Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3137382e3133322e3130392e302f32342d3234203d3e20313336373837.roa
File: 3137382e3133322e3130392e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: be2iwmK7aMFdUGz82REncYqzz2ToCrhlVB69TmtXW3Y=
Subject key identifier: 75:C8:1F:64:57:39:A5:F6:D6:67:69:F3:64:65:11:40:8B:A4:CF:A4
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 1F1F92F14B321EBCDCA4D5FDAE3F6033C35FF527
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3137382e3133322e3130392e302f32342d3234203d3e20313336373837.roa
Signing time: Mon 20 May 2024 17:03:44 +0000
ROA not before: Mon 20 May 2024 16:58:44 +0000
ROA not after: Mon 19 May 2025 17:03:44 +0000
asID: 136787
IP address blocks: 178.132.109.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1f:1f:92:f1:4b:32:1e:bc:dc:a4:d5:fd:ae:3f:60:33:c3:5f:f5:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: May 20 16:58:44 2024 GMT
Not After : May 19 17:03:44 2025 GMT
Subject: CN=75C81F645739A5F6D66769F3646511408BA4CFA4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:92:b6:da:aa:59:8d:a0:08:50:76:ee:ee:1a:
bb:65:2b:b8:a1:ee:6b:d6:f6:2b:75:07:ce:56:a1:
17:1f:3d:69:1c:cf:5f:ca:ad:85:48:a0:2c:59:bc:
e8:d0:b8:84:33:35:a2:30:f1:c6:92:49:6f:01:6a:
97:7a:c7:dd:6f:d1:9a:d5:88:2e:77:d7:3c:fd:ab:
ff:3b:71:74:b0:52:6f:6d:04:d2:43:93:91:15:dc:
b6:b8:ba:f0:24:26:df:34:a1:97:97:3c:21:1a:e0:
e4:7c:d1:21:06:fd:25:29:87:44:46:50:85:dd:58:
d3:d5:ff:4c:e4:e8:59:31:04:a9:15:17:60:d6:6a:
05:2c:e4:72:ff:c9:14:16:76:fe:30:6e:f2:a2:02:
98:04:f4:4b:8e:6a:c2:fa:54:1a:2e:70:41:c2:49:
d1:95:a5:9f:50:fe:e9:70:b5:4d:0a:49:47:5d:d3:
5a:69:9b:a6:1b:6b:4a:a8:5e:eb:b0:f3:00:18:6b:
7e:ac:82:3d:f3:ea:48:4f:65:c7:87:f7:61:7e:69:
2f:63:8c:84:60:fb:ff:f2:d2:9a:43:e0:18:c2:7c:
b0:7f:d4:73:1d:ff:88:5f:6a:80:e9:37:f1:db:1c:
d3:53:9e:04:5b:81:dd:f0:db:e0:44:80:8d:5a:5a:
1a:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:C8:1F:64:57:39:A5:F6:D6:67:69:F3:64:65:11:40:8B:A4:CF:A4
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3137382e3133322e3130392e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.132.109.0/24
Signature Algorithm: sha256WithRSAEncryption
90:41:78:8d:fc:21:3d:80:d3:68:a9:41:b0:80:2d:7a:10:8c:
3c:06:49:38:de:2c:8d:8e:3a:83:98:68:1c:48:d0:27:ef:56:
8c:25:ef:d2:be:e7:09:e8:73:30:e0:b5:53:17:bc:03:a5:7c:
c0:5d:29:a9:c1:bd:6e:70:6f:43:dc:45:f7:40:51:4b:3d:99:
11:f0:1e:de:0f:2b:e6:30:af:4e:2c:cd:2c:0c:1e:c6:f6:05:
e5:72:8e:bc:cc:17:21:6d:6d:63:61:4d:28:3d:a7:a7:94:a0:
20:d3:52:a2:58:0a:25:db:8e:9d:dc:3b:a2:17:62:79:00:6a:
b8:e3:5b:79:0e:da:19:8a:cf:82:42:99:f4:f9:ff:43:b1:2f:
4f:4c:f7:c2:05:5f:e4:60:9e:f7:db:31:80:0f:77:ce:53:57:
10:3d:3c:f5:f0:0e:fd:11:9a:62:4f:ba:59:26:ae:3a:b8:c7:
6d:e3:96:d8:0c:34:07:df:70:ad:9a:ed:0d:ec:1e:b4:6e:31:
73:1b:9b:d9:44:31:83:78:14:34:52:e1:f9:bd:64:b9:09:c2:
02:bc:9b:62:94:20:b4:2c:74:20:10:49:37:cd:6b:97:81:bd:
91:80:0e:be:fa:60:da:06:99:32:90:c2:b8:8b:b5:9a:49:e6:
c5:8b:e7:af
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUHx+S8UsyHrzcpNX9rj9gM8Nf9ScwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDA1MjAxNjU4NDRaFw0yNTA1MTkxNzAzNDRaMDMxMTAvBgNV
BAMTKDc1QzgxRjY0NTczOUE1RjZENjY3NjlGMzY0NjUxMTQwOEJBNENGQTQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDbkrbaqlmNoAhQdu7uGrtlK7ih
7mvW9it1B85WoRcfPWkcz1/KrYVIoCxZvOjQuIQzNaIw8caSSW8Bapd6x91v0ZrV
iC531zz9q/87cXSwUm9tBNJDk5EV3La4uvAkJt80oZeXPCEa4OR80SEG/SUph0RG
UIXdWNPV/0zk6FkxBKkVF2DWagUs5HL/yRQWdv4wbvKiApgE9EuOasL6VBoucEHC
SdGVpZ9Q/ulwtU0KSUdd01ppm6Yba0qoXuuw8wAYa36sgj3z6khPZceH92F+aS9j
jIRg+//y0ppD4BjCfLB/1HMd/4hfaoDpN/HbHNNTngRbgd3w2+BEgI1aWholAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUdcgfZFc5pfbWZ2nzZGURQIukz6QwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNzM4MmUzMTMzMzIyZTMx
MzAzOTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALKEbTANBgkqhkiG9w0BAQsFAAOCAQEAkEF4jfwhPYDTaKlBsIAtehCMPAZJ
ON4sjY46g5hoHEjQJ+9WjCXv0r7nCehzMOC1Uxe8A6V8wF0pqcG9bnBvQ9xF90BR
Sz2ZEfAe3g8r5jCvTizNLAwexvYF5XKOvMwXIW1tY2FNKD2np5SgINNSolgKJduO
ndw7ohdieQBquONbeQ7aGYrPgkKZ9Pn/Q7EvT0z3wgVf5GCe99sxgA93zlNXED08
9fAO/RGaYk+6WSauOrjHbeOW2Aw0B99wrZrtDewetG4xcxub2UQxg3gUNFLh+b1k
uQnCArybYpQgtCx0IBBJN81rl4G9kYAOvvpg2gaZMpDCuIu1mknmxYvnrw==
-----END CERTIFICATE-----
Generated at Mon Nov 25 03:29:13 2024 by rpki-client on console-ams.rpki-client.org