Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135362e36372e3130382e302f32342d3234203d3e20313336373837.roa
File: 3135362e36372e3130382e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: szxVcoJYK8lE2TcsI+Ub7Clx7Y5yXZPtjzLBXbGyP6I=
Subject key identifier: 43:6E:9B:12:EC:6C:55:AC:C5:38:F9:1A:7B:F4:7B:51:83:F0:A0:7F
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 572DD92340648ED448B09AD7DEDB12AB2382746B
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135362e36372e3130382e302f32342d3234203d3e20313336373837.roa
Signing time: Sun 26 Nov 2023 19:49:20 +0000
ROA not before: Sun 26 Nov 2023 19:44:20 +0000
ROA not after: Sun 24 Nov 2024 19:49:20 +0000
asID: 136787
IP address blocks: 156.67.108.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 08 May 2024 14:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
57:2d:d9:23:40:64:8e:d4:48:b0:9a:d7:de:db:12:ab:23:82:74:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Nov 26 19:44:20 2023 GMT
Not After : Nov 24 19:49:20 2024 GMT
Subject: CN=436E9B12EC6C55ACC538F91A7BF47B5183F0A07F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:6a:76:1d:78:4c:d4:4b:79:b4:e9:15:17:f2:
d0:a1:74:1f:fa:59:3a:d9:b3:d5:dd:77:57:79:b9:
38:36:12:69:e9:4d:f2:20:73:b3:86:65:a1:f9:30:
00:3a:5b:19:c6:4f:98:97:27:d3:c3:c4:86:bd:51:
1e:e2:8e:af:e4:c5:89:8e:c4:33:dc:ba:78:21:9e:
5f:73:3c:93:76:a9:2b:2d:c8:ec:85:28:b4:ea:1b:
48:62:a9:7b:28:c0:ac:bf:e9:78:eb:94:62:be:7a:
19:99:99:3d:0a:05:68:37:e4:28:9a:7d:c5:a0:86:
5d:1e:97:e1:89:ca:bc:bd:1c:56:4d:89:9f:3d:02:
37:c7:da:08:b7:b8:a7:4f:f6:16:09:c0:31:bd:23:
c1:1a:b9:3d:42:2b:c5:3f:bf:3a:0a:c9:5d:e6:e6:
3c:61:9c:b0:40:3f:a4:54:87:38:1d:9f:88:f8:07:
a8:a9:54:31:23:7a:47:8d:14:74:b9:20:57:3f:cb:
db:c4:a6:84:74:de:5d:de:97:be:52:f1:1c:06:a8:
28:ee:d6:a0:1d:ba:0f:e9:54:1e:0c:c7:a2:53:2c:
1b:6f:71:f0:14:27:12:5b:69:22:e1:a5:71:0d:39:
62:77:16:c7:25:23:af:85:70:2e:15:60:97:2f:ba:
47:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:6E:9B:12:EC:6C:55:AC:C5:38:F9:1A:7B:F4:7B:51:83:F0:A0:7F
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135362e36372e3130382e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
156.67.108.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:d4:2e:55:a0:0b:93:04:73:59:fa:82:b8:ae:1d:19:4e:4f:
54:15:6f:cb:38:cb:13:34:21:6a:e6:b3:39:02:68:2b:66:df:
e3:2f:09:b5:0f:c1:5c:88:d0:43:1f:b8:8a:07:26:fc:fb:75:
95:4e:32:36:47:96:81:61:d5:23:5b:50:67:b6:0e:61:54:34:
a9:33:d4:81:bb:77:f4:e2:ae:8c:ae:04:a0:06:eb:ff:f7:d0:
3a:03:c8:03:8a:02:b4:a1:5d:8c:e6:94:56:3f:ac:7a:38:8d:
c2:b2:a7:32:33:b9:cf:1c:03:2d:ad:5a:65:89:98:88:60:2c:
d9:24:b5:c5:d6:55:d2:fe:9d:94:ec:b2:fa:e7:22:90:aa:08:
2e:27:2d:ae:87:e4:45:cc:39:ae:49:2d:ec:95:10:0d:e6:5b:
d0:17:23:a3:a0:e9:dd:97:07:4d:76:7c:44:d2:61:b7:03:cd:
0e:e7:a5:56:d1:ce:5b:94:f4:32:21:6e:2b:c8:cf:1f:ba:4e:
45:80:79:d7:ec:69:e3:d8:a2:39:5f:d0:a6:a0:69:7e:7b:24:
0d:b2:66:1b:f8:3a:c3:0b:9b:6e:65:af:2e:02:2c:84:eb:e4:
2c:04:20:d1:f8:f4:b3:a3:2a:46:58:fd:cb:f6:f3:c9:85:f8:
9c:f1:fa:3b
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUVy3ZI0BkjtRIsJrX3tsSqyOCdGswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yMzExMjYxOTQ0MjBaFw0yNDExMjQxOTQ5MjBaMDMxMTAvBgNV
BAMTKDQzNkU5QjEyRUM2QzU1QUNDNTM4RjkxQTdCRjQ3QjUxODNGMEEwN0YwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC+anYdeEzUS3m06RUX8tChdB/6
WTrZs9Xdd1d5uTg2EmnpTfIgc7OGZaH5MAA6WxnGT5iXJ9PDxIa9UR7ijq/kxYmO
xDPcunghnl9zPJN2qSstyOyFKLTqG0hiqXsowKy/6XjrlGK+ehmZmT0KBWg35Cia
fcWghl0el+GJyry9HFZNiZ89AjfH2gi3uKdP9hYJwDG9I8EauT1CK8U/vzoKyV3m
5jxhnLBAP6RUhzgdn4j4B6ipVDEjekeNFHS5IFc/y9vEpoR03l3el75S8RwGqCju
1qAdug/pVB4Mx6JTLBtvcfAUJxJbaSLhpXENOWJ3FsclI6+FcC4VYJcvukdDAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUQ26bEuxsVazFOPkae/R7UYPwoH8wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNTM2MmUzNjM3MmUzMTMw
MzgyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACcQ2wwDQYJKoZIhvcNAQELBQADggEBACvULlWgC5MEc1n6griuHRlOT1QVb8s4
yxM0IWrmszkCaCtm3+MvCbUPwVyI0EMfuIoHJvz7dZVOMjZHloFh1SNbUGe2DmFU
NKkz1IG7d/TiroyuBKAG6//30DoDyAOKArShXYzmlFY/rHo4jcKypzIzuc8cAy2t
WmWJmIhgLNkktcXWVdL+nZTssvrnIpCqCC4nLa6H5EXMOa5JLeyVEA3mW9AXI6Og
6d2XB012fETSYbcDzQ7npVbRzluU9DIhbivIzx+6TkWAedfsaePYojlf0KagaX57
JA2yZhv4OsMLm25lry4CLITr5CwEINH49LOjKkZY/cv288mF+Jzx+js=
-----END CERTIFICATE-----
Generated at Tue May 7 21:49:14 2024 by rpki-client on console-ams.rpki-client.org