Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3137362e35332e3137372e302f32342d3234203d3e20313336373837.roa
File: 3137362e35332e3137372e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: +7MncfSxUfo0pnuypdwArpdLI+TaVRAbzyT/2QhnXqA=
Subject key identifier: 94:59:C0:49:55:58:69:1F:2F:29:29:35:FD:91:AF:3D:91:93:6D:A3
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 370DAF6DF32B79408B23E562A92DE6A299EBB886
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3137362e35332e3137372e302f32342d3234203d3e20313336373837.roa
Signing time: Fri 26 Jan 2024 19:02:19 +0000
ROA not before: Fri 26 Jan 2024 18:57:19 +0000
ROA not after: Fri 24 Jan 2025 19:02:19 +0000
asID: 136787
IP address blocks: 176.53.177.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
37:0d:af:6d:f3:2b:79:40:8b:23:e5:62:a9:2d:e6:a2:99:eb:b8:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jan 26 18:57:19 2024 GMT
Not After : Jan 24 19:02:19 2025 GMT
Subject: CN=9459C0495558691F2F292935FD91AF3D91936DA3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:46:e6:71:5b:28:cb:f1:f3:9e:73:8f:63:ac:
12:fc:72:8b:07:2d:4b:0e:00:60:05:9f:1a:6c:09:
14:20:37:06:f9:59:9b:87:16:e9:70:90:39:a4:e0:
01:cd:08:e0:e8:9d:82:74:79:ff:49:1b:b0:c4:c1:
fe:53:b9:ba:54:b7:dc:51:68:96:31:f0:bd:ef:17:
0a:e0:c4:83:39:6f:40:46:0a:5b:ce:41:8a:06:ca:
c3:b6:85:15:af:f8:b4:12:a9:e7:b3:c6:48:43:a4:
f5:02:e6:2d:36:a8:01:b7:b5:ea:49:86:b4:66:16:
cd:0c:57:c7:98:5c:36:ac:1b:69:82:5f:c8:e6:5f:
74:87:7d:db:20:b2:fa:3f:59:aa:23:dd:6c:f5:40:
56:18:c7:4c:fa:76:13:6c:c2:04:37:69:76:40:2a:
ab:23:56:e3:3e:04:15:a0:4a:db:34:5a:91:a6:aa:
6c:89:01:bc:0f:48:1e:73:5f:b3:93:06:28:dd:96:
fa:cf:0b:d5:44:93:8d:94:07:4e:c4:39:4d:d6:64:
de:ff:a8:0b:af:e5:6f:04:c5:43:1c:34:65:da:1f:
8d:11:91:c0:dd:e7:70:7e:32:49:28:c5:09:59:7d:
22:34:b0:16:05:39:36:e2:1d:76:49:25:3b:f1:de:
33:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:59:C0:49:55:58:69:1F:2F:29:29:35:FD:91:AF:3D:91:93:6D:A3
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3137362e35332e3137372e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.53.177.0/24
Signature Algorithm: sha256WithRSAEncryption
12:3a:fa:6b:df:7f:a3:39:a0:83:70:1d:f4:0d:5c:e6:7d:ae:
ad:d4:43:39:96:99:ef:aa:3b:66:13:3f:47:31:77:96:fd:28:
d1:1e:2a:b0:fa:31:52:6e:12:1f:22:7f:05:a5:47:52:65:93:
56:ab:99:de:ef:d5:f1:8c:bb:2f:72:b4:6b:f6:66:60:05:d0:
97:ee:d9:16:87:79:9a:d3:e3:dc:72:d0:26:8e:08:29:2f:db:
b6:1c:86:92:de:ba:8c:82:cb:f8:52:a9:16:ae:1b:c8:74:e9:
4d:bc:f2:52:12:ce:e3:52:26:96:03:41:1f:84:90:97:49:f9:
5d:60:d7:b2:ce:bd:66:f6:96:da:f2:aa:f0:7c:1b:15:3a:36:
03:a5:f6:74:c7:78:e2:89:90:11:06:b6:56:36:3b:90:d5:ff:
97:20:3a:20:c5:6b:0f:0c:b7:2e:f3:be:7f:11:1a:4c:49:e3:
42:54:72:bf:a8:2e:28:7f:8a:cf:0a:40:b6:07:02:93:d0:ed:
6d:b0:da:f3:a7:b7:b6:89:d8:0c:a3:d9:3c:94:f1:e5:8e:03:
5d:e1:b0:32:35:2a:56:01:d7:1a:36:7b:35:5d:eb:55:5f:c4:
3f:ad:d1:7e:99:dc:a0:57:2c:07:5d:90:1e:a0:5b:6d:e9:07:
33:d3:63:f3
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUNw2vbfMreUCLI+ViqS3mopnruIYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDAxMjYxODU3MTlaFw0yNTAxMjQxOTAyMTlaMDMxMTAvBgNV
BAMTKDk0NTlDMDQ5NTU1ODY5MUYyRjI5MjkzNUZEOTFBRjNEOTE5MzZEQTMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0RuZxWyjL8fOec49jrBL8cosH
LUsOAGAFnxpsCRQgNwb5WZuHFulwkDmk4AHNCODonYJ0ef9JG7DEwf5TubpUt9xR
aJYx8L3vFwrgxIM5b0BGClvOQYoGysO2hRWv+LQSqeezxkhDpPUC5i02qAG3tepJ
hrRmFs0MV8eYXDasG2mCX8jmX3SHfdsgsvo/Waoj3Wz1QFYYx0z6dhNswgQ3aXZA
KqsjVuM+BBWgSts0WpGmqmyJAbwPSB5zX7OTBijdlvrPC9VEk42UB07EOU3WZN7/
qAuv5W8ExUMcNGXaH40RkcDd53B+MkkoxQlZfSI0sBYFOTbiHXZJJTvx3jMdAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUlFnASVVYaR8vKSk1/ZGvPZGTbaMwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNzM2MmUzNTMzMmUzMTM3
MzcyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACwNbEwDQYJKoZIhvcNAQELBQADggEBABI6+mvff6M5oINwHfQNXOZ9rq3UQzmW
me+qO2YTP0cxd5b9KNEeKrD6MVJuEh8ifwWlR1Jlk1armd7v1fGMuy9ytGv2ZmAF
0Jfu2RaHeZrT49xy0CaOCCkv27YchpLeuoyCy/hSqRauG8h06U288lISzuNSJpYD
QR+EkJdJ+V1g17LOvWb2ltryqvB8GxU6NgOl9nTHeOKJkBEGtlY2O5DV/5cgOiDF
aw8Mty7zvn8RGkxJ40JUcr+oLih/is8KQLYHApPQ7W2w2vOnt7aJ2Ayj2TyU8eWO
A13hsDI1KlYB1xo2ezVd61VfxD+t0X6Z3KBXLAddkB6gW23pBzPTY/M=
-----END CERTIFICATE-----
Generated at Wed May 8 11:32:58 2024 by rpki-client on console-ams.rpki-client.org