Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135362e36372e3132372e302f32342d3234203d3e20313336373837.roa
File: 3135362e36372e3132372e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: VZeOZY16snB2GfK00MkMqiLMbfRe1/wYUjiOdlbcwAM=
Subject key identifier: 68:FF:54:7D:DB:15:97:1A:5D:60:35:15:1A:DA:90:F8:94:B9:91:2F
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 15F2FEFE0410FD7E57BBDA7F8E74FD93DB79B34E
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135362e36372e3132372e302f32342d3234203d3e20313336373837.roa
Signing time: Sun 27 Oct 2024 20:05:20 +0000
ROA not before: Sun 27 Oct 2024 20:00:20 +0000
ROA not after: Sun 26 Oct 2025 20:05:20 +0000
asID: 136787
IP address blocks: 156.67.127.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 13:21:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
15:f2:fe:fe:04:10:fd:7e:57:bb:da:7f:8e:74:fd:93:db:79:b3:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Oct 27 20:00:20 2024 GMT
Not After : Oct 26 20:05:20 2025 GMT
Subject: CN=68FF547DDB15971A5D6035151ADA90F894B9912F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:1f:b2:8c:2e:8a:f8:37:8b:cf:1a:b8:dc:6f:
ea:cb:c3:33:1d:c7:b0:2b:41:36:09:e0:86:d1:9f:
de:6c:71:e6:81:b6:e6:e5:81:47:c2:81:a0:c0:44:
45:3b:16:a5:e6:9f:39:7d:e0:b0:7a:c4:64:f9:22:
c3:84:6f:35:9e:65:01:c5:0c:eb:1a:10:b2:80:27:
b4:cc:9e:39:47:62:67:5a:0e:bd:78:34:88:fa:15:
e1:87:83:8c:91:55:7b:3c:37:3f:c7:6c:db:0a:4b:
57:9d:66:4f:25:57:6a:c9:f6:0e:d7:29:d0:d9:9f:
76:4e:e1:29:b2:01:9d:e7:79:4c:f6:26:df:7e:91:
3f:e4:37:74:4f:5b:6c:66:a7:d4:b8:0d:da:e0:18:
2f:0d:11:9c:75:a0:cd:4c:27:72:79:33:22:a5:f2:
7f:da:3d:23:ad:6d:b9:df:d0:94:ce:5f:3e:1a:6d:
f1:70:22:7d:6c:c2:8c:68:cd:46:af:6d:61:f6:0a:
1d:94:b8:c3:b4:92:5b:37:0e:0b:11:de:1a:9e:17:
7c:48:86:cc:29:9c:b4:b2:00:e7:40:e3:15:a0:be:
41:5f:f4:68:61:c7:53:c0:c8:e3:99:51:77:63:31:
a5:77:c1:69:4b:69:75:51:b3:f9:b8:5a:a6:fa:d4:
43:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:FF:54:7D:DB:15:97:1A:5D:60:35:15:1A:DA:90:F8:94:B9:91:2F
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135362e36372e3132372e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
156.67.127.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:2c:3f:b9:17:41:a9:49:e8:2e:db:5e:66:24:3b:f8:f0:28:
73:cb:93:17:64:55:70:90:d8:b4:80:19:de:06:31:9f:84:5f:
2c:a0:53:8f:96:92:03:25:41:52:49:45:a3:aa:7c:c1:3a:53:
dc:03:d4:a2:64:c9:ec:fd:14:de:58:6e:62:ff:b4:2f:ba:06:
fa:e8:8b:0d:18:fe:dc:28:06:57:e5:55:7f:03:0d:56:e4:8d:
55:a9:0e:13:aa:c3:13:8e:89:99:10:11:61:32:e6:a3:d4:ef:
a1:8c:11:68:1c:08:48:50:84:c9:21:14:c5:90:1c:91:8c:fa:
a0:e1:6e:bb:d0:ca:74:a3:ba:79:45:a5:c1:63:03:68:f5:32:
de:5d:e0:5c:88:99:99:47:04:f5:22:d1:96:15:98:09:71:8f:
f7:a2:4a:68:ff:8b:c3:f9:4f:46:8c:c4:cc:a2:3c:d7:d0:41:
4d:85:8e:fd:7b:11:44:95:98:cb:49:58:b0:67:c2:e2:f5:e8:
cc:1e:c7:c7:ae:6e:56:5f:0f:84:ce:5a:35:69:b0:3a:d6:2d:
e5:ba:0b:6b:14:78:77:09:0d:c4:06:b6:e4:66:bd:c2:a4:63:
5c:e1:51:17:fe:5c:87:14:c2:42:30:3d:c9:07:88:c8:50:7d:
0d:48:fe:0c
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUFfL+/gQQ/X5Xu9p/jnT9k9t5s04wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDEwMjcyMDAwMjBaFw0yNTEwMjYyMDA1MjBaMDMxMTAvBgNV
BAMTKDY4RkY1NDdEREIxNTk3MUE1RDYwMzUxNTFBREE5MEY4OTRCOTkxMkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGH7KMLor4N4vPGrjcb+rLwzMd
x7ArQTYJ4IbRn95sceaBtublgUfCgaDAREU7FqXmnzl94LB6xGT5IsOEbzWeZQHF
DOsaELKAJ7TMnjlHYmdaDr14NIj6FeGHg4yRVXs8Nz/HbNsKS1edZk8lV2rJ9g7X
KdDZn3ZO4SmyAZ3neUz2Jt9+kT/kN3RPW2xmp9S4DdrgGC8NEZx1oM1MJ3J5MyKl
8n/aPSOtbbnf0JTOXz4abfFwIn1swoxozUavbWH2Ch2UuMO0kls3DgsR3hqeF3xI
hswpnLSyAOdA4xWgvkFf9Ghhx1PAyOOZUXdjMaV3wWlLaXVRs/m4Wqb61EOXAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUaP9UfdsVlxpdYDUVGtqQ+JS5kS8wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNTM2MmUzNjM3MmUzMTMy
MzcyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACcQ38wDQYJKoZIhvcNAQELBQADggEBADwsP7kXQalJ6C7bXmYkO/jwKHPLkxdk
VXCQ2LSAGd4GMZ+EXyygU4+WkgMlQVJJRaOqfME6U9wD1KJkyez9FN5YbmL/tC+6
Bvroiw0Y/twoBlflVX8DDVbkjVWpDhOqwxOOiZkQEWEy5qPU76GMEWgcCEhQhMkh
FMWQHJGM+qDhbrvQynSjunlFpcFjA2j1Mt5d4FyImZlHBPUi0ZYVmAlxj/eiSmj/
i8P5T0aMxMyiPNfQQU2Fjv17EUSVmMtJWLBnwuL16Mwex8eublZfD4TOWjVpsDrW
LeW6C2sUeHcJDcQGtuRmvcKkY1zhURf+XIcUwkIwPckHiMhQfQ1I/gw=
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:18:47 2025 by rpki-client