Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135362e36372e3130392e302f32342d3234203d3e20313336373837.roa
File: 3135362e36372e3130392e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: kcsRDFrJpDllrqnKtw2mx8nfQSDPlX5mhlGZLl9vPwQ=
Subject key identifier: FB:E7:97:4E:21:27:3F:D8:6C:81:C1:15:10:B5:2F:83:20:F4:3B:89
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 3CDFC7663036D37C0AE2F13EE6DAA9F300DB07B1
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135362e36372e3130392e302f32342d3234203d3e20313336373837.roa
Signing time: Sun 27 Oct 2024 20:05:20 +0000
ROA not before: Sun 27 Oct 2024 20:00:20 +0000
ROA not after: Sun 26 Oct 2025 20:05:20 +0000
asID: 136787
IP address blocks: 156.67.109.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3c:df:c7:66:30:36:d3:7c:0a:e2:f1:3e:e6:da:a9:f3:00:db:07:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Oct 27 20:00:20 2024 GMT
Not After : Oct 26 20:05:20 2025 GMT
Subject: CN=FBE7974E21273FD86C81C11510B52F8320F43B89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:00:fb:6a:f9:7f:3f:7c:31:e1:61:61:3e:0f:
a1:e9:41:a5:1f:2d:81:5c:20:f0:a0:47:a7:28:31:
74:42:7d:5e:1c:90:73:a4:e4:29:14:31:91:b5:54:
e4:ab:83:05:e8:97:65:c5:eb:80:9d:88:3a:83:e2:
f0:e3:4e:5f:64:6f:93:41:32:91:03:a0:9f:41:b6:
0f:af:6a:65:76:50:df:d5:76:0b:cd:f3:10:1e:54:
ab:e2:e5:5e:2f:7d:15:4f:26:4d:87:47:dd:f3:b2:
c1:99:cf:f2:6f:5e:7c:b3:b7:b4:5d:87:e6:05:54:
3c:9a:a4:17:7b:3e:ab:71:f7:a1:44:df:2d:86:6d:
f8:b0:e9:d6:25:d0:b3:d1:bf:6b:9b:a4:a6:a9:c3:
c2:03:f2:77:b4:20:65:b3:f4:f5:15:20:79:f8:8d:
cd:b0:32:f5:31:e1:c4:e0:39:da:c1:6f:77:c6:23:
39:c8:ba:2e:b9:71:f9:28:d2:98:b7:f6:01:61:53:
ec:3d:b0:be:92:a3:55:48:6e:f5:ea:00:86:29:d0:
08:1e:31:b9:ba:bf:3f:1a:8f:f8:e3:b6:87:67:49:
25:0b:76:14:1e:be:ef:10:ed:60:24:b1:55:b2:1b:
61:77:3d:43:7a:bc:22:fd:62:2e:3e:4e:88:58:f7:
1b:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:E7:97:4E:21:27:3F:D8:6C:81:C1:15:10:B5:2F:83:20:F4:3B:89
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135362e36372e3130392e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
156.67.109.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:ed:35:c3:fa:3f:5b:6f:d3:b4:f1:2d:80:64:49:71:ef:1a:
8e:a6:0d:bf:a2:b5:b7:25:5c:c6:26:88:c9:15:57:30:13:1a:
ef:ab:79:3a:51:42:9b:2c:b7:d5:c1:eb:9b:0e:62:87:d4:66:
5a:65:3e:76:d6:2e:4d:22:8f:bf:1e:73:2f:a2:9a:eb:e2:88:
1d:f6:c9:78:00:28:6a:b0:3d:38:2b:92:66:ed:87:93:70:c7:
9c:e6:ce:65:f1:db:d6:8d:76:ef:9e:0b:77:f4:d5:58:04:a8:
c5:e4:b2:24:3b:4a:f4:a5:e6:3c:a1:0b:3d:86:19:04:fe:dc:
63:35:38:f9:d1:ec:5f:66:2f:46:db:86:73:df:3a:74:6d:43:
2a:0f:51:b9:fa:8e:3b:d9:2c:89:dd:bc:5c:05:1e:86:7a:88:
ce:2b:76:de:36:66:57:d1:c9:a3:8a:30:ba:a2:2c:0e:d0:68:
b0:2b:0f:4b:43:b0:3a:42:82:0b:e9:23:10:d9:0f:80:ea:e2:
58:8e:c2:d3:e9:e9:2c:2f:de:82:de:60:1e:85:e6:07:a3:79:
73:2c:a6:1a:47:00:9c:32:c9:0d:6b:76:1a:3d:bc:66:ce:51:
cc:18:4d:7e:b7:20:7b:9e:45:65:df:8c:89:a0:d5:42:a7:b2:
de:5a:28:8d
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUPN/HZjA203wK4vE+5tqp8wDbB7EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDEwMjcyMDAwMjBaFw0yNTEwMjYyMDA1MjBaMDMxMTAvBgNV
BAMTKEZCRTc5NzRFMjEyNzNGRDg2QzgxQzExNTEwQjUyRjgzMjBGNDNCODkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0APtq+X8/fDHhYWE+D6HpQaUf
LYFcIPCgR6coMXRCfV4ckHOk5CkUMZG1VOSrgwXol2XF64CdiDqD4vDjTl9kb5NB
MpEDoJ9Btg+vamV2UN/VdgvN8xAeVKvi5V4vfRVPJk2HR93zssGZz/JvXnyzt7Rd
h+YFVDyapBd7Pqtx96FE3y2Gbfiw6dYl0LPRv2ubpKapw8ID8ne0IGWz9PUVIHn4
jc2wMvUx4cTgOdrBb3fGIznIui65cfko0pi39gFhU+w9sL6So1VIbvXqAIYp0Age
Mbm6vz8aj/jjtodnSSULdhQevu8Q7WAksVWyG2F3PUN6vCL9Yi4+TohY9xsFAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU++eXTiEnP9hsgcEVELUvgyD0O4kwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNTM2MmUzNjM3MmUzMTMw
MzkyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACcQ20wDQYJKoZIhvcNAQELBQADggEBACrtNcP6P1tv07TxLYBkSXHvGo6mDb+i
tbclXMYmiMkVVzATGu+reTpRQpsst9XB65sOYofUZlplPnbWLk0ij78ecy+imuvi
iB32yXgAKGqwPTgrkmbth5Nwx5zmzmXx29aNdu+eC3f01VgEqMXksiQ7SvSl5jyh
Cz2GGQT+3GM1OPnR7F9mL0bbhnPfOnRtQyoPUbn6jjvZLIndvFwFHoZ6iM4rdt42
ZlfRyaOKMLqiLA7QaLArD0tDsDpCggvpIxDZD4Dq4liOwtPp6Swv3oLeYB6F5gej
eXMsphpHAJwyyQ1rdho9vGbOUcwYTX63IHueRWXfjImg1UKnst5aKI0=
-----END CERTIFICATE-----
Generated at Mon Nov 25 03:42:55 2024 by rpki-client on console-fra.rpki-client.org