Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135362e36372e3132352e302f32342d3234203d3e20313336373837.roa
File: 3135362e36372e3132352e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: NY+GWo3FNLpkE2pyoTF8D+njZ5o0xxN0+8JcZ7O7Nxk=
Subject key identifier: AA:7C:F6:FE:C3:3B:DC:4A:DB:4A:57:6C:5F:72:0A:C5:3B:BA:FD:DA
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 06F37E15657E38172919D8F039F845C6DD9EACFE
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135362e36372e3132352e302f32342d3234203d3e20313336373837.roa
Signing time: Mon 27 Jan 2025 09:45:03 +0000
ROA not before: Mon 27 Jan 2025 09:40:03 +0000
ROA not after: Mon 26 Jan 2026 09:45:03 +0000
asID: 136787
IP address blocks: 156.67.125.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 13:21:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
06:f3:7e:15:65:7e:38:17:29:19:d8:f0:39:f8:45:c6:dd:9e:ac:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jan 27 09:40:03 2025 GMT
Not After : Jan 26 09:45:03 2026 GMT
Subject: CN=AA7CF6FEC33BDC4ADB4A576C5F720AC53BBAFDDA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:2c:70:87:d7:c0:e8:a0:cf:7b:63:e2:9e:c4:
1f:65:af:28:ac:ed:8b:c7:7a:6d:ae:e3:94:07:63:
f9:5f:3d:c5:f6:75:7b:ee:07:b6:08:3b:90:ae:7a:
aa:8e:c2:2f:ef:97:b2:c2:be:8e:71:62:33:99:79:
52:a1:2e:be:09:a2:71:a0:7b:0e:e1:97:9f:ac:3b:
9e:90:92:b9:6f:db:e5:06:3f:be:ff:3d:e3:83:d5:
c3:b0:03:d9:e7:bb:de:4c:22:4b:1c:2b:1f:df:d3:
04:3d:fc:5c:4c:cf:09:d5:c2:f2:dc:64:2f:2a:de:
99:59:70:b2:5a:7e:fb:04:06:da:b6:6b:02:c6:a0:
93:28:47:09:94:a7:7d:a2:af:70:0b:c0:cb:b3:4b:
94:ab:6d:17:0c:6f:7e:2d:f0:4a:8b:cd:33:3c:06:
60:80:72:5f:aa:96:73:e8:62:00:06:72:c9:73:50:
e8:d7:dc:4e:a0:f1:c7:25:4b:fb:11:eb:31:d6:30:
db:33:0a:af:7d:a5:23:55:9e:8d:c3:30:2a:70:e5:
f6:85:4d:ef:08:da:51:9d:22:95:f3:95:39:bc:c2:
d4:fb:12:0d:10:0c:a0:3f:dd:d4:a6:dc:a3:05:c6:
3a:e0:10:40:03:a1:72:aa:65:51:c3:d9:11:98:46:
52:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:7C:F6:FE:C3:3B:DC:4A:DB:4A:57:6C:5F:72:0A:C5:3B:BA:FD:DA
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135362e36372e3132352e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
156.67.125.0/24
Signature Algorithm: sha256WithRSAEncryption
29:06:59:0f:22:7f:fd:80:56:23:9a:94:a8:06:01:30:20:17:
ce:50:a8:13:d7:3f:4d:25:1b:0c:98:1e:a1:c6:ba:e2:6b:e7:
66:e3:2b:15:13:d9:63:f5:f1:6c:cf:1f:58:aa:e8:cf:3f:43:
e7:ff:fd:a1:13:bc:8d:6c:e4:0f:d1:a4:e6:52:a1:a4:b5:7f:
5d:96:9e:77:de:9e:21:dc:86:10:bd:17:08:20:65:c8:f1:25:
ea:11:c9:4e:70:26:6b:9d:d5:32:75:31:05:bf:2f:e1:b5:db:
a9:5b:93:6b:fe:63:e6:e5:56:1a:e0:69:9a:02:39:25:ec:8c:
73:7f:92:52:78:9a:cd:0e:8e:6e:9c:82:de:82:e5:c8:e7:9b:
d6:44:87:92:f4:76:d7:4e:f6:21:70:9f:52:0c:a9:da:d4:ad:
0f:c7:d9:c6:98:92:a2:cd:1a:25:2f:e5:58:1c:96:54:12:b8:
ba:91:d0:a3:19:86:f8:91:b3:03:19:ae:b8:de:da:90:fb:c4:
37:39:53:09:8b:10:9d:55:de:37:12:ea:4a:e9:2d:62:0f:71:
a2:d5:7b:fc:e1:ac:8a:ea:51:cf:33:a2:f8:97:57:59:98:3d:
0b:a3:d4:fc:9d:3c:96:3f:ef:57:5f:29:9b:6e:ec:69:ec:da:
ad:f8:2f:db
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUBvN+FWV+OBcpGdjwOfhFxt2erP4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTAxMjcwOTQwMDNaFw0yNjAxMjYwOTQ1MDNaMDMxMTAvBgNV
BAMTKEFBN0NGNkZFQzMzQkRDNEFEQjRBNTc2QzVGNzIwQUM1M0JCQUZEREEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC8LHCH18DooM97Y+KexB9lryis
7YvHem2u45QHY/lfPcX2dXvuB7YIO5CueqqOwi/vl7LCvo5xYjOZeVKhLr4JonGg
ew7hl5+sO56Qkrlv2+UGP77/PeOD1cOwA9nnu95MIkscKx/f0wQ9/FxMzwnVwvLc
ZC8q3plZcLJafvsEBtq2awLGoJMoRwmUp32ir3ALwMuzS5SrbRcMb34t8EqLzTM8
BmCAcl+qlnPoYgAGcslzUOjX3E6g8cclS/sR6zHWMNszCq99pSNVno3DMCpw5faF
Te8I2lGdIpXzlTm8wtT7Eg0QDKA/3dSm3KMFxjrgEEADoXKqZVHD2RGYRlIFAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUqnz2/sM73ErbSldsX3IKxTu6/dowHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNTM2MmUzNjM3MmUzMTMy
MzUyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACcQ30wDQYJKoZIhvcNAQELBQADggEBACkGWQ8if/2AViOalKgGATAgF85QqBPX
P00lGwyYHqHGuuJr52bjKxUT2WP18WzPH1iq6M8/Q+f//aETvI1s5A/RpOZSoaS1
f12WnnfeniHchhC9FwggZcjxJeoRyU5wJmud1TJ1MQW/L+G126lbk2v+Y+blVhrg
aZoCOSXsjHN/klJ4ms0Ojm6cgt6C5cjnm9ZEh5L0dtdO9iFwn1IMqdrUrQ/H2caY
kqLNGiUv5VgcllQSuLqR0KMZhviRswMZrrje2pD7xDc5UwmLEJ1V3jcS6krpLWIP
caLVe/zhrIrqUc8zoviXV1mYPQuj1PydPJY/71dfKZtu7Gns2q34L9s=
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:35:32 2025 by rpki-client