Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135352e3133332e31332e302f32342d3234203d3e20313336373837.roa
File: 3135352e3133332e31332e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: MsyIjvPdkwrADgghDOg4hNk7w5vVc5GOcakR1cozp6k=
Subject key identifier: 16:58:55:12:B5:47:10:A2:D3:2C:A3:CA:08:B2:74:D6:A5:0D:5E:8D
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 341E56E380007A16BB6F4408F034398A01F64597
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135352e3133332e31332e302f32342d3234203d3e20313336373837.roa
Signing time: Sat 01 Feb 2025 22:45:37 +0000
ROA not before: Sat 01 Feb 2025 22:40:37 +0000
ROA not after: Sat 31 Jan 2026 22:45:37 +0000
asID: 136787
IP address blocks: 155.133.13.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 13:21:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
34:1e:56:e3:80:00:7a:16:bb:6f:44:08:f0:34:39:8a:01:f6:45:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Feb 1 22:40:37 2025 GMT
Not After : Jan 31 22:45:37 2026 GMT
Subject: CN=16585512B54710A2D32CA3CA08B274D6A50D5E8D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:37:ee:d5:cc:fc:61:cc:d5:13:02:bb:d0:ed:
53:af:08:79:a5:e7:31:23:6c:20:4c:14:de:72:05:
be:28:37:33:d7:e7:9a:31:3e:75:55:5c:2d:56:0a:
08:fc:8f:9a:3b:86:4c:a9:53:ca:a3:9d:a2:c0:11:
ad:28:26:2b:1d:75:7f:9e:1b:b3:7a:d9:f3:3a:99:
8f:02:5d:01:d2:19:21:f1:7b:fb:67:54:80:4e:82:
b3:56:2e:f0:77:36:66:5d:5a:3d:7d:62:1a:2f:2a:
46:90:21:e7:7f:38:e0:b4:22:12:9e:6f:ec:e2:1f:
93:57:f6:f4:f9:9b:7a:22:93:dc:7f:80:10:87:9e:
df:05:7b:4a:09:82:3e:46:2e:e9:60:2b:99:89:2b:
3a:4d:dd:02:43:d8:ef:26:df:12:c7:b8:5e:81:55:
ea:89:65:24:6e:7c:ee:ce:d1:2e:1f:e8:9b:46:32:
e7:9b:78:1e:d7:ab:f4:99:4e:85:5f:68:df:3f:11:
99:06:a1:5e:d5:7b:63:22:5e:b7:8b:26:08:4d:c6:
09:19:7e:75:41:9b:b6:8b:7c:2e:d2:18:54:f9:1d:
4c:43:2f:c7:1d:f8:ec:98:af:ad:59:24:d8:95:5b:
8a:d6:03:1e:96:b2:1f:c2:85:54:ea:6d:87:4a:4a:
d5:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:58:55:12:B5:47:10:A2:D3:2C:A3:CA:08:B2:74:D6:A5:0D:5E:8D
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135352e3133332e31332e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
155.133.13.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:f6:2f:60:a9:20:5b:c1:15:89:32:b3:2b:af:74:55:80:67:
67:17:10:8f:4c:f1:c2:de:b7:f2:9b:7d:19:9a:66:f9:d3:57:
eb:38:a4:ba:15:6f:e0:79:f6:1e:1d:ba:41:a0:a7:ca:ed:25:
3a:ef:4a:33:80:d6:5d:d7:37:f6:91:e3:6d:8c:80:1f:6d:f4:
a6:d8:29:f6:c7:85:77:04:4f:bb:5c:bb:fa:13:b1:8c:95:14:
09:54:aa:14:27:cd:0b:a9:bd:9a:b9:a6:d9:e8:2f:5d:dc:b7:
c8:d3:8f:e6:db:71:47:b4:da:23:e0:7c:90:91:67:d3:c0:10:
19:6f:3d:f0:66:a4:03:38:2d:fb:13:12:2f:4b:1b:14:90:93:
0a:0e:85:4b:fe:43:8d:5c:46:75:94:24:12:34:a3:c2:15:91:
a8:68:95:a4:13:2e:68:d2:9a:55:73:43:3f:af:94:a8:5d:5c:
ff:e1:de:ab:91:ea:8f:90:45:af:d8:57:cb:ae:53:85:11:18:
8c:cf:f5:43:85:b3:f3:8d:e3:53:3a:5f:5c:d2:07:4f:5b:c5:
e1:b4:ba:8b:65:ce:da:61:a4:8e:4d:74:1e:b1:f6:83:99:69:
54:fa:78:51:da:02:c8:9c:16:91:01:ca:28:95:a4:e8:a8:11:
2f:fc:b1:14
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUNB5W44AAeha7b0QI8DQ5igH2RZcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTAyMDEyMjQwMzdaFw0yNjAxMzEyMjQ1MzdaMDMxMTAvBgNV
BAMTKDE2NTg1NTEyQjU0NzEwQTJEMzJDQTNDQTA4QjI3NEQ2QTUwRDVFOEQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/N+7VzPxhzNUTArvQ7VOvCHml
5zEjbCBMFN5yBb4oNzPX55oxPnVVXC1WCgj8j5o7hkypU8qjnaLAEa0oJisddX+e
G7N62fM6mY8CXQHSGSHxe/tnVIBOgrNWLvB3NmZdWj19YhovKkaQIed/OOC0IhKe
b+ziH5NX9vT5m3oik9x/gBCHnt8Fe0oJgj5GLulgK5mJKzpN3QJD2O8m3xLHuF6B
VeqJZSRufO7O0S4f6JtGMuebeB7Xq/SZToVfaN8/EZkGoV7Ve2MiXreLJghNxgkZ
fnVBm7aLfC7SGFT5HUxDL8cd+OyYr61ZJNiVW4rWAx6Wsh/ChVTqbYdKStXnAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUFlhVErVHEKLTLKPKCLJ01qUNXo0wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNTM1MmUzMTMzMzMyZTMx
MzMyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACbhQ0wDQYJKoZIhvcNAQELBQADggEBADz2L2CpIFvBFYkysyuvdFWAZ2cXEI9M
8cLet/KbfRmaZvnTV+s4pLoVb+B59h4dukGgp8rtJTrvSjOA1l3XN/aR422MgB9t
9KbYKfbHhXcET7tcu/oTsYyVFAlUqhQnzQupvZq5ptnoL13ct8jTj+bbcUe02iPg
fJCRZ9PAEBlvPfBmpAM4LfsTEi9LGxSQkwoOhUv+Q41cRnWUJBI0o8IVkaholaQT
LmjSmlVzQz+vlKhdXP/h3quR6o+QRa/YV8uuU4URGIzP9UOFs/ON41M6X1zSB09b
xeG0uotlztphpI5NdB6x9oOZaVT6eFHaAsicFpEByiiVpOioES/8sRQ=
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:27:54 2025 by rpki-client