Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135382e3232302e37352e302f32342d3234203d3e20313336373837.roa
File: 3135382e3232302e37352e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: TDVjWElYlPATA0vGvEsBngBRgcs8iKLiWWDqwKy0uBQ=
Subject key identifier: 1C:35:97:21:EC:8A:E5:B5:D0:A1:B6:CB:38:6D:C0:1A:BC:31:56:E3
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 0ACF5F4355621AC45EA56AFFB3192388F6A07DE6
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135382e3232302e37352e302f32342d3234203d3e20313336373837.roa
Signing time: Tue 08 Oct 2024 21:05:10 +0000
ROA not before: Tue 08 Oct 2024 21:00:10 +0000
ROA not after: Tue 07 Oct 2025 21:05:10 +0000
asID: 136787
IP address blocks: 158.220.75.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0a:cf:5f:43:55:62:1a:c4:5e:a5:6a:ff:b3:19:23:88:f6:a0:7d:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Oct 8 21:00:10 2024 GMT
Not After : Oct 7 21:05:10 2025 GMT
Subject: CN=1C359721EC8AE5B5D0A1B6CB386DC01ABC3156E3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:91:1f:0a:9d:a2:63:7a:a9:4a:26:04:11:21:
fa:f4:11:39:fc:59:89:73:55:e1:95:c8:b8:f8:7e:
dd:dc:0c:50:c4:f2:01:4c:b4:4d:ab:90:d3:79:d6:
0c:20:c7:d9:27:71:0e:62:af:99:2c:63:c6:e5:44:
fc:12:c6:e2:f0:fa:8d:d5:29:b6:06:1f:97:41:86:
64:2e:17:06:0a:22:67:2e:17:f7:4a:0d:00:c5:28:
6e:7d:c2:1d:b1:c0:fb:c0:ae:e0:fa:6b:fd:89:d7:
ad:d5:8c:d2:bb:1e:a7:b8:b5:7f:40:94:53:9d:ff:
4f:cd:73:48:40:de:17:e7:7e:fd:d8:9e:70:da:17:
41:6c:2b:64:b0:f7:6f:6c:92:a6:74:72:f7:78:4f:
09:29:7c:09:c3:86:6c:e5:c1:30:01:5c:81:e0:d4:
db:98:83:7b:36:40:17:67:b8:94:13:8a:e1:29:a3:
d7:0c:27:53:1d:af:9d:43:84:51:85:31:d9:5b:b6:
18:f8:13:59:01:c6:4c:e0:de:52:58:11:87:d0:25:
a6:2c:3a:c3:e2:1c:5d:3f:dd:1b:f6:73:46:e8:25:
87:96:e7:d1:ff:c2:87:84:7c:c3:15:63:8b:d1:fa:
ce:eb:81:99:24:a5:10:fb:06:bc:6a:44:a3:90:15:
28:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:35:97:21:EC:8A:E5:B5:D0:A1:B6:CB:38:6D:C0:1A:BC:31:56:E3
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135382e3232302e37352e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
158.220.75.0/24
Signature Algorithm: sha256WithRSAEncryption
97:9a:35:16:00:98:86:43:46:b9:f1:01:ea:88:54:45:77:5e:
07:90:4f:89:cb:1d:a5:d9:8c:bf:67:a0:df:de:0c:ed:49:a5:
08:0b:7b:89:f2:32:da:38:63:b1:9b:11:0c:6c:59:e2:55:21:
c2:3a:5a:b7:df:93:b0:a5:47:08:3e:cd:6a:2c:b5:d4:df:af:
1f:24:39:e4:a0:8d:c3:a3:cc:18:19:1e:6c:00:13:d9:25:97:
54:33:7d:47:1d:49:f7:b9:2b:d8:9a:d9:42:6e:99:33:3a:81:
6c:16:f9:2b:c5:af:24:4d:59:b6:fd:e6:27:99:2e:3f:55:96:
59:7b:87:f4:d0:d9:db:99:79:9d:42:bf:70:57:0b:c4:02:39:
13:81:4c:15:80:d6:0d:18:c5:22:0c:f8:af:67:f0:f3:95:48:
42:7c:dd:53:0b:d2:78:08:15:46:be:a2:b5:b1:a3:9c:57:32:
3f:ac:41:22:8a:89:b2:90:b6:ff:97:0d:1a:ed:51:99:7d:07:
0d:1d:6e:38:b2:c5:b7:53:55:b6:09:87:86:29:82:d5:f3:1a:
35:82:85:b1:a7:42:0f:fc:ce:b5:65:37:25:6f:0c:e7:05:3f:
a5:50:92:92:12:d1:7d:3b:64:07:e4:9a:0b:ad:92:60:92:b0:
85:f4:5c:ae
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUCs9fQ1ViGsRepWr/sxkjiPagfeYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDEwMDgyMTAwMTBaFw0yNTEwMDcyMTA1MTBaMDMxMTAvBgNV
BAMTKDFDMzU5NzIxRUM4QUU1QjVEMEExQjZDQjM4NkRDMDFBQkMzMTU2RTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDrkR8KnaJjeqlKJgQRIfr0ETn8
WYlzVeGVyLj4ft3cDFDE8gFMtE2rkNN51gwgx9kncQ5ir5ksY8blRPwSxuLw+o3V
KbYGH5dBhmQuFwYKImcuF/dKDQDFKG59wh2xwPvAruD6a/2J163VjNK7Hqe4tX9A
lFOd/0/Nc0hA3hfnfv3YnnDaF0FsK2Sw929skqZ0cvd4TwkpfAnDhmzlwTABXIHg
1NuYg3s2QBdnuJQTiuEpo9cMJ1Mdr51DhFGFMdlbthj4E1kBxkzg3lJYEYfQJaYs
OsPiHF0/3Rv2c0boJYeW59H/woeEfMMVY4vR+s7rgZkkpRD7BrxqRKOQFShnAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUHDWXIeyK5bXQobbLOG3AGrwxVuMwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNTM4MmUzMjMyMzAyZTM3
MzUyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACe3EswDQYJKoZIhvcNAQELBQADggEBAJeaNRYAmIZDRrnxAeqIVEV3XgeQT4nL
HaXZjL9noN/eDO1JpQgLe4nyMto4Y7GbEQxsWeJVIcI6Wrffk7ClRwg+zWostdTf
rx8kOeSgjcOjzBgZHmwAE9kll1QzfUcdSfe5K9ia2UJumTM6gWwW+SvFryRNWbb9
5ieZLj9Vlll7h/TQ2duZeZ1Cv3BXC8QCOROBTBWA1g0YxSIM+K9n8POVSEJ83VML
0ngIFUa+orWxo5xXMj+sQSKKibKQtv+XDRrtUZl9Bw0dbjiyxbdTVbYJh4YpgtXz
GjWChbGnQg/8zrVlNyVvDOcFP6VQkpIS0X07ZAfkmgutkmCSsIX0XK4=
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:15:45 2024 by rpki-client on console-ams.rpki-client.org