Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3137382e3133322e3131312e302f32342d3234203d3e20313336373837.roa
File: 3137382e3133322e3131312e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: td/4+JFTg1EM/7lU0l/GkVexuO07WODSB898mCxJ2FQ=
Subject key identifier: 0A:4F:BB:92:41:FB:31:48:61:D8:01:AC:95:28:0A:F0:17:CA:22:10
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 29DF8AD3D431BA0527D6E8C6D45C52407DF2FF4D
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3137382e3133322e3131312e302f32342d3234203d3e20313336373837.roa
Signing time: Mon 19 Jun 2023 16:33:25 +0000
ROA not before: Mon 19 Jun 2023 16:28:25 +0000
ROA not after: Mon 17 Jun 2024 16:33:25 +0000
asID: 136787
IP address blocks: 178.132.111.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 08 May 2024 14:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
29:df:8a:d3:d4:31:ba:05:27:d6:e8:c6:d4:5c:52:40:7d:f2:ff:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jun 19 16:28:25 2023 GMT
Not After : Jun 17 16:33:25 2024 GMT
Subject: CN=0A4FBB9241FB314861D801AC95280AF017CA2210
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:fd:3c:54:37:c1:91:45:27:26:ba:1d:36:19:
b3:a9:91:68:24:45:63:a8:ec:28:27:69:56:3d:be:
e4:f8:97:78:0c:57:e9:51:3c:62:be:00:b4:18:b0:
b9:c4:01:ad:11:22:2d:28:a7:9d:d2:6c:a0:23:60:
47:8a:18:b0:d0:5f:a8:1e:7f:de:c1:37:28:ff:14:
c4:83:c2:18:0f:f3:c5:40:b0:59:d8:f9:c4:0c:b8:
f3:4c:2c:56:14:a8:f9:17:b1:df:8e:47:7e:26:be:
a4:1b:ad:1a:7a:2c:84:86:2c:11:ea:94:38:9e:10:
22:8f:58:90:25:f6:d6:f7:0e:6f:02:0a:16:7b:72:
02:d2:d8:ee:2d:0e:15:a3:66:0f:5a:e2:22:e3:8a:
e6:e5:6e:d4:ff:04:bf:dd:90:c1:df:d7:e8:25:09:
b6:cd:27:45:e2:14:e7:dd:34:e1:b2:57:ed:ab:72:
56:15:c0:ef:84:da:a5:27:24:84:6b:62:28:0b:6b:
0a:55:40:a6:89:6e:48:21:ea:73:45:30:33:6d:14:
53:96:94:79:10:cf:79:55:50:50:90:d3:27:1c:32:
07:35:8a:14:e7:3c:40:96:45:ae:4a:4b:3c:77:4d:
31:69:0f:bc:db:db:95:a2:4c:94:5f:f6:fa:92:df:
a9:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:4F:BB:92:41:FB:31:48:61:D8:01:AC:95:28:0A:F0:17:CA:22:10
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3137382e3133322e3131312e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.132.111.0/24
Signature Algorithm: sha256WithRSAEncryption
17:6a:2a:f9:44:9e:5e:db:8c:cf:8e:90:3a:6d:88:82:93:98:
c6:56:4c:47:cb:a9:ad:da:b8:82:4f:ee:0b:71:07:06:31:ba:
95:e6:3c:54:fd:95:cb:fd:20:d1:0b:59:0e:d7:2f:7c:79:33:
67:7a:96:ce:ec:c5:03:77:29:bb:96:1a:68:c0:44:83:03:10:
f7:b9:e9:f5:78:c4:87:c0:62:44:ec:16:84:c7:da:72:a8:04:
a8:b8:d8:b6:a7:70:3d:f6:e9:c7:8d:06:d6:1c:6f:9e:e9:4e:
eb:c0:b3:00:48:7e:1b:0f:fb:bb:c3:a2:b2:82:a5:75:c4:02:
f7:7b:28:b3:3c:c2:bc:47:d9:90:1f:15:0e:d9:92:2c:08:9d:
9e:00:da:04:d9:1b:18:20:20:d2:3a:13:5e:50:af:0a:c0:2b:
ab:f3:da:eb:24:99:5d:55:b7:3d:3c:5a:02:2a:0c:33:15:3e:
db:e8:44:a1:15:c2:83:79:b3:4b:49:64:8c:29:cc:8b:af:f6:
89:b0:96:35:b4:53:62:c0:b8:1c:59:84:23:3f:ec:5a:80:33:
21:9f:2d:f5:ad:1d:98:3e:2f:b2:11:21:bc:84:7e:b8:de:d1:
dc:0d:43:2b:91:58:22:4b:c3:6d:d8:13:81:a5:8d:a3:cf:fa:
42:ed:e8:25
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUKd+K09QxugUn1ujG1FxSQH3y/00wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yMzA2MTkxNjI4MjVaFw0yNDA2MTcxNjMzMjVaMDMxMTAvBgNV
BAMTKDBBNEZCQjkyNDFGQjMxNDg2MUQ4MDFBQzk1MjgwQUYwMTdDQTIyMTAwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC1/TxUN8GRRScmuh02GbOpkWgk
RWOo7CgnaVY9vuT4l3gMV+lRPGK+ALQYsLnEAa0RIi0op53SbKAjYEeKGLDQX6ge
f97BNyj/FMSDwhgP88VAsFnY+cQMuPNMLFYUqPkXsd+OR34mvqQbrRp6LISGLBHq
lDieECKPWJAl9tb3Dm8CChZ7cgLS2O4tDhWjZg9a4iLjiublbtT/BL/dkMHf1+gl
CbbNJ0XiFOfdNOGyV+2rclYVwO+E2qUnJIRrYigLawpVQKaJbkgh6nNFMDNtFFOW
lHkQz3lVUFCQ0yccMgc1ihTnPECWRa5KSzx3TTFpD7zb25WiTJRf9vqS36kXAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQUCk+7kkH7MUhh2AGslSgK8BfKIhAwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNzM4MmUzMTMzMzIyZTMx
MzEzMTJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMxMzMzNjM3MzgzNy5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEALKEbzANBgkqhkiG9w0BAQsFAAOCAQEAF2oq+USeXtuMz46QOm2IgpOYxlZM
R8uprdq4gk/uC3EHBjG6leY8VP2Vy/0g0QtZDtcvfHkzZ3qWzuzFA3cpu5YaaMBE
gwMQ97np9XjEh8BiROwWhMfacqgEqLjYtqdwPfbpx40G1hxvnulO68CzAEh+Gw/7
u8OisoKldcQC93soszzCvEfZkB8VDtmSLAidngDaBNkbGCAg0joTXlCvCsArq/Pa
6ySZXVW3PTxaAioMMxU+2+hEoRXCg3mzS0lkjCnMi6/2ibCWNbRTYsC4HFmEIz/s
WoAzIZ8t9a0dmD4vshEhvIR+uN7R3A1DK5FYIkvDbdgTgaWNo8/6Qu3oJQ==
-----END CERTIFICATE-----
Generated at Tue May 7 21:04:27 2024 by rpki-client on console-fra.rpki-client.org