Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135362e36372e3130392e302f32342d3234203d3e20313336373837.roa
File: 3135362e36372e3130392e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: JixPYkEcumR0vktMhc1LSgo9va4m7YHPRy/K/iVBElY=
Subject key identifier: A1:B0:8E:86:04:F3:35:CE:7C:21:EA:73:ED:4B:36:DA:40:2B:75:5A
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 2F2B7E7EAFC4DBBAE22F7746262FB0FA87B79ED9
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135362e36372e3130392e302f32342d3234203d3e20313336373837.roa
Signing time: Sun 26 Nov 2023 19:49:24 +0000
ROA not before: Sun 26 Nov 2023 19:44:24 +0000
ROA not after: Sun 24 Nov 2024 19:49:24 +0000
asID: 136787
IP address blocks: 156.67.109.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2f:2b:7e:7e:af:c4:db:ba:e2:2f:77:46:26:2f:b0:fa:87:b7:9e:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Nov 26 19:44:24 2023 GMT
Not After : Nov 24 19:49:24 2024 GMT
Subject: CN=A1B08E8604F335CE7C21EA73ED4B36DA402B755A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:92:e3:89:64:9f:12:21:4b:63:a3:f8:8f:97:
20:09:b6:bc:41:b2:6d:85:d5:98:19:40:9c:f6:50:
c2:ca:49:3a:c1:df:3e:bc:e9:26:90:c4:d2:90:f6:
7f:ab:cc:09:a4:35:5f:0f:cd:db:3d:86:6e:95:01:
1a:9c:19:f8:3f:a5:f9:d0:e9:a3:60:dc:0d:08:0f:
5b:b7:6e:b3:41:02:23:ad:83:a5:7d:51:10:51:b3:
8e:4f:39:40:3f:e1:be:d1:bc:e2:d5:91:a0:6c:4f:
63:71:76:47:7a:22:81:9e:a8:16:3d:89:51:0f:87:
a5:82:dc:69:ca:0f:d6:71:a2:01:b0:f6:6e:f1:74:
da:2d:5b:5d:1f:5f:61:b6:c8:6c:37:e7:8e:72:e6:
5d:f7:7c:9a:95:4e:b9:19:f3:08:11:30:83:61:f4:
87:3b:78:7a:e5:c1:66:93:59:b4:ca:cf:77:76:30:
88:8e:e9:26:00:33:7c:5b:6d:ab:86:d7:67:7a:6c:
a9:6c:98:7e:c7:9d:4b:87:27:f9:08:20:0c:09:c5:
8b:21:b4:0f:38:df:10:12:35:23:cf:cc:bf:c5:c6:
53:a2:eb:bd:8b:64:cc:bd:b3:e5:7c:10:0e:af:46:
8d:94:13:7c:9c:1d:8d:05:2f:4d:6a:93:36:0e:d1:
aa:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:B0:8E:86:04:F3:35:CE:7C:21:EA:73:ED:4B:36:DA:40:2B:75:5A
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135362e36372e3130392e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
156.67.109.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:87:3c:47:c1:93:b0:3b:9a:77:12:37:17:83:c7:4b:81:9c:
59:62:60:c4:43:1e:14:77:fa:9f:b8:e3:63:d7:95:01:f2:f6:
94:9d:25:84:02:9c:7f:03:28:81:38:30:44:d9:a1:57:d2:65:
22:b1:a4:8a:88:97:56:ad:cb:46:19:13:5f:8d:96:b0:e6:08:
e5:c5:4b:bb:aa:93:2c:8e:ba:26:b2:1e:75:b4:23:f1:6d:5d:
9e:31:47:5e:52:0d:23:6c:56:40:7d:e4:ee:99:44:f7:c3:45:
9c:d7:54:15:57:90:e6:5d:9c:40:58:6b:e7:ac:a8:d9:97:c8:
d1:de:a5:06:22:5a:c8:03:c4:06:d7:a8:8e:ee:bc:0d:9a:2d:
46:8b:eb:87:86:83:bf:16:0c:fe:3d:94:f0:23:4b:7d:9e:df:
d2:44:bf:da:6f:d8:a3:10:d2:46:56:0e:2d:0d:a3:82:6a:b8:
09:95:69:2a:97:db:43:19:b5:e5:53:ce:16:54:81:9b:c6:d7:
87:69:72:37:12:ae:80:cb:69:59:8d:f2:81:67:2e:71:ca:41:
d1:91:4f:51:f3:04:a3:ec:7e:89:c8:5b:0a:70:9e:06:4d:a2:
c5:b6:9a:94:d9:b3:63:59:c2:97:d1:a3:37:37:03:ee:ae:a4:
a8:7b:f2:20
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIULyt+fq/E27riL3dGJi+w+oe3ntkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yMzExMjYxOTQ0MjRaFw0yNDExMjQxOTQ5MjRaMDMxMTAvBgNV
BAMTKEExQjA4RTg2MDRGMzM1Q0U3QzIxRUE3M0VENEIzNkRBNDAyQjc1NUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMkuOJZJ8SIUtjo/iPlyAJtrxB
sm2F1ZgZQJz2UMLKSTrB3z686SaQxNKQ9n+rzAmkNV8Pzds9hm6VARqcGfg/pfnQ
6aNg3A0ID1u3brNBAiOtg6V9URBRs45POUA/4b7RvOLVkaBsT2Nxdkd6IoGeqBY9
iVEPh6WC3GnKD9ZxogGw9m7xdNotW10fX2G2yGw3545y5l33fJqVTrkZ8wgRMINh
9Ic7eHrlwWaTWbTKz3d2MIiO6SYAM3xbbauG12d6bKlsmH7HnUuHJ/kIIAwJxYsh
tA843xASNSPPzL/FxlOi672LZMy9s+V8EA6vRo2UE3ycHY0FL01qkzYO0aofAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUobCOhgTzNc58Iepz7Us22kArdVowHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNTM2MmUzNjM3MmUzMTMw
MzkyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACcQ20wDQYJKoZIhvcNAQELBQADggEBABuHPEfBk7A7mncSNxeDx0uBnFliYMRD
HhR3+p+442PXlQHy9pSdJYQCnH8DKIE4METZoVfSZSKxpIqIl1aty0YZE1+NlrDm
COXFS7uqkyyOuiayHnW0I/FtXZ4xR15SDSNsVkB95O6ZRPfDRZzXVBVXkOZdnEBY
a+esqNmXyNHepQYiWsgDxAbXqI7uvA2aLUaL64eGg78WDP49lPAjS32e39JEv9pv
2KMQ0kZWDi0No4JquAmVaSqX20MZteVTzhZUgZvG14dpcjcSroDLaVmN8oFnLnHK
QdGRT1HzBKPsfonIWwpwngZNosW2mpTZs2NZwpfRozc3A+6upKh78iA=
-----END CERTIFICATE-----
Generated at Wed May 8 11:32:58 2024 by rpki-client on console-ams.rpki-client.org