Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135362e36372e38362e302f32342d3234203d3e20313336373837.roa
File: 3135362e36372e38362e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: e9YNw5sbtz3XmUb81f0D0wokRJqfYeGTEpK2E0X4Lzo=
Subject key identifier: 2D:3D:A2:8E:9E:31:55:B8:ED:95:A7:76:00:91:99:08:EC:B4:BA:75
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 7D362766F18D1DA76BB4F1C3673040C7CA10E46F
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135362e36372e38362e302f32342d3234203d3e20313336373837.roa
Signing time: Sat 01 Feb 2025 22:45:38 +0000
ROA not before: Sat 01 Feb 2025 22:40:38 +0000
ROA not after: Sat 31 Jan 2026 22:45:38 +0000
asID: 136787
IP address blocks: 156.67.86.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 10:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7d:36:27:66:f1:8d:1d:a7:6b:b4:f1:c3:67:30:40:c7:ca:10:e4:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Feb 1 22:40:38 2025 GMT
Not After : Jan 31 22:45:38 2026 GMT
Subject: CN=2D3DA28E9E3155B8ED95A77600919908ECB4BA75
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:9d:7f:23:f2:ec:a8:25:33:95:bf:0a:31:ce:
a2:d0:41:e6:88:0d:b7:07:e3:1d:72:19:00:7a:e3:
c7:9c:25:0f:ee:7d:ad:5c:5e:81:3e:b3:08:ba:54:
a4:d5:52:b0:5e:a2:55:9f:a7:54:8c:8b:80:4f:c7:
4d:22:06:3c:45:63:79:90:3b:ea:75:f6:49:eb:2f:
17:5c:fd:ee:3f:e1:54:3a:b1:f9:0f:eb:2a:88:e3:
dd:fe:cd:48:29:1f:f6:18:f8:7f:fe:39:3e:3c:6a:
57:a7:aa:fd:bc:0d:7c:1e:50:d9:72:c5:ea:45:35:
f9:39:82:1c:ac:87:50:f1:38:56:43:55:05:b4:3c:
0f:48:59:f7:b5:fd:72:f8:12:10:71:79:ad:f5:8f:
b8:7c:01:f2:ca:df:b0:77:55:c7:8f:1d:19:9a:0e:
8c:70:d0:82:ed:9d:34:52:44:a8:78:33:3a:aa:3d:
ba:1c:a4:26:72:80:ac:3e:b7:fe:cb:75:6c:9c:ac:
36:57:b3:7c:34:c1:26:4f:b8:8f:ec:a7:50:d9:d4:
ff:63:af:ed:82:99:08:4b:58:bd:0a:9d:41:4c:9a:
fe:5e:42:8a:bd:cb:c7:64:21:74:dd:d8:23:99:fc:
aa:eb:12:0d:df:19:2a:33:e5:de:42:70:e3:cb:1b:
6c:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:3D:A2:8E:9E:31:55:B8:ED:95:A7:76:00:91:99:08:EC:B4:BA:75
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135362e36372e38362e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
156.67.86.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:7a:18:83:10:52:df:10:37:3f:b1:26:21:45:8a:3a:90:9c:
76:85:d3:7e:c3:c4:49:97:44:82:61:93:dc:2a:71:e2:9a:b6:
fb:4d:cc:22:5e:4a:cc:f8:19:45:30:1a:14:79:bb:51:8c:7e:
00:c2:91:4a:59:f7:b7:ef:01:98:18:fc:1f:9a:d1:a2:f8:a3:
07:f5:fd:c4:17:5f:87:69:fa:c9:c9:e2:45:13:42:93:46:81:
f7:25:78:db:41:66:1d:cb:e7:55:ee:dd:43:29:fb:e2:f2:5b:
d2:eb:97:7d:1e:f1:10:29:52:51:85:7c:78:73:9e:e4:b6:96:
eb:59:1b:52:16:5d:fd:05:a6:fa:f4:76:e9:29:09:87:d5:79:
a4:ae:c7:cc:10:e9:f2:c1:43:26:2d:6d:51:cb:d5:51:18:68:
3f:17:14:fa:4e:39:4c:db:28:4a:04:11:b0:4b:b1:5b:b6:ae:
e4:83:3d:d0:01:65:a4:72:d3:50:77:64:60:dc:ed:89:3b:b3:
d0:d7:df:0f:63:f1:e0:ac:70:16:0a:2f:b9:95:34:6b:1a:fe:
3e:91:de:3e:e8:44:4a:9c:e6:b4:1a:39:c5:c4:cb:f4:79:fd:
fb:91:8c:0d:e4:a3:5d:b9:f6:97:60:af:c6:55:64:fe:44:a9:
c4:cb:a5:e3
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUfTYnZvGNHadrtPHDZzBAx8oQ5G8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTAyMDEyMjQwMzhaFw0yNjAxMzEyMjQ1MzhaMDMxMTAvBgNV
BAMTKDJEM0RBMjhFOUUzMTU1QjhFRDk1QTc3NjAwOTE5OTA4RUNCNEJBNzUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6nX8j8uyoJTOVvwoxzqLQQeaI
DbcH4x1yGQB648ecJQ/ufa1cXoE+swi6VKTVUrBeolWfp1SMi4BPx00iBjxFY3mQ
O+p19knrLxdc/e4/4VQ6sfkP6yqI493+zUgpH/YY+H/+OT48alenqv28DXweUNly
xepFNfk5ghysh1DxOFZDVQW0PA9IWfe1/XL4EhBxea31j7h8AfLK37B3VcePHRma
Doxw0ILtnTRSRKh4MzqqPbocpCZygKw+t/7LdWycrDZXs3w0wSZPuI/sp1DZ1P9j
r+2CmQhLWL0KnUFMmv5eQoq9y8dkIXTd2COZ/KrrEg3fGSoz5d5CcOPLG2xDAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQULT2ijp4xVbjtlad2AJGZCOy0unUwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNTM2MmUzNjM3MmUzODM2
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzMzM2MzczODM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
nENWMA0GCSqGSIb3DQEBCwUAA4IBAQBuehiDEFLfEDc/sSYhRYo6kJx2hdN+w8RJ
l0SCYZPcKnHimrb7TcwiXkrM+BlFMBoUebtRjH4AwpFKWfe37wGYGPwfmtGi+KMH
9f3EF1+HafrJyeJFE0KTRoH3JXjbQWYdy+dV7t1DKfvi8lvS65d9HvEQKVJRhXx4
c57ktpbrWRtSFl39Bab69HbpKQmH1XmkrsfMEOnywUMmLW1Ry9VRGGg/FxT6TjlM
2yhKBBGwS7Fbtq7kgz3QAWWkctNQd2Rg3O2JO7PQ198PY/HgrHAWCi+5lTRrGv4+
kd4+6ERKnOa0GjnFxMv0ef37kYwN5KNdufaXYK/GVWT+RKnEy6Xj
-----END CERTIFICATE-----
Generated at Fri Apr 4 16:07:56 2025 by rpki-client