Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3137382e3133322e3130392e302f32342d3234203d3e20313336373837.roa
File: 3137382e3133322e3130392e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: 7rpC1Ldfuv+zAJuGE4jqJYYWLIEE4bklgz59qN3htOQ=
Subject key identifier: 69:EC:CC:A8:42:25:04:8E:9B:22:15:06:C4:70:AC:29:45:A9:E6:76
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 521921323B84FC3EE4B524A1301F1B976B2E175D
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3137382e3133322e3130392e302f32342d3234203d3e20313336373837.roa
Signing time: Mon 19 Jun 2023 16:33:10 +0000
ROA not before: Mon 19 Jun 2023 16:28:10 +0000
ROA not after: Mon 17 Jun 2024 16:33:10 +0000
asID: 136787
IP address blocks: 178.132.109.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 May 2024 16:07:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
52:19:21:32:3b:84:fc:3e:e4:b5:24:a1:30:1f:1b:97:6b:2e:17:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jun 19 16:28:10 2023 GMT
Not After : Jun 17 16:33:10 2024 GMT
Subject: CN=69ECCCA84225048E9B221506C470AC2945A9E676
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:70:d8:db:cd:d6:a7:f2:c4:3b:1d:08:65:de:
21:88:87:48:ee:e8:e5:53:d5:de:5a:d4:1c:5b:6f:
c9:c6:62:75:c3:0a:f2:76:7e:ce:d3:bc:3e:73:84:
be:15:98:da:99:23:65:a0:4c:7b:53:05:6b:44:27:
dc:c4:41:0c:a2:d7:19:7c:02:3c:7d:d2:0c:0b:92:
38:71:93:66:e7:f2:3c:33:f2:c8:be:2f:63:eb:f4:
44:e5:de:08:85:9a:39:6c:c0:f0:8f:bb:e1:85:b8:
37:66:9b:0c:2d:97:4c:9e:ad:09:40:9d:8f:21:65:
d6:4b:11:c7:5d:a2:b2:d4:99:c9:6d:6c:77:42:00:
f9:a5:e1:55:98:87:ff:d6:93:67:80:2d:39:b4:da:
1d:c6:1d:a0:d0:52:78:13:df:e0:f0:52:e1:f8:8f:
91:3b:1f:f0:7a:16:19:31:4d:47:0d:f3:64:b2:9b:
80:d5:3b:13:c5:45:6e:af:4c:65:df:c0:25:00:3f:
46:16:c4:5f:89:98:b3:fe:7c:e0:c8:9f:33:91:5d:
15:68:55:25:f7:15:38:b4:04:1e:da:09:3f:f1:bb:
b3:36:6b:6b:d5:1f:d6:cc:ee:3d:f8:dd:8d:9f:f4:
a2:0b:33:00:d0:6d:3c:e5:a1:59:bf:96:e0:52:55:
d9:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:EC:CC:A8:42:25:04:8E:9B:22:15:06:C4:70:AC:29:45:A9:E6:76
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3137382e3133322e3130392e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.132.109.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:e0:a4:be:b3:e1:ef:0c:a2:f5:fd:5b:be:e0:e7:13:fa:4e:
0b:99:05:c3:17:9c:a2:ea:fd:8f:2b:56:70:62:c5:45:94:10:
57:88:5e:d0:9d:4e:92:a0:00:13:4b:18:63:21:6a:c8:22:96:
e1:93:69:05:b9:c1:a8:81:72:23:46:2e:3b:f3:98:bf:e1:08:
1b:93:2e:56:03:b4:d3:c7:9a:a0:51:b3:48:23:e2:be:65:e9:
ae:66:21:8d:2a:92:9f:8b:c7:e4:82:ac:1c:2d:08:18:8e:84:
13:85:7b:87:03:6c:58:0c:30:a8:42:54:c2:8b:59:7d:b4:6e:
93:37:e0:35:c7:7b:73:b9:45:de:f5:60:56:26:d0:49:45:d9:
19:28:aa:64:28:24:61:74:7b:76:0c:85:3b:0a:0e:ce:57:ca:
fd:5b:d2:f1:e3:8a:9d:dd:88:d2:b9:87:fb:7f:65:64:db:21:
07:51:c2:78:78:68:68:ef:13:6b:3f:82:25:40:e5:2e:b9:3f:
1b:b2:9d:ea:2a:ff:ed:1c:2a:31:25:82:0c:9a:aa:75:03:57:
14:ee:3e:3d:f8:22:21:22:47:59:50:55:2f:e7:4a:ee:92:97:
c6:58:a1:eb:40:7b:67:44:b3:d9:d5:e8:ec:95:5b:01:7c:27:
d9:8b:b6:cc
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUUhkhMjuE/D7ktSShMB8bl2suF10wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yMzA2MTkxNjI4MTBaFw0yNDA2MTcxNjMzMTBaMDMxMTAvBgNV
BAMTKDY5RUNDQ0E4NDIyNTA0OEU5QjIyMTUwNkM0NzBBQzI5NDVBOUU2NzYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCncNjbzdan8sQ7HQhl3iGIh0ju
6OVT1d5a1Bxbb8nGYnXDCvJ2fs7TvD5zhL4VmNqZI2WgTHtTBWtEJ9zEQQyi1xl8
Ajx90gwLkjhxk2bn8jwz8si+L2Pr9ETl3giFmjlswPCPu+GFuDdmmwwtl0yerQlA
nY8hZdZLEcddorLUmcltbHdCAPml4VWYh//Wk2eALTm02h3GHaDQUngT3+DwUuH4
j5E7H/B6FhkxTUcN82Sym4DVOxPFRW6vTGXfwCUAP0YWxF+JmLP+fODInzORXRVo
VSX3FTi0BB7aCT/xu7M2a2vVH9bM7j343Y2f9KILMwDQbTzloVm/luBSVdn1AgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUaezMqEIlBI6bIhUGxHCsKUWp5nYwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNzM4MmUzMTMzMzIyZTMx
MzAzOTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALKEbTANBgkqhkiG9w0BAQsFAAOCAQEAPeCkvrPh7wyi9f1bvuDnE/pOC5kF
wxecour9jytWcGLFRZQQV4he0J1OkqAAE0sYYyFqyCKW4ZNpBbnBqIFyI0YuO/OY
v+EIG5MuVgO008eaoFGzSCPivmXprmYhjSqSn4vH5IKsHC0IGI6EE4V7hwNsWAww
qEJUwotZfbRukzfgNcd7c7lF3vVgVibQSUXZGSiqZCgkYXR7dgyFOwoOzlfK/VvS
8eOKnd2I0rmH+39lZNshB1HCeHhoaO8Taz+CJUDlLrk/G7Kd6ir/7RwqMSWCDJqq
dQNXFO4+PfgiISJHWVBVL+dK7pKXxlih60B7Z0Sz2dXo7JVbAXwn2Yu2zA==
-----END CERTIFICATE-----
Generated at Wed May 8 19:21:53 2024 by rpki-client on console-ams.rpki-client.org