Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135362e36372e3131392e302f32342d3234203d3e20313336373837.roa
File: 3135362e36372e3131392e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: ufZOtF6iuzNz818NSCAqD4XF7AEOHDOt1srkN/1Y4Ww=
Subject key identifier: 90:73:BA:1E:37:E9:EB:98:56:B4:49:A4:2B:62:56:68:7E:25:EC:55
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 12FC2CEEB32AE3558F4338D469EFB8F3A19147A9
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135362e36372e3131392e302f32342d3234203d3e20313336373837.roa
Signing time: Sun 27 Oct 2024 20:05:20 +0000
ROA not before: Sun 27 Oct 2024 20:00:20 +0000
ROA not after: Sun 26 Oct 2025 20:05:20 +0000
asID: 136787
IP address blocks: 156.67.119.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
12:fc:2c:ee:b3:2a:e3:55:8f:43:38:d4:69:ef:b8:f3:a1:91:47:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Oct 27 20:00:20 2024 GMT
Not After : Oct 26 20:05:20 2025 GMT
Subject: CN=9073BA1E37E9EB9856B449A42B6256687E25EC55
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:ed:eb:f7:71:c0:31:a2:a4:e0:97:30:8b:07:
2e:33:04:a0:09:6e:f2:4c:9f:2a:bb:89:82:ed:67:
e4:55:8c:0c:f2:fe:2e:91:a0:44:e4:85:68:cc:b6:
31:c8:e6:8e:c0:76:1e:ce:1a:54:cf:14:72:28:01:
76:c5:79:a5:0e:f3:80:ae:c8:6b:a5:28:a8:57:20:
11:dd:6c:f9:c4:99:2b:60:f5:d7:24:35:31:eb:a5:
e6:ef:0d:f9:ea:01:a9:02:96:4f:3c:90:05:6c:82:
3b:4e:82:ac:93:00:6a:9d:15:e1:aa:4c:36:3e:ca:
df:0a:12:f8:4f:99:ab:33:a6:21:85:a6:85:df:fb:
14:4d:8b:b5:67:8b:e1:25:12:d4:af:0b:45:ff:0e:
9e:2c:71:ce:bb:71:ef:c8:19:85:f5:f6:6e:a4:73:
4f:2e:d5:a2:d8:eb:3a:f3:e4:e0:5f:6b:a2:43:c0:
aa:15:91:5a:c8:0a:ab:30:42:da:bc:fa:bc:9f:58:
7e:77:b7:a6:5c:7f:6f:7f:e9:b4:b1:e1:62:53:5d:
3c:e3:4c:86:c3:bc:7c:db:26:ff:43:41:1a:32:3a:
a4:ed:d5:08:02:99:ee:fc:4a:58:6d:48:ec:34:f3:
f9:e5:36:26:34:0e:6a:40:d6:a0:cc:aa:8a:c2:72:
70:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:73:BA:1E:37:E9:EB:98:56:B4:49:A4:2B:62:56:68:7E:25:EC:55
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135362e36372e3131392e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
156.67.119.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:f0:80:19:a3:c0:0b:38:bd:26:4a:e6:2f:77:c4:db:34:1e:
ee:0b:98:3a:95:6e:9e:85:de:7c:1f:b8:b3:5a:97:c2:ed:b9:
b0:c9:cb:7c:fe:2d:22:72:20:76:a3:72:1a:36:33:3f:82:d0:
77:31:80:94:46:36:43:4f:d1:48:69:3b:5a:76:bb:50:61:24:
e5:18:68:11:88:68:47:85:a4:4f:e0:b3:cd:ca:c8:0f:16:c9:
a8:14:5f:ea:3e:f0:53:c3:7a:e2:c6:f2:ec:d1:e5:77:a8:08:
3f:69:59:72:9f:02:7c:4a:3d:c3:c8:ee:8b:0a:22:84:d6:f5:
e2:90:24:73:b6:0b:46:8a:a6:65:38:fd:84:f9:c1:37:81:43:
e6:a5:d2:58:c2:78:7c:ee:a9:9d:5c:dd:b2:14:53:5e:02:b4:
35:fb:c2:29:5f:a2:da:6b:28:2e:11:13:76:f8:f8:fb:85:88:
cf:cc:66:4d:90:0b:8a:be:3c:fd:a3:b7:ed:85:61:f9:85:69:
b1:f2:e8:ec:34:94:43:ad:d1:fa:bf:4b:bb:ae:5e:20:14:84:
16:f6:19:56:f0:c1:4a:0c:43:eb:33:d0:08:87:ae:8d:53:61:
7c:4a:a0:b9:b0:4d:e0:5e:11:3d:9f:c3:4c:d0:1a:aa:f2:09:
2a:03:57:7a
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUEvws7rMq41WPQzjUae+486GRR6kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDEwMjcyMDAwMjBaFw0yNTEwMjYyMDA1MjBaMDMxMTAvBgNV
BAMTKDkwNzNCQTFFMzdFOUVCOTg1NkI0NDlBNDJCNjI1NjY4N0UyNUVDNTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCr7ev3ccAxoqTglzCLBy4zBKAJ
bvJMnyq7iYLtZ+RVjAzy/i6RoETkhWjMtjHI5o7Adh7OGlTPFHIoAXbFeaUO84Cu
yGulKKhXIBHdbPnEmStg9dckNTHrpebvDfnqAakClk88kAVsgjtOgqyTAGqdFeGq
TDY+yt8KEvhPmaszpiGFpoXf+xRNi7Vni+ElEtSvC0X/Dp4scc67ce/IGYX19m6k
c08u1aLY6zrz5OBfa6JDwKoVkVrICqswQtq8+ryfWH53t6Zcf29/6bSx4WJTXTzj
TIbDvHzbJv9DQRoyOqTt1QgCme78SlhtSOw08/nlNiY0DmpA1qDMqorCcnA5AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUkHO6Hjfp65hWtEmkK2JWaH4l7FUwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNTM2MmUzNjM3MmUzMTMx
MzkyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACcQ3cwDQYJKoZIhvcNAQELBQADggEBAE/wgBmjwAs4vSZK5i93xNs0Hu4LmDqV
bp6F3nwfuLNal8LtubDJy3z+LSJyIHajcho2Mz+C0HcxgJRGNkNP0UhpO1p2u1Bh
JOUYaBGIaEeFpE/gs83KyA8WyagUX+o+8FPDeuLG8uzR5XeoCD9pWXKfAnxKPcPI
7osKIoTW9eKQJHO2C0aKpmU4/YT5wTeBQ+al0ljCeHzuqZ1c3bIUU14CtDX7wilf
otprKC4RE3b4+PuFiM/MZk2QC4q+PP2jt+2FYfmFabHy6Ow0lEOt0fq/S7uuXiAU
hBb2GVbwwUoMQ+sz0AiHro1TYXxKoLmwTeBeET2fw0zQGqryCSoDV3o=
-----END CERTIFICATE-----
Generated at Mon Nov 25 03:29:12 2024 by rpki-client on console-ams.rpki-client.org