Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135362e36372e3131392e302f32342d3234203d3e20313336373837.roa
File: 3135362e36372e3131392e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: M4ZM7jnDCHP1DaxIFL6lyJagz+7UZDIPk+C7luXrffw=
Subject key identifier: 20:A1:37:C3:0F:A3:7F:8F:1E:25:69:2E:4C:88:A2:56:EE:54:E1:58
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 7F256AF7DEF280D0C7E9CAD4F340084191FA12B4
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135362e36372e3131392e302f32342d3234203d3e20313336373837.roa
Signing time: Sun 26 Nov 2023 19:49:39 +0000
ROA not before: Sun 26 Nov 2023 19:44:39 +0000
ROA not after: Sun 24 Nov 2024 19:49:39 +0000
asID: 136787
IP address blocks: 156.67.119.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 08 May 2024 14:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7f:25:6a:f7:de:f2:80:d0:c7:e9:ca:d4:f3:40:08:41:91:fa:12:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Nov 26 19:44:39 2023 GMT
Not After : Nov 24 19:49:39 2024 GMT
Subject: CN=20A137C30FA37F8F1E25692E4C88A256EE54E158
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:9a:32:63:8a:e2:d2:99:87:17:ca:99:53:0d:
e8:e9:ee:68:d2:7a:7c:29:6c:9d:7e:0d:01:f7:82:
f0:d5:9a:5f:78:f7:c9:bc:5c:60:1c:cd:8c:5b:39:
12:b2:f2:b7:4a:13:fc:3e:23:dc:55:d9:3d:b9:92:
c1:7c:c7:e7:9a:4c:c2:7b:c5:b9:80:3d:4d:17:7a:
39:62:87:06:a5:64:63:4b:e5:6e:1b:86:e0:53:0a:
56:cb:76:79:38:73:a2:6d:43:74:d1:c5:d4:ce:fc:
15:3e:78:56:d3:a3:a6:91:da:01:0f:51:32:c6:68:
5e:86:14:ba:d4:1e:cc:3e:66:bd:d6:6f:f8:b4:d7:
f4:89:a9:76:7d:e8:6b:5b:1d:d9:cd:d3:29:82:69:
bc:5d:2b:70:0f:18:3e:54:26:08:c0:da:83:46:32:
0c:e2:6c:e8:ad:35:31:da:70:30:ed:a4:f2:70:6b:
42:29:66:10:a4:eb:f3:9e:43:5b:f5:98:25:77:0f:
5a:87:bc:a5:a8:1e:09:fc:e9:91:5b:10:fc:ab:a3:
fb:e7:32:5a:af:be:69:88:bf:28:7c:0b:79:83:19:
b6:9f:b4:9d:50:63:ed:b0:91:41:4b:06:73:a5:97:
35:2b:4b:53:fe:49:78:f1:e3:23:58:ed:6f:79:ab:
c7:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:A1:37:C3:0F:A3:7F:8F:1E:25:69:2E:4C:88:A2:56:EE:54:E1:58
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135362e36372e3131392e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
156.67.119.0/24
Signature Algorithm: sha256WithRSAEncryption
67:34:59:44:6a:7e:bc:1f:58:6d:93:b6:e0:c2:c1:f4:50:9c:
5d:b2:e8:2a:bd:2e:77:f6:6f:45:27:48:9b:47:63:2d:5c:09:
2a:d7:23:51:fa:7f:2f:56:5a:5e:10:b1:35:f5:81:ac:45:11:
d9:06:80:cb:85:ca:f3:52:f8:63:a5:f3:36:fa:f3:1a:73:d9:
47:cb:ff:ec:11:5c:0a:40:3c:8b:f9:14:ff:3f:b4:08:88:eb:
93:ac:ba:3e:09:f0:b6:b8:23:d3:2d:36:2e:9d:f4:0b:a4:68:
30:30:6e:be:b5:3b:25:df:bf:ae:9f:82:79:6e:11:da:60:16:
f2:0f:41:16:57:ab:f0:b7:c8:1e:11:b5:8f:81:31:9f:12:27:
5c:64:ac:db:d2:c5:83:ea:2b:6c:e6:f7:b4:54:4e:74:ae:23:
ec:8c:be:52:38:d0:f0:d3:91:01:25:c0:7f:d2:71:fa:88:45:
91:b7:6f:81:8a:a3:c2:39:22:b2:1f:38:d9:eb:c5:4e:98:99:
c4:67:97:de:07:46:c0:e1:4b:09:a5:a5:9f:01:f4:b9:95:d3:
37:7a:10:a4:bb:31:85:ae:6c:bb:ef:07:9e:d1:d4:c8:9b:93:
39:bc:0d:53:45:93:05:69:45:1a:57:5d:12:a2:ba:ed:b6:a3:
97:eb:a3:70
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUfyVq997ygNDH6crU80AIQZH6ErQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yMzExMjYxOTQ0MzlaFw0yNDExMjQxOTQ5MzlaMDMxMTAvBgNV
BAMTKDIwQTEzN0MzMEZBMzdGOEYxRTI1NjkyRTRDODhBMjU2RUU1NEUxNTgwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDsmjJjiuLSmYcXyplTDejp7mjS
enwpbJ1+DQH3gvDVml9498m8XGAczYxbORKy8rdKE/w+I9xV2T25ksF8x+eaTMJ7
xbmAPU0XejlihwalZGNL5W4bhuBTClbLdnk4c6JtQ3TRxdTO/BU+eFbTo6aR2gEP
UTLGaF6GFLrUHsw+Zr3Wb/i01/SJqXZ96GtbHdnN0ymCabxdK3APGD5UJgjA2oNG
MgzibOitNTHacDDtpPJwa0IpZhCk6/OeQ1v1mCV3D1qHvKWoHgn86ZFbEPyro/vn
MlqvvmmIvyh8C3mDGbaftJ1QY+2wkUFLBnOllzUrS1P+SXjx4yNY7W95q8exAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUIKE3ww+jf48eJWkuTIiiVu5U4VgwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNTM2MmUzNjM3MmUzMTMx
MzkyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACcQ3cwDQYJKoZIhvcNAQELBQADggEBAGc0WURqfrwfWG2TtuDCwfRQnF2y6Cq9
Lnf2b0UnSJtHYy1cCSrXI1H6fy9WWl4QsTX1gaxFEdkGgMuFyvNS+GOl8zb68xpz
2UfL/+wRXApAPIv5FP8/tAiI65Osuj4J8La4I9MtNi6d9AukaDAwbr61OyXfv66f
gnluEdpgFvIPQRZXq/C3yB4RtY+BMZ8SJ1xkrNvSxYPqK2zm97RUTnSuI+yMvlI4
0PDTkQElwH/ScfqIRZG3b4GKo8I5IrIfONnrxU6YmcRnl94HRsDhSwmlpZ8B9LmV
0zd6EKS7MYWubLvvB57R1Mibkzm8DVNFkwVpRRpXXRKiuu22o5fro3A=
-----END CERTIFICATE-----
Generated at Tue May 7 21:49:14 2024 by rpki-client on console-ams.rpki-client.org