Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135362e36372e3132372e302f32342d3234203d3e20313336373837.roa
File: 3135362e36372e3132372e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: 8YECNGaWqHSWvRpT/1VoStx7fOK4C8ZZKsoD2dBj0mI=
Subject key identifier: D2:88:F9:A1:3E:5A:97:91:9E:30:BC:0D:25:FD:B3:94:20:E1:C0:CA
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 0C45727C62B3BCE7219F22431AF4116BC38D7DDB
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135362e36372e3132372e302f32342d3234203d3e20313336373837.roa
Signing time: Sun 26 Nov 2023 19:49:57 +0000
ROA not before: Sun 26 Nov 2023 19:44:57 +0000
ROA not after: Sun 24 Nov 2024 19:49:57 +0000
asID: 136787
IP address blocks: 156.67.127.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 May 2024 16:54:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0c:45:72:7c:62:b3:bc:e7:21:9f:22:43:1a:f4:11:6b:c3:8d:7d:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Nov 26 19:44:57 2023 GMT
Not After : Nov 24 19:49:57 2024 GMT
Subject: CN=D288F9A13E5A97919E30BC0D25FDB39420E1C0CA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f8:4a:af:00:49:ac:00:c5:30:ee:7f:e6:38:c8:
8d:72:3f:04:04:90:ac:3d:ca:42:b4:f3:eb:6e:ee:
92:58:75:c8:3f:c4:88:cf:6b:0c:5b:28:22:c4:00:
df:fd:e3:51:a9:cd:96:21:42:8b:b0:72:2f:7a:78:
b1:bc:9e:8d:49:c2:b0:db:b9:3b:cb:8f:01:9c:fd:
b5:88:38:26:c6:06:8c:65:14:eb:bd:cb:af:15:2d:
3e:30:ff:f8:bf:5b:4d:1f:22:a4:1c:cd:98:40:33:
2b:d6:1c:0b:31:b4:87:1d:88:9e:b5:f4:c3:0e:19:
a0:75:0d:2c:5d:e8:26:78:85:d0:c8:da:65:54:00:
3a:68:9e:d5:b0:a9:14:db:74:7e:49:c3:40:9e:15:
be:ce:a4:61:30:57:bd:e5:f8:8a:32:bf:9b:6b:60:
ea:75:d9:3e:b5:fe:b0:aa:d0:4b:8f:43:a9:05:4f:
e9:7a:a3:59:05:76:fc:69:b2:34:ae:af:c9:92:a6:
bd:5a:68:40:a9:3f:1d:85:e9:69:84:9c:7f:d9:d0:
c5:86:eb:ed:11:bc:b4:a6:24:70:1b:3f:71:7b:58:
35:da:c1:f8:99:5b:30:b7:0c:30:8c:14:2a:20:3a:
71:b9:07:ad:6a:ac:73:9f:d6:6a:3a:c1:46:47:f4:
c4:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:88:F9:A1:3E:5A:97:91:9E:30:BC:0D:25:FD:B3:94:20:E1:C0:CA
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135362e36372e3132372e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
156.67.127.0/24
Signature Algorithm: sha256WithRSAEncryption
98:e3:b7:ad:f4:69:f1:2a:70:14:16:6d:ff:d6:64:e5:1a:c0:
30:78:7e:8f:6d:8e:c5:37:90:fa:91:e7:d1:30:53:24:10:c2:
5b:0b:5b:ac:3c:db:26:a0:29:b5:35:92:ad:52:5c:4a:01:25:
46:8d:7a:9c:35:bd:ed:49:dd:b3:df:0b:1c:70:b2:f9:2f:1d:
b9:c7:6f:a8:d6:7a:85:f1:bb:7b:de:78:26:c9:29:cc:bb:71:
b8:46:1b:87:42:6f:ea:3a:f5:22:58:aa:ee:95:39:56:c9:b2:
7c:20:15:67:3f:9c:b0:05:84:11:09:72:06:78:8d:68:5b:68:
7d:20:2a:67:d3:27:2b:0c:86:d6:aa:8d:ed:0a:e3:72:0a:47:
8d:52:5c:06:bf:ac:93:fa:15:8b:2b:69:6f:3a:64:e5:05:3f:
c9:df:27:38:4d:61:2f:41:3d:75:65:e4:fa:7b:5d:e3:3f:78:
f2:c9:89:cf:a3:73:9d:18:48:53:77:b5:7b:2a:f5:73:19:43:
6f:8b:b7:24:85:c5:12:5e:70:a5:8b:f7:77:5c:31:75:ae:fd:
ed:da:c0:66:c1:d0:cd:1f:5c:a6:2f:cb:4c:c5:08:28:65:2a:
fb:51:25:b6:8a:ea:f8:49:6c:23:05:35:af:7f:24:77:1b:4e:
51:11:04:78
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUDEVyfGKzvOchnyJDGvQRa8ONfdswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yMzExMjYxOTQ0NTdaFw0yNDExMjQxOTQ5NTdaMDMxMTAvBgNV
BAMTKEQyODhGOUExM0U1QTk3OTE5RTMwQkMwRDI1RkRCMzk0MjBFMUMwQ0EwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD4Sq8ASawAxTDuf+Y4yI1yPwQE
kKw9ykK08+tu7pJYdcg/xIjPawxbKCLEAN/941GpzZYhQouwci96eLG8no1JwrDb
uTvLjwGc/bWIOCbGBoxlFOu9y68VLT4w//i/W00fIqQczZhAMyvWHAsxtIcdiJ61
9MMOGaB1DSxd6CZ4hdDI2mVUADpontWwqRTbdH5Jw0CeFb7OpGEwV73l+Ioyv5tr
YOp12T61/rCq0EuPQ6kFT+l6o1kFdvxpsjSur8mSpr1aaECpPx2F6WmEnH/Z0MWG
6+0RvLSmJHAbP3F7WDXawfiZWzC3DDCMFCogOnG5B61qrHOf1mo6wUZH9MTtAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU0oj5oT5al5GeMLwNJf2zlCDhwMowHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNTM2MmUzNjM3MmUzMTMy
MzcyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACcQ38wDQYJKoZIhvcNAQELBQADggEBAJjjt630afEqcBQWbf/WZOUawDB4fo9t
jsU3kPqR59EwUyQQwlsLW6w82yagKbU1kq1SXEoBJUaNepw1ve1J3bPfCxxwsvkv
HbnHb6jWeoXxu3veeCbJKcy7cbhGG4dCb+o69SJYqu6VOVbJsnwgFWc/nLAFhBEJ
cgZ4jWhbaH0gKmfTJysMhtaqje0K43IKR41SXAa/rJP6FYsraW86ZOUFP8nfJzhN
YS9BPXVl5Pp7XeM/ePLJic+jc50YSFN3tXsq9XMZQ2+LtySFxRJecKWL93dcMXWu
/e3awGbB0M0fXKYvy0zFCChlKvtRJbaK6vhJbCMFNa9/JHcbTlERBHg=
-----END CERTIFICATE-----
Generated at Wed May 8 20:21:25 2024 by rpki-client on console-fra.rpki-client.org