Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135362e36372e3131382e302f32342d3234203d3e20313336373837.roa
File: 3135362e36372e3131382e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: HcrJP6aTWmtAcUiHNIJkSP7BrU32RFHgOI26ChuOwnM=
Subject key identifier: E1:6F:C6:CE:87:DE:21:42:BB:0B:5D:30:07:99:5A:06:5D:A8:84:D2
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 77AA695490AF94135355C09B4CF30CB8795FBAD8
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135362e36372e3131382e302f32342d3234203d3e20313336373837.roa
Signing time: Sun 26 Nov 2023 19:49:34 +0000
ROA not before: Sun 26 Nov 2023 19:44:34 +0000
ROA not after: Sun 24 Nov 2024 19:49:34 +0000
asID: 136787
IP address blocks: 156.67.118.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
77:aa:69:54:90:af:94:13:53:55:c0:9b:4c:f3:0c:b8:79:5f:ba:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Nov 26 19:44:34 2023 GMT
Not After : Nov 24 19:49:34 2024 GMT
Subject: CN=E16FC6CE87DE2142BB0B5D3007995A065DA884D2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:35:ea:f2:cd:69:2a:42:33:46:6c:e9:51:cd:
65:f2:2f:1d:94:31:80:a6:4d:2e:a5:39:48:2a:d1:
17:18:0d:4b:e0:9c:c7:9c:93:ae:84:4e:8f:18:9a:
2f:f4:18:e9:f1:de:df:b4:67:fd:82:2f:b5:74:f5:
c8:6a:8e:00:dd:27:07:dd:ca:01:fa:ac:c0:00:4a:
a0:dd:9e:6f:4c:e8:d1:2f:f6:88:09:83:27:dc:b8:
c3:2e:e0:8a:69:69:30:b4:d9:be:d8:3f:32:f2:0c:
2f:04:6a:6a:40:2f:0b:2f:3a:1e:3f:9c:50:06:dd:
63:da:6c:f5:dd:b8:6f:a9:76:f8:19:e0:b3:fe:9e:
ea:26:ca:6d:3e:32:5c:f4:1a:8c:e0:a3:e6:ac:ad:
02:12:50:54:bf:fa:db:a6:88:ca:8c:17:e0:20:94:
43:b8:a8:78:1b:5d:9b:24:c5:e7:b1:87:da:c6:57:
44:e5:c1:d5:bc:da:8c:32:43:c0:10:3e:b1:97:7d:
2d:b5:dc:7b:d0:35:e8:b0:b2:d3:f8:4d:22:92:78:
bb:24:22:df:4d:8b:08:ec:3f:95:86:34:32:20:e1:
c3:e8:6c:fe:b9:ab:96:50:10:70:2f:90:bd:49:f5:
e3:1e:88:ee:72:c9:84:c8:54:51:45:5f:68:aa:91:
38:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:6F:C6:CE:87:DE:21:42:BB:0B:5D:30:07:99:5A:06:5D:A8:84:D2
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135362e36372e3131382e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
156.67.118.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:b8:b4:12:62:1b:f0:59:23:fd:de:58:3a:48:2c:11:a1:d7:
7f:0e:a2:ba:9d:4a:af:26:65:2b:b0:5a:79:94:bf:f8:29:a0:
72:97:7d:e1:42:76:ca:5c:14:e9:47:3c:5d:f3:b3:91:6e:8f:
e4:6a:7b:0b:fe:86:95:8d:6c:43:71:16:3c:26:72:81:d5:df:
5b:e1:ef:ca:2b:fb:6c:13:f9:cf:7d:76:15:2f:2c:a8:ed:71:
62:74:e4:a0:47:60:1f:3e:a3:b0:52:18:40:b0:88:a2:ee:16:
8f:10:b4:bb:59:04:11:47:92:7c:c6:fd:9f:83:2c:55:27:88:
83:1c:c9:0e:15:8c:4f:60:68:5f:c1:2b:e5:6e:21:be:64:05:
b2:8d:45:8f:b9:10:2a:1c:d1:02:f3:e3:64:db:4e:10:6d:9e:
83:4d:a4:79:e7:4c:42:f7:1f:6c:38:fd:2f:3e:d1:5e:1b:d1:
b3:38:62:05:64:3f:ea:59:85:a5:d2:10:a3:e4:6f:4e:91:99:
8d:41:5d:81:df:a4:b9:d1:4f:76:01:f1:1b:4c:08:3f:58:00:
30:2a:f7:64:c8:42:30:ae:1a:d2:cc:16:68:c6:16:74:ec:26:
8a:ee:5e:08:90:f6:c3:d7:96:fe:c7:65:ae:74:2f:fa:d1:8e:
0e:89:ca:a4
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUd6ppVJCvlBNTVcCbTPMMuHlfutgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yMzExMjYxOTQ0MzRaFw0yNDExMjQxOTQ5MzRaMDMxMTAvBgNV
BAMTKEUxNkZDNkNFODdERTIxNDJCQjBCNUQzMDA3OTk1QTA2NURBODg0RDIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCmNeryzWkqQjNGbOlRzWXyLx2U
MYCmTS6lOUgq0RcYDUvgnMeck66ETo8Ymi/0GOnx3t+0Z/2CL7V09chqjgDdJwfd
ygH6rMAASqDdnm9M6NEv9ogJgyfcuMMu4IppaTC02b7YPzLyDC8EampALwsvOh4/
nFAG3WPabPXduG+pdvgZ4LP+nuomym0+Mlz0Gozgo+asrQISUFS/+tumiMqMF+Ag
lEO4qHgbXZskxeexh9rGV0TlwdW82owyQ8AQPrGXfS213HvQNeiwstP4TSKSeLsk
It9NiwjsP5WGNDIg4cPobP65q5ZQEHAvkL1J9eMeiO5yyYTIVFFFX2iqkTgnAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU4W/GzofeIUK7C10wB5laBl2ohNIwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNTM2MmUzNjM3MmUzMTMx
MzgyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACcQ3YwDQYJKoZIhvcNAQELBQADggEBAG64tBJiG/BZI/3eWDpILBGh138Oorqd
Sq8mZSuwWnmUv/gpoHKXfeFCdspcFOlHPF3zs5Fuj+Rqewv+hpWNbENxFjwmcoHV
31vh78or+2wT+c99dhUvLKjtcWJ05KBHYB8+o7BSGECwiKLuFo8QtLtZBBFHknzG
/Z+DLFUniIMcyQ4VjE9gaF/BK+VuIb5kBbKNRY+5ECoc0QLz42TbThBtnoNNpHnn
TEL3H2w4/S8+0V4b0bM4YgVkP+pZhaXSEKPkb06RmY1BXYHfpLnRT3YB8RtMCD9Y
ADAq92TIQjCuGtLMFmjGFnTsJoruXgiQ9sPXlv7HZa50L/rRjg6JyqQ=
-----END CERTIFICATE-----
Generated at Wed May 8 11:32:58 2024 by rpki-client on console-ams.rpki-client.org