Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3137382e3133322e3130372e302f32342d3234203d3e20313336373837.roa
File: 3137382e3133322e3130372e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: tWqeBt56OnB4Ffh4/jgudzPEShFpDRg0KJjBgQgnn5A=
Subject key identifier: 03:78:44:A7:60:DF:48:00:B1:AA:30:A9:BE:D3:A7:CD:D3:9D:E4:AD
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 43950240A03B2CDB4B383ACF73E7E98116A675E5
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3137382e3133322e3130372e302f32342d3234203d3e20313336373837.roa
Signing time: Wed 03 Apr 2024 19:03:26 +0000
ROA not before: Wed 03 Apr 2024 18:58:26 +0000
ROA not after: Wed 02 Apr 2025 19:03:26 +0000
asID: 136787
IP address blocks: 178.132.107.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
43:95:02:40:a0:3b:2c:db:4b:38:3a:cf:73:e7:e9:81:16:a6:75:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Apr 3 18:58:26 2024 GMT
Not After : Apr 2 19:03:26 2025 GMT
Subject: CN=037844A760DF4800B1AA30A9BED3A7CDD39DE4AD
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:c0:a7:9e:10:db:cd:b2:38:40:68:9f:fd:88:
69:7a:52:fd:24:2e:f2:90:9d:61:d1:4e:22:fe:ae:
f6:b1:ed:5a:42:0d:ad:d1:92:07:ed:c5:2d:00:42:
99:f1:81:c3:e1:0f:9a:65:77:55:92:d8:a9:d0:8d:
cb:b8:f5:7c:2f:f9:86:c5:e6:73:11:53:63:3e:b6:
2f:2c:5b:8b:9e:6c:b8:51:2e:c3:02:41:3b:7c:b2:
e0:91:05:43:d9:c3:61:7c:e2:98:88:51:f5:37:e4:
76:66:c6:d1:0c:26:38:2f:26:77:41:5c:fe:91:0a:
63:b5:88:f2:83:0e:a1:2d:7a:a0:7b:47:b0:e1:fc:
93:a7:e6:c6:22:04:68:7b:ab:9e:c9:7d:39:1e:6b:
5b:be:84:59:68:1b:d4:fe:6b:3e:26:50:bd:a9:85:
d1:a7:08:4c:12:0c:b8:0e:84:db:1c:4c:58:07:b6:
7c:e3:e9:81:ec:5b:e9:0f:34:f3:31:80:41:48:aa:
6b:f4:eb:e6:4b:8d:9a:75:3f:f3:2b:7f:f7:4e:cc:
1f:31:bf:14:56:41:15:ff:b5:1e:08:fc:2b:5a:e3:
f8:cd:b1:ed:0f:00:5f:e1:38:de:cc:af:9f:e1:b3:
ee:75:43:50:64:ee:d9:7d:11:34:96:8b:34:bf:79:
ef:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:78:44:A7:60:DF:48:00:B1:AA:30:A9:BE:D3:A7:CD:D3:9D:E4:AD
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3137382e3133322e3130372e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.132.107.0/24
Signature Algorithm: sha256WithRSAEncryption
82:6f:0c:04:0f:56:a5:0c:db:28:f8:4e:3c:e7:59:8a:51:92:
28:8e:1d:91:dd:87:cc:a5:02:1b:9f:3d:ab:44:b3:87:6a:6a:
49:32:48:cc:c0:5b:3b:79:a8:27:5f:1c:77:64:9b:73:cd:36:
9d:80:09:8e:8d:ac:c3:e9:cc:d5:78:3e:c5:3a:55:34:ef:b2:
5b:c4:7b:f5:de:31:96:c0:1c:7a:a3:52:5b:44:46:10:4c:e2:
b1:97:63:9b:37:9b:bd:d1:47:0b:7d:de:ab:0a:dc:85:99:3c:
38:86:45:cb:aa:fe:8b:05:8b:c7:b5:d1:36:a9:fe:af:54:14:
c6:fa:9e:fd:8c:f3:cf:5f:4e:1a:e1:8b:ff:4f:cd:ef:0b:27:
fd:eb:f7:f3:7b:97:ef:21:35:e3:2f:76:1c:8e:d9:e0:a1:da:
81:3c:47:cc:b0:76:e2:e5:a6:c5:77:04:f2:b5:77:c2:53:ae:
f8:f0:02:89:ae:e4:2b:27:46:a2:3d:08:90:71:60:36:b9:b5:
6a:3e:39:22:af:51:55:ca:4b:c7:95:86:3e:d3:a5:a3:e2:2d:
86:f0:6a:c1:c4:23:2f:db:40:ca:76:a5:32:96:ad:9c:d7:1f:
14:af:10:ee:65:12:d9:bb:4f:f8:f9:12:da:f0:70:66:d3:f8:
97:76:b8:96
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUQ5UCQKA7LNtLODrPc+fpgRamdeUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDA0MDMxODU4MjZaFw0yNTA0MDIxOTAzMjZaMDMxMTAvBgNV
BAMTKDAzNzg0NEE3NjBERjQ4MDBCMUFBMzBBOUJFRDNBN0NERDM5REU0QUQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDHwKeeENvNsjhAaJ/9iGl6Uv0k
LvKQnWHRTiL+rvax7VpCDa3RkgftxS0AQpnxgcPhD5pld1WS2KnQjcu49Xwv+YbF
5nMRU2M+ti8sW4uebLhRLsMCQTt8suCRBUPZw2F84piIUfU35HZmxtEMJjgvJndB
XP6RCmO1iPKDDqEteqB7R7Dh/JOn5sYiBGh7q57JfTkea1u+hFloG9T+az4mUL2p
hdGnCEwSDLgOhNscTFgHtnzj6YHsW+kPNPMxgEFIqmv06+ZLjZp1P/Mrf/dOzB8x
vxRWQRX/tR4I/Cta4/jNse0PAF/hON7Mr5/hs+51Q1Bk7tl9ETSWizS/ee/PAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUA3hEp2DfSACxqjCpvtOnzdOd5K0wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNzM4MmUzMTMzMzIyZTMx
MzAzNzJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALKEazANBgkqhkiG9w0BAQsFAAOCAQEAgm8MBA9WpQzbKPhOPOdZilGSKI4d
kd2HzKUCG589q0Szh2pqSTJIzMBbO3moJ18cd2Sbc802nYAJjo2sw+nM1Xg+xTpV
NO+yW8R79d4xlsAceqNSW0RGEEzisZdjmzebvdFHC33eqwrchZk8OIZFy6r+iwWL
x7XRNqn+r1QUxvqe/Yzzz19OGuGL/0/N7wsn/ev383uX7yE14y92HI7Z4KHagTxH
zLB24uWmxXcE8rV3wlOu+PACia7kKydGoj0IkHFgNrm1aj45Iq9RVcpLx5WGPtOl
o+IthvBqwcQjL9tAynalMpatnNcfFK8Q7mUS2btP+PkS2vBwZtP4l3a4lg==
-----END CERTIFICATE-----
Generated at Mon Nov 25 03:42:55 2024 by rpki-client on console-fra.rpki-client.org