Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3137362e35332e3137372e302f32342d3234203d3e20313336373837.roa
File: 3137362e35332e3137372e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: dzxNmIpJzXTDgxaKvza7IJDDi7Z5B61EvSVFEJw4zqQ=
Subject key identifier: C9:9C:42:72:48:65:C8:1B:6E:85:C9:6A:5C:07:78:C4:83:4C:E3:F2
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 1864073A355BE6C94972DA5E3420C1B8BADA45F1
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3137362e35332e3137372e302f32342d3234203d3e20313336373837.roa
Signing time: Fri 27 Dec 2024 19:44:40 +0000
ROA not before: Fri 27 Dec 2024 19:39:40 +0000
ROA not after: Fri 26 Dec 2025 19:44:40 +0000
asID: 136787
IP address blocks: 176.53.177.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 10:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
18:64:07:3a:35:5b:e6:c9:49:72:da:5e:34:20:c1:b8:ba:da:45:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Dec 27 19:39:40 2024 GMT
Not After : Dec 26 19:44:40 2025 GMT
Subject: CN=C99C42724865C81B6E85C96A5C0778C4834CE3F2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fa:45:41:e5:f7:7a:d2:7f:b4:26:d9:8a:a7:75:
9d:5c:31:dd:cd:7c:0a:ee:3d:e6:c7:a8:2d:8f:ca:
46:ca:f0:39:18:3f:8f:f1:56:fa:b2:29:f5:e1:e5:
15:0a:e7:47:b3:8b:36:55:5a:08:fd:a1:cb:34:c8:
ed:97:74:42:7e:15:71:82:d6:85:71:03:e1:a2:1e:
c4:38:64:61:8d:93:82:de:20:95:14:5f:50:fd:45:
d1:d8:4f:ea:71:94:7b:c0:d1:61:9b:ef:ba:7a:e7:
f7:ea:e2:e5:90:db:28:65:e0:af:74:29:fd:50:65:
67:34:cb:df:52:73:c6:86:e7:78:b4:54:a0:0b:a1:
ae:dc:6a:e8:ff:c0:58:1b:4a:ad:2d:a4:22:e5:22:
36:1a:57:be:e3:16:be:b6:9e:ae:f0:05:4d:bd:59:
10:18:c2:e1:d6:33:77:72:bd:a5:b6:0e:27:93:38:
3e:a5:19:7c:f4:3a:aa:e0:60:e4:47:52:d5:9c:0f:
1b:d4:6b:54:e3:2d:51:c4:c8:e8:3c:b0:a4:da:27:
8c:2b:45:7c:32:56:42:0a:12:32:03:81:c1:12:e3:
13:0b:a9:32:20:ac:95:d1:0c:03:c1:ca:2a:a5:4c:
e6:a7:89:3d:f6:69:86:f6:9a:6a:22:b7:05:e1:d6:
3d:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:9C:42:72:48:65:C8:1B:6E:85:C9:6A:5C:07:78:C4:83:4C:E3:F2
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3137362e35332e3137372e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.53.177.0/24
Signature Algorithm: sha256WithRSAEncryption
84:7e:81:d9:5d:ba:59:f0:2c:ba:c8:3a:37:e4:16:22:92:24:
80:6b:49:d3:95:ea:2c:c2:e5:d2:59:4b:76:b4:b8:91:ec:95:
0b:2e:80:5c:92:f8:1f:d2:93:54:5d:1e:e0:f0:8a:40:b5:19:
91:c9:24:ae:d7:bf:2e:ff:e7:34:09:dc:fd:83:07:28:83:e8:
11:c7:62:ba:cd:98:19:e0:ee:8a:ac:4c:6f:f7:2a:b4:1d:9e:
59:1f:3b:f1:1b:fa:80:01:a5:1b:f7:63:4e:1b:fa:3c:0d:39:
3c:13:32:e3:33:30:d5:3b:00:25:80:b4:28:c1:1e:a6:2f:e8:
06:5e:1a:af:72:25:02:b0:00:02:26:38:92:d8:aa:93:d6:80:
5b:78:0e:97:b6:9e:23:01:92:2a:85:7a:5f:18:f8:b6:96:c1:
ea:07:df:cf:2a:b3:22:e8:1f:1d:97:08:4a:ba:23:8f:f7:d3:
cf:fd:6f:91:3d:24:71:dd:14:df:73:ea:0e:19:f5:ac:a4:7f:
e1:67:b9:44:a2:f2:e9:cc:3d:d7:aa:2e:d6:56:09:61:d1:1b:
f7:e8:31:f3:64:20:f5:c1:fc:61:3c:34:90:5b:78:8a:ae:58:
58:1e:b9:ee:dd:35:11:77:6a:1c:c3:1d:c9:9f:85:d3:5e:3d:
19:66:e4:fa
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUGGQHOjVb5slJctpeNCDBuLraRfEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDEyMjcxOTM5NDBaFw0yNTEyMjYxOTQ0NDBaMDMxMTAvBgNV
BAMTKEM5OUM0MjcyNDg2NUM4MUI2RTg1Qzk2QTVDMDc3OEM0ODM0Q0UzRjIwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD6RUHl93rSf7Qm2YqndZ1cMd3N
fAruPebHqC2PykbK8DkYP4/xVvqyKfXh5RUK50ezizZVWgj9ocs0yO2XdEJ+FXGC
1oVxA+GiHsQ4ZGGNk4LeIJUUX1D9RdHYT+pxlHvA0WGb77p65/fq4uWQ2yhl4K90
Kf1QZWc0y99Sc8aG53i0VKALoa7cauj/wFgbSq0tpCLlIjYaV77jFr62nq7wBU29
WRAYwuHWM3dyvaW2DieTOD6lGXz0OqrgYORHUtWcDxvUa1TjLVHEyOg8sKTaJ4wr
RXwyVkIKEjIDgcES4xMLqTIgrJXRDAPByiqlTOaniT32aYb2mmoitwXh1j0xAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUyZxCckhlyBtuhclqXAd4xINM4/IwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNzM2MmUzNTMzMmUzMTM3
MzcyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACwNbEwDQYJKoZIhvcNAQELBQADggEBAIR+gdldulnwLLrIOjfkFiKSJIBrSdOV
6izC5dJZS3a0uJHslQsugFyS+B/Sk1RdHuDwikC1GZHJJK7Xvy7/5zQJ3P2DByiD
6BHHYrrNmBng7oqsTG/3KrQdnlkfO/Eb+oABpRv3Y04b+jwNOTwTMuMzMNU7ACWA
tCjBHqYv6AZeGq9yJQKwAAImOJLYqpPWgFt4Dpe2niMBkiqFel8Y+LaWweoH388q
syLoHx2XCEq6I4/308/9b5E9JHHdFN9z6g4Z9aykf+FnuUSi8unMPdeqLtZWCWHR
G/foMfNkIPXB/GE8NJBbeIquWFgeue7dNRF3ahzDHcmfhdNePRlm5Po=
-----END CERTIFICATE-----
Generated at Fri Apr 4 16:10:02 2025 by rpki-client