Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135382e3232302e39362e302f32302d3332203d3e203531313637.roa
File: 3135382e3232302e39362e302f32302d3332203d3e203531313637.roa (raw, json)
Hash identifier: z6s4i5ZQIvx1Ry0dKhDkQYfVCPduo9Iv0urmvMLFV9A=
Subject key identifier: 7C:CB:3B:D2:49:E6:96:19:D0:3E:55:8D:27:3B:C8:9F:66:48:38:D5
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 2B311A9FD901C47C6ACFBED578492D1F1EE82E0C
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135382e3232302e39362e302f32302d3332203d3e203531313637.roa
Signing time: Mon 27 Jan 2025 09:45:18 +0000
ROA not before: Mon 27 Jan 2025 09:40:18 +0000
ROA not after: Mon 26 Jan 2026 09:45:18 +0000
asID: 51167
IP address blocks: 158.220.96.0/20 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 03 Apr 2025 15:34:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2b:31:1a:9f:d9:01:c4:7c:6a:cf:be:d5:78:49:2d:1f:1e:e8:2e:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jan 27 09:40:18 2025 GMT
Not After : Jan 26 09:45:18 2026 GMT
Subject: CN=7CCB3BD249E69619D03E558D273BC89F664838D5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:39:d4:b5:fb:a8:66:4a:88:15:54:f0:79:8d:
83:5d:16:37:76:43:b1:3f:11:e7:8a:f7:c1:51:8e:
d0:06:0a:aa:67:08:77:84:ef:46:08:4a:38:00:33:
1e:ae:bb:f5:b3:4b:64:a4:73:d1:f6:e8:0e:e4:5a:
04:a4:36:03:5d:ca:96:6b:93:76:0a:da:07:e2:b5:
b2:5a:2c:46:26:53:9a:08:0e:d7:5a:4c:c7:66:3a:
2a:6a:74:7a:37:af:05:84:fc:15:13:74:4d:fe:d3:
5f:f5:2d:49:e4:2f:8d:d6:cb:fb:f9:a0:2e:a0:cc:
fa:6e:42:3a:db:7d:e9:ee:93:e3:86:53:76:e2:87:
00:d8:d3:68:02:97:21:80:7d:1d:29:25:b2:c8:33:
09:08:0f:4b:b9:98:3b:66:0e:27:cd:ee:65:f4:57:
a3:7e:df:27:5e:3f:29:fe:70:e3:53:a5:3f:e4:fc:
2e:15:32:de:01:69:37:17:02:39:cc:91:58:e5:71:
1a:6a:77:d8:b2:65:04:3c:e8:36:5a:62:37:aa:b9:
cd:ea:a2:0f:31:a2:b7:8c:56:0b:20:fd:a7:b9:ce:
0a:5f:e9:a6:65:80:47:b3:c2:5e:f4:25:0e:d9:0e:
bc:0c:bc:0e:cb:25:18:e9:6e:6c:c5:77:27:15:c9:
8d:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:CB:3B:D2:49:E6:96:19:D0:3E:55:8D:27:3B:C8:9F:66:48:38:D5
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135382e3232302e39362e302f32302d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
158.220.96.0/20
Signature Algorithm: sha256WithRSAEncryption
60:5e:72:bf:c1:71:ba:b8:39:66:a9:29:8b:2e:6f:bc:e7:66:
ae:2a:53:31:3d:19:a5:6d:d0:52:ef:c5:d5:a0:b0:ad:db:41:
45:38:b8:7f:74:52:57:72:cb:e1:1f:a3:a4:02:b7:11:ca:8b:
08:67:e2:2a:42:76:e1:cd:f0:7e:35:1d:63:bb:7c:76:54:5d:
ba:b4:0e:e2:9d:dd:83:a8:28:32:27:ee:fa:49:0d:c7:08:c9:
7b:90:da:0a:fa:20:95:77:bc:b8:54:8f:7d:86:ec:67:d1:95:
b9:78:dd:fa:97:79:33:4b:00:0c:37:f4:96:14:d0:11:9a:ae:
d0:ea:a6:85:69:79:93:89:99:06:85:d0:f7:64:4d:5e:29:c5:
41:21:b4:85:96:1c:d9:e5:77:49:21:c8:3f:e5:3a:5b:f3:3b:
52:e0:e7:9e:d0:c3:0b:56:2c:a4:fe:42:19:f5:2b:a0:87:72:
fe:99:19:2e:45:b4:bd:1f:7c:8d:21:4e:3b:e8:91:9c:1a:73:
0f:36:1a:05:10:22:a9:63:62:be:c2:87:b9:d5:68:4a:b2:41:
a0:e3:53:57:5c:11:e8:ac:41:36:05:6d:76:ee:cf:3f:e1:92:
21:fc:47:99:92:fc:b4:90:48:ae:f8:33:a3:65:e4:23:9d:83:
f9:74:39:c7
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUKzEan9kBxHxqz77VeEktHx7oLgwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTAxMjcwOTQwMThaFw0yNjAxMjYwOTQ1MThaMDMxMTAvBgNV
BAMTKDdDQ0IzQkQyNDlFNjk2MTlEMDNFNTU4RDI3M0JDODlGNjY0ODM4RDUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCROdS1+6hmSogVVPB5jYNdFjd2
Q7E/EeeK98FRjtAGCqpnCHeE70YISjgAMx6uu/WzS2Skc9H26A7kWgSkNgNdypZr
k3YK2gfitbJaLEYmU5oIDtdaTMdmOipqdHo3rwWE/BUTdE3+01/1LUnkL43Wy/v5
oC6gzPpuQjrbfenuk+OGU3bihwDY02gClyGAfR0pJbLIMwkID0u5mDtmDifN7mX0
V6N+3ydePyn+cONTpT/k/C4VMt4BaTcXAjnMkVjlcRpqd9iyZQQ86DZaYjequc3q
og8xoreMVgsg/ae5zgpf6aZlgEezwl70JQ7ZDrwMvA7LJRjpbmzFdycVyY33AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUfMs70knmlhnQPlWNJzvIn2ZIONUwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNTM4MmUzMjMyMzAyZTM5
MzYyZTMwMmYzMjMwMmQzMzMyMjAzZDNlMjAzNTMxMzEzNjM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQE
ntxgMA0GCSqGSIb3DQEBCwUAA4IBAQBgXnK/wXG6uDlmqSmLLm+852auKlMxPRml
bdBS78XVoLCt20FFOLh/dFJXcsvhH6OkArcRyosIZ+IqQnbhzfB+NR1ju3x2VF26
tA7ind2DqCgyJ+76SQ3HCMl7kNoK+iCVd7y4VI99huxn0ZW5eN36l3kzSwAMN/SW
FNARmq7Q6qaFaXmTiZkGhdD3ZE1eKcVBIbSFlhzZ5XdJIcg/5Tpb8ztS4Oee0MML
Viyk/kIZ9Sugh3L+mRkuRbS9H3yNIU476JGcGnMPNhoFECKpY2K+woe51WhKskGg
41NXXBHorEE2BW127s8/4ZIh/EeZkvy0kEiu+DOjZeQjnYP5dDnH
-----END CERTIFICATE-----
Generated at Thu Apr 3 05:11:32 2025 by rpki-client