Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3137362e3132362e38372e302f32342d3332203d3e203531313637.roa
File: 3137362e3132362e38372e302f32342d3332203d3e203531313637.roa (raw, json)
Hash identifier: 06Sxh0ZXuKX9TYnSh4DfmsH7GZWQGId/VyFeETYFkyM=
Subject key identifier: 66:34:E1:D7:47:D4:79:75:6E:95:90:ED:0F:96:83:AE:41:0E:15:2F
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 388EE8B61C8C02F966F6CCBBC8B0E61CEC533652
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3137362e3132362e38372e302f32342d3332203d3e203531313637.roa
Signing time: Mon 27 Jan 2025 09:44:58 +0000
ROA not before: Mon 27 Jan 2025 09:39:58 +0000
ROA not after: Mon 26 Jan 2026 09:44:58 +0000
asID: 51167
IP address blocks: 176.126.87.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 03 Apr 2025 15:34:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
38:8e:e8:b6:1c:8c:02:f9:66:f6:cc:bb:c8:b0:e6:1c:ec:53:36:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jan 27 09:39:58 2025 GMT
Not After : Jan 26 09:44:58 2026 GMT
Subject: CN=6634E1D747D479756E9590ED0F9683AE410E152F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:9f:45:fe:ff:86:a6:60:91:16:c0:48:36:c6:
db:de:5b:d1:e6:3a:58:69:27:d8:40:22:3b:6e:36:
7d:56:3f:bd:24:fe:ed:10:46:ad:f0:ab:b0:cd:f5:
a6:8f:2e:9e:69:a1:45:c0:a2:30:32:ca:7f:e4:f8:
b4:73:99:74:95:fa:11:e9:40:7b:54:87:35:88:f8:
b5:bd:ee:35:ac:12:80:7e:a5:16:8e:22:bb:e9:ff:
df:3e:4a:1d:9f:23:36:1b:1d:0b:c8:51:8a:48:d5:
b5:78:81:00:f2:e3:d3:0f:81:7c:15:f3:8d:82:47:
82:63:d0:ee:33:90:24:1a:2b:d3:70:7f:d1:83:3d:
d9:81:10:50:60:6d:67:a2:e6:fc:97:aa:4e:ef:4e:
62:4f:cb:66:13:64:21:9a:6b:0c:6b:d6:1b:04:9c:
53:66:b3:46:de:8b:9d:0d:b3:18:9a:f2:a4:67:e7:
24:5c:00:b2:70:e3:3b:62:4c:2a:3b:07:6d:d7:8c:
81:4c:02:48:87:c2:70:9a:14:2c:ad:db:06:e6:c2:
8e:57:c7:43:56:2c:de:0e:1c:fe:8e:d6:ad:ed:1a:
30:3d:3c:1f:78:ca:5f:6c:8a:45:6a:93:34:eb:0c:
57:88:21:41:ba:cc:e9:a5:75:50:f6:20:b3:ae:58:
06:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:34:E1:D7:47:D4:79:75:6E:95:90:ED:0F:96:83:AE:41:0E:15:2F
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3137362e3132362e38372e302f32342d3332203d3e203531313637.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.126.87.0/24
Signature Algorithm: sha256WithRSAEncryption
7b:7c:f6:8c:a8:31:68:d7:eb:56:e4:42:5c:b3:70:34:02:3e:
e3:93:4f:fa:51:a9:61:36:57:f0:28:8f:06:6e:11:0e:7a:68:
3d:bf:4c:50:78:34:55:7e:6d:d7:c4:63:1f:c0:56:1c:c5:8c:
47:eb:88:b1:1e:7c:4a:25:8b:19:17:a7:e7:37:8c:b7:ce:ab:
6c:fa:02:01:34:42:e7:04:64:62:8e:56:3b:0c:ed:79:02:8f:
d3:e2:72:4c:11:de:6d:16:ec:5a:1c:8d:6e:3c:42:de:d9:36:
41:32:06:8e:8c:67:65:2a:94:83:ab:26:f6:b1:5b:e5:69:ce:
92:d8:74:79:35:26:f3:34:6b:fb:7b:df:f8:fa:09:9d:94:b8:
23:7a:5c:14:fa:c7:fc:23:11:7a:09:c7:09:b8:ec:76:46:04:
f6:f0:78:8f:5a:85:72:f1:80:34:10:91:fa:a8:d5:1b:14:d1:
ef:80:1b:5c:77:07:d5:7f:a7:d5:e2:78:2e:9e:3e:d6:8f:d8:
52:96:e8:75:ed:d4:e6:c2:a5:80:6d:be:3a:03:ec:a4:66:b4:
f8:70:9d:a9:02:2e:ed:61:c6:07:93:c9:82:eb:7f:c5:f8:b3:
4e:47:4a:ce:9b:49:af:14:40:cb:a9:ff:02:ed:5d:fc:b6:4a:
58:1a:8c:81
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUOI7othyMAvlm9sy7yLDmHOxTNlIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTAxMjcwOTM5NThaFw0yNjAxMjYwOTQ0NThaMDMxMTAvBgNV
BAMTKDY2MzRFMUQ3NDdENDc5NzU2RTk1OTBFRDBGOTY4M0FFNDEwRTE1MkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDIn0X+/4amYJEWwEg2xtveW9Hm
OlhpJ9hAIjtuNn1WP70k/u0QRq3wq7DN9aaPLp5poUXAojAyyn/k+LRzmXSV+hHp
QHtUhzWI+LW97jWsEoB+pRaOIrvp/98+Sh2fIzYbHQvIUYpI1bV4gQDy49MPgXwV
842CR4Jj0O4zkCQaK9Nwf9GDPdmBEFBgbWei5vyXqk7vTmJPy2YTZCGaawxr1hsE
nFNms0bei50Nsxia8qRn5yRcALJw4ztiTCo7B23XjIFMAkiHwnCaFCyt2wbmwo5X
x0NWLN4OHP6O1q3tGjA9PB94yl9sikVqkzTrDFeIIUG6zOmldVD2ILOuWAbvAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUZjTh10fUeXVulZDtD5aDrkEOFS8wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNzM2MmUzMTMyMzYyZTM4
MzcyZTMwMmYzMjM0MmQzMzMyMjAzZDNlMjAzNTMxMzEzNjM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
sH5XMA0GCSqGSIb3DQEBCwUAA4IBAQB7fPaMqDFo1+tW5EJcs3A0Aj7jk0/6Ualh
NlfwKI8GbhEOemg9v0xQeDRVfm3XxGMfwFYcxYxH64ixHnxKJYsZF6fnN4y3zqts
+gIBNELnBGRijlY7DO15Ao/T4nJMEd5tFuxaHI1uPELe2TZBMgaOjGdlKpSDqyb2
sVvlac6S2HR5NSbzNGv7e9/4+gmdlLgjelwU+sf8IxF6CccJuOx2RgT28HiPWoVy
8YA0EJH6qNUbFNHvgBtcdwfVf6fV4ngunj7Wj9hSluh17dTmwqWAbb46A+ykZrT4
cJ2pAi7tYcYHk8mC63/F+LNOR0rOm0mvFEDLqf8C7V38tkpYGoyB
-----END CERTIFICATE-----
Generated at Thu Apr 3 05:02:36 2025 by rpki-client