Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135362e36372e3131382e302f32342d3234203d3e20313336373837.roa
File: 3135362e36372e3131382e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: GKhzoEiNgmjepBndCzq+5Xh4NpcGuCNCdknuu1wTHCs=
Subject key identifier: A1:90:B0:A5:44:0D:76:43:30:A5:70:39:5F:3B:E0:A0:D5:E6:D6:44
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 1E40F999979D4CA53F4892BB17368908363FF381
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135362e36372e3131382e302f32342d3234203d3e20313336373837.roa
Signing time: Sun 27 Oct 2024 20:05:18 +0000
ROA not before: Sun 27 Oct 2024 20:00:18 +0000
ROA not after: Sun 26 Oct 2025 20:05:18 +0000
asID: 136787
IP address blocks: 156.67.118.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 13:21:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1e:40:f9:99:97:9d:4c:a5:3f:48:92:bb:17:36:89:08:36:3f:f3:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Oct 27 20:00:18 2024 GMT
Not After : Oct 26 20:05:18 2025 GMT
Subject: CN=A190B0A5440D764330A570395F3BE0A0D5E6D644
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:79:69:df:c5:b3:10:e1:fa:1d:93:39:e7:7c:
ae:7c:3e:43:7a:d7:36:e5:40:6d:e8:29:b2:30:0c:
10:98:89:92:a2:b5:e4:14:b1:7f:0a:40:a8:6a:0d:
4d:82:1d:ce:94:7c:13:44:a5:d7:1e:e1:43:3e:93:
d7:60:c4:72:42:f0:64:f9:f7:84:3e:a2:b2:8b:91:
71:c3:63:50:61:85:82:a7:cb:45:88:4d:6e:80:7d:
40:74:e7:3a:2c:eb:fc:18:92:95:5f:66:44:dc:19:
6c:34:9c:de:da:c6:8d:fb:64:fa:ba:c4:c1:a0:7d:
69:b7:ca:14:bd:1f:5f:ed:9a:b4:34:5a:49:c9:13:
7b:ed:34:ba:14:f2:ec:d8:1e:ee:e0:ac:a6:49:dd:
12:57:a5:6c:1c:6c:06:a8:27:80:54:23:6d:71:9b:
39:69:96:e8:3a:8c:db:d0:3c:e4:f5:9e:78:e5:77:
9e:f1:af:9a:c1:1d:65:76:62:35:7d:52:3f:42:a4:
c1:8b:91:6e:f6:bf:f5:09:42:34:39:31:a8:01:e4:
52:98:e1:60:6f:3a:10:2e:fc:bd:70:91:51:c7:d2:
3e:43:f9:a4:53:7f:b1:54:36:96:ec:ca:1f:0d:93:
37:5f:c4:b7:ce:b3:56:85:90:c2:5d:e4:ff:af:b9:
11:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:90:B0:A5:44:0D:76:43:30:A5:70:39:5F:3B:E0:A0:D5:E6:D6:44
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135362e36372e3131382e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
156.67.118.0/24
Signature Algorithm: sha256WithRSAEncryption
07:d8:b8:45:69:fb:1f:b6:45:0e:5d:9e:9d:8b:cc:f7:24:88:
37:90:d0:5c:47:47:5f:bb:72:ff:16:26:0f:26:9d:be:ee:41:
f0:19:fa:55:63:4c:54:1f:07:e4:06:ec:77:c5:4b:b3:5f:bc:
0b:31:0a:1c:cd:c4:60:f9:54:a2:25:6a:ff:6d:a2:a9:b0:91:
25:dc:92:e4:0e:0b:b5:31:bb:63:6c:36:e7:d3:43:d0:bc:51:
78:51:03:46:73:b3:04:9b:99:26:cf:f9:38:ae:ed:f8:32:d0:
d6:49:54:98:11:6a:ce:ad:48:3d:b8:c3:71:32:e0:b5:25:e0:
cb:3f:66:0c:8a:c5:35:55:33:2c:14:d0:1b:df:fd:fc:cb:ef:
a1:c6:6a:8a:0f:2f:da:ec:3c:d2:bf:0a:58:ac:3f:11:8e:e4:
f1:6d:9a:52:7c:45:a9:18:90:26:19:be:53:93:98:3d:fe:3f:
16:30:74:7a:93:60:3c:b7:2e:52:2a:1b:40:74:74:04:88:fc:
68:77:2a:fe:cf:b6:9d:93:da:f3:78:17:ac:63:e4:9e:77:f2:
4c:a7:a0:1d:6a:72:bf:89:9c:e9:dd:4b:e8:56:3f:c9:57:21:
61:91:b4:1a:b5:b3:9a:ac:73:cd:30:7d:95:ea:d9:a2:24:86:
95:e5:54:67
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUHkD5mZedTKU/SJK7FzaJCDY/84EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDEwMjcyMDAwMThaFw0yNTEwMjYyMDA1MThaMDMxMTAvBgNV
BAMTKEExOTBCMEE1NDQwRDc2NDMzMEE1NzAzOTVGM0JFMEEwRDVFNkQ2NDQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDjeWnfxbMQ4fodkznnfK58PkN6
1zblQG3oKbIwDBCYiZKiteQUsX8KQKhqDU2CHc6UfBNEpdce4UM+k9dgxHJC8GT5
94Q+orKLkXHDY1BhhYKny0WITW6AfUB05zos6/wYkpVfZkTcGWw0nN7axo37ZPq6
xMGgfWm3yhS9H1/tmrQ0WknJE3vtNLoU8uzYHu7grKZJ3RJXpWwcbAaoJ4BUI21x
mzlplug6jNvQPOT1nnjld57xr5rBHWV2YjV9Uj9CpMGLkW72v/UJQjQ5MagB5FKY
4WBvOhAu/L1wkVHH0j5D+aRTf7FUNpbsyh8NkzdfxLfOs1aFkMJd5P+vuRHzAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUoZCwpUQNdkMwpXA5XzvgoNXm1kQwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNTM2MmUzNjM3MmUzMTMx
MzgyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACcQ3YwDQYJKoZIhvcNAQELBQADggEBAAfYuEVp+x+2RQ5dnp2LzPckiDeQ0FxH
R1+7cv8WJg8mnb7uQfAZ+lVjTFQfB+QG7HfFS7NfvAsxChzNxGD5VKIlav9toqmw
kSXckuQOC7Uxu2NsNufTQ9C8UXhRA0ZzswSbmSbP+Tiu7fgy0NZJVJgRas6tSD24
w3Ey4LUl4Ms/ZgyKxTVVMywU0Bvf/fzL76HGaooPL9rsPNK/ClisPxGO5PFtmlJ8
RakYkCYZvlOTmD3+PxYwdHqTYDy3LlIqG0B0dASI/Gh3Kv7Ptp2T2vN4F6xj5J53
8kynoB1qcr+JnOndS+hWP8lXIWGRtBq1s5qsc80wfZXq2aIkhpXlVGc=
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:25:39 2025 by rpki-client