Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135362e36372e3132322e302f32342d3234203d3e20313336373837.roa
File: 3135362e36372e3132322e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: j3kDxojKyzk+mnMqROdYqBggF9V61d+S9F+z872MPEA=
Subject key identifier: D7:3C:14:C7:32:F9:23:53:67:1A:C7:D1:E3:71:7F:7B:D1:65:BB:3B
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 69282CC2E5777ECD0F7AD55840F40B5E36C16A7A
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135362e36372e3132322e302f32342d3234203d3e20313336373837.roa
Signing time: Sat 02 Mar 2024 21:54:18 +0000
ROA not before: Sat 02 Mar 2024 21:49:18 +0000
ROA not after: Sat 01 Mar 2025 21:54:18 +0000
asID: 136787
IP address blocks: 156.67.122.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
69:28:2c:c2:e5:77:7e:cd:0f:7a:d5:58:40:f4:0b:5e:36:c1:6a:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Mar 2 21:49:18 2024 GMT
Not After : Mar 1 21:54:18 2025 GMT
Subject: CN=D73C14C732F92353671AC7D1E3717F7BD165BB3B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:01:05:a3:67:aa:67:dd:83:78:fb:9d:55:53:
78:36:32:c0:aa:48:37:c3:ed:15:d1:9a:74:ae:7d:
15:f4:46:92:9a:88:89:e7:29:a5:f3:36:16:f7:14:
ec:c4:91:77:c3:86:89:4c:e1:e3:11:7d:f0:13:40:
25:1a:b7:8d:ee:f1:19:10:1c:8a:1c:23:b9:34:73:
08:bf:cd:36:00:02:86:f4:46:ab:9e:e8:12:1e:7c:
56:c1:6d:a2:b9:36:3e:7b:9e:6e:dc:0e:50:dd:d8:
5f:ac:5c:b9:05:a0:7a:7e:da:2c:95:e9:db:ab:7b:
00:e5:c5:d1:29:14:23:ee:5e:c8:84:c3:63:c7:c7:
64:e4:24:e3:91:0c:63:cb:b2:16:27:06:09:90:33:
d2:6e:20:9e:a3:d3:80:9d:d6:95:e9:41:b2:b4:db:
d3:f6:71:f7:36:6a:60:46:59:3e:c4:16:60:63:ff:
6e:5f:a7:69:74:b4:b2:23:7c:15:38:f0:f1:1a:86:
7e:ff:63:e7:14:a5:1f:d0:51:43:14:cd:f2:7b:f0:
ea:46:b2:3b:49:31:10:4c:bf:99:14:d1:30:93:a3:
6f:7f:66:91:0b:79:53:f0:e3:3a:5f:3c:a0:67:2e:
7e:55:48:fa:23:00:b5:15:15:27:f8:c7:70:45:dd:
e1:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:3C:14:C7:32:F9:23:53:67:1A:C7:D1:E3:71:7F:7B:D1:65:BB:3B
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135362e36372e3132322e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
156.67.122.0/24
Signature Algorithm: sha256WithRSAEncryption
7c:8d:29:9a:12:9e:2e:e4:42:72:8a:b7:b8:08:57:a6:54:0f:
c5:87:00:95:a3:71:78:dc:0f:2f:2b:f7:db:80:55:6b:b7:ec:
07:0c:c2:5f:fc:3e:47:17:62:35:1d:d9:59:17:24:1b:55:91:
7d:27:36:e3:5e:a7:f6:53:51:4d:86:78:61:72:e4:26:2c:dc:
7e:4a:2d:31:0d:09:9d:b8:d6:75:df:59:23:db:22:70:b3:d5:
2b:4a:21:5f:e3:53:50:e8:9d:19:ea:7a:45:fd:8b:5c:28:e3:
bb:4d:ff:fd:b0:d8:1e:ce:3d:12:eb:c0:61:01:b1:36:3f:f6:
42:a9:49:68:ab:79:fa:c2:f6:c1:8c:73:31:b5:50:69:fd:64:
a2:8e:53:56:62:41:7b:39:76:79:26:fb:6a:24:6d:49:66:f8:
3b:0c:ba:da:c6:e8:63:b4:28:6b:d8:bf:a2:42:40:16:a5:79:
fa:54:9d:ec:5e:31:65:ea:cf:14:35:8c:ba:17:25:21:42:39:
45:83:c1:8e:31:0c:b0:10:cb:a4:9a:8f:a4:97:53:ad:cd:35:
5c:1f:f0:80:71:11:ad:62:25:a0:92:63:a1:d4:9e:15:9f:80:
6f:ca:3d:bd:ae:7a:9e:79:f9:77:88:e9:25:cd:86:a6:b3:16:
cf:a5:9b:ca
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUaSgswuV3fs0PetVYQPQLXjbBanowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDAzMDIyMTQ5MThaFw0yNTAzMDEyMTU0MThaMDMxMTAvBgNV
BAMTKEQ3M0MxNEM3MzJGOTIzNTM2NzFBQzdEMUUzNzE3RjdCRDE2NUJCM0IwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCbAQWjZ6pn3YN4+51VU3g2MsCq
SDfD7RXRmnSufRX0RpKaiInnKaXzNhb3FOzEkXfDholM4eMRffATQCUat43u8RkQ
HIocI7k0cwi/zTYAAob0Rque6BIefFbBbaK5Nj57nm7cDlDd2F+sXLkFoHp+2iyV
6durewDlxdEpFCPuXsiEw2PHx2TkJOORDGPLshYnBgmQM9JuIJ6j04Cd1pXpQbK0
29P2cfc2amBGWT7EFmBj/25fp2l0tLIjfBU48PEahn7/Y+cUpR/QUUMUzfJ78OpG
sjtJMRBMv5kU0TCTo29/ZpELeVPw4zpfPKBnLn5VSPojALUVFSf4x3BF3eFrAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU1zwUxzL5I1NnGsfR43F/e9FluzswHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNTM2MmUzNjM3MmUzMTMy
MzIyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACcQ3owDQYJKoZIhvcNAQELBQADggEBAHyNKZoSni7kQnKKt7gIV6ZUD8WHAJWj
cXjcDy8r99uAVWu37AcMwl/8PkcXYjUd2VkXJBtVkX0nNuNep/ZTUU2GeGFy5CYs
3H5KLTENCZ241nXfWSPbInCz1StKIV/jU1DonRnqekX9i1wo47tN//2w2B7OPRLr
wGEBsTY/9kKpSWirefrC9sGMczG1UGn9ZKKOU1ZiQXs5dnkm+2okbUlm+DsMutrG
6GO0KGvYv6JCQBalefpUnexeMWXqzxQ1jLoXJSFCOUWDwY4xDLAQy6Saj6SXU63N
NVwf8IBxEa1iJaCSY6HUnhWfgG/KPb2uep55+XeI6SXNhqazFs+lm8o=
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:15:44 2024 by rpki-client on console-ams.rpki-client.org