Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3137362e3132362e38372e302f32342d3332203d3e203531313637.roa
File: 3137362e3132362e38372e302f32342d3332203d3e203531313637.roa (raw, json)
Hash identifier: Ux0/u4BKsQI6MDdmoED4EjVG2DKagsjqkF7RSgn8uZc=
Subject key identifier: 45:94:D0:45:0E:C7:C5:73:DB:30:E5:C0:C9:19:20:5D:90:38:7A:17
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 76B2D0D59AF6B6A687B2ED4A64420707CB632670
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3137362e3132362e38372e302f32342d3332203d3e203531313637.roa
Signing time: Mon 26 Feb 2024 08:53:27 +0000
ROA not before: Mon 26 Feb 2024 08:48:27 +0000
ROA not after: Mon 24 Feb 2025 08:53:27 +0000
asID: 51167
IP address blocks: 176.126.87.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 May 2024 14:34:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
76:b2:d0:d5:9a:f6:b6:a6:87:b2:ed:4a:64:42:07:07:cb:63:26:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Feb 26 08:48:27 2024 GMT
Not After : Feb 24 08:53:27 2025 GMT
Subject: CN=4594D0450EC7C573DB30E5C0C919205D90387A17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:fd:71:47:fd:69:0a:7f:f9:25:2b:c9:0e:74:
2d:e7:12:34:95:40:94:b9:0d:5e:e6:7c:c1:ca:ed:
f3:ab:8b:86:de:ec:87:d3:9a:a5:16:9f:d1:e6:34:
78:e0:8b:31:6b:e5:cd:75:3d:ca:10:c7:3d:60:c8:
bc:25:82:43:27:c0:66:e6:06:dc:70:ae:b5:8f:89:
b9:aa:35:6a:a3:f6:45:61:b3:11:64:42:59:d5:d4:
09:4c:4c:0d:3f:0d:01:f7:f7:53:0d:ef:d0:1c:45:
6e:3b:91:08:8f:81:aa:8e:83:63:36:56:d3:d3:49:
a0:ff:b9:06:16:74:18:2b:b8:c4:9a:7f:70:d5:60:
3f:d2:c5:f3:01:99:45:b6:c0:38:e3:3c:27:7c:fd:
c9:36:1f:13:fc:2b:bd:9f:f2:e9:c3:de:54:e1:86:
04:5f:ea:ed:7c:e9:e3:79:70:7c:55:93:ab:aa:7a:
58:47:9e:8e:c5:e4:5d:b5:8a:83:cf:a1:d9:20:aa:
44:f0:80:7e:e5:d6:be:3f:c3:a0:d1:88:d7:b2:52:
6a:f5:8a:c1:a4:4a:b9:d1:86:56:1d:a6:73:f9:49:
a0:47:3a:a7:9a:b4:84:45:c4:9b:58:17:f6:d2:f1:
6b:31:6f:eb:ef:89:a9:f7:57:ec:1d:92:07:dd:84:
0e:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:94:D0:45:0E:C7:C5:73:DB:30:E5:C0:C9:19:20:5D:90:38:7A:17
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3137362e3132362e38372e302f32342d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.126.87.0/24
Signature Algorithm: sha256WithRSAEncryption
28:6d:85:a9:ac:0d:83:9e:2a:d3:c5:77:f7:37:3c:37:04:be:
0a:f9:fc:f1:e5:a0:d6:eb:48:b9:4b:94:d9:18:fb:ff:96:6c:
c1:85:f5:d6:f2:b6:e2:76:e9:b1:cc:67:a4:8f:51:43:32:7a:
aa:79:71:f0:03:f5:3d:78:dd:2a:a6:5e:f7:d0:38:dc:16:2f:
f8:d1:49:c9:46:23:8d:22:cb:0f:c4:a2:1b:c7:2b:c1:dc:aa:
0f:cd:1e:85:b8:55:9f:15:67:6a:81:02:b5:2c:3c:20:82:6b:
95:d1:58:e0:14:d3:55:8e:44:ab:81:77:87:be:7a:dc:f3:52:
49:26:38:b6:e2:2d:a8:2e:3c:fb:87:38:de:06:8c:36:7c:13:
0b:97:4a:2c:b6:08:7c:dd:6b:de:44:b4:94:36:aa:39:cd:ac:
42:31:84:4d:48:c2:13:2f:74:39:19:a5:81:8a:9a:55:d4:cc:
27:65:ce:f9:df:c5:fa:c1:6c:db:11:58:e0:75:b7:0e:1b:36:
93:f8:d3:d5:8e:3c:a0:12:05:c7:8c:1e:0f:ae:dd:c5:c1:7d:
06:3f:c7:a8:94:61:9b:e6:21:57:3b:98:cb:59:c8:ee:43:d0:
a9:e5:f0:35:6d:ef:51:ce:10:cc:be:f1:53:62:71:3d:b4:8c:
e0:f8:6c:de
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUdrLQ1Zr2tqaHsu1KZEIHB8tjJnAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDAyMjYwODQ4MjdaFw0yNTAyMjQwODUzMjdaMDMxMTAvBgNV
BAMTKDQ1OTREMDQ1MEVDN0M1NzNEQjMwRTVDMEM5MTkyMDVEOTAzODdBMTcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDo/XFH/WkKf/klK8kOdC3nEjSV
QJS5DV7mfMHK7fOri4be7IfTmqUWn9HmNHjgizFr5c11PcoQxz1gyLwlgkMnwGbm
BtxwrrWPibmqNWqj9kVhsxFkQlnV1AlMTA0/DQH391MN79AcRW47kQiPgaqOg2M2
VtPTSaD/uQYWdBgruMSaf3DVYD/SxfMBmUW2wDjjPCd8/ck2HxP8K72f8unD3lTh
hgRf6u186eN5cHxVk6uqelhHno7F5F21ioPPodkgqkTwgH7l1r4/w6DRiNeyUmr1
isGkSrnRhlYdpnP5SaBHOqeatIRFxJtYF/bS8Wsxb+vvian3V+wdkgfdhA5bAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQURZTQRQ7HxXPbMOXAyRkgXZA4ehcwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNzM2MmUzMTMyMzYyZTM4
MzcyZTMwMmYzMjM0MmQzMzMyMjAzZDNlMjAzNTMxMzEzNjM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
sH5XMA0GCSqGSIb3DQEBCwUAA4IBAQAobYWprA2DnirTxXf3Nzw3BL4K+fzx5aDW
60i5S5TZGPv/lmzBhfXW8rbidumxzGekj1FDMnqqeXHwA/U9eN0qpl730DjcFi/4
0UnJRiONIssPxKIbxyvB3KoPzR6FuFWfFWdqgQK1LDwggmuV0VjgFNNVjkSrgXeH
vnrc81JJJji24i2oLjz7hzjeBow2fBMLl0ostgh83WveRLSUNqo5zaxCMYRNSMIT
L3Q5GaWBippV1MwnZc7538X6wWzbEVjgdbcOGzaT+NPVjjygEgXHjB4Prt3FwX0G
P8eolGGb5iFXO5jLWcjuQ9Cp5fA1be9RzhDMvvFTYnE9tIzg+Gze
-----END CERTIFICATE-----
Generated at Tue May 21 23:31:23 2024 by rpki-client on console-ams.rpki-client.org