Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135382e3232302e37322e302f32342d3234203d3e20313336373837.roa
File: 3135382e3232302e37322e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: sbrfxH7yskRcUeOnrFThjDYll65sEpXKxxaCWIY+U/4=
Subject key identifier: ED:97:2E:1C:70:E0:00:06:E8:C3:C1:B1:F1:36:92:3C:7B:3F:52:F6
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 6F5794E96A62BD5E84E812D80ACBF8A6DC9935BD
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135382e3232302e37322e302f32342d3234203d3e20313336373837.roa
Signing time: Sun 27 Oct 2024 20:05:17 +0000
ROA not before: Sun 27 Oct 2024 20:00:17 +0000
ROA not after: Sun 26 Oct 2025 20:05:17 +0000
asID: 136787
IP address blocks: 158.220.72.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6f:57:94:e9:6a:62:bd:5e:84:e8:12:d8:0a:cb:f8:a6:dc:99:35:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Oct 27 20:00:17 2024 GMT
Not After : Oct 26 20:05:17 2025 GMT
Subject: CN=ED972E1C70E00006E8C3C1B1F136923C7B3F52F6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:cf:0f:1a:49:bd:cc:49:82:e7:d6:a2:b7:e8:
2e:00:15:12:6c:14:99:73:87:53:74:33:3f:70:f0:
ec:1b:79:13:35:eb:b2:a9:61:bf:15:e1:89:45:ef:
bd:1a:5f:8b:c1:a4:d5:03:c2:b8:63:93:fc:9f:12:
cd:f9:b3:43:aa:30:00:7c:97:2a:9d:09:21:17:ac:
29:0f:f6:60:54:f3:b5:38:af:2d:fc:79:65:9e:38:
0d:c3:a4:d7:e9:94:1e:de:29:39:f5:43:d2:8c:e9:
36:b4:b1:6e:04:63:11:1b:e8:b7:02:0b:16:ec:f8:
d3:62:6a:de:0a:80:9d:ad:98:d7:40:fc:93:26:1d:
9f:14:b8:51:b0:05:1e:7a:0a:d6:04:67:a6:a1:76:
02:e7:b5:cf:03:b9:bf:3e:b2:5e:7a:4d:6b:ad:6f:
58:ba:bc:b3:9b:6f:06:0c:50:1a:7e:e8:cd:d7:dc:
e0:0d:1c:f4:54:e6:a7:36:c8:8d:0f:2b:7b:ab:8c:
c6:01:21:63:97:82:6d:40:c6:75:4d:7e:f1:06:40:
9d:72:c7:14:54:51:d4:ba:fc:57:00:7a:b2:39:94:
45:0e:35:ab:49:83:5e:59:dd:ee:c3:21:e2:bc:ea:
94:d5:68:62:6f:53:53:7c:85:94:43:c5:34:ce:bb:
f2:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:97:2E:1C:70:E0:00:06:E8:C3:C1:B1:F1:36:92:3C:7B:3F:52:F6
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135382e3232302e37322e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
158.220.72.0/24
Signature Algorithm: sha256WithRSAEncryption
54:87:01:32:66:84:55:53:31:0d:b0:2c:69:38:8b:34:ad:f5:
95:28:42:cc:91:97:ba:3d:9c:53:c9:40:6a:af:f4:95:f5:94:
cb:02:37:44:b9:ed:e7:80:73:63:97:21:77:b7:64:c7:ce:5e:
ce:1a:34:8a:1a:8d:6e:3e:c0:2f:5a:71:05:07:52:1e:8e:31:
a1:39:2f:de:19:2f:70:9d:bc:7b:75:df:b3:26:de:d9:1d:b6:
a7:fb:87:8f:41:31:5d:a1:3a:df:1f:e5:87:32:b2:54:20:c0:
b7:d6:56:0c:db:76:f2:17:15:50:1d:49:cd:5c:a3:c5:45:c3:
9c:dc:1e:92:ff:73:88:97:d0:40:7f:bf:e9:bb:49:5b:19:af:
cc:44:b8:0b:26:76:d2:b5:39:6e:22:dc:90:80:0d:84:05:40:
6e:d1:81:37:59:8a:74:43:54:99:76:3a:e1:71:34:40:61:40:
6c:5d:85:60:16:5b:d9:ff:54:1c:ee:84:a9:1e:7e:a8:e5:9d:
f3:bc:09:2d:5f:ed:c2:11:95:f5:2e:35:5e:79:4d:52:ca:83:
e4:a4:e1:55:45:5c:2a:91:17:ab:9b:6c:6c:57:23:f1:72:62:
d2:ff:79:f5:46:60:53:b5:57:25:29:1e:ed:07:e0:80:36:8b:
63:1b:ce:5e
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUb1eU6WpivV6E6BLYCsv4ptyZNb0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDEwMjcyMDAwMTdaFw0yNTEwMjYyMDA1MTdaMDMxMTAvBgNV
BAMTKEVEOTcyRTFDNzBFMDAwMDZFOEMzQzFCMUYxMzY5MjNDN0IzRjUyRjYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCYzw8aSb3MSYLn1qK36C4AFRJs
FJlzh1N0Mz9w8OwbeRM167KpYb8V4YlF770aX4vBpNUDwrhjk/yfEs35s0OqMAB8
lyqdCSEXrCkP9mBU87U4ry38eWWeOA3DpNfplB7eKTn1Q9KM6Ta0sW4EYxEb6LcC
Cxbs+NNiat4KgJ2tmNdA/JMmHZ8UuFGwBR56CtYEZ6ahdgLntc8Dub8+sl56TWut
b1i6vLObbwYMUBp+6M3X3OANHPRU5qc2yI0PK3urjMYBIWOXgm1AxnVNfvEGQJ1y
xxRUUdS6/FcAerI5lEUONatJg15Z3e7DIeK86pTVaGJvU1N8hZRDxTTOu/L1AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU7ZcuHHDgAAbow8Gx8TaSPHs/UvYwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNTM4MmUzMjMyMzAyZTM3
MzIyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACe3EgwDQYJKoZIhvcNAQELBQADggEBAFSHATJmhFVTMQ2wLGk4izSt9ZUoQsyR
l7o9nFPJQGqv9JX1lMsCN0S57eeAc2OXIXe3ZMfOXs4aNIoajW4+wC9acQUHUh6O
MaE5L94ZL3CdvHt137Mm3tkdtqf7h49BMV2hOt8f5YcyslQgwLfWVgzbdvIXFVAd
Sc1co8VFw5zcHpL/c4iX0EB/v+m7SVsZr8xEuAsmdtK1OW4i3JCADYQFQG7RgTdZ
inRDVJl2OuFxNEBhQGxdhWAWW9n/VBzuhKkefqjlnfO8CS1f7cIRlfUuNV55TVLK
g+Sk4VVFXCqRF6ubbGxXI/FyYtL/efVGYFO1VyUpHu0H4IA2i2Mbzl4=
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:15:45 2024 by rpki-client on console-ams.rpki-client.org