Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135362e36372e38352e302f32342d3234203d3e20313336373837.roa
File: 3135362e36372e38352e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: fHYdSD0WqMmcw+y6AO2rmTyCJO8d+XLpAb2t1b1TzDw=
Subject key identifier: 0E:CB:71:E1:77:C3:74:52:0C:AD:EB:80:8B:02:6D:DB:82:BF:DF:51
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 5CBFCCBACC008527D4CF36F7DCA379E1639482B0
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135362e36372e38352e302f32342d3234203d3e20313336373837.roa
Signing time: Fri 23 Aug 2024 14:49:03 +0000
ROA not before: Fri 23 Aug 2024 14:44:03 +0000
ROA not after: Fri 22 Aug 2025 14:49:03 +0000
asID: 136787
IP address blocks: 156.67.85.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 13:21:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5c:bf:cc:ba:cc:00:85:27:d4:cf:36:f7:dc:a3:79:e1:63:94:82:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Aug 23 14:44:03 2024 GMT
Not After : Aug 22 14:49:03 2025 GMT
Subject: CN=0ECB71E177C374520CADEB808B026DDB82BFDF51
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:b1:fe:1c:20:72:57:35:9a:01:4b:50:7f:f5:
93:ea:b4:c0:a6:14:47:d4:66:24:30:92:ed:e9:09:
f8:14:c4:18:88:b8:39:45:5e:75:9c:09:d0:7a:f8:
a7:61:7d:d3:db:c1:d8:53:fa:28:3f:d2:80:4f:e1:
e4:4d:2f:2e:81:c6:8c:57:a9:47:b4:fb:db:03:8b:
89:46:66:cd:b2:f9:8c:2f:0b:2d:10:43:cd:ab:49:
be:00:bc:3c:41:f6:af:2e:1d:6b:c5:ef:e3:57:5e:
5b:ee:25:ca:22:9c:a6:8c:af:5f:dc:8d:53:ff:1f:
11:b9:07:d3:f4:4c:e4:f3:9e:ed:7f:4a:a5:9d:c5:
de:b5:17:45:ed:df:da:44:d9:17:ba:34:65:4b:55:
85:48:2c:8e:0e:66:16:7a:04:b7:97:68:57:ab:42:
8b:fc:d5:02:ce:d1:cb:a7:70:40:54:9a:55:92:5e:
33:3b:31:e3:41:e4:00:a3:bb:7e:58:ef:84:9e:61:
1a:ec:06:49:bb:78:bd:99:62:68:61:d8:37:ba:ce:
26:d2:f1:05:17:7d:6c:33:e8:af:dd:17:34:d8:82:
e0:2b:09:68:6f:28:7d:01:42:13:c3:e8:ea:56:c5:
af:95:d4:35:2d:ba:a5:05:87:80:68:00:56:9d:7f:
d9:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:CB:71:E1:77:C3:74:52:0C:AD:EB:80:8B:02:6D:DB:82:BF:DF:51
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135362e36372e38352e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
156.67.85.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:cf:49:49:c6:fa:07:84:d3:26:fb:68:ba:4e:20:b4:4e:a3:
d3:45:84:af:74:d3:a9:8e:ec:f5:9f:b5:e5:35:d2:0c:6c:9d:
56:d8:ee:48:bf:f1:da:fe:18:7d:0f:d7:58:bf:0c:eb:27:e9:
84:70:c8:19:ff:57:b1:93:c8:ae:14:97:62:f8:c0:e2:41:02:
ae:68:3e:bb:2c:4c:45:11:33:99:fa:bc:de:fc:fd:a6:f4:40:
db:d7:87:88:12:aa:af:ca:25:8a:67:33:87:91:96:e9:18:67:
2d:74:01:61:75:2a:40:3c:01:51:c0:38:95:72:24:d5:07:d3:
27:58:9d:f9:c7:39:99:aa:fe:48:74:6a:c0:00:bd:ab:de:99:
ee:51:ac:f1:b9:b8:09:59:d4:82:b7:87:1b:6d:37:91:b5:42:
6c:c9:c8:93:4c:b4:8f:4c:c4:ab:d1:55:16:8e:49:77:7a:ad:
c6:cc:ae:ca:b9:b2:56:c9:c6:31:46:26:42:ab:fc:75:94:2e:
09:06:6e:82:5d:df:f7:3a:50:e6:b6:f4:f5:32:1d:9e:3f:c6:
e3:71:e8:60:79:71:b3:e8:c7:3d:62:6a:ad:79:84:c5:dc:2f:
5b:bf:ea:04:15:ad:da:64:22:45:eb:17:3c:ca:8e:9f:90:f1:
c8:f0:2a:ff
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUXL/MuswAhSfUzzb33KN54WOUgrAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDA4MjMxNDQ0MDNaFw0yNTA4MjIxNDQ5MDNaMDMxMTAvBgNV
BAMTKDBFQ0I3MUUxNzdDMzc0NTIwQ0FERUI4MDhCMDI2RERCODJCRkRGNTEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDHsf4cIHJXNZoBS1B/9ZPqtMCm
FEfUZiQwku3pCfgUxBiIuDlFXnWcCdB6+KdhfdPbwdhT+ig/0oBP4eRNLy6BxoxX
qUe0+9sDi4lGZs2y+YwvCy0QQ82rSb4AvDxB9q8uHWvF7+NXXlvuJcoinKaMr1/c
jVP/HxG5B9P0TOTznu1/SqWdxd61F0Xt39pE2Re6NGVLVYVILI4OZhZ6BLeXaFer
Qov81QLO0cuncEBUmlWSXjM7MeNB5ACju35Y74SeYRrsBkm7eL2ZYmhh2De6zibS
8QUXfWwz6K/dFzTYguArCWhvKH0BQhPD6OpWxa+V1DUtuqUFh4BoAFadf9kfAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUDstx4XfDdFIMreuAiwJt24K/31EwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNTM2MmUzNjM3MmUzODM1
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzMzM2MzczODM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
nENVMA0GCSqGSIb3DQEBCwUAA4IBAQB/z0lJxvoHhNMm+2i6TiC0TqPTRYSvdNOp
juz1n7XlNdIMbJ1W2O5Iv/Ha/hh9D9dYvwzrJ+mEcMgZ/1exk8iuFJdi+MDiQQKu
aD67LExFETOZ+rze/P2m9EDb14eIEqqvyiWKZzOHkZbpGGctdAFhdSpAPAFRwDiV
ciTVB9MnWJ35xzmZqv5IdGrAAL2r3pnuUazxubgJWdSCt4cbbTeRtUJsyciTTLSP
TMSr0VUWjkl3eq3GzK7KubJWycYxRiZCq/x1lC4JBm6CXd/3OlDmtvT1Mh2eP8bj
cehgeXGz6Mc9YmqteYTF3C9bv+oEFa3aZCJF6xc8yo6fkPHI8Cr/
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:29:37 2025 by rpki-client