Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3137362e3132362e38362e302f32342d3234203d3e203633343733.roa
File: 3137362e3132362e38362e302f32342d3234203d3e203633343733.roa (raw, json)
Hash identifier: iDzTXRsCTKfpymoLKUl/kjbInmwQcxceoMOv1+XI1xI=
Subject key identifier: 36:E2:DC:A4:D2:EE:66:7C:B0:2F:4B:EC:03:D5:E6:BA:A4:E4:7D:5F
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 491B25BD795232C7013C716C6AA6501B508B4E08
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3137362e3132362e38362e302f32342d3234203d3e203633343733.roa
Signing time: Sun 21 Jul 2024 08:04:18 +0000
ROA not before: Sun 21 Jul 2024 07:59:18 +0000
ROA not after: Sun 20 Jul 2025 08:04:18 +0000
asID: 63473
IP address blocks: 176.126.86.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
49:1b:25:bd:79:52:32:c7:01:3c:71:6c:6a:a6:50:1b:50:8b:4e:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jul 21 07:59:18 2024 GMT
Not After : Jul 20 08:04:18 2025 GMT
Subject: CN=36E2DCA4D2EE667CB02F4BEC03D5E6BAA4E47D5F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:47:a0:e5:7e:04:2f:2b:4b:e1:a1:c6:e2:8f:
c8:aa:6c:de:a9:c0:46:68:cf:aa:76:19:db:e9:79:
6d:8c:ee:ca:38:65:c9:cb:89:b6:88:56:b7:83:ee:
ec:e2:d5:8a:a0:b2:58:f6:11:f6:fc:6d:2e:72:88:
47:08:b0:dd:5f:6d:f8:bc:35:75:18:4c:9b:92:5c:
d9:dc:a5:1d:34:d6:e9:4a:22:6f:89:30:22:ce:dd:
d6:d2:ec:17:3c:a2:2f:70:2a:63:19:40:9c:5b:9b:
07:c5:45:04:6c:ba:43:d9:de:d2:a4:67:b8:de:5b:
a8:1c:26:f2:7a:c4:16:fb:e6:08:63:cb:59:22:ec:
83:3b:f2:9e:3d:1e:64:ee:ed:20:b4:38:c3:f2:01:
a1:0f:e1:a6:c9:73:15:50:44:0a:4d:14:0c:b3:24:
cf:31:79:5d:b5:d9:68:ec:bf:3d:45:74:03:99:4c:
f5:dc:d2:86:39:d9:b3:02:7d:9a:b5:ea:00:eb:6b:
e5:3d:f8:5b:d3:d6:63:8a:6d:88:dc:41:44:4c:9b:
1f:d8:19:50:10:d4:48:e3:9c:27:1c:d4:82:19:ed:
06:f1:9a:d2:06:3d:87:2f:00:52:d1:de:a5:4f:3b:
24:7f:94:5d:8a:61:6f:59:88:21:6b:53:e4:44:d5:
15:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:E2:DC:A4:D2:EE:66:7C:B0:2F:4B:EC:03:D5:E6:BA:A4:E4:7D:5F
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3137362e3132362e38362e302f32342d3234203d3e203633343733.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.126.86.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:78:e4:8d:7b:1f:67:4f:b8:2f:78:e6:d6:50:ce:d8:3b:81:
22:74:91:16:44:2b:07:b0:58:f3:43:35:e0:e9:f1:79:61:ed:
83:82:be:72:a7:da:5e:b9:4e:82:d3:bd:67:b1:0f:bf:e9:ad:
aa:10:2f:87:71:84:cf:28:61:08:2b:74:46:8f:c6:66:3e:6d:
59:fa:a2:6f:33:11:1c:c8:f3:5c:3e:a3:8a:5a:e9:79:e3:e8:
b3:1b:7e:5c:7c:5b:68:c5:92:1c:93:e3:31:ad:bf:cc:b9:9b:
6d:6b:8d:7f:ef:8a:fa:39:52:d9:31:9b:1f:ae:c1:90:b3:df:
5c:19:24:19:f7:75:62:28:de:81:27:25:cc:58:b9:c6:11:8e:
a0:08:e9:5a:db:b4:23:21:6d:66:bb:67:77:fe:16:d5:b8:a0:
e8:67:33:85:0a:40:f4:79:74:e3:af:53:d4:7b:47:57:82:ef:
1c:fd:f4:ae:e5:2e:22:ba:0a:b0:ee:ab:cd:72:8f:4c:ae:f7:
9d:e2:48:ab:94:d7:09:74:e9:f7:ac:f3:37:64:f3:9a:39:20:
38:a2:90:48:67:34:ca:20:69:13:d4:a8:39:9c:73:08:72:2b:
53:ac:2b:ef:0c:5a:42:87:80:05:5f:13:8a:23:1e:c5:1b:36:
43:e3:6f:92
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUSRslvXlSMscBPHFsaqZQG1CLTggwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDA3MjEwNzU5MThaFw0yNTA3MjAwODA0MThaMDMxMTAvBgNV
BAMTKDM2RTJEQ0E0RDJFRTY2N0NCMDJGNEJFQzAzRDVFNkJBQTRFNDdENUYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMR6DlfgQvK0vhocbij8iqbN6p
wEZoz6p2GdvpeW2M7so4ZcnLibaIVreD7uzi1Yqgslj2Efb8bS5yiEcIsN1fbfi8
NXUYTJuSXNncpR001ulKIm+JMCLO3dbS7Bc8oi9wKmMZQJxbmwfFRQRsukPZ3tKk
Z7jeW6gcJvJ6xBb75ghjy1ki7IM78p49HmTu7SC0OMPyAaEP4abJcxVQRApNFAyz
JM8xeV212Wjsvz1FdAOZTPXc0oY52bMCfZq16gDra+U9+FvT1mOKbYjcQURMmx/Y
GVAQ1EjjnCcc1IIZ7QbxmtIGPYcvAFLR3qVPOyR/lF2KYW9ZiCFrU+RE1RVlAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUNuLcpNLuZnywL0vsA9XmuqTkfV8wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNzM2MmUzMTMyMzYyZTM4
MzYyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNjMzMzQzNzMzLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
sH5WMA0GCSqGSIb3DQEBCwUAA4IBAQBaeOSNex9nT7gveObWUM7YO4EidJEWRCsH
sFjzQzXg6fF5Ye2Dgr5yp9peuU6C071nsQ+/6a2qEC+HcYTPKGEIK3RGj8ZmPm1Z
+qJvMxEcyPNcPqOKWul54+izG35cfFtoxZIck+Mxrb/MuZtta41/74r6OVLZMZsf
rsGQs99cGSQZ93ViKN6BJyXMWLnGEY6gCOla27QjIW1mu2d3/hbVuKDoZzOFCkD0
eXTjr1PUe0dXgu8c/fSu5S4iugqw7qvNco9Mrved4kirlNcJdOn3rPM3ZPOaOSA4
opBIZzTKIGkT1Kg5nHMIcitTrCvvDFpCh4AFXxOKIx7FGzZD42+S
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:07:03 2024 by rpki-client on console-fra.rpki-client.org