Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3137362e3132362e36372e302f32342d3234203d3e20313336373837.roa
File: 3137362e3132362e36372e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: SpMZfs3fTiufX8FzM9/eBz0VJsv/NhkTkDCKh+0Opqk=
Subject key identifier: DF:96:DC:8D:38:E4:3B:2D:85:93:CC:B6:2A:AC:DD:EA:CF:7D:30:1D
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 1FF780B1CCB26D7A7F1BAA17482E707D9AB73DA1
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3137362e3132362e36372e302f32342d3234203d3e20313336373837.roa
Signing time: Sun 27 Oct 2024 20:05:19 +0000
ROA not before: Sun 27 Oct 2024 20:00:19 +0000
ROA not after: Sun 26 Oct 2025 20:05:19 +0000
asID: 136787
IP address blocks: 176.126.67.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1f:f7:80:b1:cc:b2:6d:7a:7f:1b:aa:17:48:2e:70:7d:9a:b7:3d:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Oct 27 20:00:19 2024 GMT
Not After : Oct 26 20:05:19 2025 GMT
Subject: CN=DF96DC8D38E43B2D8593CCB62AACDDEACF7D301D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:9c:48:bb:76:37:8f:a6:7f:2b:e8:18:4a:11:
0c:25:76:59:86:50:eb:74:f6:fb:dc:41:6a:37:a3:
6a:36:e6:61:9e:22:35:30:25:40:e1:a1:b5:07:b7:
c5:57:b5:d6:cd:68:a9:07:01:4b:40:45:d8:80:23:
27:74:6a:5b:0a:be:fa:f4:55:98:c3:54:25:d7:cb:
38:32:0a:1c:59:45:08:a8:7b:60:94:ac:d0:92:c7:
4b:97:bd:a5:20:ff:81:32:74:cc:68:25:61:c8:bb:
18:c5:ce:92:22:f3:6c:1e:ab:71:ac:1e:d1:9f:5e:
a4:1c:76:d3:98:82:2b:72:7c:35:88:f0:ef:cc:e5:
52:05:14:f2:f9:54:95:d9:52:7d:65:d7:68:42:be:
92:4e:e5:94:b7:99:20:fd:1c:3d:5a:a0:5a:b4:59:
50:88:98:9b:1e:86:71:bd:98:19:c8:af:40:2a:66:
34:50:47:3c:9d:3b:19:ce:1c:2e:3c:82:4a:c5:dd:
e9:ae:8d:ff:90:9e:81:0a:28:11:5d:35:ab:16:7d:
a5:81:5b:25:b9:e3:b9:d2:ac:b8:9d:f9:88:23:6f:
29:02:dd:e0:06:27:ce:ed:6f:a8:79:33:ee:cf:3c:
a7:0e:48:ce:32:04:85:2d:ea:de:14:65:e6:21:1c:
0d:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:96:DC:8D:38:E4:3B:2D:85:93:CC:B6:2A:AC:DD:EA:CF:7D:30:1D
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3137362e3132362e36372e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.126.67.0/24
Signature Algorithm: sha256WithRSAEncryption
74:e7:43:f6:f0:0b:ea:b7:97:45:d9:fa:5e:fa:dc:ad:99:de:
09:52:da:4b:38:a7:49:c1:e2:88:ff:22:b5:bb:73:bb:49:da:
d7:f4:30:de:64:2e:c6:42:99:94:d3:85:8b:25:5f:5e:0d:45:
b8:fb:60:00:c3:16:cc:39:97:ed:be:ad:ae:8b:d0:32:ac:8b:
5d:78:d6:34:04:00:40:da:85:49:eb:1b:7f:c8:7d:fa:8d:b1:
fd:52:b6:4a:f1:6c:6f:5e:60:7c:28:cf:fe:a2:f3:b7:1d:f5:
79:51:16:5a:b3:91:c7:90:7e:8e:b1:83:8a:5a:0f:de:7f:f4:
b3:19:92:3e:e1:5c:37:26:0b:46:3c:37:48:35:81:ab:3e:06:
6d:f1:61:4f:b3:e9:06:20:bf:c1:d5:ce:35:a2:8f:5a:e9:c6:
89:87:70:ef:ae:c0:8b:d4:a3:55:fb:eb:f4:fc:76:af:96:6b:
e1:b8:23:04:0f:47:d7:83:6a:11:d1:28:ca:c1:2e:7b:8c:0b:
65:a8:0c:df:3b:d5:05:e8:1c:49:0e:71:3c:24:c0:81:07:de:
d5:28:39:78:d6:b6:8b:cf:21:24:06:86:8d:82:a3:6c:58:e0:
49:da:68:87:d6:23:03:1c:57:86:f6:cf:e1:f2:ba:5d:53:6b:
00:d5:48:90
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUH/eAscyybXp/G6oXSC5wfZq3PaEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDEwMjcyMDAwMTlaFw0yNTEwMjYyMDA1MTlaMDMxMTAvBgNV
BAMTKERGOTZEQzhEMzhFNDNCMkQ4NTkzQ0NCNjJBQUNEREVBQ0Y3RDMwMUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0nEi7djePpn8r6BhKEQwldlmG
UOt09vvcQWo3o2o25mGeIjUwJUDhobUHt8VXtdbNaKkHAUtARdiAIyd0alsKvvr0
VZjDVCXXyzgyChxZRQioe2CUrNCSx0uXvaUg/4EydMxoJWHIuxjFzpIi82weq3Gs
HtGfXqQcdtOYgityfDWI8O/M5VIFFPL5VJXZUn1l12hCvpJO5ZS3mSD9HD1aoFq0
WVCImJsehnG9mBnIr0AqZjRQRzydOxnOHC48gkrF3emujf+QnoEKKBFdNasWfaWB
WyW547nSrLid+YgjbykC3eAGJ87tb6h5M+7PPKcOSM4yBIUt6t4UZeYhHA1fAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQU35bcjTjkOy2Fk8y2Kqzd6s99MB0wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNzM2MmUzMTMyMzYyZTM2
MzcyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACwfkMwDQYJKoZIhvcNAQELBQADggEBAHTnQ/bwC+q3l0XZ+l763K2Z3glS2ks4
p0nB4oj/IrW7c7tJ2tf0MN5kLsZCmZTThYslX14NRbj7YADDFsw5l+2+ra6L0DKs
i1141jQEAEDahUnrG3/IffqNsf1StkrxbG9eYHwoz/6i87cd9XlRFlqzkceQfo6x
g4paD95/9LMZkj7hXDcmC0Y8N0g1gas+Bm3xYU+z6QYgv8HVzjWij1rpxomHcO+u
wIvUo1X76/T8dq+Wa+G4IwQPR9eDahHRKMrBLnuMC2WoDN871QXoHEkOcTwkwIEH
3tUoOXjWtovPISQGho2Co2xY4EnaaIfWIwMcV4b2z+Hyul1TawDVSJA=
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:15:45 2024 by rpki-client on console-ams.rpki-client.org