Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135372e3137332e3139322e302f32302d3332203d3e203430303231.roa
File: 3135372e3137332e3139322e302f32302d3332203d3e203430303231.roa (raw, json)
Hash identifier: dK/Hy5z8xTXg3L1fFxwrPFBGnMXgQp5y3eUP8o0aIhc=
Subject key identifier: 57:45:08:1D:9D:DC:3B:D9:4F:A0:A9:A8:73:9F:62:6A:FB:D7:74:B1
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 1F5382896D78A6B28740B7485D8E930C27AFACE6
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135372e3137332e3139322e302f32302d3332203d3e203430303231.roa
Signing time: Wed 15 May 2024 07:52:57 +0000
ROA not before: Wed 15 May 2024 07:47:57 +0000
ROA not after: Wed 14 May 2025 07:52:57 +0000
asID: 40021
IP address blocks: 157.173.192.0/20 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 13:21:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1f:53:82:89:6d:78:a6:b2:87:40:b7:48:5d:8e:93:0c:27:af:ac:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: May 15 07:47:57 2024 GMT
Not After : May 14 07:52:57 2025 GMT
Subject: CN=5745081D9DDC3BD94FA0A9A8739F626AFBD774B1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:ac:76:59:ec:4d:c6:df:29:18:de:22:2d:01:
b7:01:b3:f6:72:2b:de:24:a7:63:da:58:68:29:ed:
2f:5e:a4:2a:85:be:91:d9:cb:f1:0c:2c:42:55:00:
ae:b1:5c:77:33:ea:08:a5:0f:df:56:04:91:6e:bc:
99:75:7a:e0:74:e2:c4:ac:44:84:a0:03:af:36:ce:
d1:87:31:bf:0f:2f:f3:7e:1f:48:58:cb:2f:a5:a9:
90:15:ea:07:9d:35:38:a4:35:f9:a2:bf:de:52:b1:
dd:92:da:d4:3c:1a:ea:32:0d:9d:a5:b6:47:c1:a7:
60:76:52:fb:aa:ea:0b:c9:44:31:51:07:8c:80:42:
93:5a:bc:ea:a7:33:21:f5:c7:57:03:63:8f:c2:19:
0c:37:42:1d:0a:90:a5:21:8d:e6:30:42:d5:da:28:
54:d3:cc:a1:27:80:0e:d9:9e:f8:9e:d2:51:8c:6d:
12:58:a4:0b:7c:29:0e:45:b0:8a:83:f1:ed:cc:41:
b5:43:75:c8:4e:92:8d:27:1e:b4:f6:0f:94:fc:a7:
f0:46:b6:94:03:2b:bc:0a:39:d1:dc:6b:ad:a8:ce:
5f:cc:97:f6:78:8b:bd:9f:c9:e2:5a:2e:56:82:41:
16:e5:96:62:01:bc:8f:05:36:09:e1:07:f4:93:ab:
18:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:45:08:1D:9D:DC:3B:D9:4F:A0:A9:A8:73:9F:62:6A:FB:D7:74:B1
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135372e3137332e3139322e302f32302d3332203d3e203430303231.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
157.173.192.0/20
Signature Algorithm: sha256WithRSAEncryption
2d:9d:82:18:68:1d:64:84:a4:db:83:60:1a:d0:0d:6b:fa:f2:
37:3a:82:5e:2f:41:ea:82:86:01:6a:63:58:b8:37:d7:cd:74:
39:a3:a0:45:87:a3:49:d0:5d:d2:17:26:d1:be:60:7c:eb:16:
71:1f:a2:cd:6f:8a:4a:d7:1a:aa:62:73:d0:c2:83:a0:14:e4:
37:60:90:28:7f:34:5d:5e:a2:1a:07:39:10:5e:8d:3d:7a:37:
38:39:47:d3:31:35:3c:3f:0a:ba:89:26:2c:88:4a:01:6d:07:
93:b7:5a:09:0a:b4:7b:85:3b:91:ac:06:ae:42:9e:c0:b0:2f:
3a:3e:e2:59:49:b3:bd:fe:9a:57:b7:53:73:28:e2:ec:5d:17:
b5:ab:31:b0:24:8b:1f:00:03:f2:2b:7d:da:aa:6c:c8:35:8b:
2d:dc:89:3e:b8:ea:84:3e:59:7d:ad:0e:01:c3:16:a0:6d:39:
07:70:1e:b7:ff:43:91:1f:31:11:1c:2a:17:2b:87:9d:6d:f3:
8c:45:16:28:64:5a:92:92:91:35:fe:58:d4:41:17:69:93:e8:
ca:1b:41:4b:22:2f:53:46:41:56:39:27:4f:a0:f2:9b:40:4b:
15:8c:7e:b6:89:be:7a:29:25:56:83:17:b7:94:b9:cc:a0:15:
bc:dc:bf:8c
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUH1OCiW14prKHQLdIXY6TDCevrOYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDA1MTUwNzQ3NTdaFw0yNTA1MTQwNzUyNTdaMDMxMTAvBgNV
BAMTKDU3NDUwODFEOUREQzNCRDk0RkEwQTlBODczOUY2MjZBRkJENzc0QjEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDIrHZZ7E3G3ykY3iItAbcBs/Zy
K94kp2PaWGgp7S9epCqFvpHZy/EMLEJVAK6xXHcz6gilD99WBJFuvJl1euB04sSs
RISgA682ztGHMb8PL/N+H0hYyy+lqZAV6gedNTikNfmiv95Ssd2S2tQ8GuoyDZ2l
tkfBp2B2Uvuq6gvJRDFRB4yAQpNavOqnMyH1x1cDY4/CGQw3Qh0KkKUhjeYwQtXa
KFTTzKEngA7Znvie0lGMbRJYpAt8KQ5FsIqD8e3MQbVDdchOko0nHrT2D5T8p/BG
tpQDK7wKOdHca62ozl/Ml/Z4i72fyeJaLlaCQRbllmIBvI8FNgnhB/STqxirAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUV0UIHZ3cO9lPoKmoc59iavvXdLEwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNTM3MmUzMTM3MzMyZTMx
MzkzMjJlMzAyZjMyMzAyZDMzMzIyMDNkM2UyMDM0MzAzMDMyMzEucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BASdrcAwDQYJKoZIhvcNAQELBQADggEBAC2dghhoHWSEpNuDYBrQDWv68jc6gl4v
QeqChgFqY1i4N9fNdDmjoEWHo0nQXdIXJtG+YHzrFnEfos1vikrXGqpic9DCg6AU
5DdgkCh/NF1eohoHORBejT16Nzg5R9MxNTw/CrqJJiyISgFtB5O3WgkKtHuFO5Gs
Bq5CnsCwLzo+4llJs73+mle3U3Mo4uxdF7WrMbAkix8AA/IrfdqqbMg1iy3ciT64
6oQ+WX2tDgHDFqBtOQdwHrf/Q5EfMREcKhcrh51t84xFFihkWpKSkTX+WNRBF2mT
6MobQUsiL1NGQVY5J0+g8ptASxWMfraJvnopJVaDF7eUucygFbzcv4w=
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:36:35 2025 by rpki-client