Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135382e3232302e3131322e302f32302d3332203d3e203531313637.roa
File: 3135382e3232302e3131322e302f32302d3332203d3e203531313637.roa (raw, json)
Hash identifier: tzdMVoQ3AkzKiAuIyveNEJRT/JNl4CruD9SG/IUgGzE=
Subject key identifier: 02:6F:0D:12:4B:54:BE:20:96:2D:54:3C:E2:FB:0C:11:84:81:BE:9A
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 06C12D8927942B5C422C28A87F4405164E350441
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135382e3232302e3131322e302f32302d3332203d3e203531313637.roa
Signing time: Fri 31 Jan 2025 09:45:33 +0000
ROA not before: Fri 31 Jan 2025 09:40:33 +0000
ROA not after: Fri 30 Jan 2026 09:45:33 +0000
asID: 51167
IP address blocks: 158.220.112.0/20 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 03 Apr 2025 15:34:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
06:c1:2d:89:27:94:2b:5c:42:2c:28:a8:7f:44:05:16:4e:35:04:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jan 31 09:40:33 2025 GMT
Not After : Jan 30 09:45:33 2026 GMT
Subject: CN=026F0D124B54BE20962D543CE2FB0C118481BE9A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:df:7e:d1:73:9e:76:69:69:14:8c:dd:cf:e7:
3a:4e:c4:c0:7e:52:c0:bb:f9:b0:b1:ed:70:a0:78:
45:a0:01:75:b9:6e:ca:9b:ef:07:5d:66:db:d3:b0:
ec:d3:8f:b6:42:c1:1a:93:c5:f6:15:4e:61:1c:4a:
60:45:d1:f5:c1:86:5e:e3:ec:52:ff:ac:76:b0:bd:
1b:72:00:66:ca:5b:10:7a:43:5a:6c:55:f6:0f:e2:
ee:77:60:89:16:9f:2d:1a:ac:4d:bc:7f:d5:ed:d0:
b8:91:0b:24:5d:11:7d:50:47:5e:f6:98:6e:b5:1e:
23:da:ab:ad:69:f3:64:34:c4:9f:c7:8e:bf:2d:f7:
56:1a:67:e3:dd:18:70:13:b8:99:8f:de:3e:a2:dc:
a3:f9:61:03:0b:12:40:e9:7e:c2:92:86:f4:b8:38:
50:38:f5:27:42:3f:de:57:36:d6:fa:56:21:13:c9:
1d:6c:e6:b8:97:0c:ac:62:e8:4d:bd:b1:9a:cc:c5:
1a:df:4f:70:9c:7a:09:f4:41:3e:f0:d7:c8:80:67:
8f:5f:8b:dd:00:2b:9d:5e:c6:00:2b:f1:da:b4:94:
0e:fa:b5:9e:d7:6c:d2:36:d4:27:c2:80:aa:a6:6b:
93:bd:e2:9e:8d:97:22:65:cb:6b:5a:a6:98:a5:3e:
c9:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:6F:0D:12:4B:54:BE:20:96:2D:54:3C:E2:FB:0C:11:84:81:BE:9A
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135382e3232302e3131322e302f32302d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
158.220.112.0/20
Signature Algorithm: sha256WithRSAEncryption
4e:3d:59:76:39:3f:35:17:85:36:66:ac:84:e1:e3:0f:90:8f:
d6:56:61:97:0c:a1:50:8c:74:c8:2b:74:c5:ac:f3:cf:4e:62:
ff:de:e3:70:34:e0:2d:18:44:45:01:43:d0:63:e0:19:85:32:
e2:ff:cb:20:ce:f8:e4:45:df:5f:ee:29:b3:0c:9c:28:01:89:
28:d0:d2:b0:48:65:63:6a:00:6c:05:39:1d:b9:d7:28:5a:96:
c0:c8:46:fe:2f:69:da:43:e6:8a:e8:90:51:d3:75:73:cc:f7:
2d:c4:3a:5b:5a:0b:3c:39:98:34:a4:94:7b:16:8e:68:35:82:
55:e3:87:5f:2d:82:65:0b:0b:e1:2b:cf:32:a6:53:2b:1c:fe:
1c:80:94:2a:ae:2e:c1:be:d8:f0:f9:7c:ea:74:4a:1b:da:0e:
d8:d4:0b:50:cb:6b:e8:b8:92:67:b3:c0:46:a2:46:04:0b:3a:
cd:2b:a7:b1:12:43:6f:96:c2:a9:a5:c3:ec:bf:7a:2f:80:e4:
df:6f:aa:0c:f1:c2:d0:93:f4:e6:75:41:b9:1e:5d:2c:eb:44:
2d:7a:4b:7a:1d:b6:25:6a:d2:66:c4:12:5f:7b:c1:14:e6:42:
ef:27:91:c3:db:ca:be:c7:21:6f:87:01:d7:ef:8a:d3:2b:0e:
a0:97:69:b2
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUBsEtiSeUK1xCLCiof0QFFk41BEEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTAxMzEwOTQwMzNaFw0yNjAxMzAwOTQ1MzNaMDMxMTAvBgNV
BAMTKDAyNkYwRDEyNEI1NEJFMjA5NjJENTQzQ0UyRkIwQzExODQ4MUJFOUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDX337Rc552aWkUjN3P5zpOxMB+
UsC7+bCx7XCgeEWgAXW5bsqb7wddZtvTsOzTj7ZCwRqTxfYVTmEcSmBF0fXBhl7j
7FL/rHawvRtyAGbKWxB6Q1psVfYP4u53YIkWny0arE28f9Xt0LiRCyRdEX1QR172
mG61HiPaq61p82Q0xJ/Hjr8t91YaZ+PdGHATuJmP3j6i3KP5YQMLEkDpfsKShvS4
OFA49SdCP95XNtb6ViETyR1s5riXDKxi6E29sZrMxRrfT3Ccegn0QT7w18iAZ49f
i90AK51exgAr8dq0lA76tZ7XbNI21CfCgKqma5O94p6NlyJly2tappilPslhAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUAm8NEktUviCWLVQ84vsMEYSBvpowHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNTM4MmUzMjMyMzAyZTMx
MzEzMjJlMzAyZjMyMzAyZDMzMzIyMDNkM2UyMDM1MzEzMTM2Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BASe3HAwDQYJKoZIhvcNAQELBQADggEBAE49WXY5PzUXhTZmrITh4w+Qj9ZWYZcM
oVCMdMgrdMWs889OYv/e43A04C0YREUBQ9Bj4BmFMuL/yyDO+ORF31/uKbMMnCgB
iSjQ0rBIZWNqAGwFOR251yhalsDIRv4vadpD5orokFHTdXPM9y3EOltaCzw5mDSk
lHsWjmg1glXjh18tgmULC+ErzzKmUysc/hyAlCquLsG+2PD5fOp0ShvaDtjUC1DL
a+i4kmezwEaiRgQLOs0rp7ESQ2+Wwqmlw+y/ei+A5N9vqgzxwtCT9OZ1QbkeXSzr
RC16S3odtiVq0mbEEl97wRTmQu8nkcPbyr7HIW+HAdfvitMrDqCXabI=
-----END CERTIFICATE-----
Generated at Thu Apr 3 05:16:31 2025 by rpki-client