Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135362e36372e3130322e302f32342d3234203d3e20313336373837.roa
File: 3135362e36372e3130322e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: OJL8hVWBRWtfzorN1PGrn14mK3cKodj8S7x7x84wzek=
Subject key identifier: F0:E7:15:09:66:F6:0F:35:94:5C:27:29:CC:B1:2F:6E:71:ED:FB:8E
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 13A678E7D5FFE92690B4159AB991F2F8872FDF92
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135362e36372e3130322e302f32342d3234203d3e20313336373837.roa
Signing time: Sun 27 Oct 2024 20:05:17 +0000
ROA not before: Sun 27 Oct 2024 20:00:17 +0000
ROA not after: Sun 26 Oct 2025 20:05:17 +0000
asID: 136787
IP address blocks: 156.67.102.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 13:21:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
13:a6:78:e7:d5:ff:e9:26:90:b4:15:9a:b9:91:f2:f8:87:2f:df:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Oct 27 20:00:17 2024 GMT
Not After : Oct 26 20:05:17 2025 GMT
Subject: CN=F0E7150966F60F35945C2729CCB12F6E71EDFB8E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:59:ed:af:eb:fc:64:31:25:6a:cd:3f:0d:62:
13:d0:43:9e:90:fa:54:34:84:23:83:f7:37:ee:c0:
de:05:cf:ae:29:13:f0:20:8c:1b:e2:92:22:6e:69:
06:23:7d:1a:bf:48:6c:98:0a:24:4e:e1:cf:e3:c4:
ba:b0:ca:7d:3e:ae:e1:95:53:da:2d:09:11:24:85:
dd:29:2d:c6:11:5b:bb:41:42:e2:69:8a:41:b9:22:
14:8e:c3:b1:47:cc:c4:f3:1c:19:7a:6f:65:07:3e:
7b:5b:b8:be:05:ef:67:13:f5:31:e1:aa:2a:23:8a:
ab:22:eb:94:13:a9:87:4d:ea:90:f3:51:cf:e6:5c:
80:3b:a8:bf:fd:12:3b:ad:47:3c:78:c2:a7:59:99:
60:e6:85:d2:e2:b9:54:02:13:c8:4e:02:44:54:46:
2d:dc:91:27:54:ed:a4:f6:7d:44:22:b4:0d:bc:8f:
23:91:32:ef:af:7c:1b:5c:66:ae:82:a7:3f:1f:1d:
d4:24:9b:2c:e2:cd:c5:98:df:fd:3c:b6:eb:08:8a:
01:9b:22:05:14:8a:4e:46:f9:76:47:1d:0b:b8:0e:
9e:e0:29:c4:a2:02:90:52:59:31:b6:f0:46:a5:87:
55:c9:18:90:21:03:61:1a:ca:44:c9:3d:71:30:80:
0a:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:E7:15:09:66:F6:0F:35:94:5C:27:29:CC:B1:2F:6E:71:ED:FB:8E
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135362e36372e3130322e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
156.67.102.0/24
Signature Algorithm: sha256WithRSAEncryption
80:f6:f4:a0:56:dd:47:ca:6e:55:6d:ea:35:95:ca:7c:f1:e6:
5e:d4:b8:7f:1d:d5:09:f4:64:64:cd:e9:58:5f:18:63:17:34:
1f:c8:c0:6c:24:81:17:a9:65:a7:3e:ac:b2:1c:36:73:8b:f1:
12:8e:30:9e:d1:bc:ab:b7:d4:8d:68:da:99:2e:7f:0e:04:ff:
1f:ea:e4:1f:d8:55:02:c1:5c:cb:ec:0b:06:e6:84:87:62:f5:
7c:6a:97:12:2e:1e:ff:cc:2f:4a:d0:e1:58:6f:40:85:5e:f0:
89:64:09:06:a0:23:60:00:87:f8:c3:c9:e0:33:7b:9d:00:d8:
32:f4:0c:1f:a7:f7:7f:36:3e:e2:13:e7:0e:f0:f7:db:9d:85:
8e:ba:55:f5:1a:98:8d:82:79:e4:51:98:09:ac:c4:44:d7:5f:
7f:5a:79:55:31:ef:06:97:c1:b4:93:0e:e8:50:00:15:17:cc:
ba:a2:91:47:16:2c:af:f0:0b:b9:aa:28:55:62:67:85:93:34:
5b:da:65:85:71:a2:7c:0d:f8:0e:f3:34:f0:d2:20:c8:2a:94:
f3:f7:1c:71:85:fa:3d:96:2c:be:b7:52:c6:76:28:10:9e:04:
0e:f7:40:b1:01:50:82:d1:7a:c6:d7:c6:eb:91:2e:f7:ff:b5:
86:ee:bb:f1
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUE6Z459X/6SaQtBWauZHy+Icv35IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDEwMjcyMDAwMTdaFw0yNTEwMjYyMDA1MTdaMDMxMTAvBgNV
BAMTKEYwRTcxNTA5NjZGNjBGMzU5NDVDMjcyOUNDQjEyRjZFNzFFREZCOEUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKWe2v6/xkMSVqzT8NYhPQQ56Q
+lQ0hCOD9zfuwN4Fz64pE/AgjBvikiJuaQYjfRq/SGyYCiRO4c/jxLqwyn0+ruGV
U9otCREkhd0pLcYRW7tBQuJpikG5IhSOw7FHzMTzHBl6b2UHPntbuL4F72cT9THh
qiojiqsi65QTqYdN6pDzUc/mXIA7qL/9EjutRzx4wqdZmWDmhdLiuVQCE8hOAkRU
Ri3ckSdU7aT2fUQitA28jyORMu+vfBtcZq6Cpz8fHdQkmyzizcWY3/08tusIigGb
IgUUik5G+XZHHQu4Dp7gKcSiApBSWTG28Ealh1XJGJAhA2EaykTJPXEwgArVAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU8OcVCWb2DzWUXCcpzLEvbnHt+44wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNTM2MmUzNjM3MmUzMTMw
MzIyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACcQ2YwDQYJKoZIhvcNAQELBQADggEBAID29KBW3UfKblVt6jWVynzx5l7UuH8d
1Qn0ZGTN6VhfGGMXNB/IwGwkgRepZac+rLIcNnOL8RKOMJ7RvKu31I1o2pkufw4E
/x/q5B/YVQLBXMvsCwbmhIdi9XxqlxIuHv/ML0rQ4VhvQIVe8IlkCQagI2AAh/jD
yeAze50A2DL0DB+n9382PuIT5w7w99udhY66VfUamI2CeeRRmAmsxETXX39aeVUx
7waXwbSTDuhQABUXzLqikUcWLK/wC7mqKFViZ4WTNFvaZYVxonwN+A7zNPDSIMgq
lPP3HHGF+j2WLL63UsZ2KBCeBA73QLEBUILResbXxuuRLvf/tYbuu/E=
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:40:39 2025 by rpki-client