Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135362e36372e3132312e302f32342d3234203d3e20313336373837.roa
File: 3135362e36372e3132312e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: Qg7e8a8tkkIPm8+IV/012kCDUbWGuj0UwZpN59O4xAE=
Subject key identifier: 08:4A:48:F0:6B:0A:27:73:13:AB:3D:72:E6:E6:31:E7:B7:AA:E4:DE
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 12DB4DDAA5C11331C09546B1FC5A77BD7A8BBDFF
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135362e36372e3132312e302f32342d3234203d3e20313336373837.roa
Signing time: Sun 26 Nov 2023 19:49:43 +0000
ROA not before: Sun 26 Nov 2023 19:44:43 +0000
ROA not after: Sun 24 Nov 2024 19:49:43 +0000
asID: 136787
IP address blocks: 156.67.121.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 08 May 2024 14:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
12:db:4d:da:a5:c1:13:31:c0:95:46:b1:fc:5a:77:bd:7a:8b:bd:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Nov 26 19:44:43 2023 GMT
Not After : Nov 24 19:49:43 2024 GMT
Subject: CN=084A48F06B0A277313AB3D72E6E631E7B7AAE4DE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:4d:8c:39:ac:20:d1:42:0e:1f:49:e0:f2:1a:
5d:7d:2f:90:8e:fb:91:bd:8f:f1:1f:86:d8:a4:f6:
24:5e:24:86:d6:3b:45:d0:a2:88:bb:a0:43:07:63:
20:91:7b:75:d3:ae:06:43:10:50:5b:97:ed:81:88:
4a:e2:1e:93:20:0d:27:8d:8c:24:b4:7c:b5:db:44:
60:00:9f:7a:31:b2:05:76:5a:8f:25:0f:3c:f4:fb:
69:c4:d8:b6:d2:4e:db:41:d3:3e:a3:af:64:dd:54:
41:72:b4:bf:27:df:21:11:c8:f3:5f:46:67:f9:16:
2e:16:a9:3b:fc:e1:1b:40:4b:d3:97:12:9e:4f:b0:
87:ab:c7:19:86:25:cf:09:4b:79:85:e4:90:a8:60:
46:ec:f4:da:e6:7d:b4:58:12:6d:32:17:68:b4:5b:
e1:80:91:60:8f:19:ee:da:2b:40:5c:9c:e8:eb:2a:
ec:b5:25:5e:0b:72:f4:ba:8f:36:c4:ff:ce:77:f7:
9c:2c:74:d3:14:87:b0:69:6c:cf:70:02:9c:ad:26:
08:de:89:d4:0c:95:9a:79:59:8a:68:db:8a:f7:3a:
81:31:02:c1:9e:6e:4d:c5:c3:29:3a:05:8a:b9:44:
c7:ca:53:1d:82:b2:dd:37:ee:f2:9e:56:0c:88:cc:
74:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:4A:48:F0:6B:0A:27:73:13:AB:3D:72:E6:E6:31:E7:B7:AA:E4:DE
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135362e36372e3132312e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
156.67.121.0/24
Signature Algorithm: sha256WithRSAEncryption
82:f6:aa:a3:cd:73:b9:61:dd:29:b1:0d:b3:08:2a:c4:41:03:
00:a9:6c:0c:f5:f9:f8:4d:c0:16:b9:c0:59:83:61:de:f3:df:
0e:08:c1:b2:67:0b:23:a5:1e:f3:b1:67:74:4d:cd:e9:b2:86:
df:0c:71:4f:0d:31:e3:d4:93:6f:25:24:e1:44:fa:56:f8:2b:
a6:38:43:27:1e:05:af:95:83:35:a9:00:f7:b7:fb:f6:4e:ee:
1d:04:23:9f:5d:10:4a:30:ec:b2:7c:95:b0:96:1e:1a:8e:16:
39:88:40:7b:5f:6c:bc:74:48:cc:84:63:27:55:ca:49:e3:a3:
5a:d2:90:b4:97:1e:3b:22:12:a8:4e:b9:b3:1a:91:d2:fa:5c:
6b:cd:d0:4b:f0:f9:62:4d:7d:62:c3:38:be:c4:0f:0b:fd:2e:
ab:f4:9c:2e:91:59:72:a8:9e:b2:5a:96:cf:bd:75:c7:0b:94:
41:e4:b1:10:f6:fe:85:ad:2b:ea:cc:2d:44:0c:2e:05:27:a4:
91:17:fe:d7:10:4e:45:f5:ed:70:17:0b:6e:38:48:e3:c0:f0:
fa:23:3d:4e:7f:da:c2:39:7d:e3:53:30:57:87:0a:d0:a3:d4:
0c:4a:bb:67:98:74:f7:0a:c4:62:db:14:bd:b0:a1:63:2e:64:
c6:f2:6c:85
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUEttN2qXBEzHAlUax/Fp3vXqLvf8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yMzExMjYxOTQ0NDNaFw0yNDExMjQxOTQ5NDNaMDMxMTAvBgNV
BAMTKDA4NEE0OEYwNkIwQTI3NzMxM0FCM0Q3MkU2RTYzMUU3QjdBQUU0REUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDSTYw5rCDRQg4fSeDyGl19L5CO
+5G9j/Efhtik9iReJIbWO0XQooi7oEMHYyCRe3XTrgZDEFBbl+2BiEriHpMgDSeN
jCS0fLXbRGAAn3oxsgV2Wo8lDzz0+2nE2LbSTttB0z6jr2TdVEFytL8n3yERyPNf
Rmf5Fi4WqTv84RtAS9OXEp5PsIerxxmGJc8JS3mF5JCoYEbs9NrmfbRYEm0yF2i0
W+GAkWCPGe7aK0BcnOjrKuy1JV4LcvS6jzbE/85395wsdNMUh7BpbM9wApytJgje
idQMlZp5WYpo24r3OoExAsGebk3Fwyk6BYq5RMfKUx2Cst037vKeVgyIzHR9AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUCEpI8GsKJ3MTqz1y5uYx57eq5N4wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNTM2MmUzNjM3MmUzMTMy
MzEyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACcQ3kwDQYJKoZIhvcNAQELBQADggEBAIL2qqPNc7lh3SmxDbMIKsRBAwCpbAz1
+fhNwBa5wFmDYd7z3w4IwbJnCyOlHvOxZ3RNzemyht8McU8NMePUk28lJOFE+lb4
K6Y4QyceBa+VgzWpAPe3+/ZO7h0EI59dEEow7LJ8lbCWHhqOFjmIQHtfbLx0SMyE
YydVyknjo1rSkLSXHjsiEqhOubMakdL6XGvN0Evw+WJNfWLDOL7EDwv9Lqv0nC6R
WXKonrJals+9dccLlEHksRD2/oWtK+rMLUQMLgUnpJEX/tcQTkX17XAXC244SOPA
8PojPU5/2sI5feNTMFeHCtCj1AxKu2eYdPcKxGLbFL2woWMuZMbybIU=
-----END CERTIFICATE-----
Generated at Tue May 7 21:49:14 2024 by rpki-client on console-ams.rpki-client.org