Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3137382e31362e3134302e302f32322d3234203d3e203437353833.roa
File: 3137382e31362e3134302e302f32322d3234203d3e203437353833.roa (raw, json)
Hash identifier: TY3VhckU227o853MzotgsAjY50YJkrdzshcBtxysF6o=
Subject key identifier: 21:C7:A0:DF:11:85:63:86:7F:33:E3:75:30:9B:7E:7A:1A:F4:8F:07
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 088E72F85185D8059E18DF012FCD2AB499EF0977
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3137382e31362e3134302e302f32322d3234203d3e203437353833.roa
Signing time: Thu 13 Jun 2024 10:41:01 +0000
ROA not before: Thu 13 Jun 2024 10:36:01 +0000
ROA not after: Thu 12 Jun 2025 10:41:01 +0000
asID: 47583
IP address blocks: 178.16.140.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
08:8e:72:f8:51:85:d8:05:9e:18:df:01:2f:cd:2a:b4:99:ef:09:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jun 13 10:36:01 2024 GMT
Not After : Jun 12 10:41:01 2025 GMT
Subject: CN=21C7A0DF118563867F33E375309B7E7A1AF48F07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:5b:42:2d:c3:26:7d:55:f1:51:d9:6c:9d:18:
86:a8:04:bf:4e:ea:c0:03:f2:d2:4e:cc:2b:55:9e:
d1:12:a7:c2:d9:d0:4e:5d:73:77:74:4f:0d:1a:fd:
4c:31:44:31:4a:e9:8e:27:c3:2c:e6:4f:4e:81:89:
0a:dc:7a:9b:63:fa:2c:6d:0a:6b:58:66:e8:b5:6f:
a0:ff:3a:80:c7:43:32:a1:8b:45:c1:0e:fe:8e:49:
c6:2c:4d:5b:cc:fd:09:f1:d8:aa:de:8a:cf:13:80:
d1:50:92:69:da:b0:88:58:05:a9:a0:f3:79:27:ba:
4b:21:b9:da:77:c1:c7:d6:59:db:f3:73:94:3f:00:
7a:b5:c3:35:34:8c:8e:15:15:2e:37:3f:7c:4f:20:
0d:3c:19:ea:e2:f3:4b:fc:c6:cc:33:05:47:fd:08:
f9:46:0a:25:89:63:2a:57:b8:e6:8d:06:c7:b6:7f:
7c:b2:8a:a6:81:7d:37:6b:8d:a0:79:e8:89:08:fb:
12:d0:a4:28:0b:aa:97:43:e6:59:8b:c6:df:f2:dc:
af:3a:07:b0:68:f7:a8:cb:80:49:25:d1:a7:b3:95:
d3:bd:fa:d3:16:5b:53:71:50:36:c6:30:47:a7:22:
ca:d4:1d:b1:f7:39:d1:9b:db:ce:24:c3:65:35:d8:
38:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:C7:A0:DF:11:85:63:86:7F:33:E3:75:30:9B:7E:7A:1A:F4:8F:07
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3137382e31362e3134302e302f32322d3234203d3e203437353833.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.16.140.0/22
Signature Algorithm: sha256WithRSAEncryption
6b:7a:0c:3f:89:5b:d6:97:e2:38:4a:c0:09:07:97:5c:65:a3:
5b:e2:ef:5d:3d:59:4e:c1:f5:4f:01:45:2e:b3:19:cb:42:f0:
cc:96:89:a0:ca:7a:68:cb:be:b3:3c:72:73:88:47:48:5f:5e:
e8:91:15:c5:82:95:e0:2d:c9:65:03:3c:7f:d6:93:47:bf:3f:
a6:b9:76:37:23:2f:47:ef:93:3c:76:55:c1:ff:ff:e2:23:f9:
d8:05:cb:17:0c:fd:bb:ec:36:01:a3:37:01:be:1f:55:2c:4a:
ce:82:28:a4:c6:49:85:e1:ab:d8:ff:6c:22:1d:76:26:80:75:
6b:b8:c6:00:65:cb:88:de:33:a5:98:1f:f0:98:d0:92:9d:d8:
02:be:e7:cd:88:74:4c:4c:67:db:ae:5d:74:24:00:1d:86:20:
f0:a4:df:0b:1f:f2:03:72:3b:10:49:52:e7:e4:a3:79:ba:cd:
b9:08:5d:09:4d:ae:62:fd:10:12:5a:da:01:0d:fa:27:39:ef:
98:23:97:b6:91:cf:47:99:32:05:b4:56:db:fa:38:7b:91:f7:
3e:4d:5d:36:c3:56:3e:5d:ec:fb:b1:49:4f:52:69:81:24:c6:
e9:74:b1:cd:13:f3:93:54:fa:28:96:cf:ed:b2:63:c7:b7:55:
e8:14:75:5d
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUCI5y+FGF2AWeGN8BL80qtJnvCXcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNDA2MTMxMDM2MDFaFw0yNTA2MTIxMDQxMDFaMDMxMTAvBgNV
BAMTKDIxQzdBMERGMTE4NTYzODY3RjMzRTM3NTMwOUI3RTdBMUFGNDhGMDcwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCeW0ItwyZ9VfFR2WydGIaoBL9O
6sAD8tJOzCtVntESp8LZ0E5dc3d0Tw0a/UwxRDFK6Y4nwyzmT06BiQrceptj+ixt
CmtYZui1b6D/OoDHQzKhi0XBDv6OScYsTVvM/Qnx2Kreis8TgNFQkmnasIhYBamg
83knukshudp3wcfWWdvzc5Q/AHq1wzU0jI4VFS43P3xPIA08Geri80v8xswzBUf9
CPlGCiWJYypXuOaNBse2f3yyiqaBfTdrjaB56IkI+xLQpCgLqpdD5lmLxt/y3K86
B7Bo96jLgEkl0aezldO9+tMWW1NxUDbGMEenIsrUHbH3OdGb284kw2U12DiRAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUIceg3xGFY4Z/M+N1MJt+ehr0jwcwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNzM4MmUzMTM2MmUzMTM0
MzAyZTMwMmYzMjMyMmQzMjM0MjAzZDNlMjAzNDM3MzUzODMzLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC
shCMMA0GCSqGSIb3DQEBCwUAA4IBAQBregw/iVvWl+I4SsAJB5dcZaNb4u9dPVlO
wfVPAUUusxnLQvDMlomgynpoy76zPHJziEdIX17okRXFgpXgLcllAzx/1pNHvz+m
uXY3Iy9H75M8dlXB///iI/nYBcsXDP277DYBozcBvh9VLErOgiikxkmF4avY/2wi
HXYmgHVruMYAZcuI3jOlmB/wmNCSndgCvufNiHRMTGfbrl10JAAdhiDwpN8LH/ID
cjsQSVLn5KN5us25CF0JTa5i/RASWtoBDfonOe+YI5e2kc9HmTIFtFbb+jh7kfc+
TV02w1Y+Xez7sUlPUmmBJMbpdLHNE/OTVPools/tsmPHt1XoFHVd
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:07:03 2024 by rpki-client on console-fra.rpki-client.org