Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3137362e3132362e38342e302f32342d3234203d3e203633343733.roa
File: 3137362e3132362e38342e302f32342d3234203d3e203633343733.roa (raw, json)
Hash identifier: SuaiI+DKLWVD6Le2UxUKa5ifaYgGAdMoyy74A2DwbXU=
Subject key identifier: 43:80:49:9F:BF:00:E6:F0:82:51:4F:D1:89:47:EC:94:08:4F:3A:A6
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 58DC2BD67C87FE31D7AF04FDA25E74B854C39BF0
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3137362e3132362e38342e302f32342d3234203d3e203633343733.roa
Signing time: Sun 21 Jul 2024 08:04:18 +0000
ROA not before: Sun 21 Jul 2024 07:59:18 +0000
ROA not after: Sun 20 Jul 2025 08:04:18 +0000
asID: 63473
IP address blocks: 176.126.84.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
58:dc:2b:d6:7c:87:fe:31:d7:af:04:fd:a2:5e:74:b8:54:c3:9b:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jul 21 07:59:18 2024 GMT
Not After : Jul 20 08:04:18 2025 GMT
Subject: CN=4380499FBF00E6F082514FD18947EC94084F3AA6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:f6:d1:ef:56:6a:0e:67:51:48:b1:b6:ae:18:
f4:7a:3e:76:a8:f6:99:e9:3b:7f:2f:2e:a1:a6:76:
fa:bc:7e:71:be:e5:cb:3e:0d:bc:7e:19:27:65:ed:
17:51:ec:ac:e3:59:2e:22:6d:fe:7f:3f:76:ab:10:
12:f5:e7:0b:1b:8d:17:5c:7f:8d:a6:c2:82:4a:32:
58:5d:bd:63:64:c6:c5:6a:4e:3d:14:b7:74:f8:37:
8b:94:3b:58:c2:11:8c:8b:6a:58:54:f5:f6:a2:a0:
11:0b:ec:11:65:e7:51:b1:49:12:ba:aa:6d:f6:8e:
a5:ec:d7:43:b0:cf:66:c6:3a:f2:3b:fd:4e:1a:14:
ab:8c:75:5a:31:e8:96:47:b8:61:cb:08:8e:b8:c1:
34:6e:e3:dd:fb:e4:39:c6:03:29:a5:d4:8c:cc:67:
a1:ed:8e:44:d1:8c:ee:27:1f:0d:bf:92:27:01:b0:
64:ad:54:84:4e:c1:d5:e2:65:04:fc:a1:52:49:17:
78:bd:04:cb:22:49:37:30:95:c0:c2:fa:d9:8c:8c:
d4:88:82:01:70:bc:d1:5d:ec:7a:1a:bb:a8:74:d9:
a3:b2:c4:b8:88:af:75:1f:02:a5:05:8d:b4:aa:80:
3b:02:dc:29:bc:b3:f3:73:9d:49:ab:93:04:85:08:
0c:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:80:49:9F:BF:00:E6:F0:82:51:4F:D1:89:47:EC:94:08:4F:3A:A6
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3137362e3132362e38342e302f32342d3234203d3e203633343733.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.126.84.0/24
Signature Algorithm: sha256WithRSAEncryption
33:81:0b:42:68:03:10:0d:c6:1f:6d:e4:db:34:1f:00:94:95:
81:c5:a8:a7:5d:48:9a:f5:e3:0c:0f:70:0b:5b:96:1a:0b:e8:
9b:91:27:84:d8:fc:b8:63:dd:16:f2:48:3c:18:ae:34:c6:18:
61:66:0b:25:ae:26:c4:ad:57:8e:69:bc:bd:e9:86:9b:45:e2:
d4:51:66:50:57:a8:e7:b7:64:6b:50:6f:3f:b9:7c:79:87:9d:
24:4f:55:12:1f:a4:f5:45:45:db:7c:9e:04:e0:6b:38:ff:f4:
02:e1:20:46:30:a7:82:5a:2f:6d:71:61:b3:8c:5f:f6:90:c8:
2f:cf:0e:3c:78:29:bf:8c:80:98:a8:c5:d8:70:7c:6d:92:7e:
43:88:21:24:3c:10:cb:6e:95:22:4b:5f:84:03:07:ff:54:a1:
d7:bd:84:70:53:85:45:6d:e8:55:28:35:fd:6d:54:b3:dd:d6:
d8:d6:93:d5:86:ce:7d:1d:24:ab:14:00:16:80:e1:2f:d7:60:
b1:f4:6a:46:3d:06:a7:9f:92:06:a8:0d:0a:3a:ad:31:aa:f1:
30:97:fe:e0:fd:9a:e0:6e:75:9b:96:b6:3e:f7:da:f9:8f:01:
6a:ac:d9:d7:9d:39:f1:6d:33:ca:21:ee:84:5d:fc:3c:46:8e:
64:d4:69:ed
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUWNwr1nyH/jHXrwT9ol50uFTDm/AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDA3MjEwNzU5MThaFw0yNTA3MjAwODA0MThaMDMxMTAvBgNV
BAMTKDQzODA0OTlGQkYwMEU2RjA4MjUxNEZEMTg5NDdFQzk0MDg0RjNBQTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCk9tHvVmoOZ1FIsbauGPR6Pnao
9pnpO38vLqGmdvq8fnG+5cs+Dbx+GSdl7RdR7KzjWS4ibf5/P3arEBL15wsbjRdc
f42mwoJKMlhdvWNkxsVqTj0Ut3T4N4uUO1jCEYyLalhU9faioBEL7BFl51GxSRK6
qm32jqXs10Owz2bGOvI7/U4aFKuMdVox6JZHuGHLCI64wTRu49375DnGAyml1IzM
Z6HtjkTRjO4nHw2/kicBsGStVIROwdXiZQT8oVJJF3i9BMsiSTcwlcDC+tmMjNSI
ggFwvNFd7Hoau6h02aOyxLiIr3UfAqUFjbSqgDsC3Cm8s/NznUmrkwSFCAw/AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUQ4BJn78A5vCCUU/RiUfslAhPOqYwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNzM2MmUzMTMyMzYyZTM4
MzQyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNjMzMzQzNzMzLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
sH5UMA0GCSqGSIb3DQEBCwUAA4IBAQAzgQtCaAMQDcYfbeTbNB8AlJWBxainXUia
9eMMD3ALW5YaC+ibkSeE2Py4Y90W8kg8GK40xhhhZgslribErVeOaby96YabReLU
UWZQV6jnt2RrUG8/uXx5h50kT1USH6T1RUXbfJ4E4Gs4//QC4SBGMKeCWi9tcWGz
jF/2kMgvzw48eCm/jICYqMXYcHxtkn5DiCEkPBDLbpUiS1+EAwf/VKHXvYRwU4VF
behVKDX9bVSz3dbY1pPVhs59HSSrFAAWgOEv12Cx9GpGPQann5IGqA0KOq0xqvEw
l/7g/ZrgbnWblrY+99r5jwFqrNnXnTnxbTPKIe6EXfw8Ro5k1Gnt
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:07:03 2024 by rpki-client on console-fra.rpki-client.org