Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135362e36372e3130342e302f32332d3332203d3e20313431393935.roa
File: 3135362e36372e3130342e302f32332d3332203d3e20313431393935.roa (raw, json)
Hash identifier: 5UnYFEvsk7sTQDmvZHAeXr9DKcHEPJD0YFHb96CuG1w=
Subject key identifier: E6:0E:33:90:8D:77:EF:97:FB:F6:14:95:1C:C1:32:21:16:35:50:A3
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 0BF945D88B2672854CA90B29173368FDA6709875
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135362e36372e3130342e302f32332d3332203d3e20313431393935.roa
Signing time: Mon 10 Jun 2024 11:02:18 +0000
ROA not before: Mon 10 Jun 2024 10:57:18 +0000
ROA not after: Mon 09 Jun 2025 11:02:18 +0000
asID: 141995
IP address blocks: 156.67.104.0/23 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0b:f9:45:d8:8b:26:72:85:4c:a9:0b:29:17:33:68:fd:a6:70:98:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jun 10 10:57:18 2024 GMT
Not After : Jun 9 11:02:18 2025 GMT
Subject: CN=E60E33908D77EF97FBF614951CC13221163550A3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:16:54:6f:05:12:ef:c4:1e:2d:aa:45:76:3a:
ea:a0:05:b3:7d:b1:ff:63:68:d4:01:e4:8a:04:06:
54:da:0c:41:8b:00:23:6c:66:94:0d:f4:41:8c:2a:
cd:cf:7f:43:74:0c:b7:e6:0f:f1:af:b8:81:80:d1:
a0:5a:6a:ce:7e:06:ed:05:e8:87:66:78:2f:14:6d:
ce:79:81:c8:ac:7f:2f:62:79:b1:53:cc:ef:22:1f:
91:d1:be:e2:67:5c:6e:51:98:8b:13:ec:7c:75:e0:
9e:88:e5:bf:6a:4a:ca:72:33:80:ff:0a:ce:25:22:
e2:40:ab:38:c9:a3:49:e0:f6:db:e6:25:b9:cf:4f:
65:1e:0a:60:dd:48:a3:34:8c:3b:e2:b5:1d:70:14:
61:60:c7:e7:98:2d:3f:f8:d7:e8:de:5e:61:85:79:
cb:eb:7d:34:3f:ff:2d:0d:56:6c:e3:c5:78:01:a5:
ce:25:43:13:09:fc:eb:dc:13:f0:5d:57:32:c6:6a:
7a:66:1d:51:d8:e9:a9:94:b9:1c:a4:d7:10:fb:dd:
00:bd:71:26:be:1d:cf:7b:2e:51:01:5a:c6:5c:56:
99:bb:10:09:eb:45:c0:2b:3d:fc:53:c4:6c:b9:ab:
5c:03:88:38:0f:5e:25:87:bc:48:13:1d:00:12:2e:
07:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:0E:33:90:8D:77:EF:97:FB:F6:14:95:1C:C1:32:21:16:35:50:A3
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135362e36372e3130342e302f32332d3332203d3e20313431393935.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
156.67.104.0/23
Signature Algorithm: sha256WithRSAEncryption
09:a8:f8:b7:e0:a9:1e:4e:39:ee:35:00:82:89:9d:82:e1:d5:
e9:5b:fd:3d:ca:15:aa:4c:1c:d5:a4:6c:7f:9a:bc:47:27:bb:
5c:d9:76:ad:f8:d9:b4:71:ff:63:c1:78:1e:54:83:4c:5f:70:
70:f1:f8:9a:7c:99:30:2e:6d:a9:14:83:7e:f1:38:88:11:03:
9d:49:97:d5:1f:2e:8d:2e:88:a3:ad:7a:2e:78:09:f6:11:c7:
c2:63:a6:75:5a:a0:12:aa:bc:41:f7:fd:27:f1:11:ce:0c:dd:
ce:2d:37:c8:9e:45:5b:89:60:a5:98:9e:a6:c2:8b:f2:e7:ca:
4c:5c:97:83:78:68:5e:4e:07:eb:f1:ce:78:fb:56:e2:0e:f3:
5f:ec:af:02:81:df:5f:d2:95:dc:92:1b:03:b3:1e:0b:3d:c1:
aa:3b:00:e0:fe:73:b7:13:3c:21:00:f5:a3:4d:c6:45:87:12:
0b:65:18:9e:b1:bf:05:d3:b6:67:05:0f:f2:a0:b8:d3:ea:4f:
fe:d1:13:bd:4c:59:84:6f:74:d9:7c:bc:9c:2e:5e:9b:9a:f3:
a2:b6:a3:5c:fb:5e:3e:54:2e:3d:7b:0c:77:19:20:54:0e:c5:
2d:cd:c9:42:80:9e:9b:44:7e:96:03:ca:5f:a5:7f:fa:ef:0d:
b7:47:25:84
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUC/lF2IsmcoVMqQspFzNo/aZwmHUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDA2MTAxMDU3MThaFw0yNTA2MDkxMTAyMThaMDMxMTAvBgNV
BAMTKEU2MEUzMzkwOEQ3N0VGOTdGQkY2MTQ5NTFDQzEzMjIxMTYzNTUwQTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDRFlRvBRLvxB4tqkV2OuqgBbN9
sf9jaNQB5IoEBlTaDEGLACNsZpQN9EGMKs3Pf0N0DLfmD/GvuIGA0aBaas5+Bu0F
6IdmeC8Ubc55gcisfy9iebFTzO8iH5HRvuJnXG5RmIsT7Hx14J6I5b9qSspyM4D/
Cs4lIuJAqzjJo0ng9tvmJbnPT2UeCmDdSKM0jDvitR1wFGFgx+eYLT/41+jeXmGF
ecvrfTQ//y0NVmzjxXgBpc4lQxMJ/OvcE/BdVzLGanpmHVHY6amUuRyk1xD73QC9
cSa+Hc97LlEBWsZcVpm7EAnrRcArPfxTxGy5q1wDiDgPXiWHvEgTHQASLgfrAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU5g4zkI1375f79hSVHMEyIRY1UKMwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNTM2MmUzNjM3MmUzMTMw
MzQyZTMwMmYzMjMzMmQzMzMyMjAzZDNlMjAzMTM0MzEzOTM5MzUucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAGcQ2gwDQYJKoZIhvcNAQELBQADggEBAAmo+LfgqR5OOe41AIKJnYLh1elb/T3K
FapMHNWkbH+avEcnu1zZdq342bRx/2PBeB5Ug0xfcHDx+Jp8mTAubakUg37xOIgR
A51Jl9UfLo0uiKOtei54CfYRx8JjpnVaoBKqvEH3/SfxEc4M3c4tN8ieRVuJYKWY
nqbCi/Lnykxcl4N4aF5OB+vxznj7VuIO81/srwKB31/SldySGwOzHgs9wao7AOD+
c7cTPCEA9aNNxkWHEgtlGJ6xvwXTtmcFD/KguNPqT/7RE71MWYRvdNl8vJwuXpua
86K2o1z7Xj5ULj17DHcZIFQOxS3NyUKAnptEfpYDyl+lf/rvDbdHJYQ=
-----END CERTIFICATE-----
Generated at Mon Nov 25 03:42:55 2024 by rpki-client on console-fra.rpki-client.org