Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135382e3232302e37362e302f32342d3234203d3e20313336373837.roa
File: 3135382e3232302e37362e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: oJ4c73CycUNkpcbvZVUMLRg/knTD7g51cpvSlEPzt2Y=
Subject key identifier: 87:DE:D3:6E:51:0E:BD:03:12:49:2F:D5:E8:C3:68:13:7B:23:C7:E9
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 79F724F52A0BF30900EB40E7D1658E0B06BC4ABA
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135382e3232302e37362e302f32342d3234203d3e20313336373837.roa
Signing time: Wed 02 Oct 2024 06:59:46 +0000
ROA not before: Wed 02 Oct 2024 06:54:46 +0000
ROA not after: Wed 01 Oct 2025 06:59:46 +0000
asID: 136787
IP address blocks: 158.220.76.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 13:21:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:f7:24:f5:2a:0b:f3:09:00:eb:40:e7:d1:65:8e:0b:06:bc:4a:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Oct 2 06:54:46 2024 GMT
Not After : Oct 1 06:59:46 2025 GMT
Subject: CN=87DED36E510EBD0312492FD5E8C368137B23C7E9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:1d:24:17:da:81:d8:ac:6b:11:92:f9:ad:c6:
d9:44:cd:7a:b9:dd:d5:22:9e:99:66:f2:ba:59:0d:
98:ea:78:1d:2a:63:b9:75:96:2f:e6:87:f8:44:db:
c1:cc:98:62:e4:4e:54:60:96:73:d6:cf:e6:fc:18:
32:f4:fa:36:8a:f7:27:70:e3:f4:f3:31:52:c2:14:
ef:42:cd:68:42:af:24:08:e8:43:2b:cb:2a:5a:b4:
c0:d2:98:a6:c9:26:61:59:de:7a:d7:8a:33:22:ea:
23:d5:45:36:78:b6:29:42:02:28:be:1e:c0:64:c5:
0e:7b:9a:5b:8a:67:ef:b4:56:64:ab:fc:15:5e:f8:
fc:eb:27:8a:6b:01:97:d9:2e:6c:21:b4:bb:d8:e9:
98:d4:c8:40:9e:5f:49:43:50:bd:5b:b5:e2:19:57:
af:21:74:91:df:98:41:03:45:1e:ed:e2:e2:7f:c0:
2a:2a:a7:4b:bf:18:0e:4c:23:0a:ff:50:bd:c6:b3:
d7:11:78:65:78:37:8b:25:67:7a:6a:54:e3:31:a0:
ec:2b:2a:c1:ff:94:33:0f:c5:ec:b3:2d:20:fa:ec:
4d:b9:09:52:4e:2b:8a:f5:75:f2:03:7c:f0:e0:50:
99:d7:4f:c1:e5:0f:62:1f:a6:04:4c:57:6d:36:ea:
a5:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:DE:D3:6E:51:0E:BD:03:12:49:2F:D5:E8:C3:68:13:7B:23:C7:E9
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135382e3232302e37362e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
158.220.76.0/24
Signature Algorithm: sha256WithRSAEncryption
14:76:0e:f5:b3:54:fe:48:e9:88:83:60:ac:1d:b6:79:f7:a4:
00:90:86:b5:e9:c5:f6:bf:cb:21:45:70:e6:2b:af:cf:52:e6:
da:a3:af:49:67:6b:6b:f1:31:8f:a4:ea:72:2d:df:6e:f1:48:
25:4b:67:ed:24:42:ee:1d:65:d9:7b:b7:be:f7:4f:bd:2e:0a:
95:32:fe:6a:80:9c:15:47:4b:3c:06:15:ff:06:6b:3d:5e:89:
f8:c4:3c:d8:9a:7f:ea:0d:46:3e:4f:73:de:64:85:e2:2c:22:
4f:90:c5:2e:ab:5e:34:b8:26:ac:4f:10:5d:4f:4c:1e:08:24:
94:69:ff:50:87:78:29:26:5e:97:be:e6:8d:44:51:d9:10:9a:
5a:85:0d:d9:a2:cc:d6:6b:5f:95:2f:2a:85:6f:53:1b:7e:71:
75:fc:6c:b1:fc:e0:04:03:33:24:01:90:db:f0:6e:61:c7:07:
f0:97:87:ee:a4:6b:52:97:82:14:30:85:9b:6e:b8:5e:e3:24:
d9:b6:9c:4d:37:b6:81:2a:81:af:27:1b:97:80:e8:43:28:86:
e0:b5:d0:fc:f3:cb:e3:ef:aa:83:46:7a:24:a6:2e:5c:00:1b:
84:df:8f:6e:52:28:74:c0:47:9c:e6:a5:80:71:ad:18:20:d9:
d3:58:15:97
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUefck9SoL8wkA60Dn0WWOCwa8SrowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDEwMDIwNjU0NDZaFw0yNTEwMDEwNjU5NDZaMDMxMTAvBgNV
BAMTKDg3REVEMzZFNTEwRUJEMDMxMjQ5MkZENUU4QzM2ODEzN0IyM0M3RTkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGHSQX2oHYrGsRkvmtxtlEzXq5
3dUinplm8rpZDZjqeB0qY7l1li/mh/hE28HMmGLkTlRglnPWz+b8GDL0+jaK9ydw
4/TzMVLCFO9CzWhCryQI6EMryypatMDSmKbJJmFZ3nrXijMi6iPVRTZ4tilCAii+
HsBkxQ57mluKZ++0VmSr/BVe+PzrJ4prAZfZLmwhtLvY6ZjUyECeX0lDUL1bteIZ
V68hdJHfmEEDRR7t4uJ/wCoqp0u/GA5MIwr/UL3Gs9cReGV4N4slZ3pqVOMxoOwr
KsH/lDMPxeyzLSD67E25CVJOK4r1dfIDfPDgUJnXT8HlD2IfpgRMV2026qXZAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUh97TblEOvQMSSS/V6MNoE3sjx+kwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNTM4MmUzMjMyMzAyZTM3
MzYyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACe3EwwDQYJKoZIhvcNAQELBQADggEBABR2DvWzVP5I6YiDYKwdtnn3pACQhrXp
xfa/yyFFcOYrr89S5tqjr0lna2vxMY+k6nIt327xSCVLZ+0kQu4dZdl7t773T70u
CpUy/mqAnBVHSzwGFf8Gaz1eifjEPNiaf+oNRj5Pc95kheIsIk+QxS6rXjS4JqxP
EF1PTB4IJJRp/1CHeCkmXpe+5o1EUdkQmlqFDdmizNZrX5UvKoVvUxt+cXX8bLH8
4AQDMyQBkNvwbmHHB/CXh+6ka1KXghQwhZtuuF7jJNm2nE03toEqga8nG5eA6EMo
huC10Pzzy+PvqoNGeiSmLlwAG4Tfj25SKHTAR5zmpYBxrRgg2dNYFZc=
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:29:00 2025 by rpki-client