Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135382e3232302e37352e302f32342d3234203d3e20313336373837.roa
File: 3135382e3232302e37352e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: JOIk/VRp4Zjnpnu60ZoQl6A3ofwB+F0GbEKBdEI3zqY=
Subject key identifier: 40:D7:55:EA:DE:4A:BA:B2:28:A4:47:BC:E2:7F:32:8D:00:EF:34:BA
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 644C57DB685B6955BEBC42AFB6D1B6AAA47B6D04
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135382e3232302e37352e302f32342d3234203d3e20313336373837.roa
Signing time: Tue 07 Nov 2023 20:48:26 +0000
ROA not before: Tue 07 Nov 2023 20:43:26 +0000
ROA not after: Tue 05 Nov 2024 20:48:26 +0000
asID: 136787
IP address blocks: 158.220.75.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
64:4c:57:db:68:5b:69:55:be:bc:42:af:b6:d1:b6:aa:a4:7b:6d:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Nov 7 20:43:26 2023 GMT
Not After : Nov 5 20:48:26 2024 GMT
Subject: CN=40D755EADE4ABAB228A447BCE27F328D00EF34BA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:b7:f8:64:49:e0:45:b7:de:c4:e1:8c:9f:ed:
a9:bd:e0:f4:64:76:03:93:4f:2c:c0:64:31:8f:b4:
10:82:63:ff:d8:3e:07:73:4e:1d:f1:69:c9:fa:db:
5f:27:02:d8:1e:73:23:2a:93:8d:16:d2:37:a6:03:
a7:eb:10:1c:ca:f2:de:34:b4:b4:11:dd:97:c5:e6:
b6:b0:7d:f7:fe:ed:da:28:6d:fa:a6:d8:e4:62:ab:
75:05:b3:b5:8b:bd:8a:ea:6a:3d:6b:3f:f6:01:3e:
41:b0:da:ce:74:90:05:6d:5a:9f:41:0a:57:f7:95:
2b:12:78:0b:03:45:92:c9:63:56:46:2f:6a:34:7e:
aa:93:e4:fc:9c:2c:0a:63:30:23:61:d2:6a:d1:8f:
5e:7e:71:ac:b8:dd:ea:5a:16:71:f1:51:84:4b:5d:
62:aa:8b:f1:78:ed:a3:18:f6:54:ff:d2:e5:2d:8f:
23:01:2a:36:e6:77:c2:f1:6f:13:75:be:5f:43:81:
e8:98:1c:42:15:e5:de:13:9e:ea:20:1d:2a:59:b7:
3f:20:ae:c6:d5:f9:d1:e1:13:bb:79:5f:4c:86:1a:
b8:a1:b1:e8:3d:bc:f7:bf:e3:44:f0:26:53:80:54:
0e:9d:2f:f5:80:be:a9:fc:10:46:8d:6f:47:4a:19:
d8:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:D7:55:EA:DE:4A:BA:B2:28:A4:47:BC:E2:7F:32:8D:00:EF:34:BA
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135382e3232302e37352e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
158.220.75.0/24
Signature Algorithm: sha256WithRSAEncryption
08:04:a7:22:8d:8b:89:e3:06:dc:a5:b0:27:e7:fe:45:7a:5a:
37:14:4b:0c:e0:de:95:72:5a:8e:70:ff:6c:ba:9c:56:f9:26:
9b:f9:c7:96:63:b1:76:d7:75:ff:b7:66:ec:9a:b6:8b:57:e4:
9d:f6:71:02:53:da:e8:98:59:03:c8:20:df:7c:3a:b9:97:9f:
2c:60:32:6e:3a:ca:7c:6c:3f:5b:8f:69:a1:aa:c7:fa:e5:c5:
89:b6:66:3b:8e:8e:fd:97:ba:85:62:da:ef:03:82:ad:d4:31:
20:63:e7:35:c6:ec:61:57:02:9c:11:8e:9c:e1:5e:ec:05:10:
1c:bf:11:32:a5:3b:11:29:e3:d3:a3:ab:b1:cb:aa:98:6e:82:
aa:a9:be:8e:9c:81:a5:b3:a6:ab:ba:23:35:fb:80:2f:67:ae:
29:10:11:c4:63:af:bc:31:67:f3:17:b5:fe:a1:be:17:4a:6d:
a5:54:07:44:a8:ae:5d:f6:95:65:c1:0e:72:2d:d4:1a:e7:0c:
be:86:cf:54:01:c1:2a:28:56:9c:eb:fe:42:c6:60:6f:f0:88:
21:76:d2:2a:88:a0:a6:65:c7:8c:2c:e4:7a:93:ad:ed:e4:f8:
13:07:f8:d0:6d:25:1c:dd:36:6d:a9:c7:05:6a:ba:22:c4:b4:
c6:f4:dd:9e
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUZExX22hbaVW+vEKvttG2qqR7bQQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yMzExMDcyMDQzMjZaFw0yNDExMDUyMDQ4MjZaMDMxMTAvBgNV
BAMTKDQwRDc1NUVBREU0QUJBQjIyOEE0NDdCQ0UyN0YzMjhEMDBFRjM0QkEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrt/hkSeBFt97E4Yyf7am94PRk
dgOTTyzAZDGPtBCCY//YPgdzTh3xacn6218nAtgecyMqk40W0jemA6frEBzK8t40
tLQR3ZfF5rawfff+7doobfqm2ORiq3UFs7WLvYrqaj1rP/YBPkGw2s50kAVtWp9B
Clf3lSsSeAsDRZLJY1ZGL2o0fqqT5PycLApjMCNh0mrRj15+cay43epaFnHxUYRL
XWKqi/F47aMY9lT/0uUtjyMBKjbmd8LxbxN1vl9DgeiYHEIV5d4TnuogHSpZtz8g
rsbV+dHhE7t5X0yGGrihseg9vPe/40TwJlOAVA6dL/WAvqn8EEaNb0dKGdjLAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUQNdV6t5KurIopEe84n8yjQDvNLowHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNTM4MmUzMjMyMzAyZTM3
MzUyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACe3EswDQYJKoZIhvcNAQELBQADggEBAAgEpyKNi4njBtylsCfn/kV6WjcUSwzg
3pVyWo5w/2y6nFb5Jpv5x5ZjsXbXdf+3ZuyatotX5J32cQJT2uiYWQPIIN98OrmX
nyxgMm46ynxsP1uPaaGqx/rlxYm2ZjuOjv2XuoVi2u8Dgq3UMSBj5zXG7GFXApwR
jpzhXuwFEBy/ETKlOxEp49Ojq7HLqphugqqpvo6cgaWzpqu6IzX7gC9nrikQEcRj
r7wxZ/MXtf6hvhdKbaVUB0Sorl32lWXBDnIt1BrnDL6Gz1QBwSooVpzr/kLGYG/w
iCF20iqIoKZlx4ws5HqTre3k+BMH+NBtJRzdNm2pxwVquiLEtMb03Z4=
-----END CERTIFICATE-----
Generated at Wed May 8 11:32:58 2024 by rpki-client on console-ams.rpki-client.org