Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135382e3232302e39362e302f32302d3332203d3e203531313637.roa
File: 3135382e3232302e39362e302f32302d3332203d3e203531313637.roa (raw, json)
Hash identifier: NPzLnaxJ+fivWcpwatIBI5rFpx1RPfq3GwspCOT/b50=
Subject key identifier: A9:3C:E6:70:AE:08:B9:7B:3B:1B:66:93:AA:10:1D:88:17:7E:5B:26
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 2CE52821866FB4B5CFA3CBBB94BC47F66515725A
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135382e3232302e39362e302f32302d3332203d3e203531313637.roa
Signing time: Mon 26 Feb 2024 08:53:09 +0000
ROA not before: Mon 26 Feb 2024 08:48:09 +0000
ROA not after: Mon 24 Feb 2025 08:53:09 +0000
asID: 51167
IP address blocks: 158.220.96.0/20 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2c:e5:28:21:86:6f:b4:b5:cf:a3:cb:bb:94:bc:47:f6:65:15:72:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Feb 26 08:48:09 2024 GMT
Not After : Feb 24 08:53:09 2025 GMT
Subject: CN=A93CE670AE08B97B3B1B6693AA101D88177E5B26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:43:3d:4b:37:28:44:b5:25:df:9f:bd:c3:c7:
bd:76:2b:80:5d:85:a5:c9:c0:ac:c2:57:59:6c:f9:
9d:9a:b0:6e:41:82:f2:c0:60:b7:c5:e6:6b:f3:cf:
f3:b9:8d:b4:80:49:68:ae:aa:3a:2a:b0:34:e2:3e:
42:17:af:1f:3d:e1:5f:1c:0e:1b:f3:0a:23:8d:94:
dd:66:2a:aa:73:8c:61:37:c8:a3:26:bf:9c:66:c4:
d7:b7:23:69:28:12:68:b8:22:4a:df:7f:bc:28:73:
ee:ca:7c:e5:14:97:c2:eb:18:f7:a2:82:ca:c5:61:
0e:1b:9f:54:98:d2:90:68:ab:b5:5c:84:24:87:80:
dc:7f:ec:14:c6:c1:fc:30:d4:e3:75:5a:0a:80:f4:
86:e4:7b:d6:0e:62:09:8d:a4:0e:06:79:6d:e0:bf:
24:3b:7b:2f:d5:03:d7:2e:3e:25:3f:c8:1a:65:72:
8e:39:79:cf:12:5d:f5:52:ba:19:42:76:5e:24:4f:
3a:0c:60:5a:57:55:42:85:b5:91:f0:0b:14:fa:b4:
8c:c2:22:92:a5:5d:d8:84:2d:f7:7d:72:22:9c:f9:
84:8a:47:a9:02:b7:43:63:fa:4a:f2:6f:2d:2b:e0:
15:24:00:ac:28:27:9e:6f:1f:76:18:a8:ac:af:69:
f5:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:3C:E6:70:AE:08:B9:7B:3B:1B:66:93:AA:10:1D:88:17:7E:5B:26
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135382e3232302e39362e302f32302d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
158.220.96.0/20
Signature Algorithm: sha256WithRSAEncryption
99:bf:ce:1f:af:d0:80:e1:5e:8a:5d:1c:04:b7:00:de:61:75:
2c:54:7d:00:39:82:da:42:8f:4b:f6:88:a2:2d:26:14:b3:29:
1f:30:e3:4f:01:0e:8a:37:58:f3:a6:b9:cb:ac:cd:45:13:e3:
95:0a:94:ae:6e:6c:32:3b:56:b8:b0:b4:7e:70:62:51:24:ba:
b3:4e:76:fb:9e:b0:5d:ca:3d:53:40:fe:76:50:dc:54:94:c1:
db:67:52:32:02:f1:b0:f2:3b:95:9a:55:be:ab:3a:f3:70:64:
d4:fa:33:fa:77:82:9c:84:4a:a0:7f:d9:a9:42:b8:80:b7:e2:
12:cc:6f:05:d8:fe:ab:77:db:15:08:5c:8b:b4:a3:68:1a:99:
97:4d:b4:1a:99:84:21:64:19:fa:ee:34:f9:fe:66:ed:55:43:
fd:90:2c:69:ba:ce:60:36:5d:a5:09:5a:8d:e2:f5:3c:8a:a2:
99:78:ee:96:cc:9d:09:c2:4e:98:5c:9f:21:d3:97:55:ec:cb:
bd:0b:52:da:ca:2e:30:9e:11:8b:c5:54:96:e9:c7:54:1a:4f:
fa:aa:02:0d:b1:dc:d8:b6:2f:34:81:6f:5a:f5:ea:b0:44:c7:
79:de:5d:7c:d8:d0:e9:f9:ac:cb:91:01:26:22:a8:70:64:eb:
f9:ff:8f:90
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIULOUoIYZvtLXPo8u7lLxH9mUVclowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDAyMjYwODQ4MDlaFw0yNTAyMjQwODUzMDlaMDMxMTAvBgNV
BAMTKEE5M0NFNjcwQUUwOEI5N0IzQjFCNjY5M0FBMTAxRDg4MTc3RTVCMjYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDAQz1LNyhEtSXfn73Dx712K4Bd
haXJwKzCV1ls+Z2asG5BgvLAYLfF5mvzz/O5jbSASWiuqjoqsDTiPkIXrx894V8c
DhvzCiONlN1mKqpzjGE3yKMmv5xmxNe3I2koEmi4Ikrff7woc+7KfOUUl8LrGPei
gsrFYQ4bn1SY0pBoq7VchCSHgNx/7BTGwfww1ON1WgqA9Ibke9YOYgmNpA4GeW3g
vyQ7ey/VA9cuPiU/yBplco45ec8SXfVSuhlCdl4kTzoMYFpXVUKFtZHwCxT6tIzC
IpKlXdiELfd9ciKc+YSKR6kCt0Nj+kryby0r4BUkAKwoJ55vH3YYqKyvafUDAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUqTzmcK4IuXs7G2aTqhAdiBd+WyYwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNTM4MmUzMjMyMzAyZTM5
MzYyZTMwMmYzMjMwMmQzMzMyMjAzZDNlMjAzNTMxMzEzNjM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQE
ntxgMA0GCSqGSIb3DQEBCwUAA4IBAQCZv84fr9CA4V6KXRwEtwDeYXUsVH0AOYLa
Qo9L9oiiLSYUsykfMONPAQ6KN1jzprnLrM1FE+OVCpSubmwyO1a4sLR+cGJRJLqz
Tnb7nrBdyj1TQP52UNxUlMHbZ1IyAvGw8juVmlW+qzrzcGTU+jP6d4KchEqgf9mp
QriAt+ISzG8F2P6rd9sVCFyLtKNoGpmXTbQamYQhZBn67jT5/mbtVUP9kCxpus5g
Nl2lCVqN4vU8iqKZeO6WzJ0Jwk6YXJ8h05dV7Mu9C1Layi4wnhGLxVSW6cdUGk/6
qgINsdzYti80gW9a9eqwRMd53l182NDp+azLkQEmIqhwZOv5/4+Q
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:15:45 2024 by rpki-client on console-ams.rpki-client.org