Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135382e3232302e3131322e302f32302d3332203d3e203531313637.roa
File: 3135382e3232302e3131322e302f32302d3332203d3e203531313637.roa (raw, json)
Hash identifier: Z6lUTzIThA4g1VkD1j2CP+mMi85+eDiso+dhzHnvRT4=
Subject key identifier: 83:26:E7:B3:D3:47:22:56:8A:BF:CB:F1:2F:D5:67:AF:99:F3:7C:E9
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 1F334A3AE1769ACCF6EEE9E46EC86D15C8A843EF
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135382e3232302e3131322e302f32302d3332203d3e203531313637.roa
Signing time: Fri 01 Mar 2024 08:55:29 +0000
ROA not before: Fri 01 Mar 2024 08:50:29 +0000
ROA not after: Fri 28 Feb 2025 08:55:29 +0000
asID: 51167
IP address blocks: 158.220.112.0/20 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1f:33:4a:3a:e1:76:9a:cc:f6:ee:e9:e4:6e:c8:6d:15:c8:a8:43:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Mar 1 08:50:29 2024 GMT
Not After : Feb 28 08:55:29 2025 GMT
Subject: CN=8326E7B3D34722568ABFCBF12FD567AF99F37CE9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:c4:5b:ea:e7:67:20:0b:4a:0b:bf:5e:21:a4:
da:d5:ae:57:f8:c1:b1:db:48:9c:d6:3d:66:83:c3:
a1:d1:1a:d7:b3:d1:7f:ab:83:77:8c:b1:8e:ed:0f:
81:c6:ce:12:80:31:81:d1:86:c3:61:11:6e:f9:f8:
8f:9d:62:15:a7:90:e2:36:6c:b8:cc:7b:59:a5:d5:
be:1f:cf:24:92:9f:d3:d4:df:fc:c9:54:3c:7c:b4:
cf:93:17:90:a4:5e:8f:dd:87:23:ac:9f:03:69:c5:
88:0c:2f:68:d2:3d:43:52:3e:11:46:db:04:45:55:
a8:fa:79:d1:79:d1:1e:e6:a7:92:d4:d6:9f:d7:b2:
fb:3c:51:73:ba:86:45:07:c3:3d:f7:55:2a:95:bf:
3c:44:6e:0e:3b:0f:16:a0:74:de:07:9c:97:a5:6e:
fe:bc:e9:22:e4:98:76:10:f8:8c:d8:6c:90:72:d9:
0f:86:ad:38:ed:a2:85:6f:31:8f:7f:58:67:25:42:
18:94:c3:bf:62:82:d8:1a:12:11:81:c4:57:3a:a1:
38:58:2f:48:98:cf:44:17:67:a1:8f:57:e3:bc:ab:
25:6f:a0:4d:9d:a7:d1:b3:11:a2:08:2c:7c:ca:c1:
59:bb:75:d8:7b:a4:1d:8a:a5:ad:c9:4d:e8:a0:c8:
07:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:26:E7:B3:D3:47:22:56:8A:BF:CB:F1:2F:D5:67:AF:99:F3:7C:E9
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135382e3232302e3131322e302f32302d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
158.220.112.0/20
Signature Algorithm: sha256WithRSAEncryption
61:25:f6:d6:87:e0:c3:4f:ec:6f:69:2c:6d:88:5d:68:4d:0e:
58:11:3a:20:c3:54:aa:c3:60:5a:d6:89:b0:f6:0d:42:72:25:
12:23:ff:d3:08:2f:52:73:72:c0:1f:09:08:9d:81:76:65:9b:
f8:39:35:73:e4:c9:57:b8:72:a9:40:6e:ec:13:3e:8b:7c:15:
a4:39:fe:1f:b9:2a:27:67:46:fe:f3:63:68:88:1b:3d:be:ce:
79:7e:85:83:85:5a:02:f0:80:58:ea:6e:97:86:ad:01:35:aa:
84:7d:d2:e9:e1:8a:bd:5b:08:e2:15:12:56:1a:57:97:72:53:
ff:fc:83:93:1b:d8:6a:31:b4:4c:f9:ff:9d:9d:f5:80:42:97:
45:af:9a:b2:2e:8a:e7:7a:14:f0:79:e9:ca:2e:d2:d4:a5:08:
43:81:46:90:c5:3f:11:76:9c:61:51:48:08:8e:57:fb:f8:16:
02:da:94:f7:f3:7f:8a:7c:99:da:da:a3:38:b4:be:94:97:87:
53:ee:04:90:09:37:95:2f:67:44:56:3a:c7:04:bd:d1:a2:fa:
44:ff:91:2c:e0:d2:a6:9f:c9:ae:75:d4:91:8e:9a:41:cd:82:
a3:13:8f:29:24:47:e1:b2:28:15:83:68:31:d8:6b:16:15:70:
33:46:ae:9b
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUHzNKOuF2msz27unkbshtFcioQ+8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDAzMDEwODUwMjlaFw0yNTAyMjgwODU1MjlaMDMxMTAvBgNV
BAMTKDgzMjZFN0IzRDM0NzIyNTY4QUJGQ0JGMTJGRDU2N0FGOTlGMzdDRTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDixFvq52cgC0oLv14hpNrVrlf4
wbHbSJzWPWaDw6HRGtez0X+rg3eMsY7tD4HGzhKAMYHRhsNhEW75+I+dYhWnkOI2
bLjMe1ml1b4fzySSn9PU3/zJVDx8tM+TF5CkXo/dhyOsnwNpxYgML2jSPUNSPhFG
2wRFVaj6edF50R7mp5LU1p/Xsvs8UXO6hkUHwz33VSqVvzxEbg47DxagdN4HnJel
bv686SLkmHYQ+IzYbJBy2Q+GrTjtooVvMY9/WGclQhiUw79igtgaEhGBxFc6oThY
L0iYz0QXZ6GPV+O8qyVvoE2dp9GzEaIILHzKwVm7ddh7pB2Kpa3JTeigyAchAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUgybns9NHIlaKv8vxL9Vnr5nzfOkwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNTM4MmUzMjMyMzAyZTMx
MzEzMjJlMzAyZjMyMzAyZDMzMzIyMDNkM2UyMDM1MzEzMTM2Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BASe3HAwDQYJKoZIhvcNAQELBQADggEBAGEl9taH4MNP7G9pLG2IXWhNDlgROiDD
VKrDYFrWibD2DUJyJRIj/9MIL1JzcsAfCQidgXZlm/g5NXPkyVe4cqlAbuwTPot8
FaQ5/h+5KidnRv7zY2iIGz2+znl+hYOFWgLwgFjqbpeGrQE1qoR90unhir1bCOIV
ElYaV5dyU//8g5Mb2GoxtEz5/52d9YBCl0WvmrIuiud6FPB56cou0tSlCEOBRpDF
PxF2nGFRSAiOV/v4FgLalPfzf4p8mdraozi0vpSXh1PuBJAJN5UvZ0RWOscEvdGi
+kT/kSzg0qafya511JGOmkHNgqMTjykkR+GyKBWDaDHYaxYVcDNGrps=
-----END CERTIFICATE-----
Generated at Mon Nov 25 03:42:55 2024 by rpki-client on console-fra.rpki-client.org