Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135362e36372e3132312e302f32342d3234203d3e20313336373837.roa
File: 3135362e36372e3132312e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: SGeabdeD9KBb9K8LaP7C0pU0tFDzsT0gfDP5DDqZhjk=
Subject key identifier: A7:12:F2:72:F3:AC:61:C7:C3:BE:E3:93:06:0A:B2:77:E8:26:1E:62
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 1E6AF989F64E694E201360298C696C6B38DCE44C
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135362e36372e3132312e302f32342d3234203d3e20313336373837.roa
Signing time: Sun 27 Oct 2024 20:05:17 +0000
ROA not before: Sun 27 Oct 2024 20:00:17 +0000
ROA not after: Sun 26 Oct 2025 20:05:17 +0000
asID: 136787
IP address blocks: 156.67.121.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1e:6a:f9:89:f6:4e:69:4e:20:13:60:29:8c:69:6c:6b:38:dc:e4:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Oct 27 20:00:17 2024 GMT
Not After : Oct 26 20:05:17 2025 GMT
Subject: CN=A712F272F3AC61C7C3BEE393060AB277E8261E62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:38:be:9a:9e:9a:cc:4f:10:be:94:ec:de:f4:
e8:2b:02:79:26:da:c1:bc:02:c2:70:6c:36:e6:53:
16:90:94:48:5b:84:a2:00:9c:00:67:66:89:d1:f0:
52:06:10:c8:0b:1e:aa:f3:26:92:82:3f:2c:d7:ff:
ac:f8:46:ee:fc:6c:00:58:55:aa:a9:37:57:4e:67:
26:fb:0c:6d:56:72:cb:a2:96:a1:bf:18:fd:99:15:
ed:6e:1b:d1:f3:ac:0b:f2:a5:a4:ee:fc:7f:04:53:
f7:a0:7f:05:50:7b:e1:f7:30:46:14:ee:33:38:6b:
0e:14:6e:f9:58:95:9e:c5:46:62:18:a4:2b:b0:e9:
df:44:70:b8:3e:e4:61:e0:84:b2:b1:13:8c:99:42:
35:eb:0c:69:35:3f:82:76:d5:23:88:75:cc:30:86:
1e:39:51:be:c6:83:18:39:f8:dc:28:8d:91:f7:59:
4d:f7:65:5c:70:6d:dc:88:13:63:b9:ed:83:9e:a7:
e4:fe:b9:0a:63:c1:ca:a2:bd:c1:32:de:2b:af:da:
d2:20:27:28:8c:41:8e:c5:ca:db:da:b3:a5:4f:d9:
66:e6:b6:d5:9c:0d:f9:b1:48:18:9b:ba:be:ff:0e:
1a:15:3e:33:ec:05:cd:4a:87:73:44:59:fe:79:88:
90:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:12:F2:72:F3:AC:61:C7:C3:BE:E3:93:06:0A:B2:77:E8:26:1E:62
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135362e36372e3132312e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
156.67.121.0/24
Signature Algorithm: sha256WithRSAEncryption
49:fb:24:cc:71:a8:1f:a9:6f:97:f8:dd:80:d6:8e:2d:95:c6:
f6:b8:8c:78:a4:a3:20:89:01:63:5b:fe:1c:a8:1d:9f:13:e8:
01:dc:f9:7a:67:0d:20:01:ed:3f:d3:19:d0:be:89:c4:ab:84:
c2:a7:4b:84:51:6a:b0:69:32:71:29:6d:04:33:77:47:41:63:
34:61:ff:d8:5e:ac:70:c4:0f:42:4a:bb:ab:39:09:b1:2c:ee:
6d:74:71:35:aa:eb:cd:b9:3d:8d:1b:77:13:83:b6:b6:f2:46:
69:46:5e:72:77:18:9f:24:e0:d0:d4:b7:0c:f0:19:92:1a:53:
92:c4:f0:3a:17:87:1b:c0:d2:f0:de:f5:ea:f9:28:51:47:d0:
99:87:64:d0:33:40:23:8f:ad:16:15:1e:06:29:26:d0:2f:97:
7c:ba:fe:aa:58:47:cc:f5:58:2b:23:50:ab:6b:b5:2e:61:46:
5d:ac:8d:fd:2f:d5:77:27:43:fe:28:18:78:3c:b2:62:cd:08:
c2:4e:42:e7:28:49:71:7b:fb:c2:e7:a8:c8:53:2b:32:8e:f0:
20:ca:53:93:14:03:d4:bb:b6:f9:08:7a:5e:58:68:8a:98:1f:
cd:4f:07:96:4f:22:2b:84:f4:80:76:79:99:7c:dc:2f:9c:7c:
45:51:22:b1
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUHmr5ifZOaU4gE2ApjGlsazjc5EwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDEwMjcyMDAwMTdaFw0yNTEwMjYyMDA1MTdaMDMxMTAvBgNV
BAMTKEE3MTJGMjcyRjNBQzYxQzdDM0JFRTM5MzA2MEFCMjc3RTgyNjFFNjIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDOOL6anprMTxC+lOze9OgrAnkm
2sG8AsJwbDbmUxaQlEhbhKIAnABnZonR8FIGEMgLHqrzJpKCPyzX/6z4Ru78bABY
VaqpN1dOZyb7DG1WcsuilqG/GP2ZFe1uG9HzrAvypaTu/H8EU/egfwVQe+H3MEYU
7jM4aw4UbvlYlZ7FRmIYpCuw6d9EcLg+5GHghLKxE4yZQjXrDGk1P4J21SOIdcww
hh45Ub7Ggxg5+NwojZH3WU33ZVxwbdyIE2O57YOep+T+uQpjwcqivcEy3iuv2tIg
JyiMQY7Fytvas6VP2WbmttWcDfmxSBibur7/DhoVPjPsBc1Kh3NEWf55iJDlAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUpxLycvOsYcfDvuOTBgqyd+gmHmIwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNTM2MmUzNjM3MmUzMTMy
MzEyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACcQ3kwDQYJKoZIhvcNAQELBQADggEBAEn7JMxxqB+pb5f43YDWji2Vxva4jHik
oyCJAWNb/hyoHZ8T6AHc+XpnDSAB7T/TGdC+icSrhMKnS4RRarBpMnEpbQQzd0dB
YzRh/9herHDED0JKu6s5CbEs7m10cTWq6825PY0bdxODtrbyRmlGXnJ3GJ8k4NDU
twzwGZIaU5LE8DoXhxvA0vDe9er5KFFH0JmHZNAzQCOPrRYVHgYpJtAvl3y6/qpY
R8z1WCsjUKtrtS5hRl2sjf0v1XcnQ/4oGHg8smLNCMJOQucoSXF7+8LnqMhTKzKO
8CDKU5MUA9S7tvkIel5YaIqYH81PB5ZPIiuE9IB2eZl83C+cfEVRIrE=
-----END CERTIFICATE-----
Generated at Mon Nov 25 03:29:12 2024 by rpki-client on console-ams.rpki-client.org