Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135362e36372e39342e302f32342d3234203d3e20313336373837.roa
File: 3135362e36372e39342e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: F9nCiONwhECSBHHLIPLOs732z5zO78/I/DJke0flO6s=
Subject key identifier: D1:3A:F4:29:84:D7:B9:9B:64:F0:3F:8B:A4:55:87:B7:F1:2D:0A:CA
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 688915B7B17838B34452203A656EC8F17DF6FF9F
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135362e36372e39342e302f32342d3234203d3e20313336373837.roa
Signing time: Mon 20 May 2024 17:03:44 +0000
ROA not before: Mon 20 May 2024 16:58:44 +0000
ROA not after: Mon 19 May 2025 17:03:44 +0000
asID: 136787
IP address blocks: 156.67.94.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
68:89:15:b7:b1:78:38:b3:44:52:20:3a:65:6e:c8:f1:7d:f6:ff:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: May 20 16:58:44 2024 GMT
Not After : May 19 17:03:44 2025 GMT
Subject: CN=D13AF42984D7B99B64F03F8BA45587B7F12D0ACA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:22:64:4c:a1:71:f1:2b:1e:d7:9f:29:e2:35:
ec:c8:54:64:17:dd:c0:fa:07:40:ac:7d:b5:bc:04:
1e:cc:92:1d:55:d0:92:11:a1:79:50:ff:95:45:d7:
1a:0a:d0:0a:fa:1e:7c:1f:7a:d5:bc:e8:45:60:15:
bc:49:5d:02:a4:89:8f:12:30:4d:a7:d9:51:97:18:
f7:6d:1a:cb:a3:2d:16:49:f0:7d:73:5b:3f:73:a6:
da:68:d3:dd:17:35:34:89:6e:df:a0:66:eb:1a:ab:
36:c2:0b:a5:b2:7f:d4:40:b6:ba:3b:1d:91:a8:b3:
ae:ae:7e:2e:fb:49:a3:c8:7b:bf:38:2f:68:91:15:
61:9d:eb:19:22:59:e2:20:b6:1d:02:3a:39:61:17:
d3:5c:7a:b8:51:b0:6a:e3:6c:18:18:7a:96:09:2b:
9d:42:4f:05:f7:2a:e7:b2:8c:14:e5:9c:35:c0:ec:
94:1e:f4:af:0b:02:c7:f8:28:65:23:a1:1b:4d:28:
91:d6:74:a6:cd:f0:28:9d:1a:b5:ea:0f:29:b1:8c:
74:b4:71:70:bb:45:99:8f:40:7d:35:95:fd:26:ac:
a2:16:ca:ce:5f:ee:8d:2f:fd:bb:0f:97:ef:e0:83:
24:36:01:47:51:f7:9d:e4:51:c4:e7:b7:cc:5a:31:
bf:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:3A:F4:29:84:D7:B9:9B:64:F0:3F:8B:A4:55:87:B7:F1:2D:0A:CA
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135362e36372e39342e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
156.67.94.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:af:87:38:96:99:fa:93:e4:8d:e6:9c:1d:7a:00:bc:d8:c3:
e1:e8:9f:19:55:27:4a:c2:bf:ec:27:4f:0d:05:aa:78:98:b2:
20:5d:f9:a0:a2:40:df:f6:60:35:48:fb:4a:bc:32:35:43:59:
8d:22:af:59:c8:a2:ea:bb:b3:8f:b5:1e:8e:81:c5:1e:25:3a:
67:20:56:2c:30:c9:e9:c3:d5:ba:31:77:16:7d:cb:1f:a5:8c:
18:ae:93:86:a6:cf:34:3b:20:cf:1d:70:d2:1f:59:7f:af:0d:
02:8a:aa:f0:22:73:22:e8:ba:fe:82:c8:8e:7f:e5:a9:0b:d4:
2a:30:de:72:62:0a:a4:3b:ae:9e:91:71:cb:3e:02:2d:67:70:
e7:a1:79:ee:7f:b0:aa:71:00:2d:e3:2f:d2:f5:13:7a:bf:ef:
00:46:66:bf:15:88:e7:aa:a4:d1:76:dc:59:73:51:d2:48:a0:
3f:05:a0:82:ff:5a:79:25:2b:ac:d5:d9:65:bc:73:94:f4:e8:
18:da:aa:95:cf:4b:91:54:05:76:a5:2d:e1:64:4f:06:d1:2a:
40:e1:36:3e:bb:81:32:35:23:79:97:e2:1a:58:c7:a6:08:ec:
3f:78:be:24:45:7b:68:3d:fa:23:a3:15:54:29:cc:42:8b:13:
45:db:a8:67
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUaIkVt7F4OLNEUiA6ZW7I8X32/58wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDA1MjAxNjU4NDRaFw0yNTA1MTkxNzAzNDRaMDMxMTAvBgNV
BAMTKEQxM0FGNDI5ODREN0I5OUI2NEYwM0Y4QkE0NTU4N0I3RjEyRDBBQ0EwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDIImRMoXHxKx7XnyniNezIVGQX
3cD6B0CsfbW8BB7Mkh1V0JIRoXlQ/5VF1xoK0Ar6HnwfetW86EVgFbxJXQKkiY8S
ME2n2VGXGPdtGsujLRZJ8H1zWz9zptpo090XNTSJbt+gZusaqzbCC6Wyf9RAtro7
HZGos66ufi77SaPIe784L2iRFWGd6xkiWeIgth0COjlhF9NcerhRsGrjbBgYepYJ
K51CTwX3KueyjBTlnDXA7JQe9K8LAsf4KGUjoRtNKJHWdKbN8CidGrXqDymxjHS0
cXC7RZmPQH01lf0mrKIWys5f7o0v/bsPl+/ggyQ2AUdR953kUcTnt8xaMb8hAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU0Tr0KYTXuZtk8D+LpFWHt/EtCsowHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNTM2MmUzNjM3MmUzOTM0
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzMzM2MzczODM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
nENeMA0GCSqGSIb3DQEBCwUAA4IBAQAsr4c4lpn6k+SN5pwdegC82MPh6J8ZVSdK
wr/sJ08NBap4mLIgXfmgokDf9mA1SPtKvDI1Q1mNIq9ZyKLqu7OPtR6OgcUeJTpn
IFYsMMnpw9W6MXcWfcsfpYwYrpOGps80OyDPHXDSH1l/rw0CiqrwInMi6Lr+gsiO
f+WpC9QqMN5yYgqkO66ekXHLPgItZ3DnoXnuf7CqcQAt4y/S9RN6v+8ARma/FYjn
qqTRdtxZc1HSSKA/BaCC/1p5JSus1dllvHOU9OgY2qqVz0uRVAV2pS3hZE8G0SpA
4TY+u4EyNSN5l+IaWMemCOw/eL4kRXtoPfojoxVUKcxCixNF26hn
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:07:02 2024 by rpki-client on console-fra.rpki-client.org