:86:2D:1B:8A:60:D9:B8:2F:18
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 5033BC9FE70C6C8A6CBD88FA9A4D7293189571EB
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135362e36372e3130312e302f32342d3234203d3e20313336373837.roa
Signing time: Sun 26 Nov 2023 19:49:10 +0000
ROA not before: Sun 26 Nov 2023 19:44:10 +0000
ROA not after: Sun 24 Nov 2024 19:49:10 +0000
asID: 136787
IP address blocks: 156.67.101.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 May 2024 16:07:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
50:33:bc:9f:e7:0c:6c:8a:6c:bd:88:fa:9a:4d:72:93:18:95:71:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Nov 26 19:44:10 2023 GMT
Not After : Nov 24 19:49:10 2024 GMT
Subject: CN=5DA43873D2B1F45FCEAA4A862D1B8A60D9B82F18
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:ed:b9:10:f1:d7:ed:fd:84:54:e3:ba:1c:09:
0f:3e:6d:f9:d3:c5:c6:13:1e:27:30:a5:96:22:76:
fb:2a:e8:9d:8d:9e:9d:e3:a0:16:e7:65:a8:cd:45:
5d:86:31:2b:f2:42:fd:17:a1:3a:6e:3a:f1:63:ff:
5b:36:84:22:41:50:42:95:64:3c:23:1e:ed:72:0b:
2d:96:fc:ea:4d:ac:cb:0a:ba:c0:e1:c8:bf:8d:82:
b5:ea:eb:9d:a8:08:69:bc:35:8a:01:a3:fc:2a:a8:
f9:a6:18:35:21:b5:11:1b:ec:b2:54:0a:b3:9a:5f:
c7:3a:f5:54:bd:98:b9:e3:45:8a:3f:b5:64:39:46:
d6:22:43:fa:fe:2b:53:31:61:1e:a4:ae:25:cd:57:
44:da:a8:c2:d2:83:41:0e:28:6b:19:96:c6:4d:f5:
ac:23:27:10:b1:19:b6:d5:cb:f2:4f:b5:91:79:fa:
30:e0:96:3f:c2:50:a8:7c:5a:28:3e:9f:cb:e4:50:
c7:fc:cd:d7:b9:a5:30:c8:92:45:96:f0:17:aa:5a:
f9:e6:7b:ed:09:3a:a2:31:07:0b:2b:6c:80:23:72:
8b:9e:17:38:c6:e7:71:71:ef:b9:13:79:e9:99:87:
7c:44:ac:b6:de:92:a4:de:67:00:e9:8f:d9:f6:85:
48:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:A4:38:73:D2:B1:F4:5F:CE:AA:4A:86:2D:1B:8A:60:D9:B8:2F:18
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135362e36372e3130312e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
156.67.101.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:1a:1e:7e:a3:05:0b:95:79:4b:6e:ad:3c:59:81:7f:56:00:
40:92:51:55:16:16:23:37:69:35:57:e8:9a:58:b4:08:da:56:
3e:44:84:e6:84:76:91:e8:81:2e:4a:d9:fa:cb:49:e9:1e:39:
ab:ab:db:a5:f4:a7:97:6f:c9:dc:b3:0b:59:3f:6f:6c:99:39:
16:ae:6e:b0:2d:89:d1:c1:30:23:73:97:25:ef:88:bd:33:36:
52:9e:17:f0:f5:e9:a5:3e:05:97:dc:ae:d5:25:0f:28:dd:1a:
81:ac:d0:8e:64:4a:73:dc:30:c4:64:11:d4:07:4f:50:4b:ab:
dd:49:81:dd:a2:ea:0d:5f:5b:81:4f:91:ae:d7:1c:93:5d:28:
df:88:97:09:16:c8:c8:c6:c3:7b:00:c7:c2:53:5a:ac:74:e9:
c2:2e:cd:d9:d0:18:8c:4b:8f:02:ae:8b:4d:cb:1a:3d:40:44:
03:c6:aa:c3:9d:fa:1a:ab:2a:d4:b5:2d:24:70:12:02:a4:13:
ab:a6:9e:cb:77:92:50:56:8d:07:20:5e:52:4e:f8:ce:15:62:
0e:3e:46:30:dc:41:bb:2b:0f:cb:0d:1f:e2:45:8a:ab:e2:7c:
21:16:99:1d:22:49:8d:ab:69:d1:d9:41:40:dd:40:a6:85:7c:
a0:d6:76:a0
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUUDO8n+cMbIpsvYj6mk1ykxiVceswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yMzExMjYxOTQ0MTBaFw0yNDExMjQxOTQ5MTBaMDMxMTAvBgNV
BAMTKDVEQTQzODczRDJCMUY0NUZDRUFBNEE4NjJEMUI4QTYwRDlCODJGMTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/7bkQ8dft/YRU47ocCQ8+bfnT
xcYTHicwpZYidvsq6J2Nnp3joBbnZajNRV2GMSvyQv0XoTpuOvFj/1s2hCJBUEKV
ZDwjHu1yCy2W/OpNrMsKusDhyL+NgrXq652oCGm8NYoBo/wqqPmmGDUhtREb7LJU
CrOaX8c69VS9mLnjRYo/tWQ5RtYiQ/r+K1MxYR6kriXNV0TaqMLSg0EOKGsZlsZN
9awjJxCxGbbVy/JPtZF5+jDglj/CUKh8Wig+n8vkUMf8zde5pTDIkkWW8BeqWvnm
e+0JOqIxBwsrbIAjcoueFzjG53Fx77kTeemZh3xErLbekqTeZwDpj9n2hUiNAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUXaQ4c9Kx9F/OqkqGLRuKYNm4LxgwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNTM2MmUzNjM3MmUzMTMw
MzEyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACcQ2UwDQYJKoZIhvcNAQELBQADggEBAC0aHn6jBQuVeUturTxZgX9WAECSUVUW
FiM3aTVX6JpYtAjaVj5EhOaEdpHogS5K2frLSekeOaur26X0p5dvydyzC1k/b2yZ
ORaubrAtidHBMCNzlyXviL0zNlKeF/D16aU+BZfcrtUlDyjdGoGs0I5kSnPcMMRk
EdQHT1BLq91Jgd2i6g1fW4FPka7XHJNdKN+IlwkWyMjGw3sAx8JTWqx06cIuzdnQ
GIxLjwKui03LGj1ARAPGqsOd+hqrKtS1LSRwEgKkE6umnst3klBWjQcgXlJO+M4V
Yg4+RjDcQbsrD8sNH+JFiqvifCEWmR0iSY2radHZQUDdQKaFfKDWdqA=
-----END CERTIFICATE-----
Generated at Wed May 8 19:21:53 2024 by rpki-client on console-ams.rpki-client.org