Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3137362e35332e3137362e302f32342d3234203d3e20313336373837.roa
File: 3137362e35332e3137362e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: sQW5F5m6bZ2RUtdtI+dwAjSXKzBCrcFnFuhV3HtgYOw=
Subject key identifier: 84:3B:C9:84:BE:A3:EB:BC:0A:5A:7C:A2:E6:37:60:8F:48:92:F1:85
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 7F5BC82C231FF28CD86FE65B8C0A82FD21D99B8D
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3137362e35332e3137362e302f32342d3234203d3e20313336373837.roa
Signing time: Fri 26 Jan 2024 19:02:17 +0000
ROA not before: Fri 26 Jan 2024 18:57:17 +0000
ROA not after: Fri 24 Jan 2025 19:02:17 +0000
asID: 136787
IP address blocks: 176.53.176.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7f:5b:c8:2c:23:1f:f2:8c:d8:6f:e6:5b:8c:0a:82:fd:21:d9:9b:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jan 26 18:57:17 2024 GMT
Not After : Jan 24 19:02:17 2025 GMT
Subject: CN=843BC984BEA3EBBC0A5A7CA2E637608F4892F185
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:ca:b3:8e:f1:42:0e:ff:79:ec:43:b7:92:76:
fe:e3:24:ab:a1:83:74:5c:5a:11:ec:6b:d3:8f:58:
62:88:d9:c8:7f:f1:0e:c0:e3:b7:f6:aa:17:74:80:
fb:cb:7e:e6:e8:76:f9:24:ab:c7:27:45:aa:9f:54:
c9:9d:1c:1c:0c:8a:b8:27:43:a8:28:d2:15:03:04:
28:9a:e8:e4:97:02:ea:7d:d0:39:92:76:5e:f7:b5:
49:c4:52:32:91:a7:aa:7a:f0:d4:d3:b0:b1:90:e4:
8d:19:a6:65:9f:7e:8c:9b:e0:24:39:fc:72:19:b7:
b2:73:eb:b1:b4:34:b1:37:16:8f:aa:e3:ed:d0:7e:
c6:45:73:39:d8:c1:bf:b0:3d:26:8f:47:0f:3d:3a:
5a:fa:24:65:69:c3:20:87:1f:e4:a1:a0:09:05:d3:
8e:9a:d7:d0:cc:67:99:37:e5:e0:92:a0:d0:56:2d:
06:c5:4f:f3:cd:59:7f:ab:40:43:dc:5b:13:a2:40:
eb:9a:30:2d:8e:b0:0f:df:95:7c:ed:1e:05:8d:e9:
e5:2c:39:1c:7a:d1:ed:d8:ac:ad:bb:a6:79:00:82:
da:56:b3:83:11:4f:3e:af:2d:24:6d:1f:58:b0:7e:
74:6d:7d:44:68:5b:36:eb:a9:e3:a9:b8:80:89:58:
65:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:3B:C9:84:BE:A3:EB:BC:0A:5A:7C:A2:E6:37:60:8F:48:92:F1:85
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3137362e35332e3137362e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.53.176.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:10:06:0b:32:3a:a3:92:41:04:17:a8:03:e4:cb:50:0a:e4:
93:f7:31:e1:b7:55:ea:be:00:bf:5f:a1:8c:19:2d:01:52:8e:
26:86:07:f7:59:95:99:d9:16:dd:77:af:ae:c3:00:9e:24:97:
e7:57:78:58:f1:f5:0c:78:b8:cf:20:77:9f:e7:5c:40:9d:92:
42:25:39:28:26:29:cb:eb:d2:b7:71:ec:e2:35:40:b6:84:d1:
bf:88:e9:7f:70:c8:54:66:a8:73:5c:b0:7e:b0:80:3b:53:11:
20:96:37:1b:0a:fa:a7:be:94:fe:4d:32:c7:09:d2:9d:c6:e9:
26:b5:80:9b:94:b4:c4:7d:74:2f:cb:9f:25:b3:ce:4c:36:62:
d9:2d:06:49:38:94:58:00:7d:0b:6e:c1:21:19:4a:c5:ae:99:
ab:6b:dc:a3:13:8c:ff:0f:9b:83:43:ea:b4:13:35:6b:31:29:
12:49:9b:49:0d:31:2e:77:3c:9f:55:01:1a:05:15:ae:13:42:
44:fc:40:4e:79:02:9e:45:4e:14:15:19:74:a3:cf:28:8e:2a:
3d:37:df:8d:42:62:8c:f8:41:9f:9c:de:18:2a:59:c7:8e:e2:
e7:0b:29:cc:3c:e5:bd:18:b7:40:2b:e7:4b:f6:0b:36:f8:b5:
6d:4b:b8:5d
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUf1vILCMf8ozYb+ZbjAqC/SHZm40wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDAxMjYxODU3MTdaFw0yNTAxMjQxOTAyMTdaMDMxMTAvBgNV
BAMTKDg0M0JDOTg0QkVBM0VCQkMwQTVBN0NBMkU2Mzc2MDhGNDg5MkYxODUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvyrOO8UIO/3nsQ7eSdv7jJKuh
g3RcWhHsa9OPWGKI2ch/8Q7A47f2qhd0gPvLfubodvkkq8cnRaqfVMmdHBwMirgn
Q6go0hUDBCia6OSXAup90DmSdl73tUnEUjKRp6p68NTTsLGQ5I0ZpmWffoyb4CQ5
/HIZt7Jz67G0NLE3Fo+q4+3QfsZFcznYwb+wPSaPRw89Olr6JGVpwyCHH+ShoAkF
046a19DMZ5k35eCSoNBWLQbFT/PNWX+rQEPcWxOiQOuaMC2OsA/flXztHgWN6eUs
ORx60e3YrK27pnkAgtpWs4MRTz6vLSRtH1iwfnRtfURoWzbrqeOpuICJWGXXAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUhDvJhL6j67wKWnyi5jdgj0iS8YUwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNzM2MmUzNTMzMmUzMTM3
MzYyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACwNbAwDQYJKoZIhvcNAQELBQADggEBAD8QBgsyOqOSQQQXqAPky1AK5JP3MeG3
Veq+AL9foYwZLQFSjiaGB/dZlZnZFt13r67DAJ4kl+dXeFjx9Qx4uM8gd5/nXECd
kkIlOSgmKcvr0rdx7OI1QLaE0b+I6X9wyFRmqHNcsH6wgDtTESCWNxsK+qe+lP5N
MscJ0p3G6Sa1gJuUtMR9dC/LnyWzzkw2YtktBkk4lFgAfQtuwSEZSsWumatr3KMT
jP8Pm4ND6rQTNWsxKRJJm0kNMS53PJ9VARoFFa4TQkT8QE55Ap5FThQVGXSjzyiO
Kj03341CYoz4QZ+c3hgqWceO4ucLKcw85b0Yt0Ar50v2Czb4tW1LuF0=
-----END CERTIFICATE-----
Generated at Mon Nov 25 03:42:55 2024 by rpki-client on console-fra.rpki-client.org