Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135362e36372e3132352e302f32342d3234203d3e20313336373837.roa
File: 3135362e36372e3132352e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: kqyRwJ00VP6DSZxjWgzCU1SRtUF5hlbrqGiPKXZL07g=
Subject key identifier: AA:C2:AA:4F:C8:8B:18:CB:DB:0B:E6:EF:77:4F:3C:2A:D5:5E:2A:79
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 604321DB9998D291A6D7F6EBAF249B928021D019
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135362e36372e3132352e302f32342d3234203d3e20313336373837.roa
Signing time: Mon 26 Feb 2024 08:53:27 +0000
ROA not before: Mon 26 Feb 2024 08:48:27 +0000
ROA not after: Mon 24 Feb 2025 08:53:27 +0000
asID: 136787
IP address blocks: 156.67.125.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 08 May 2024 14:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
60:43:21:db:99:98:d2:91:a6:d7:f6:eb:af:24:9b:92:80:21:d0:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Feb 26 08:48:27 2024 GMT
Not After : Feb 24 08:53:27 2025 GMT
Subject: CN=AAC2AA4FC88B18CBDB0BE6EF774F3C2AD55E2A79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:26:56:d5:37:53:01:a2:16:17:be:f5:e1:29:
6e:09:d4:3d:c2:a9:2b:a5:68:b1:4e:66:b7:3f:52:
bd:45:87:8c:2d:50:f2:87:7c:2a:2b:14:2e:25:85:
0e:41:4c:c7:b1:26:65:10:48:42:74:e6:7a:76:d9:
88:d6:86:c0:0e:96:4a:42:26:1a:d4:53:66:e6:e9:
dc:e0:8d:9b:3a:7a:0a:6a:a2:23:62:bc:e6:11:8b:
8e:3f:13:f2:e0:a4:0a:bc:3b:47:20:03:bb:3c:b5:
1e:6e:e6:77:b2:26:23:64:d0:7f:a7:88:34:80:15:
b1:b5:79:1b:35:47:ee:9c:b2:24:cc:fb:ed:da:25:
19:37:4c:e3:18:54:42:71:26:83:a9:44:3d:05:4f:
d3:9f:67:fd:3f:0b:d1:17:6b:f2:4a:c0:c4:37:30:
d7:41:9f:e5:e1:f9:6d:af:b7:03:cf:ca:33:36:b0:
b9:03:69:22:1e:b1:bc:9f:8a:b5:01:3c:7f:8e:7f:
ca:32:b5:76:87:f6:e6:76:08:b6:d3:03:19:bf:ef:
cc:12:7b:39:f1:75:dd:93:96:3b:bf:f3:1d:ee:63:
54:2c:2c:7d:c0:f2:04:5e:02:30:a1:d1:75:11:b5:
f6:19:75:91:03:6c:e5:20:f6:9f:67:97:bb:3d:6c:
9b:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:C2:AA:4F:C8:8B:18:CB:DB:0B:E6:EF:77:4F:3C:2A:D5:5E:2A:79
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135362e36372e3132352e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
156.67.125.0/24
Signature Algorithm: sha256WithRSAEncryption
82:4e:d1:7a:90:f1:3c:35:7f:90:e9:df:a8:3c:2d:35:97:37:
cf:6f:cb:61:8f:29:0d:2f:e0:cf:0a:f4:5f:61:d7:f0:f4:c9:
89:28:f0:76:42:5e:d3:9e:69:af:2e:e4:8d:b1:b0:2f:1e:d7:
ef:29:b1:e9:a2:d5:4a:db:42:6f:2c:66:52:02:f5:59:d1:5a:
06:b9:5e:8c:7a:36:ca:b5:c2:77:79:9d:db:fd:52:35:ae:6b:
e2:77:7c:c2:83:26:ac:41:6e:5f:fd:cb:e2:c3:b5:a0:8b:48:
ba:57:ad:cf:80:f8:36:85:3a:a9:5e:4d:28:88:dc:18:4a:4a:
ee:1b:02:81:e8:2e:9e:cd:5f:31:b0:fc:01:59:04:52:c8:12:
8a:6d:b5:f2:fb:fc:91:05:9b:01:0e:5e:96:4a:ce:d4:2e:1e:
e4:5f:e7:35:68:a3:af:3e:10:22:9d:11:53:ec:d3:92:43:10:
6b:dc:47:87:9a:63:e3:8a:fd:a4:72:9d:90:a8:2f:c0:9c:24:
0a:c6:e8:a4:f2:c9:df:a0:e1:d0:fe:17:fa:67:14:3b:aa:69:
6e:81:93:64:3a:13:35:8b:2b:f6:06:7b:39:f4:bf:0e:8f:23:
ea:f6:df:42:d9:84:d7:49:af:bd:95:a9:0b:fb:0b:c4:4b:54:
16:72:7c:de
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUYEMh25mY0pGm1/brrySbkoAh0BkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDAyMjYwODQ4MjdaFw0yNTAyMjQwODUzMjdaMDMxMTAvBgNV
BAMTKEFBQzJBQTRGQzg4QjE4Q0JEQjBCRTZFRjc3NEYzQzJBRDU1RTJBNzkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDRJlbVN1MBohYXvvXhKW4J1D3C
qSulaLFOZrc/Ur1Fh4wtUPKHfCorFC4lhQ5BTMexJmUQSEJ05np22YjWhsAOlkpC
JhrUU2bm6dzgjZs6egpqoiNivOYRi44/E/LgpAq8O0cgA7s8tR5u5neyJiNk0H+n
iDSAFbG1eRs1R+6csiTM++3aJRk3TOMYVEJxJoOpRD0FT9OfZ/0/C9EXa/JKwMQ3
MNdBn+Xh+W2vtwPPyjM2sLkDaSIesbyfirUBPH+Of8oytXaH9uZ2CLbTAxm/78wS
eznxdd2Tlju/8x3uY1QsLH3A8gReAjCh0XURtfYZdZEDbOUg9p9nl7s9bJtRAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUqsKqT8iLGMvbC+bvd088KtVeKnkwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNTM2MmUzNjM3MmUzMTMy
MzUyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACcQ30wDQYJKoZIhvcNAQELBQADggEBAIJO0XqQ8Tw1f5Dp36g8LTWXN89vy2GP
KQ0v4M8K9F9h1/D0yYko8HZCXtOeaa8u5I2xsC8e1+8psemi1UrbQm8sZlIC9VnR
Wga5Xox6Nsq1wnd5ndv9UjWua+J3fMKDJqxBbl/9y+LDtaCLSLpXrc+A+DaFOqle
TSiI3BhKSu4bAoHoLp7NXzGw/AFZBFLIEopttfL7/JEFmwEOXpZKztQuHuRf5zVo
o68+ECKdEVPs05JDEGvcR4eaY+OK/aRynZCoL8CcJArG6KTyyd+g4dD+F/pnFDuq
aW6Bk2Q6EzWLK/YGezn0vw6PI+r230LZhNdJr72VqQv7C8RLVBZyfN4=
-----END CERTIFICATE-----
Generated at Tue May 7 21:04:27 2024 by rpki-client on console-fra.rpki-client.org