Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3137362e3132362e38352e302f32342d3234203d3e203633343733.roa
File: 3137362e3132362e38352e302f32342d3234203d3e203633343733.roa (raw, json)
Hash identifier: URiG1kD8qImEtGPyyaDmgqi3pFjikiHPax7L2BbSeDw=
Subject key identifier: E7:A9:70:31:A7:26:A2:64:94:46:52:F1:C9:95:83:A9:94:28:D7:62
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 1D43A22FB2B14ADE9040FC491B6A081A32AAB673
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3137362e3132362e38352e302f32342d3234203d3e203633343733.roa
Signing time: Tue 05 Mar 2024 08:57:07 +0000
ROA not before: Tue 05 Mar 2024 08:52:07 +0000
ROA not after: Tue 04 Mar 2025 08:57:07 +0000
asID: 63473
IP address blocks: 176.126.85.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 May 2024 02:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1d:43:a2:2f:b2:b1:4a:de:90:40:fc:49:1b:6a:08:1a:32:aa:b6:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Mar 5 08:52:07 2024 GMT
Not After : Mar 4 08:57:07 2025 GMT
Subject: CN=E7A97031A726A264944652F1C99583A99428D762
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:cb:d8:6f:20:2b:23:c4:22:61:06:2a:44:9f:
40:b9:1e:bc:7e:89:77:8e:6d:ca:b2:f5:99:e8:bd:
91:a3:dd:76:fc:bc:56:3c:7f:30:c6:57:dd:5e:d7:
50:db:b0:a5:39:90:6a:05:31:ed:28:9c:34:1e:e7:
4c:1c:6f:55:d7:eb:87:39:a0:b5:33:14:43:0a:94:
a4:87:73:80:35:5a:e6:bc:7d:ca:47:6f:35:30:d6:
0d:fc:d4:51:f5:31:39:09:15:4a:84:76:98:eb:a8:
fc:bc:da:10:c3:99:2c:41:54:1a:fc:38:db:ab:a1:
64:71:7e:f7:1f:ae:21:50:c0:b7:02:17:d2:97:54:
72:ac:b7:e6:ec:1c:15:0c:92:26:7f:f9:c7:c7:f7:
64:18:fd:e4:a3:12:b3:e9:23:94:1a:f3:a6:09:6b:
8d:05:b7:2d:8c:43:b2:66:10:82:e8:03:08:68:ac:
38:1d:73:7f:b8:60:28:33:2e:7c:ef:f2:41:ca:b9:
d2:14:3e:ca:2c:9a:f4:b6:b9:59:5d:f5:ad:15:53:
28:0c:81:23:80:6b:6b:b6:a1:e0:97:49:22:ef:23:
32:89:9b:a3:43:56:05:37:65:79:4e:0c:8d:50:4e:
f9:86:3a:fe:9c:75:4e:29:c0:fc:a4:49:b6:3d:c1:
d3:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:A9:70:31:A7:26:A2:64:94:46:52:F1:C9:95:83:A9:94:28:D7:62
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3137362e3132362e38352e302f32342d3234203d3e203633343733.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.126.85.0/24
Signature Algorithm: sha256WithRSAEncryption
88:ab:da:dd:41:a6:ae:55:65:58:db:7d:4c:c2:5d:7f:53:e6:
5a:c9:0e:30:d2:5f:84:78:43:6f:65:a7:8d:8d:f7:6e:a7:ee:
e0:01:97:e9:15:54:64:31:28:26:f7:3c:f6:1b:6a:78:45:49:
09:1a:04:ce:b0:a0:d6:a3:08:64:d4:cf:ad:f3:4b:44:fa:60:
48:35:20:9c:9e:40:32:5d:38:86:f2:3b:3f:00:c6:2b:c0:49:
0b:bc:25:a3:67:8f:88:ce:f3:59:48:ca:7d:3d:e2:01:d2:da:
7e:b6:ae:4c:96:9c:38:fe:3c:c0:f8:0f:2a:09:78:bf:20:7d:
32:92:07:c4:13:c8:c4:62:8c:05:0d:a7:73:17:eb:94:8b:d3:
c7:4e:21:f4:0b:8b:df:be:9f:29:10:bd:33:7c:65:6d:89:71:
1d:ee:98:28:a8:48:e9:62:41:2d:39:54:72:01:a8:3c:aa:d5:
75:1c:b8:8f:a6:a7:e3:a2:91:05:0f:f5:f5:8c:c9:74:d7:bf:
c8:87:84:81:c0:32:1e:6c:c0:a3:2f:54:5e:b5:20:1c:c5:90:
aa:b1:86:49:b5:ef:8c:2e:b5:f9:7f:ed:b7:82:2c:20:56:57:
82:1e:c0:24:02:17:d7:6e:c2:4a:51:16:be:9d:ad:56:d5:2c:
2e:8c:f6:7f
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUHUOiL7KxSt6QQPxJG2oIGjKqtnMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDAzMDUwODUyMDdaFw0yNTAzMDQwODU3MDdaMDMxMTAvBgNV
BAMTKEU3QTk3MDMxQTcyNkEyNjQ5NDQ2NTJGMUM5OTU4M0E5OTQyOEQ3NjIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDcy9hvICsjxCJhBipEn0C5Hrx+
iXeObcqy9ZnovZGj3Xb8vFY8fzDGV91e11DbsKU5kGoFMe0onDQe50wcb1XX64c5
oLUzFEMKlKSHc4A1Wua8fcpHbzUw1g381FH1MTkJFUqEdpjrqPy82hDDmSxBVBr8
ONuroWRxfvcfriFQwLcCF9KXVHKst+bsHBUMkiZ/+cfH92QY/eSjErPpI5Qa86YJ
a40Fty2MQ7JmEILoAwhorDgdc3+4YCgzLnzv8kHKudIUPsosmvS2uVld9a0VUygM
gSOAa2u2oeCXSSLvIzKJm6NDVgU3ZXlODI1QTvmGOv6cdU4pwPykSbY9wdNHAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQU56lwMacmomSURlLxyZWDqZQo12IwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNzM2MmUzMTMyMzYyZTM4
MzUyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNjMzMzQzNzMzLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
sH5VMA0GCSqGSIb3DQEBCwUAA4IBAQCIq9rdQaauVWVY231Mwl1/U+ZayQ4w0l+E
eENvZaeNjfdup+7gAZfpFVRkMSgm9zz2G2p4RUkJGgTOsKDWowhk1M+t80tE+mBI
NSCcnkAyXTiG8js/AMYrwEkLvCWjZ4+IzvNZSMp9PeIB0tp+tq5Mlpw4/jzA+A8q
CXi/IH0ykgfEE8jEYowFDadzF+uUi9PHTiH0C4vfvp8pEL0zfGVtiXEd7pgoqEjp
YkEtOVRyAag8qtV1HLiPpqfjopEFD/X1jMl017/Ih4SBwDIebMCjL1RetSAcxZCq
sYZJte+MLrX5f+23giwgVleCHsAkAhfXbsJKURa+na1W1SwujPZ/
-----END CERTIFICATE-----
Generated at Tue May 21 09:23:49 2024 by rpki-client on console-ams.rpki-client.org