Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135362e36372e3130362e302f32342d3234203d3e20313336373837.roa
File: 3135362e36372e3130362e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: ILmVCRZIvPvU/b1vipYhpHK3YUuyXGsp9n8rqXWWBYY=
Subject key identifier: D3:87:F7:29:E9:31:DF:19:5B:00:A3:3A:69:EE:80:DF:9D:1E:88:C8
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 4C8905636F6871EC5624713123078F03A5028D4D
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135362e36372e3130362e302f32342d3234203d3e20313336373837.roa
Signing time: Sat 01 Feb 2025 22:45:37 +0000
ROA not before: Sat 01 Feb 2025 22:40:37 +0000
ROA not after: Sat 31 Jan 2026 22:45:37 +0000
asID: 136787
IP address blocks: 156.67.106.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 13:10:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4c:89:05:63:6f:68:71:ec:56:24:71:31:23:07:8f:03:a5:02:8d:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Feb 1 22:40:37 2025 GMT
Not After : Jan 31 22:45:37 2026 GMT
Subject: CN=D387F729E931DF195B00A33A69EE80DF9D1E88C8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:87:5e:fc:2a:06:0f:74:f0:fe:b8:0a:6e:84:
1f:66:21:e4:82:ea:98:b0:cc:b5:8b:04:11:07:22:
26:3d:95:1d:75:3c:10:f6:fc:a7:77:c3:e6:1d:cd:
10:52:da:b6:74:d2:fc:8d:34:12:47:fa:51:a4:40:
76:8c:64:c0:93:fb:11:da:f6:74:c2:6b:de:2a:c9:
c6:5a:3c:39:df:bc:a8:20:a5:75:54:63:f5:7d:bf:
f2:34:95:5c:6a:9b:6d:78:bf:e4:88:76:f4:c3:83:
8c:6e:73:a2:2e:e2:d6:bd:a3:c7:17:dd:85:2c:a6:
0a:ff:45:34:cc:fa:b9:bf:b8:a7:96:41:f0:a2:b9:
01:86:5e:d4:e0:13:fe:b4:5c:88:51:f9:aa:6c:89:
a3:7c:f0:30:a3:80:03:9a:7d:79:ef:f9:a4:b1:90:
0f:2b:e3:d2:03:0c:80:9b:34:f4:ba:f6:13:fb:15:
3c:f3:58:08:3f:25:b8:fe:7d:ce:ce:1f:b7:b1:08:
01:ab:f2:97:8f:b2:7a:50:5f:0a:f6:16:35:22:e3:
a3:38:90:d3:af:58:9a:8d:71:f0:27:34:8a:04:31:
df:06:8b:7a:ca:4e:3a:1a:21:4d:36:95:59:72:61:
a3:81:70:7c:2f:75:64:41:a9:98:9e:1c:38:2a:f5:
8a:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:87:F7:29:E9:31:DF:19:5B:00:A3:3A:69:EE:80:DF:9D:1E:88:C8
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135362e36372e3130362e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
156.67.106.0/24
Signature Algorithm: sha256WithRSAEncryption
20:70:e7:8d:70:b4:97:d2:71:af:fd:4e:f7:b3:ad:04:6b:43:
1c:9e:2c:04:70:a9:fb:28:b1:54:09:00:4f:54:c9:ed:97:b6:
25:3c:27:6e:43:3d:04:aa:7f:b9:51:da:ee:66:de:cb:37:fb:
db:c7:5c:14:c5:a7:ea:98:14:21:49:e3:32:ed:22:1e:a6:5e:
6d:93:86:5a:de:39:15:35:38:09:56:83:61:78:63:69:1a:a1:
43:c0:35:f9:2a:55:cb:48:b9:52:7c:b0:4c:29:4c:4f:50:7e:
84:9e:95:3d:c3:1f:ad:dd:5c:ba:10:df:b4:70:df:98:2d:cd:
86:3a:af:39:15:fc:85:c4:28:bf:c1:e5:9f:78:2c:a3:ba:75:
86:c4:df:4f:3f:36:49:c5:a6:cf:4b:08:49:63:17:98:c2:03:
99:8c:48:3f:1f:b9:3c:2a:5c:38:f0:f5:4d:99:b4:c1:83:8f:
9d:b6:b6:76:7d:3e:d4:7d:08:08:9a:2d:96:0f:e1:90:d9:e0:
02:47:2b:90:65:6c:ae:5e:34:8a:b5:81:a3:af:c4:38:af:bb:
f0:2a:f3:46:31:c8:9d:05:ce:5d:8a:4b:0b:41:1f:a3:df:21:
d2:e8:54:a2:90:be:b8:a9:cd:ea:1a:e2:35:0c:2c:af:ae:d9:
f6:f6:da:d2
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUTIkFY29ocexWJHExIwePA6UCjU0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTAyMDEyMjQwMzdaFw0yNjAxMzEyMjQ1MzdaMDMxMTAvBgNV
BAMTKEQzODdGNzI5RTkzMURGMTk1QjAwQTMzQTY5RUU4MERGOUQxRTg4QzgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCgh178KgYPdPD+uApuhB9mIeSC
6piwzLWLBBEHIiY9lR11PBD2/Kd3w+YdzRBS2rZ00vyNNBJH+lGkQHaMZMCT+xHa
9nTCa94qycZaPDnfvKggpXVUY/V9v/I0lVxqm214v+SIdvTDg4xuc6Iu4ta9o8cX
3YUspgr/RTTM+rm/uKeWQfCiuQGGXtTgE/60XIhR+apsiaN88DCjgAOafXnv+aSx
kA8r49IDDICbNPS69hP7FTzzWAg/Jbj+fc7OH7exCAGr8pePsnpQXwr2FjUi46M4
kNOvWJqNcfAnNIoEMd8Gi3rKTjoaIU02lVlyYaOBcHwvdWRBqZieHDgq9YqjAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU04f3Kekx3xlbAKM6ae6A350eiMgwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNTM2MmUzNjM3MmUzMTMw
MzYyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACcQ2owDQYJKoZIhvcNAQELBQADggEBACBw541wtJfSca/9TvezrQRrQxyeLARw
qfsosVQJAE9Uye2XtiU8J25DPQSqf7lR2u5m3ss3+9vHXBTFp+qYFCFJ4zLtIh6m
Xm2ThlreORU1OAlWg2F4Y2kaoUPANfkqVctIuVJ8sEwpTE9QfoSelT3DH63dXLoQ
37Rw35gtzYY6rzkV/IXEKL/B5Z94LKO6dYbE308/NknFps9LCEljF5jCA5mMSD8f
uTwqXDjw9U2ZtMGDj522tnZ9PtR9CAiaLZYP4ZDZ4AJHK5BlbK5eNIq1gaOvxDiv
u/Aq80YxyJ0Fzl2KSwtBH6PfIdLoVKKQvripzeoa4jUMLK+u2fb22tI=
-----END CERTIFICATE-----
Generated at Sun Apr 6 03:33:38 2025 by rpki-client