Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135382e3232302e37342e302f32342d3234203d3e20313336373837.roa
File: 3135382e3232302e37342e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: +OP/PjZpfJQojktZacDaKkRJj3KQFamD+WVTiAoZHAk=
Subject key identifier: 32:72:26:2A:AF:4E:E9:E3:F8:48:1B:D4:9C:A2:7E:55:0D:0A:B2:3B
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 4056D8F24731F23C98FA6176E92D48C5D1BD4CFD
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135382e3232302e37342e302f32342d3234203d3e20313336373837.roa
Signing time: Sun 11 Jun 2023 10:59:42 +0000
ROA not before: Sun 11 Jun 2023 10:54:42 +0000
ROA not after: Sun 09 Jun 2024 10:59:42 +0000
asID: 136787
IP address blocks: 158.220.74.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
40:56:d8:f2:47:31:f2:3c:98:fa:61:76:e9:2d:48:c5:d1:bd:4c:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jun 11 10:54:42 2023 GMT
Not After : Jun 9 10:59:42 2024 GMT
Subject: CN=3272262AAF4EE9E3F8481BD49CA27E550D0AB23B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:61:d7:2d:96:d0:8c:08:c6:e3:06:b8:f9:e7:
0d:49:07:c9:b2:23:95:e4:1f:08:fd:29:ec:ea:21:
89:a1:2f:62:c8:5d:70:52:e2:5c:ae:68:c2:09:1c:
1b:5a:0d:83:fa:6e:9a:d3:3b:9e:be:77:e7:03:12:
cb:b8:52:a9:68:24:67:1a:36:e7:4d:1b:41:69:25:
54:f0:aa:87:c0:cf:df:d7:a7:bc:f3:1c:20:f2:3a:
93:53:3d:be:29:d5:ef:bc:db:13:5a:e6:e9:2d:75:
95:40:3c:42:0c:06:0b:12:ef:a9:b3:9a:2f:0b:cd:
68:da:6f:a7:3e:89:2d:75:a1:05:53:5d:0c:04:23:
d1:9f:88:71:32:bd:fc:53:03:36:14:ff:92:95:0e:
a3:53:99:97:f8:fe:c8:72:51:c1:6c:76:4d:14:34:
af:1f:50:13:ca:15:72:cb:ab:62:09:4b:08:49:00:
14:01:f9:cc:da:06:70:14:5a:38:01:55:7b:ef:8b:
23:37:bc:8b:35:2e:9f:94:ef:49:bf:51:1c:b1:82:
7e:f8:e2:f9:1a:a7:b3:32:92:e6:bd:7e:91:7a:6d:
04:8e:ab:18:9c:c1:5d:02:7a:28:82:c9:15:48:7a:
04:b1:3f:c1:0a:65:35:c0:12:eb:75:0e:bd:c6:4f:
0d:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:72:26:2A:AF:4E:E9:E3:F8:48:1B:D4:9C:A2:7E:55:0D:0A:B2:3B
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135382e3232302e37342e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
158.220.74.0/24
Signature Algorithm: sha256WithRSAEncryption
0b:4f:1f:26:7e:90:5f:6e:25:2c:32:00:c3:d4:87:9e:2b:d3:
ef:80:4e:8e:98:10:a4:4b:ab:a5:20:54:2f:09:37:c8:59:28:
2e:d5:b8:bf:c6:53:b7:ec:c8:d4:1e:f5:80:0f:71:dd:74:8e:
fa:72:8c:e6:c8:95:1d:6e:2c:66:ab:b9:1f:92:83:ee:21:98:
a8:a2:4f:7d:36:24:48:50:44:25:21:10:08:1e:86:b0:3d:34:
e5:0b:7f:65:af:a2:77:12:51:f6:37:f1:38:9f:a1:72:cf:4f:
55:be:69:9f:f4:64:99:9b:9d:c0:8a:8a:d3:bc:44:52:d9:fa:
a0:a3:3f:e5:25:2b:b9:dc:2c:21:be:2b:6e:24:a8:33:03:1e:
de:1d:2c:42:1f:cf:68:83:fd:41:10:1a:d5:c9:fa:fc:72:b9:
28:8c:ee:8f:a4:72:3f:35:68:96:76:00:6d:ce:d7:73:7b:aa:
44:f4:1e:2a:82:f0:70:6e:ee:9e:b3:f7:70:69:0f:63:a1:f1:
0c:98:99:c7:bd:da:f7:fe:4d:b2:f5:f7:13:f6:a6:bb:44:b1:
e4:3e:13:57:58:37:ba:bd:1f:85:eb:78:b1:62:16:b1:c9:61:
3e:dd:c4:83:34:e8:f4:c2:8f:e5:e5:b9:45:0e:ea:19:bc:a5:
ea:90:c6:84
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUQFbY8kcx8jyY+mF26S1IxdG9TP0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yMzA2MTExMDU0NDJaFw0yNDA2MDkxMDU5NDJaMDMxMTAvBgNV
BAMTKDMyNzIyNjJBQUY0RUU5RTNGODQ4MUJENDlDQTI3RTU1MEQwQUIyM0IwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCfYdctltCMCMbjBrj55w1JB8my
I5XkHwj9KezqIYmhL2LIXXBS4lyuaMIJHBtaDYP6bprTO56+d+cDEsu4UqloJGca
NudNG0FpJVTwqofAz9/Xp7zzHCDyOpNTPb4p1e+82xNa5uktdZVAPEIMBgsS76mz
mi8LzWjab6c+iS11oQVTXQwEI9GfiHEyvfxTAzYU/5KVDqNTmZf4/shyUcFsdk0U
NK8fUBPKFXLLq2IJSwhJABQB+czaBnAUWjgBVXvviyM3vIs1Lp+U70m/URyxgn74
4vkap7Mykua9fpF6bQSOqxicwV0CeiiCyRVIegSxP8EKZTXAEut1Dr3GTw0jAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUMnImKq9O6eP4SBvUnKJ+VQ0KsjswHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNTM4MmUzMjMyMzAyZTM3
MzQyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACe3EowDQYJKoZIhvcNAQELBQADggEBAAtPHyZ+kF9uJSwyAMPUh54r0++ATo6Y
EKRLq6UgVC8JN8hZKC7VuL/GU7fsyNQe9YAPcd10jvpyjObIlR1uLGaruR+Sg+4h
mKiiT302JEhQRCUhEAgehrA9NOULf2WvoncSUfY38TifoXLPT1W+aZ/0ZJmbncCK
itO8RFLZ+qCjP+UlK7ncLCG+K24kqDMDHt4dLEIfz2iD/UEQGtXJ+vxyuSiM7o+k
cj81aJZ2AG3O13N7qkT0HiqC8HBu7p6z93BpD2Oh8QyYmce92vf+TbL19xP2prtE
seQ+E1dYN7q9H4XreLFiFrHJYT7dxIM06PTCj+XluUUO6hm8peqQxoQ=
-----END CERTIFICATE-----
Generated at Wed May 8 11:32:58 2024 by rpki-client on console-ams.rpki-client.org