Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135362e36372e32342e302f32312d3332203d3e203531313637.roa
File: 3135362e36372e32342e302f32312d3332203d3e203531313637.roa (raw, json)
Hash identifier: E3EFZcNW6JDGcGqPnOSGAy5haLMcQqVuemi7emzREf4=
Subject key identifier: E2:6A:79:79:76:3D:6D:74:F6:F6:81:8F:F0:76:8F:8D:2C:0B:09:94
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 42F396D681E44CB353BB80A6A8E4DFF460623B9B
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135362e36372e32342e302f32312d3332203d3e203531313637.roa
Signing time: Tue 09 Apr 2024 07:25:58 +0000
ROA not before: Tue 09 Apr 2024 07:20:58 +0000
ROA not after: Tue 08 Apr 2025 07:25:58 +0000
asID: 51167
IP address blocks: 156.67.24.0/21 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
42:f3:96:d6:81:e4:4c:b3:53:bb:80:a6:a8:e4:df:f4:60:62:3b:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Apr 9 07:20:58 2024 GMT
Not After : Apr 8 07:25:58 2025 GMT
Subject: CN=E26A7979763D6D74F6F6818FF0768F8D2C0B0994
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:28:14:2c:68:9a:19:0a:d2:ee:f0:5a:04:e3:
8f:a0:37:ec:42:b0:b9:a7:31:fa:50:4e:66:61:5d:
d1:c3:87:11:0f:3c:23:22:13:d8:8b:e7:8b:59:85:
5f:32:d9:a2:8b:98:64:76:3c:90:b7:82:cb:6f:26:
ec:20:f9:33:25:72:33:2e:17:d5:19:21:63:33:01:
33:9b:43:ae:65:6c:db:c8:71:46:23:9c:a8:27:18:
2e:e7:d3:7b:cb:78:d3:56:02:67:eb:08:57:43:00:
7f:ff:9a:63:2b:e5:d5:e2:3f:d6:12:e1:21:73:8e:
6f:fa:82:03:bb:d8:c5:3f:01:56:cb:5b:dd:d4:e9:
8d:7c:15:71:06:19:8c:3f:9e:14:51:57:88:08:1a:
93:47:ea:79:bc:39:ba:83:03:fc:1b:8a:aa:af:cd:
c9:e2:2d:3d:c1:4b:bf:91:42:13:bc:e6:07:77:f8:
de:47:8d:74:60:df:07:30:80:16:e7:e7:4b:86:21:
23:63:da:92:b6:69:c2:b1:e3:55:d2:13:62:ad:7a:
5e:f8:56:e3:88:1f:71:84:f7:9d:89:3c:68:33:75:
58:ef:9b:2b:08:11:e7:be:4e:43:e7:92:0f:1c:36:
05:25:d8:ee:75:91:68:8f:47:88:4e:69:ec:1d:c6:
c6:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:6A:79:79:76:3D:6D:74:F6:F6:81:8F:F0:76:8F:8D:2C:0B:09:94
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135362e36372e32342e302f32312d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
156.67.24.0/21
Signature Algorithm: sha256WithRSAEncryption
50:52:67:ff:8e:ac:f4:2a:1e:01:47:d4:be:7e:2f:dd:a1:7b:
a7:32:80:7b:ae:d8:45:37:d9:b4:90:fc:9e:00:78:fe:1c:39:
20:4e:fd:9a:95:71:97:6e:c7:de:7a:77:a7:19:75:a7:90:ba:
e6:74:81:88:f6:b1:ee:55:73:04:e2:d0:f0:64:f9:b9:aa:7f:
7e:fc:51:ab:03:46:19:da:b2:db:c5:a3:32:71:48:1b:86:7e:
06:77:37:94:50:b7:2b:8e:e0:e6:bf:a1:4d:b5:bb:56:b5:00:
05:e9:6f:47:2e:e3:ab:bb:65:17:b4:f3:f8:cb:87:86:7f:23:
3a:b3:1e:76:77:b7:4d:35:8f:bc:84:4b:4c:84:2a:aa:f7:70:
d4:d6:6c:01:ac:b9:f5:20:50:84:95:fc:79:71:51:b5:3f:ef:
92:19:0d:4f:cf:85:dd:25:bc:04:76:81:57:2c:c5:f7:fc:9b:
36:66:dc:3b:ad:2f:14:dc:f8:46:b2:8e:ee:f3:09:09:6d:3f:
97:2b:1f:e0:e1:40:48:fc:27:36:64:e2:08:44:e9:70:ca:3d:
9a:8f:1c:df:53:1a:4e:b7:4d:11:ba:02:5e:14:dd:83:36:0d:
a8:7a:bd:77:a0:d3:b1:5e:9a:e4:1c:aa:42:49:f9:d5:01:d2:
64:2b:10:a2
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIUQvOW1oHkTLNTu4CmqOTf9GBiO5swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDA0MDkwNzIwNThaFw0yNTA0MDgwNzI1NThaMDMxMTAvBgNV
BAMTKEUyNkE3OTc5NzYzRDZENzRGNkY2ODE4RkYwNzY4RjhEMkMwQjA5OTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/KBQsaJoZCtLu8FoE44+gN+xC
sLmnMfpQTmZhXdHDhxEPPCMiE9iL54tZhV8y2aKLmGR2PJC3gstvJuwg+TMlcjMu
F9UZIWMzATObQ65lbNvIcUYjnKgnGC7n03vLeNNWAmfrCFdDAH//mmMr5dXiP9YS
4SFzjm/6ggO72MU/AVbLW93U6Y18FXEGGYw/nhRRV4gIGpNH6nm8ObqDA/wbiqqv
zcniLT3BS7+RQhO85gd3+N5HjXRg3wcwgBbn50uGISNj2pK2acKx41XSE2Ktel74
VuOIH3GE952JPGgzdVjvmysIEee+TkPnkg8cNgUl2O51kWiPR4hOaewdxsa5AgMB
AAGjggI7MIICNzAdBgNVHQ4EFgQU4mp5eXY9bXT29oGP8HaPjSwLCZQwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgasGCCsGAQUFBwELBIGeMIGbMIGYBggrBgEFBQcwC4aBi3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNTM2MmUzNjM3MmUzMjM0
MmUzMDJmMzIzMTJkMzMzMjIwM2QzZTIwMzUzMTMxMzYzNy5yb2EwGAYDVR0gAQH/
BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA5xD
GDANBgkqhkiG9w0BAQsFAAOCAQEAUFJn/46s9CoeAUfUvn4v3aF7pzKAe67YRTfZ
tJD8ngB4/hw5IE79mpVxl27H3np3pxl1p5C65nSBiPax7lVzBOLQ8GT5uap/fvxR
qwNGGdqy28WjMnFIG4Z+Bnc3lFC3K47g5r+hTbW7VrUABelvRy7jq7tlF7Tz+MuH
hn8jOrMedne3TTWPvIRLTIQqqvdw1NZsAay59SBQhJX8eXFRtT/vkhkNT8+F3SW8
BHaBVyzF9/ybNmbcO60vFNz4RrKO7vMJCW0/lysf4OFASPwnNmTiCETpcMo9mo8c
31MaTrdNEboCXhTdgzYNqHq9d6DTsV6a5ByqQkn51QHSZCsQog==
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:15:44 2024 by rpki-client on console-ams.rpki-client.org