Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3137382e3133322e3130352e302f32342d3234203d3e20313336373837.roa
File: 3137382e3133322e3130352e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: 7emFSNu+s2Ay2pfsqrdSxjcfffIdEe6ReLc5IBQxWRk=
Subject key identifier: 24:63:81:FE:FA:73:0C:A0:B2:18:6F:A8:24:6C:7F:12:17:F2:70:E6
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 364B95C60DACA5B9EA8FC3BF55138078D7B7D04C
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3137382e3133322e3130352e302f32342d3234203d3e20313336373837.roa
Signing time: Sun 26 Nov 2023 19:50:42 +0000
ROA not before: Sun 26 Nov 2023 19:45:42 +0000
ROA not after: Sun 24 Nov 2024 19:50:42 +0000
asID: 136787
IP address blocks: 178.132.105.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
36:4b:95:c6:0d:ac:a5:b9:ea:8f:c3:bf:55:13:80:78:d7:b7:d0:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Nov 26 19:45:42 2023 GMT
Not After : Nov 24 19:50:42 2024 GMT
Subject: CN=246381FEFA730CA0B2186FA8246C7F1217F270E6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:0d:93:8e:6a:19:ea:28:69:64:b6:e5:1a:d1:
d5:84:6c:03:07:f2:da:e8:84:60:93:c8:03:22:e4:
bf:83:24:b1:b2:6f:db:92:60:82:d7:f2:5b:6d:e9:
ae:02:dc:ae:7f:59:95:25:aa:8e:72:d8:ae:e5:21:
49:4d:76:6f:d3:0d:99:b6:4d:13:5c:6e:dd:c5:56:
8a:75:53:3a:99:64:8a:35:9f:15:31:6b:7d:89:ed:
58:39:61:74:b6:09:49:30:5c:8f:3a:b6:7d:a8:98:
76:82:f1:10:c9:dc:56:e1:6f:6a:0b:25:09:a2:ed:
03:cb:74:53:d2:47:9b:a5:5e:34:74:f2:0d:a2:e1:
a1:eb:06:77:29:c9:fe:ec:02:df:99:85:b1:a4:b0:
b8:92:a3:46:55:3c:6a:ee:cf:60:68:43:10:0e:11:
8c:dc:24:ad:77:63:10:a6:c5:c9:6d:63:01:2a:80:
ca:96:aa:cb:28:a1:f1:f9:8f:bb:40:0a:f7:63:27:
33:83:d9:81:bf:d8:e6:08:7d:84:99:a3:d6:01:5b:
2e:41:db:9f:8c:f1:f2:72:23:bf:7b:b8:4e:05:38:
9b:86:f4:1a:37:60:48:30:e8:30:1d:1c:ba:9b:46:
27:55:ca:4e:5f:fc:ef:a4:0b:45:33:f6:73:a5:60:
18:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:63:81:FE:FA:73:0C:A0:B2:18:6F:A8:24:6C:7F:12:17:F2:70:E6
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3137382e3133322e3130352e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.132.105.0/24
Signature Algorithm: sha256WithRSAEncryption
67:14:73:44:5f:86:7c:97:1b:11:46:a3:56:51:6b:24:d2:e1:
a4:47:47:c6:8f:2a:ca:80:97:fc:15:6f:61:33:f3:78:2a:89:
a8:c5:fa:9e:f7:15:4f:f7:d6:f1:4f:a6:ff:57:b0:fd:6a:59:
68:f3:ff:d4:42:e2:66:57:eb:ae:ae:d5:b5:b8:c8:c7:0e:b1:
05:7c:d2:ce:fe:0d:5e:51:a8:f5:35:ac:64:e2:f6:62:75:37:
a0:57:b1:b2:7e:fb:43:a4:6d:8b:b2:06:1b:62:44:2e:c5:ac:
3d:8c:c6:b3:7d:1a:c5:0f:82:6a:82:ef:10:9b:bf:25:6f:0c:
05:ab:88:dc:69:fd:5b:eb:ec:99:36:be:d2:d3:54:4e:b9:f1:
75:ae:6b:4c:9f:e6:cf:40:08:21:dd:ff:62:c0:4e:97:03:36:
a7:9b:2e:33:1c:78:19:4d:39:37:6c:f1:4f:53:47:01:18:c5:
b2:3a:8b:be:5c:17:d4:0e:8d:e1:0a:4c:27:1a:de:52:f6:22:
ea:21:78:1c:57:bc:4a:f5:f6:f6:e9:98:c9:cf:1d:4d:56:78:
dd:41:ab:2f:d8:03:7b:cb:ba:5d:b2:11:92:8f:f9:42:74:63:
92:af:e0:4b:9e:c8:9c:b5:67:0a:97:bf:b3:9d:63:1b:30:dc:
67:c0:0c:c6
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUNkuVxg2spbnqj8O/VROAeNe30EwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yMzExMjYxOTQ1NDJaFw0yNDExMjQxOTUwNDJaMDMxMTAvBgNV
BAMTKDI0NjM4MUZFRkE3MzBDQTBCMjE4NkZBODI0NkM3RjEyMTdGMjcwRTYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDQDZOOahnqKGlktuUa0dWEbAMH
8trohGCTyAMi5L+DJLGyb9uSYILX8ltt6a4C3K5/WZUlqo5y2K7lIUlNdm/TDZm2
TRNcbt3FVop1UzqZZIo1nxUxa32J7Vg5YXS2CUkwXI86tn2omHaC8RDJ3Fbhb2oL
JQmi7QPLdFPSR5ulXjR08g2i4aHrBncpyf7sAt+ZhbGksLiSo0ZVPGruz2BoQxAO
EYzcJK13YxCmxcltYwEqgMqWqssoofH5j7tACvdjJzOD2YG/2OYIfYSZo9YBWy5B
25+M8fJyI797uE4FOJuG9Bo3YEgw6DAdHLqbRidVyk5f/O+kC0Uz9nOlYBglAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUJGOB/vpzDKCyGG+oJGx/EhfycOYwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNzM4MmUzMTMzMzIyZTMx
MzAzNTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALKEaTANBgkqhkiG9w0BAQsFAAOCAQEAZxRzRF+GfJcbEUajVlFrJNLhpEdH
xo8qyoCX/BVvYTPzeCqJqMX6nvcVT/fW8U+m/1ew/WpZaPP/1ELiZlfrrq7VtbjI
xw6xBXzSzv4NXlGo9TWsZOL2YnU3oFexsn77Q6Rti7IGG2JELsWsPYzGs30axQ+C
aoLvEJu/JW8MBauI3Gn9W+vsmTa+0tNUTrnxda5rTJ/mz0AIId3/YsBOlwM2p5su
Mxx4GU05N2zxT1NHARjFsjqLvlwX1A6N4QpMJxreUvYi6iF4HFe8SvX29umYyc8d
TVZ43UGrL9gDe8u6XbIRko/5QnRjkq/gS57InLVnCpe/s51jGzDcZ8AMxg==
-----END CERTIFICATE-----
Generated at Wed May 8 11:54:23 2024 by rpki-client on console-fra.rpki-client.org