Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135352e3133332e31352e302f32342d3234203d3e20313336373837.roa
File: 3135352e3133332e31352e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: nrrapVhUJvrouseF/c5GFtljtXvwkjnU2MJA/XRYt1w=
Subject key identifier: C9:BA:30:98:F9:04:F6:F5:F1:06:90:2C:B3:D5:87:36:53:51:F3:F1
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 1A045708072ED38142095A2D85517EC2C9D80A31
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135352e3133332e31352e302f32342d3234203d3e20313336373837.roa
Signing time: Mon 27 Jan 2025 09:45:15 +0000
ROA not before: Mon 27 Jan 2025 09:40:15 +0000
ROA not after: Mon 26 Jan 2026 09:45:15 +0000
asID: 136787
IP address blocks: 155.133.15.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 13:21:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1a:04:57:08:07:2e:d3:81:42:09:5a:2d:85:51:7e:c2:c9:d8:0a:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jan 27 09:40:15 2025 GMT
Not After : Jan 26 09:45:15 2026 GMT
Subject: CN=C9BA3098F904F6F5F106902CB3D587365351F3F1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:f8:72:16:f5:19:56:5b:b6:00:80:5d:b5:5e:
bd:43:6d:29:5e:a1:32:28:33:9e:8f:02:3e:29:b5:
91:f2:60:4c:c7:61:ee:18:67:d8:ee:f2:4d:99:24:
25:25:12:68:b6:b5:e0:92:81:b6:ba:1a:f8:c2:6c:
1a:07:33:21:c8:e8:9d:eb:fb:ba:15:eb:0d:7d:19:
c3:6e:3b:af:53:9a:58:65:fa:cb:83:13:69:89:db:
73:e7:86:fe:7e:a1:e4:24:47:21:32:c5:bc:c8:66:
61:f3:78:2b:36:d1:50:f9:2c:29:d7:7c:7a:d0:37:
3b:29:c5:ba:34:8a:88:00:29:e0:f7:56:a0:d3:77:
88:a2:89:f9:94:fa:ee:28:b2:e5:77:5b:de:d6:e2:
22:07:a6:8d:64:0d:d7:74:ed:fd:85:dc:4d:fd:d9:
dc:22:b4:a9:2e:6e:b6:85:46:64:1a:9b:0a:c6:8b:
28:67:2f:39:6f:71:d9:3c:f1:50:67:5e:a1:7e:46:
08:c4:81:60:43:d4:1d:71:b9:da:45:bc:82:71:47:
ba:af:95:a3:c5:42:b0:80:fe:36:36:99:27:7e:46:
ff:7d:91:08:74:92:a3:0f:90:dd:34:7b:c4:66:e0:
1f:46:0d:e1:4a:07:03:dd:18:5f:20:6b:e4:81:51:
35:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:BA:30:98:F9:04:F6:F5:F1:06:90:2C:B3:D5:87:36:53:51:F3:F1
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135352e3133332e31352e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
155.133.15.0/24
Signature Algorithm: sha256WithRSAEncryption
09:fa:ff:2c:43:57:ba:e0:df:1f:55:b0:37:84:8c:9e:9d:0a:
dc:f3:c2:3a:35:67:37:0a:f3:ea:d6:30:0d:d9:f3:49:ec:1b:
37:f3:20:e4:74:a6:67:8f:40:18:71:fb:b7:c8:24:5a:d1:6e:
c8:21:8b:c7:31:17:c6:7b:56:48:2a:42:8c:73:5e:49:27:32:
f3:e8:e8:76:a4:06:39:4e:fa:fd:5e:db:f1:ac:39:1e:59:d2:
cf:ba:e5:68:ad:c8:e9:31:fd:2e:ff:80:4d:e9:8d:bf:0e:48:
af:24:90:2a:bc:44:21:3c:48:a5:30:f4:01:68:54:84:5f:04:
48:66:04:36:0b:10:22:46:a5:28:80:8f:f5:68:03:24:ca:c3:
c2:05:87:68:12:6b:63:28:cc:d9:b6:09:70:9e:b7:e3:f3:52:
dd:86:d3:7f:9f:88:ad:42:cc:bd:11:a0:83:1e:ce:dd:c8:bc:
ec:85:7d:1c:8f:80:a0:b3:4a:ee:ba:5d:39:4d:bf:df:37:06:
6b:e0:af:45:2b:d0:81:f3:ec:9a:25:cc:3a:5c:4c:1e:d6:b0:
40:61:2a:a0:34:62:79:ee:7d:11:49:bc:df:50:0b:2d:b7:30:
64:f0:b0:9b:2f:9f:4a:18:c8:0c:14:a1:b0:5c:5d:69:09:cc:
7b:a2:24:5a
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUGgRXCAcu04FCCVothVF+wsnYCjEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTAxMjcwOTQwMTVaFw0yNjAxMjYwOTQ1MTVaMDMxMTAvBgNV
BAMTKEM5QkEzMDk4RjkwNEY2RjVGMTA2OTAyQ0IzRDU4NzM2NTM1MUYzRjEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDI+HIW9RlWW7YAgF21Xr1DbSle
oTIoM56PAj4ptZHyYEzHYe4YZ9ju8k2ZJCUlEmi2teCSgba6GvjCbBoHMyHI6J3r
+7oV6w19GcNuO69Tmlhl+suDE2mJ23Pnhv5+oeQkRyEyxbzIZmHzeCs20VD5LCnX
fHrQNzspxbo0iogAKeD3VqDTd4iiifmU+u4osuV3W97W4iIHpo1kDdd07f2F3E39
2dwitKkubraFRmQamwrGiyhnLzlvcdk88VBnXqF+RgjEgWBD1B1xudpFvIJxR7qv
laPFQrCA/jY2mSd+Rv99kQh0kqMPkN00e8Rm4B9GDeFKBwPdGF8ga+SBUTXxAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUybowmPkE9vXxBpAss9WHNlNR8/EwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNTM1MmUzMTMzMzMyZTMx
MzUyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACbhQ8wDQYJKoZIhvcNAQELBQADggEBAAn6/yxDV7rg3x9VsDeEjJ6dCtzzwjo1
ZzcK8+rWMA3Z80nsGzfzIOR0pmePQBhx+7fIJFrRbsghi8cxF8Z7VkgqQoxzXkkn
MvPo6HakBjlO+v1e2/GsOR5Z0s+65WityOkx/S7/gE3pjb8OSK8kkCq8RCE8SKUw
9AFoVIRfBEhmBDYLECJGpSiAj/VoAyTKw8IFh2gSa2MozNm2CXCet+PzUt2G03+f
iK1CzL0RoIMezt3IvOyFfRyPgKCzSu66XTlNv983Bmvgr0Ur0IHz7JolzDpcTB7W
sEBhKqA0YnnufRFJvN9QCy23MGTwsJsvn0oYyAwUobBcXWkJzHuiJFo=
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:28:42 2025 by rpki-client