Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135362e36372e3131372e302f32342d3234203d3e20313336373837.roa
File: 3135362e36372e3131372e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: mntCCiSd3xibCc+JlhH6uwQks5NH2nRW268JmP8d6vo=
Subject key identifier: 60:D1:A0:A3:2E:0B:0A:2A:86:B8:1B:15:C2:7A:87:CB:2B:D9:8A:7A
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 5B7DD10402672D0F3FCB40BBBC1FD44A1003A835
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135362e36372e3131372e302f32342d3234203d3e20313336373837.roa
Signing time: Sun 26 Nov 2023 19:49:29 +0000
ROA not before: Sun 26 Nov 2023 19:44:29 +0000
ROA not after: Sun 24 Nov 2024 19:49:29 +0000
asID: 136787
IP address blocks: 156.67.117.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 08 May 2024 14:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5b:7d:d1:04:02:67:2d:0f:3f:cb:40:bb:bc:1f:d4:4a:10:03:a8:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Nov 26 19:44:29 2023 GMT
Not After : Nov 24 19:49:29 2024 GMT
Subject: CN=60D1A0A32E0B0A2A86B81B15C27A87CB2BD98A7A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:04:bf:65:eb:73:b9:0f:70:a7:b9:2b:bc:86:
67:33:86:be:1d:6d:92:f7:2c:83:bf:e7:f1:e6:89:
60:5d:35:e1:18:c8:a7:6b:51:99:00:d4:06:33:7c:
04:6a:23:23:0e:f5:32:1d:aa:26:44:4b:04:a6:42:
0e:4c:05:d0:b3:4c:4d:b6:69:30:02:23:c0:88:f4:
47:7c:c4:ee:6d:15:e3:6d:9f:47:77:e6:c0:fb:ee:
54:43:82:96:b7:1d:7b:38:25:4b:81:c1:4e:9c:ae:
3f:bc:47:ad:a0:8c:e6:df:e6:2e:bd:a6:41:9b:e8:
fa:84:d5:69:d4:d3:15:36:88:56:41:79:c2:df:63:
7d:72:39:37:74:3e:be:4f:75:18:0a:e1:47:3f:c7:
5d:2a:8e:fc:3d:84:ed:89:f8:f3:2c:2b:e1:c4:2c:
26:c9:f0:05:41:76:1b:8e:cd:73:ed:17:77:14:65:
c0:e5:81:8b:13:33:5b:de:e4:0a:84:0c:bf:dc:c2:
08:f7:89:f0:fb:a3:70:e6:e1:2b:e8:ad:17:a6:59:
1e:36:4e:67:55:47:6e:7f:69:f6:f2:32:e2:7d:04:
cc:6d:11:e5:6c:11:78:85:c3:ef:93:bf:f7:6e:44:
12:f9:17:ef:87:c5:84:e8:d0:18:20:2f:dd:b7:4e:
ca:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:D1:A0:A3:2E:0B:0A:2A:86:B8:1B:15:C2:7A:87:CB:2B:D9:8A:7A
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135362e36372e3131372e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
156.67.117.0/24
Signature Algorithm: sha256WithRSAEncryption
a0:4c:04:66:8c:ae:3b:8e:45:29:84:0d:68:3d:95:b4:bd:76:
1d:cd:f7:88:8e:32:35:49:0c:9a:93:fa:43:11:15:24:34:cb:
af:98:e2:c9:2f:a8:e1:eb:ac:9e:9b:17:d8:3b:de:09:f9:b6:
04:0c:d5:83:af:eb:d3:39:25:7d:a1:a5:30:05:19:a6:8f:98:
f3:b7:c1:da:72:3a:30:b9:05:29:53:8b:b7:3d:db:b0:c3:75:
52:9e:32:2b:75:23:24:84:88:e6:67:db:0d:84:f7:31:1d:68:
87:9b:b0:cc:92:84:ae:e1:d2:a4:a1:1f:dd:1a:07:c4:37:62:
e8:db:80:f9:94:78:ff:15:97:83:b8:50:17:e0:80:b7:b3:86:
0b:61:8b:6c:89:47:4c:cb:43:56:18:12:f1:df:0c:33:b8:ae:
86:54:c3:f9:fa:bf:04:f2:11:b8:17:01:f4:ec:ad:30:e8:54:
c7:00:73:c4:e0:02:3e:53:73:e1:71:11:25:01:18:ef:a6:20:
8c:b2:79:ac:bc:57:d9:cf:fa:28:21:73:52:8f:79:5a:ab:4f:
c6:d6:d5:27:32:f3:0b:1f:e7:87:06:30:25:11:71:89:5f:2a:
94:91:0e:f7:a6:98:59:3b:70:b8:ff:00:5b:ec:79:34:f6:24:
fe:96:e0:ee
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUW33RBAJnLQ8/y0C7vB/UShADqDUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yMzExMjYxOTQ0MjlaFw0yNDExMjQxOTQ5MjlaMDMxMTAvBgNV
BAMTKDYwRDFBMEEzMkUwQjBBMkE4NkI4MUIxNUMyN0E4N0NCMkJEOThBN0EwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCxBL9l63O5D3CnuSu8hmczhr4d
bZL3LIO/5/HmiWBdNeEYyKdrUZkA1AYzfARqIyMO9TIdqiZESwSmQg5MBdCzTE22
aTACI8CI9Ed8xO5tFeNtn0d35sD77lRDgpa3HXs4JUuBwU6crj+8R62gjObf5i69
pkGb6PqE1WnU0xU2iFZBecLfY31yOTd0Pr5PdRgK4Uc/x10qjvw9hO2J+PMsK+HE
LCbJ8AVBdhuOzXPtF3cUZcDlgYsTM1ve5AqEDL/cwgj3ifD7o3Dm4SvorRemWR42
TmdVR25/afbyMuJ9BMxtEeVsEXiFw++Tv/duRBL5F++HxYTo0BggL923TsqBAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUYNGgoy4LCiqGuBsVwnqHyyvZinowHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNTM2MmUzNjM3MmUzMTMx
MzcyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACcQ3UwDQYJKoZIhvcNAQELBQADggEBAKBMBGaMrjuORSmEDWg9lbS9dh3N94iO
MjVJDJqT+kMRFSQ0y6+Y4skvqOHrrJ6bF9g73gn5tgQM1YOv69M5JX2hpTAFGaaP
mPO3wdpyOjC5BSlTi7c927DDdVKeMit1IySEiOZn2w2E9zEdaIebsMyShK7h0qSh
H90aB8Q3YujbgPmUeP8Vl4O4UBfggLezhgthi2yJR0zLQ1YYEvHfDDO4roZUw/n6
vwTyEbgXAfTsrTDoVMcAc8TgAj5Tc+FxESUBGO+mIIyyeay8V9nP+ighc1KPeVqr
T8bW1Scy8wsf54cGMCURcYlfKpSRDvemmFk7cLj/AFvseTT2JP6W4O4=
-----END CERTIFICATE-----
Generated at Tue May 7 21:49:14 2024 by rpki-client on console-ams.rpki-client.org