Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135362e36372e3130362e302f32342d3234203d3e20313336373837.roa
File: 3135362e36372e3130362e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: QOYAdJJbfE32meDMUgJvf2BIN5B/Zm7sD9xeq77xvew=
Subject key identifier: 0C:25:59:5D:16:D5:FE:0F:1B:80:85:ED:96:4F:9E:AA:53:AD:72:DF
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 47174DC56F78827F1A5DC57872A8DCC1B949D398
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135362e36372e3130362e302f32342d3234203d3e20313336373837.roa
Signing time: Sat 02 Mar 2024 21:54:16 +0000
ROA not before: Sat 02 Mar 2024 21:49:16 +0000
ROA not after: Sat 01 Mar 2025 21:54:16 +0000
asID: 136787
IP address blocks: 156.67.106.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:17:4d:c5:6f:78:82:7f:1a:5d:c5:78:72:a8:dc:c1:b9:49:d3:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Mar 2 21:49:16 2024 GMT
Not After : Mar 1 21:54:16 2025 GMT
Subject: CN=0C25595D16D5FE0F1B8085ED964F9EAA53AD72DF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:11:f2:2c:b0:22:3c:12:e7:cf:ec:2c:09:a8:
12:b9:f2:d3:83:06:85:a7:c4:44:1a:40:1c:e3:17:
46:b6:13:c1:54:5e:9d:01:55:14:6f:28:62:24:0a:
c6:2f:2a:38:97:31:d3:34:b7:c9:8e:54:6a:5e:2e:
a4:60:1b:83:f4:10:02:2c:d8:f5:9b:1e:3e:9d:bf:
59:28:9b:40:b2:00:53:67:a6:56:e2:56:41:0f:6f:
65:bd:74:ed:26:47:da:74:06:f8:18:a3:f7:7f:a5:
01:3c:2c:ea:33:99:79:1b:b4:0d:c5:27:a5:99:61:
79:a3:5f:4c:71:18:07:2a:68:44:92:e4:31:84:1d:
da:81:86:d6:b8:66:59:57:a2:86:6b:7a:36:80:05:
2b:19:bf:76:6f:ba:48:fb:0b:c4:78:19:4a:c6:42:
88:7b:63:ff:32:ac:ff:60:c3:53:c9:ce:35:14:83:
02:6d:7f:df:af:fc:13:d6:f3:ff:95:59:9b:c1:ae:
39:a2:40:ad:10:e9:bd:72:20:1f:44:54:df:a7:f8:
75:2f:81:98:6b:d0:4d:9a:79:ba:db:f0:7c:17:d6:
d7:a0:5a:64:b9:2d:33:17:a2:0b:4d:0f:49:6f:6c:
e1:7c:c1:0f:0f:69:42:5b:11:85:88:e1:7a:fb:0f:
91:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:25:59:5D:16:D5:FE:0F:1B:80:85:ED:96:4F:9E:AA:53:AD:72:DF
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135362e36372e3130362e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
156.67.106.0/24
Signature Algorithm: sha256WithRSAEncryption
89:5c:7d:f5:ee:82:aa:28:fa:fa:b4:33:f9:6e:24:1e:27:dc:
d0:3a:75:4b:71:87:e6:a3:26:a1:e1:b0:bf:c3:56:b1:be:58:
02:fc:fa:23:99:36:c6:f9:73:fb:d5:2b:20:30:5c:b5:09:a6:
99:39:3b:c7:76:04:23:76:f0:eb:da:18:c0:db:69:22:b0:82:
bd:5f:06:de:dd:44:93:33:e8:ea:ce:5c:e5:e5:54:0e:c0:b5:
15:ad:74:8b:ce:43:90:56:31:9d:a4:c2:eb:aa:2c:cc:8e:b6:
25:84:a1:8e:c3:ef:74:c0:e1:ed:f4:82:44:b8:65:4a:3b:d2:
fa:2e:de:cd:b9:21:11:ff:b6:24:f6:d5:0a:0e:7e:e1:a7:8c:
d4:71:8c:f8:2a:59:46:cd:e4:a0:d0:0e:fd:5c:b6:04:a8:5b:
3f:61:89:6c:f7:9c:33:c0:9e:ef:15:2f:f5:fa:14:8d:b5:d2:
1b:3d:96:1d:fc:78:ed:fe:0a:a8:5d:6d:7f:8d:a7:04:3a:df:
f8:21:7a:00:5c:9c:cb:6d:c5:fc:17:f0:d8:a9:f3:96:d9:8b:
35:20:34:07:a9:cf:8a:7a:94:9a:86:70:46:1b:68:95:e8:c9:
5b:c1:33:59:26:3b:c1:97:cd:f4:67:87:76:cb:cd:50:34:56:
48:4d:5b:fa
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIURxdNxW94gn8aXcV4cqjcwblJ05gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDAzMDIyMTQ5MTZaFw0yNTAzMDEyMTU0MTZaMDMxMTAvBgNV
BAMTKDBDMjU1OTVEMTZENUZFMEYxQjgwODVFRDk2NEY5RUFBNTNBRDcyREYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDSEfIssCI8EufP7CwJqBK58tOD
BoWnxEQaQBzjF0a2E8FUXp0BVRRvKGIkCsYvKjiXMdM0t8mOVGpeLqRgG4P0EAIs
2PWbHj6dv1kom0CyAFNnplbiVkEPb2W9dO0mR9p0BvgYo/d/pQE8LOozmXkbtA3F
J6WZYXmjX0xxGAcqaESS5DGEHdqBhta4ZllXooZrejaABSsZv3Zvukj7C8R4GUrG
Qoh7Y/8yrP9gw1PJzjUUgwJtf9+v/BPW8/+VWZvBrjmiQK0Q6b1yIB9EVN+n+HUv
gZhr0E2aebrb8HwX1tegWmS5LTMXogtND0lvbOF8wQ8PaUJbEYWI4Xr7D5GTAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUDCVZXRbV/g8bgIXtlk+eqlOtct8wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNTM2MmUzNjM3MmUzMTMw
MzYyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACcQ2owDQYJKoZIhvcNAQELBQADggEBAIlcffXugqoo+vq0M/luJB4n3NA6dUtx
h+ajJqHhsL/DVrG+WAL8+iOZNsb5c/vVKyAwXLUJppk5O8d2BCN28OvaGMDbaSKw
gr1fBt7dRJMz6OrOXOXlVA7AtRWtdIvOQ5BWMZ2kwuuqLMyOtiWEoY7D73TA4e30
gkS4ZUo70vou3s25IRH/tiT21QoOfuGnjNRxjPgqWUbN5KDQDv1ctgSoWz9hiWz3
nDPAnu8VL/X6FI210hs9lh38eO3+CqhdbX+NpwQ63/ghegBcnMttxfwX8Nip85bZ
izUgNAepz4p6lJqGcEYbaJXoyVvBM1kmO8GXzfRnh3bLzVA0VkhNW/o=
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:07:02 2024 by rpki-client on console-fra.rpki-client.org