Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135362e36372e3131372e302f32342d3234203d3e20313336373837.roa
File: 3135362e36372e3131372e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: XY0DnXoZ10/z+JJchVVjhM2EMUb2YR9Hz8oLrix5FqQ=
Subject key identifier: 83:A3:42:BB:33:10:11:8A:39:1C:C7:F1:09:8B:7B:6D:46:51:0F:05
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 71417A7C485762BB8FB9609DBDB50EE05DF0DF51
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135362e36372e3131372e302f32342d3234203d3e20313336373837.roa
Signing time: Sun 27 Oct 2024 20:05:20 +0000
ROA not before: Sun 27 Oct 2024 20:00:20 +0000
ROA not after: Sun 26 Oct 2025 20:05:20 +0000
asID: 136787
IP address blocks: 156.67.117.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
71:41:7a:7c:48:57:62:bb:8f:b9:60:9d:bd:b5:0e:e0:5d:f0:df:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Oct 27 20:00:20 2024 GMT
Not After : Oct 26 20:05:20 2025 GMT
Subject: CN=83A342BB3310118A391CC7F1098B7B6D46510F05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:29:cb:a4:09:39:31:45:36:6a:e2:ed:a3:1c:
74:60:71:ec:20:8a:36:07:db:1c:c9:8a:29:79:79:
09:48:75:23:2e:e0:8d:5f:99:14:6f:f9:09:80:7c:
4f:f8:6a:58:c2:86:7b:b2:33:64:57:93:e7:33:e9:
41:a2:4b:59:cd:25:cf:21:17:30:ff:4c:93:1c:12:
c8:22:32:ac:3b:b9:39:77:2e:49:78:89:e2:97:d3:
dd:c2:93:80:2c:49:4a:c0:47:87:b1:06:bd:a5:da:
4d:d7:26:03:c1:37:11:40:61:a4:09:31:d3:6f:f1:
29:d7:84:9e:2c:c3:27:db:dc:5c:90:52:50:a3:a2:
9f:26:aa:9a:0f:57:86:04:96:57:e0:4d:1f:7f:40:
73:4d:91:1e:54:61:59:c7:63:e5:d3:57:e6:25:22:
54:ad:07:d9:b0:8f:8a:8d:7a:4f:48:52:6f:e2:27:
82:6e:7f:b1:74:53:c3:28:49:f9:0f:9c:d0:9a:80:
9b:6b:c4:a8:03:11:d0:0e:0a:c3:76:b8:d9:62:78:
d7:64:bd:91:5b:37:32:e5:f6:0c:c3:d4:78:1d:46:
95:bf:8c:5e:e5:4f:05:70:35:05:93:70:88:f5:73:
b9:f1:c4:e4:43:0b:d2:8e:fa:9e:3a:2d:3c:54:44:
29:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:A3:42:BB:33:10:11:8A:39:1C:C7:F1:09:8B:7B:6D:46:51:0F:05
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135362e36372e3131372e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
156.67.117.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:85:0a:46:83:0c:93:f4:36:ff:fa:b1:df:8e:80:b5:d1:97:
81:4a:6e:a1:fa:b1:c8:f5:ff:a5:d6:d3:8b:d0:5d:55:29:83:
c3:8c:47:07:04:0f:ef:89:01:8c:99:fa:af:b1:85:ad:4b:f4:
0d:d8:23:63:e0:ed:e1:4b:7d:26:97:c6:1d:58:ce:c0:df:7b:
79:74:06:9d:1d:6b:48:55:bf:95:44:28:ee:e0:5e:98:0e:bc:
1e:5d:9c:c5:bc:80:d8:60:90:42:4d:da:36:a2:bb:7c:b9:63:
69:02:f7:2b:87:d9:11:10:b4:01:1b:91:52:e5:a7:a4:8d:f6:
c3:b2:5d:cf:1d:85:12:27:c6:44:42:b9:bb:88:f5:97:27:5a:
09:c5:5c:c9:62:6f:e0:1c:b9:34:10:6c:26:e0:67:fb:2a:73:
73:6f:4f:dd:fd:88:95:2b:76:03:5e:17:4f:35:da:6e:79:eb:
4e:d5:ed:d6:59:7a:4e:2e:8b:9f:c7:ed:36:9d:f6:d5:b1:6e:
34:bc:6b:49:6c:6c:e0:1f:4c:17:6c:4b:34:71:3e:54:2b:89:
42:94:85:d1:fa:14:f4:44:ab:c9:81:33:cb:7c:b6:39:df:ce:
23:75:06:aa:c7:11:ef:b0:d2:6d:78:81:66:5e:c8:0d:91:f1:
cc:44:f6:6e
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUcUF6fEhXYruPuWCdvbUO4F3w31EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDEwMjcyMDAwMjBaFw0yNTEwMjYyMDA1MjBaMDMxMTAvBgNV
BAMTKDgzQTM0MkJCMzMxMDExOEEzOTFDQzdGMTA5OEI3QjZENDY1MTBGMDUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDAKcukCTkxRTZq4u2jHHRgcewg
ijYH2xzJiil5eQlIdSMu4I1fmRRv+QmAfE/4aljChnuyM2RXk+cz6UGiS1nNJc8h
FzD/TJMcEsgiMqw7uTl3Lkl4ieKX093Ck4AsSUrAR4exBr2l2k3XJgPBNxFAYaQJ
MdNv8SnXhJ4swyfb3FyQUlCjop8mqpoPV4YEllfgTR9/QHNNkR5UYVnHY+XTV+Yl
IlStB9mwj4qNek9IUm/iJ4Juf7F0U8MoSfkPnNCagJtrxKgDEdAOCsN2uNlieNdk
vZFbNzLl9gzD1HgdRpW/jF7lTwVwNQWTcIj1c7nxxORDC9KO+p46LTxURCkpAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUg6NCuzMQEYo5HMfxCYt7bUZRDwUwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNTM2MmUzNjM3MmUzMTMx
MzcyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACcQ3UwDQYJKoZIhvcNAQELBQADggEBAE+FCkaDDJP0Nv/6sd+OgLXRl4FKbqH6
scj1/6XW04vQXVUpg8OMRwcED++JAYyZ+q+xha1L9A3YI2Pg7eFLfSaXxh1YzsDf
e3l0Bp0da0hVv5VEKO7gXpgOvB5dnMW8gNhgkEJN2jaiu3y5Y2kC9yuH2REQtAEb
kVLlp6SN9sOyXc8dhRInxkRCubuI9ZcnWgnFXMlib+AcuTQQbCbgZ/sqc3NvT939
iJUrdgNeF0812m55607V7dZZek4ui5/H7Tad9tWxbjS8a0lsbOAfTBdsSzRxPlQr
iUKUhdH6FPREq8mBM8t8tjnfziN1BqrHEe+w0m14gWZeyA2R8cxE9m4=
-----END CERTIFICATE-----
Generated at Mon Nov 25 03:29:12 2024 by rpki-client on console-ams.rpki-client.org