Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3137362e3132362e36372e302f32342d3234203d3e20313336373837.roa
File: 3137362e3132362e36372e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: Q7LfMhl2C7Lpvi4jeea5G639FHV1z4wNFFrriTz3tiI=
Subject key identifier: FF:74:1C:E9:E9:AA:30:7F:D8:6E:4B:37:00:D2:03:AB:64:3B:45:1D
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 13A41997FF863E5618CFDBC3D74D37AE08949E7D
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3137362e3132362e36372e302f32342d3234203d3e20313336373837.roa
Signing time: Sun 26 Nov 2023 19:48:41 +0000
ROA not before: Sun 26 Nov 2023 19:43:41 +0000
ROA not after: Sun 24 Nov 2024 19:48:41 +0000
asID: 136787
IP address blocks: 176.126.67.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 May 2024 16:07:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
13:a4:19:97:ff:86:3e:56:18:cf:db:c3:d7:4d:37:ae:08:94:9e:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Nov 26 19:43:41 2023 GMT
Not After : Nov 24 19:48:41 2024 GMT
Subject: CN=FF741CE9E9AA307FD86E4B3700D203AB643B451D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:05:57:49:a5:1b:db:df:c7:7d:b5:12:da:b9:
88:b5:51:eb:6b:ed:9c:8a:ba:78:08:61:a1:f4:56:
e8:d0:c1:ca:8d:55:8b:28:56:6a:1d:14:11:80:68:
61:69:48:37:e3:4f:3a:0d:dd:b8:8a:6c:76:fd:93:
d6:49:0c:34:ee:6e:aa:92:87:48:a9:13:1d:21:24:
53:ec:be:dc:93:cd:81:08:ef:76:f5:ba:3b:f5:df:
7c:6f:06:f1:e6:67:27:ab:51:e6:71:f5:ad:85:47:
75:74:05:8e:56:20:7b:6b:6d:30:ce:f9:5e:e9:68:
5b:d9:35:10:b8:02:92:8c:23:24:44:37:42:94:cc:
f0:61:36:48:78:ed:04:1d:53:02:8b:ba:45:00:63:
94:fa:ce:65:ae:29:16:da:32:2d:be:ef:b5:5b:14:
8e:6e:9b:d1:12:68:9a:90:b0:19:9c:86:09:aa:41:
81:12:03:77:30:04:73:02:f8:e8:1c:64:bb:4f:3b:
db:92:25:d0:51:ad:2e:a2:d9:de:96:b4:24:d8:fa:
1a:48:62:01:85:57:17:f9:28:9f:74:57:46:36:6f:
4a:ca:6e:9b:a1:5a:9e:3b:19:36:d9:78:39:e0:f0:
f8:a8:47:7b:72:4b:5c:37:b4:bc:05:a3:24:54:db:
8d:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:74:1C:E9:E9:AA:30:7F:D8:6E:4B:37:00:D2:03:AB:64:3B:45:1D
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3137362e3132362e36372e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.126.67.0/24
Signature Algorithm: sha256WithRSAEncryption
51:22:0e:08:bf:f0:a9:6e:69:b9:6c:64:d6:eb:cf:45:de:9a:
78:6f:d4:9b:5e:70:ae:a5:22:eb:17:9f:46:dd:db:0b:7a:fb:
e7:13:82:59:34:43:28:95:e4:99:35:1b:4e:a6:c9:2e:ce:c2:
c4:7e:13:18:37:eb:f5:54:86:74:9c:93:d1:4f:dd:b9:34:c2:
7a:87:c9:ed:f3:2f:21:aa:0e:b8:1f:86:e8:36:83:6e:6e:ad:
cc:50:3f:bc:06:82:cf:a1:74:77:8e:ad:c3:ec:33:e1:6d:f8:
0d:a6:78:31:9f:cd:f6:b7:61:6f:23:8a:b4:9d:5a:e3:f3:e0:
72:1e:97:15:49:10:fc:c9:4f:b1:56:e1:ee:f9:8b:34:e2:07:
05:bf:e0:2a:8e:7c:ff:67:56:f2:b8:2a:7f:24:9f:68:e2:ab:
32:05:ff:cc:3b:5f:05:7d:e3:f7:a3:2d:17:a9:d6:6d:76:19:
a9:73:78:d4:d8:a1:9e:39:1c:b7:43:b7:c3:25:5a:d4:00:d8:
4f:16:37:31:fb:0d:50:ca:93:48:ea:2f:43:d4:dd:61:50:76:
10:03:07:f6:3b:17:a4:85:92:cb:b5:55:c2:31:15:41:46:d2:
01:24:03:01:be:33:ca:80:ff:98:06:5e:04:56:f7:5a:8c:a6:
b7:e8:9c:28
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUE6QZl/+GPlYYz9vD1003rgiUnn0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yMzExMjYxOTQzNDFaFw0yNDExMjQxOTQ4NDFaMDMxMTAvBgNV
BAMTKEZGNzQxQ0U5RTlBQTMwN0ZEODZFNEIzNzAwRDIwM0FCNjQzQjQ1MUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDbBVdJpRvb38d9tRLauYi1Uetr
7ZyKungIYaH0VujQwcqNVYsoVmodFBGAaGFpSDfjTzoN3biKbHb9k9ZJDDTubqqS
h0ipEx0hJFPsvtyTzYEI73b1ujv133xvBvHmZyerUeZx9a2FR3V0BY5WIHtrbTDO
+V7paFvZNRC4ApKMIyREN0KUzPBhNkh47QQdUwKLukUAY5T6zmWuKRbaMi2+77Vb
FI5um9ESaJqQsBmchgmqQYESA3cwBHMC+OgcZLtPO9uSJdBRrS6i2d6WtCTY+hpI
YgGFVxf5KJ90V0Y2b0rKbpuhWp47GTbZeDng8PioR3tyS1w3tLwFoyRU242rAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU/3Qc6emqMH/Ybks3ANIDq2Q7RR0wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNzM2MmUzMTMyMzYyZTM2
MzcyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACwfkMwDQYJKoZIhvcNAQELBQADggEBAFEiDgi/8KluablsZNbrz0Xemnhv1Jte
cK6lIusXn0bd2wt6++cTglk0QyiV5Jk1G06myS7OwsR+Exg36/VUhnSck9FP3bk0
wnqHye3zLyGqDrgfhug2g25urcxQP7wGgs+hdHeOrcPsM+Ft+A2meDGfzfa3YW8j
irSdWuPz4HIelxVJEPzJT7FW4e75izTiBwW/4CqOfP9nVvK4Kn8kn2jiqzIF/8w7
XwV94/ejLRep1m12GalzeNTYoZ45HLdDt8MlWtQA2E8WNzH7DVDKk0jqL0PU3WFQ
dhADB/Y7F6SFksu1VcIxFUFG0gEkAwG+M8qA/5gGXgRW91qMprfonCg=
-----END CERTIFICATE-----
Generated at Wed May 8 19:21:53 2024 by rpki-client on console-ams.rpki-client.org