Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3137382e3133322e3131312e302f32342d3234203d3e20313336373837.roa
File: 3137382e3133322e3131312e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: L09RzkeuSxHqgud2jvdekf8K4FDpvkXdzkSsy2+15GM=
Subject key identifier: D8:D1:2F:FB:A2:0C:F5:D1:4F:50:8F:CD:28:DC:4C:A0:95:BE:64:6D
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 3854678614FDE276B1CFEA7544DA04BE4ED7E503
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3137382e3133322e3131312e302f32342d3234203d3e20313336373837.roa
Signing time: Mon 20 May 2024 17:03:45 +0000
ROA not before: Mon 20 May 2024 16:58:45 +0000
ROA not after: Mon 19 May 2025 17:03:45 +0000
asID: 136787
IP address blocks: 178.132.111.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
38:54:67:86:14:fd:e2:76:b1:cf:ea:75:44:da:04:be:4e:d7:e5:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: May 20 16:58:45 2024 GMT
Not After : May 19 17:03:45 2025 GMT
Subject: CN=D8D12FFBA20CF5D14F508FCD28DC4CA095BE646D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:65:63:1a:99:0e:45:63:ec:7a:df:f4:98:e8:
5a:37:da:d4:bd:d2:18:2c:f7:dc:16:8b:39:75:82:
44:b2:6d:d9:0b:78:7a:33:bf:cb:5d:c6:4e:7c:d9:
99:4c:04:78:d8:fd:6b:b2:ca:82:e2:dd:fa:18:86:
de:7a:6e:eb:04:92:25:6d:7f:b8:4c:f1:57:c8:e0:
c1:5d:81:27:01:e8:83:1b:6f:c2:b5:98:14:bc:53:
cf:d0:46:e8:48:7b:9f:13:09:93:f6:87:00:1c:8d:
62:8b:96:70:88:e6:47:98:f3:d7:ea:d8:d8:bf:4d:
8d:9c:d1:4e:f8:d4:3b:53:c5:58:7c:21:10:a5:88:
d4:31:89:f7:a8:6f:41:88:20:78:0d:a9:77:fb:4f:
b1:2f:77:2b:ca:57:78:2b:b5:71:c2:4c:21:10:71:
ef:e7:20:b1:59:cc:70:17:37:6d:d4:98:f3:7c:8b:
d3:60:f8:d6:ee:73:c0:7b:9e:02:d9:7d:9d:45:10:
75:ae:61:79:2e:67:b3:6a:25:63:1b:27:70:b1:c9:
0b:af:ef:7c:ff:ad:5f:81:d1:f2:04:a7:9c:4d:ba:
46:79:e7:f5:54:b4:52:a3:c1:8d:2c:b6:78:26:f1:
61:c1:95:2f:94:8f:6a:13:89:b1:59:71:74:8b:d6:
1f:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:D1:2F:FB:A2:0C:F5:D1:4F:50:8F:CD:28:DC:4C:A0:95:BE:64:6D
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3137382e3133322e3131312e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.132.111.0/24
Signature Algorithm: sha256WithRSAEncryption
88:85:9a:f4:a8:b5:93:41:6b:95:4e:a2:11:d6:82:c5:67:d2:
72:de:4d:1d:fe:2f:8a:18:29:d4:79:85:45:7c:ff:d1:1a:97:
6d:85:9d:4e:e9:e0:39:36:4f:4c:f1:cb:c0:45:38:8a:a8:73:
b8:ee:ba:b2:07:cc:c5:ab:3e:11:71:0f:8f:1b:08:4b:0d:56:
08:ae:1b:12:64:7e:11:64:78:50:0c:1c:7d:be:ab:38:21:09:
c6:d0:1d:63:b2:f2:d1:c4:78:97:95:23:f4:85:d3:70:ec:55:
8e:bb:04:7b:e2:5d:d0:82:91:99:55:32:ae:5f:2c:c0:c7:25:
df:b2:2e:47:d9:7f:56:0e:15:89:91:d6:41:fd:27:0c:e9:2e:
03:e8:3c:82:84:a6:93:03:a5:08:7b:84:36:d6:bc:d7:b3:9e:
2a:be:09:6a:2e:b9:8c:d2:91:32:aa:b0:54:99:0b:d2:96:45:
a8:9c:0d:5c:b1:5e:78:22:e2:3f:5a:a8:5f:78:5b:29:0c:be:
72:83:e9:5d:d0:a1:cd:81:03:ef:2e:8b:e5:17:0d:58:19:5e:
09:1e:bc:8f:77:41:1f:15:8c:d9:d4:ca:29:88:93:3f:de:12:
46:29:4e:96:9c:13:d9:ed:de:ff:48:b2:41:06:ae:b1:4c:55:
bb:f7:95:a5
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUOFRnhhT94naxz+p1RNoEvk7X5QMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDA1MjAxNjU4NDVaFw0yNTA1MTkxNzAzNDVaMDMxMTAvBgNV
BAMTKEQ4RDEyRkZCQTIwQ0Y1RDE0RjUwOEZDRDI4REM0Q0EwOTVCRTY0NkQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3ZWMamQ5FY+x63/SY6Fo32tS9
0hgs99wWizl1gkSybdkLeHozv8tdxk582ZlMBHjY/WuyyoLi3foYht56busEkiVt
f7hM8VfI4MFdgScB6IMbb8K1mBS8U8/QRuhIe58TCZP2hwAcjWKLlnCI5keY89fq
2Ni/TY2c0U741DtTxVh8IRCliNQxifeob0GIIHgNqXf7T7EvdyvKV3grtXHCTCEQ
ce/nILFZzHAXN23UmPN8i9Ng+Nbuc8B7ngLZfZ1FEHWuYXkuZ7NqJWMbJ3CxyQuv
73z/rV+B0fIEp5xNukZ55/VUtFKjwY0stngm8WHBlS+Uj2oTibFZcXSL1h9BAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQU2NEv+6IM9dFPUI/NKNxMoJW+ZG0wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNzM4MmUzMTMzMzIyZTMx
MzEzMTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALKEbzANBgkqhkiG9w0BAQsFAAOCAQEAiIWa9Ki1k0FrlU6iEdaCxWfSct5N
Hf4vihgp1HmFRXz/0RqXbYWdTungOTZPTPHLwEU4iqhzuO66sgfMxas+EXEPjxsI
Sw1WCK4bEmR+EWR4UAwcfb6rOCEJxtAdY7Ly0cR4l5Uj9IXTcOxVjrsEe+Jd0IKR
mVUyrl8swMcl37IuR9l/Vg4ViZHWQf0nDOkuA+g8goSmkwOlCHuENta817OeKr4J
ai65jNKRMqqwVJkL0pZFqJwNXLFeeCLiP1qoX3hbKQy+coPpXdChzYED7y6L5RcN
WBleCR68j3dBHxWM2dTKKYiTP94SRilOlpwT2e3e/0iyQQausUxVu/eVpQ==
-----END CERTIFICATE-----
Generated at Mon Nov 25 03:29:13 2024 by rpki-client on console-ams.rpki-client.org