Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135362e36372e3130312e302f32342d3234203d3e20313336373837.roa
File: 3135362e36372e3130312e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: BtQ+SYjyjiaB94CwGzRq5mo7EY1wlXWD9marsPZccCA=
Subject key identifier: 06:B0:2F:5E:E0:42:E0:72:E4:DF:35:EC:37:40:33:27:9D:B9:62:96
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 5C6FC41D499A240FFF94645A5FF3A2A1FB8F6FD5
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135362e36372e3130312e302f32342d3234203d3e20313336373837.roa
Signing time: Sun 27 Oct 2024 20:05:16 +0000
ROA not before: Sun 27 Oct 2024 20:00:16 +0000
ROA not after: Sun 26 Oct 2025 20:05:16 +0000
asID: 136787
IP address blocks: 156.67.101.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5c:6f:c4:1d:49:9a:24:0f:ff:94:64:5a:5f:f3:a2:a1:fb:8f:6f:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Oct 27 20:00:16 2024 GMT
Not After : Oct 26 20:05:16 2025 GMT
Subject: CN=06B02F5EE042E072E4DF35EC374033279DB96296
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:5b:2e:22:f1:5d:fa:6a:a5:7f:71:b9:ab:5a:
b0:a4:7d:39:e0:70:2d:84:90:1c:49:cb:66:92:63:
40:12:49:cd:0f:b5:04:c9:ba:3c:d2:65:b5:2f:f0:
9e:63:d3:5e:3b:7b:f6:71:77:40:6e:95:b1:ce:97:
b0:32:8e:83:88:cf:47:c2:bb:51:b4:20:60:c9:b2:
47:44:ce:bc:55:1e:d0:bb:39:a1:04:db:62:19:76:
25:85:b6:f0:ae:c7:a2:50:ff:92:ac:78:8d:88:7d:
e2:53:29:f0:39:90:95:1a:2b:11:f7:42:5f:7e:04:
a6:57:6c:a7:2d:d7:b4:a3:f1:d3:fe:fc:e0:f6:3c:
89:ed:8b:a8:cc:ba:31:54:e0:41:97:52:d0:0b:a7:
cc:0d:f8:a9:19:b5:df:1b:ba:f6:91:bc:78:de:2b:
bd:3b:44:6e:ba:c8:c7:e3:67:ab:b8:a4:cd:f4:6c:
58:2a:bd:e3:29:92:da:0e:fe:15:08:bb:b7:dd:0a:
2d:fd:ff:77:2b:29:c7:16:87:5e:9d:b6:05:05:f5:
5d:c0:92:02:3b:47:4e:2a:98:cf:22:9b:58:6e:d5:
a5:4a:93:61:d1:f2:42:e5:85:33:5f:4a:b6:43:e6:
ca:3d:a5:f9:63:2a:b7:f5:18:84:37:fa:3b:aa:e1:
53:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:B0:2F:5E:E0:42:E0:72:E4:DF:35:EC:37:40:33:27:9D:B9:62:96
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135362e36372e3130312e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
156.67.101.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:0f:b5:b9:52:81:f9:88:25:6e:9f:15:af:ee:e0:42:26:4c:
3a:c1:b5:6f:bd:06:2b:d7:f3:e8:d3:93:fe:13:b5:6e:24:db:
3a:cd:08:53:30:91:9f:15:28:00:aa:bd:a2:1f:e1:3e:6f:2e:
cc:bb:0c:df:f5:74:00:56:08:f3:27:06:59:3a:e4:52:3f:a2:
2c:db:a3:8a:24:79:97:e6:1b:6b:51:b9:74:0c:7e:77:0b:7f:
27:d3:57:91:bb:53:2b:bb:39:d7:9f:d1:5d:c2:27:10:73:09:
7e:10:f1:4a:29:77:36:7f:49:ac:a2:a8:b9:87:cf:d2:a1:86:
eb:af:d1:dd:7b:68:be:98:fe:6e:02:3a:49:52:73:d3:45:56:
e1:39:e1:88:1d:fd:26:0a:1b:6d:75:c5:40:fe:3c:97:16:0f:
34:11:39:e7:39:2c:60:22:66:6c:8c:75:46:3f:80:ed:03:ce:
6c:ab:a5:25:8d:ad:84:49:26:d6:67:fc:9e:e2:a8:2b:ca:b6:
83:ca:52:7c:98:b3:dc:56:15:75:5d:9b:a7:ed:5f:af:b4:ee:
80:fc:57:a4:19:64:d2:ae:74:32:f3:e6:04:1c:41:29:a9:37:
e1:a1:a6:71:bb:2d:f2:2a:e2:34:8a:43:64:2c:5e:d1:90:cd:
2e:fc:5b:ff
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUXG/EHUmaJA//lGRaX/OiofuPb9UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDEwMjcyMDAwMTZaFw0yNTEwMjYyMDA1MTZaMDMxMTAvBgNV
BAMTKDA2QjAyRjVFRTA0MkUwNzJFNERGMzVFQzM3NDAzMzI3OURCOTYyOTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDdWy4i8V36aqV/cbmrWrCkfTng
cC2EkBxJy2aSY0ASSc0PtQTJujzSZbUv8J5j0147e/Zxd0BulbHOl7AyjoOIz0fC
u1G0IGDJskdEzrxVHtC7OaEE22IZdiWFtvCux6JQ/5KseI2IfeJTKfA5kJUaKxH3
Ql9+BKZXbKct17Sj8dP+/OD2PInti6jMujFU4EGXUtALp8wN+KkZtd8buvaRvHje
K707RG66yMfjZ6u4pM30bFgqveMpktoO/hUIu7fdCi39/3crKccWh16dtgUF9V3A
kgI7R04qmM8im1hu1aVKk2HR8kLlhTNfSrZD5so9pfljKrf1GIQ3+juq4VPJAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUBrAvXuBC4HLk3zXsN0AzJ525YpYwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNTM2MmUzNjM3MmUzMTMw
MzEyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACcQ2UwDQYJKoZIhvcNAQELBQADggEBABoPtblSgfmIJW6fFa/u4EImTDrBtW+9
BivX8+jTk/4TtW4k2zrNCFMwkZ8VKACqvaIf4T5vLsy7DN/1dABWCPMnBlk65FI/
oizbo4okeZfmG2tRuXQMfncLfyfTV5G7Uyu7Odef0V3CJxBzCX4Q8UopdzZ/Sayi
qLmHz9Khhuuv0d17aL6Y/m4COklSc9NFVuE54Ygd/SYKG211xUD+PJcWDzQROec5
LGAiZmyMdUY/gO0DzmyrpSWNrYRJJtZn/J7iqCvKtoPKUnyYs9xWFXVdm6ftX6+0
7oD8V6QZZNKudDLz5gQcQSmpN+GhpnG7LfIq4jSKQ2QsXtGQzS78W/8=
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:07:02 2024 by rpki-client on console-fra.rpki-client.org