Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3137382e3133322e3130352e302f32342d3234203d3e20313336373837.roa
File: 3137382e3133322e3130352e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: +aqU6l3a9IpdAiUG3dSuhByMhYiDmmrbBYIMCmP9CFk=
Subject key identifier: BF:BA:15:81:B9:05:5D:D0:A4:3C:DB:AC:6D:C6:FB:B0:29:F0:2A:5A
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 715A2266CE29D8033E409EFD5BC8F60A023DECB0
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3137382e3133322e3130352e302f32342d3234203d3e20313336373837.roa
Signing time: Sun 27 Oct 2024 20:05:16 +0000
ROA not before: Sun 27 Oct 2024 20:00:16 +0000
ROA not after: Sun 26 Oct 2025 20:05:16 +0000
asID: 136787
IP address blocks: 178.132.105.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
71:5a:22:66:ce:29:d8:03:3e:40:9e:fd:5b:c8:f6:0a:02:3d:ec:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Oct 27 20:00:16 2024 GMT
Not After : Oct 26 20:05:16 2025 GMT
Subject: CN=BFBA1581B9055DD0A43CDBAC6DC6FBB029F02A5A
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:82:4a:66:65:96:57:19:c3:73:7d:6b:05:f7:
1b:91:26:da:b7:92:50:bc:6e:68:cd:c0:f8:2f:94:
8d:64:51:a6:4a:2e:fc:04:57:3b:ab:be:56:5b:da:
d6:f3:0a:0f:d4:cf:3a:d4:59:a7:1c:34:d1:63:c1:
25:27:4e:df:1e:4a:1b:86:ce:b1:e1:16:41:ee:f9:
b3:84:8d:3b:30:00:c3:22:b6:84:cd:de:91:95:c6:
f7:96:1a:51:a2:52:66:f2:f4:76:12:ca:66:57:f2:
37:77:90:72:ed:33:59:69:41:eb:08:4b:29:ec:b0:
d7:ac:b2:db:e6:e0:59:23:7b:e2:72:14:b5:0b:1c:
a5:c5:c8:3d:a7:b1:79:4e:50:28:03:27:a2:b9:13:
a9:68:5a:05:df:e7:f2:42:cd:46:80:f3:68:ab:1a:
ad:19:ac:e0:57:c8:52:b5:3a:15:c5:0c:6d:cc:e4:
dc:d5:2d:7c:55:50:c6:4a:b8:a0:c5:a5:0e:77:e7:
58:66:8d:f6:04:07:18:15:09:16:88:6e:60:99:8c:
34:74:54:f0:6b:2b:75:d8:1c:1e:6d:27:cf:06:ec:
41:a2:c7:f9:59:d4:8f:7b:9e:cb:40:8f:55:32:8f:
bf:cf:5e:39:f8:1c:73:26:6a:3b:3e:6c:9b:6d:9c:
96:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:BA:15:81:B9:05:5D:D0:A4:3C:DB:AC:6D:C6:FB:B0:29:F0:2A:5A
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3137382e3133322e3130352e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.132.105.0/24
Signature Algorithm: sha256WithRSAEncryption
10:c2:5f:7f:0c:37:31:82:51:61:59:94:fa:31:c1:09:70:41:
66:38:1a:cf:2f:74:89:a9:80:77:af:13:3d:c5:3b:cd:1e:9d:
ce:d4:60:d8:aa:7c:9e:d9:ff:ac:2f:30:3a:90:55:64:92:5d:
62:42:54:9c:25:e8:75:fc:13:02:95:24:56:a0:d8:5b:6f:98:
af:6e:69:08:89:2a:2e:82:30:40:3d:82:87:80:10:ed:76:4a:
b3:8d:25:1b:8c:ae:c3:48:9e:4c:fe:9d:5e:cc:7f:40:2d:47:
9e:52:a6:6a:ad:1c:58:e8:8e:65:33:d6:50:9a:2e:a9:fa:cf:
45:e4:42:74:91:e8:b5:cb:34:ed:d1:16:e0:3b:96:64:c5:77:
38:1f:5a:c7:4a:a8:82:4e:d0:15:14:bb:83:f9:90:c9:e9:0a:
9f:ff:bb:8a:53:79:ac:a8:ad:07:a7:45:96:12:6f:31:4b:e0:
6a:d0:38:79:51:75:25:57:76:02:3f:03:65:e5:8c:be:2a:15:
ea:f5:db:da:8c:44:30:10:fc:bb:84:41:e6:f0:ad:e7:f6:0a:
24:6c:f0:b6:11:f8:16:6d:cf:14:c5:b0:af:d0:46:d4:43:2e:
d4:f0:9f:1d:e9:38:1b:5c:f9:de:0d:ed:20:e2:a8:45:8f:aa:
41:f0:38:9a
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUcVoiZs4p2AM+QJ79W8j2CgI97LAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDEwMjcyMDAwMTZaFw0yNTEwMjYyMDA1MTZaMDMxMTAvBgNV
BAMTKEJGQkExNTgxQjkwNTVERDBBNDNDREJBQzZEQzZGQkIwMjlGMDJBNUEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCzgkpmZZZXGcNzfWsF9xuRJtq3
klC8bmjNwPgvlI1kUaZKLvwEVzurvlZb2tbzCg/UzzrUWaccNNFjwSUnTt8eShuG
zrHhFkHu+bOEjTswAMMitoTN3pGVxveWGlGiUmby9HYSymZX8jd3kHLtM1lpQesI
SynssNesstvm4Fkje+JyFLULHKXFyD2nsXlOUCgDJ6K5E6loWgXf5/JCzUaA82ir
Gq0ZrOBXyFK1OhXFDG3M5NzVLXxVUMZKuKDFpQ5351hmjfYEBxgVCRaIbmCZjDR0
VPBrK3XYHB5tJ88G7EGix/lZ1I97nstAj1Uyj7/PXjn4HHMmajs+bJttnJYFAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUv7oVgbkFXdCkPNusbcb7sCnwKlowHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNzM4MmUzMTMzMzIyZTMx
MzAzNTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALKEaTANBgkqhkiG9w0BAQsFAAOCAQEAEMJffww3MYJRYVmU+jHBCXBBZjga
zy90iamAd68TPcU7zR6dztRg2Kp8ntn/rC8wOpBVZJJdYkJUnCXodfwTApUkVqDY
W2+Yr25pCIkqLoIwQD2Ch4AQ7XZKs40lG4yuw0ieTP6dXsx/QC1HnlKmaq0cWOiO
ZTPWUJouqfrPReRCdJHotcs07dEW4DuWZMV3OB9ax0qogk7QFRS7g/mQyekKn/+7
ilN5rKitB6dFlhJvMUvgatA4eVF1JVd2Aj8DZeWMvioV6vXb2oxEMBD8u4RB5vCt
5/YKJGzwthH4Fm3PFMWwr9BG1EMu1PCfHek4G1z53g3tIOKoRY+qQfA4mg==
-----END CERTIFICATE-----
Generated at Mon Nov 25 03:42:55 2024 by rpki-client on console-fra.rpki-client.org