Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135362e36372e38362e302f32342d3234203d3e20313336373837.roa
File: 3135362e36372e38362e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: XYVekRuRNDVBqhIU2wqDO9kZ4/bbgizIl18yYBmUtMs=
Subject key identifier: 48:75:41:B3:AA:54:2C:09:6B:69:80:2E:43:22:A9:03:63:33:B3:AB
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 5AB2CF1DD1F071F76A2C4B6041C63EF8AA23994C
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135362e36372e38362e302f32342d3234203d3e20313336373837.roa
Signing time: Sat 02 Mar 2024 21:54:13 +0000
ROA not before: Sat 02 Mar 2024 21:49:13 +0000
ROA not after: Sat 01 Mar 2025 21:54:13 +0000
asID: 136787
IP address blocks: 156.67.86.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:b2:cf:1d:d1:f0:71:f7:6a:2c:4b:60:41:c6:3e:f8:aa:23:99:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Mar 2 21:49:13 2024 GMT
Not After : Mar 1 21:54:13 2025 GMT
Subject: CN=487541B3AA542C096B69802E4322A9036333B3AB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:f5:cf:f0:38:5e:a0:8d:12:cd:9c:27:1e:9d:
6f:57:70:b3:75:64:24:48:ee:f6:39:54:12:70:22:
c4:e3:5e:e5:bc:fa:a8:4f:db:c7:94:e2:98:92:6e:
74:35:55:04:1f:b2:89:7a:87:58:44:2a:a4:96:ec:
42:fa:f3:20:e0:76:25:22:64:b1:7e:f3:b8:fa:80:
25:1c:3b:e4:74:83:29:10:f0:14:95:4c:f8:61:2c:
17:27:d9:be:1e:79:89:06:a5:11:5f:2b:43:0a:5b:
c5:e4:dc:8c:d8:5d:b2:88:27:96:34:51:0c:8a:1f:
67:ef:59:ec:6b:2f:c4:fc:46:56:8c:15:48:1c:d4:
30:96:36:3f:a3:b0:5c:d3:87:af:77:27:77:cd:f4:
38:53:1b:55:d4:30:b4:31:38:f3:45:14:c3:db:1b:
06:29:b4:d7:37:f6:a3:27:15:cd:7d:f3:62:ce:48:
89:be:94:9b:3d:3c:ef:08:10:d2:e4:9a:08:b8:2f:
a9:1b:34:e7:a9:87:ce:4b:8c:08:16:44:79:8b:b2:
6b:3e:41:95:a8:7e:f1:fd:9f:79:03:1e:4a:c6:52:
fe:9a:55:30:ad:24:4f:b6:59:3d:eb:6b:f2:40:01:
5b:3f:73:c4:87:7a:fd:1a:9d:d2:54:13:76:3d:39:
ea:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:75:41:B3:AA:54:2C:09:6B:69:80:2E:43:22:A9:03:63:33:B3:AB
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135362e36372e38362e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
156.67.86.0/24
Signature Algorithm: sha256WithRSAEncryption
74:8d:e6:0b:2e:46:97:a5:d5:87:9a:f7:fd:11:76:f3:bc:6a:
13:55:b9:ce:f3:e5:77:c7:c0:94:fc:42:7e:fc:87:81:a2:f6:
c9:ac:96:75:e2:61:e9:73:18:eb:f0:3c:e0:80:97:c7:8b:9a:
4a:cb:bf:de:d8:84:5a:b3:15:e0:b4:97:66:50:9d:c8:e2:29:
44:68:9c:e5:be:44:2c:10:a3:e7:8a:4a:fa:93:73:ac:dd:bc:
8a:9f:58:65:83:b6:73:8f:63:b9:81:64:a7:fd:06:ce:01:1f:
a5:aa:77:30:b1:a9:b5:7e:84:bc:a6:bb:b4:f0:6c:b1:b7:85:
b8:0f:f1:69:ce:16:2a:41:35:17:86:c4:3b:f9:8b:b0:ad:ba:
d1:b1:24:47:69:e6:77:57:3d:c1:11:0a:aa:a1:cc:94:bd:80:
71:e5:fd:29:35:89:03:ca:59:07:bf:08:32:9b:04:88:91:8d:
ee:94:0b:ea:02:f2:d3:2b:de:02:95:37:5a:06:2f:4f:cb:13:
24:27:4d:f7:bf:f6:b9:53:02:f4:6d:ea:45:5c:49:bd:92:d3:
92:b4:e0:c6:de:90:97:a9:f8:a3:87:4d:5b:64:6b:4a:e3:fe:
5f:91:ed:6f:ad:ed:1c:98:ea:3b:3b:49:73:b3:09:33:f9:5d:
27:94:5a:22
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUWrLPHdHwcfdqLEtgQcY++KojmUwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDAzMDIyMTQ5MTNaFw0yNTAzMDEyMTU0MTNaMDMxMTAvBgNV
BAMTKDQ4NzU0MUIzQUE1NDJDMDk2QjY5ODAyRTQzMjJBOTAzNjMzM0IzQUIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDk9c/wOF6gjRLNnCcenW9XcLN1
ZCRI7vY5VBJwIsTjXuW8+qhP28eU4piSbnQ1VQQfsol6h1hEKqSW7EL68yDgdiUi
ZLF+87j6gCUcO+R0gykQ8BSVTPhhLBcn2b4eeYkGpRFfK0MKW8Xk3IzYXbKIJ5Y0
UQyKH2fvWexrL8T8RlaMFUgc1DCWNj+jsFzTh693J3fN9DhTG1XUMLQxOPNFFMPb
GwYptNc39qMnFc1982LOSIm+lJs9PO8IENLkmgi4L6kbNOeph85LjAgWRHmLsms+
QZWofvH9n3kDHkrGUv6aVTCtJE+2WT3ra/JAAVs/c8SHev0andJUE3Y9OeprAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUSHVBs6pULAlraYAuQyKpA2Mzs6swHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNTM2MmUzNjM3MmUzODM2
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzMzM2MzczODM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
nENWMA0GCSqGSIb3DQEBCwUAA4IBAQB0jeYLLkaXpdWHmvf9EXbzvGoTVbnO8+V3
x8CU/EJ+/IeBovbJrJZ14mHpcxjr8DzggJfHi5pKy7/e2IRasxXgtJdmUJ3I4ilE
aJzlvkQsEKPnikr6k3Os3byKn1hlg7Zzj2O5gWSn/QbOAR+lqncwsam1foS8pru0
8Gyxt4W4D/FpzhYqQTUXhsQ7+YuwrbrRsSRHaeZ3Vz3BEQqqocyUvYBx5f0pNYkD
ylkHvwgymwSIkY3ulAvqAvLTK94ClTdaBi9PyxMkJ033v/a5UwL0bepFXEm9ktOS
tODG3pCXqfijh01bZGtK4/5fke1vre0cmOo7O0lzswkz+V0nlFoi
-----END CERTIFICATE-----
Generated at Wed May 8 11:54:23 2024 by rpki-client on console-fra.rpki-client.org