Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135352e3133332e32302e302f32342d3234203d3e203632323430.roa
File: 3135352e3133332e32302e302f32342d3234203d3e203632323430.roa (raw, json)
Hash identifier: YQakMh9Qgaa6EWZ2pLv+nI5Hasd2NsZM7Fq/iBQlBZ4=
Subject key identifier: 16:0F:A1:4C:E0:C2:69:84:F4:2B:62:08:41:5E:76:CB:B9:2B:A6:C3
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 707FA9BF81528F47F363CBCCF7BDD46D7183A7B8
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135352e3133332e32302e302f32342d3234203d3e203632323430.roa
Signing time: Tue 04 Feb 2025 14:45:40 +0000
ROA not before: Tue 04 Feb 2025 14:40:40 +0000
ROA not after: Tue 03 Feb 2026 14:45:40 +0000
asID: 62240
IP address blocks: 155.133.20.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 04 Apr 2025 11:02:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
70:7f:a9:bf:81:52:8f:47:f3:63:cb:cc:f7:bd:d4:6d:71:83:a7:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Feb 4 14:40:40 2025 GMT
Not After : Feb 3 14:45:40 2026 GMT
Subject: CN=160FA14CE0C26984F42B6208415E76CBB92BA6C3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:26:b9:c6:60:72:fe:f5:b2:df:4a:a4:fe:3c:
5f:be:bf:d6:42:d2:28:de:2c:d1:21:34:3b:9f:d7:
b9:56:c2:40:f6:92:bd:4b:2a:cb:35:7a:7a:e5:cb:
eb:88:96:8c:37:29:5e:db:1e:42:28:fe:2a:d1:26:
f3:9e:5c:6b:b5:25:a0:2b:e3:c3:56:9e:ba:f4:c3:
1a:ef:86:06:31:5e:42:de:aa:e0:b0:7f:b0:93:a9:
ca:ec:77:6f:7a:49:4b:e0:fc:8b:27:1a:10:33:39:
68:3e:17:13:26:8e:bf:6c:17:35:74:ef:e9:80:54:
82:87:2f:f3:f3:59:c9:80:67:3a:cd:3d:8e:06:ae:
04:ea:33:40:2b:1a:9c:49:0c:31:73:e8:01:45:1a:
ce:ae:d2:3d:92:da:41:3f:a6:67:66:3f:b4:6f:de:
38:ba:1b:46:f0:3b:7e:44:a2:e3:12:f1:57:4f:2b:
26:bd:7b:2d:43:e9:42:a1:6a:cc:e8:4d:66:44:08:
36:c0:e6:71:76:9a:23:70:f3:cd:c8:1f:cc:96:1c:
f5:9d:73:6f:b5:c7:27:2b:ef:59:e5:d1:d3:f5:ca:
0b:6a:a5:77:e2:58:07:ff:12:b0:b0:40:c4:99:13:
1a:f2:6f:96:ae:6c:77:6f:fd:6f:61:ce:ba:b4:02:
47:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:0F:A1:4C:E0:C2:69:84:F4:2B:62:08:41:5E:76:CB:B9:2B:A6:C3
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135352e3133332e32302e302f32342d3234203d3e203632323430.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
155.133.20.0/24
Signature Algorithm: sha256WithRSAEncryption
05:6d:0d:24:ae:81:b5:55:06:c7:f7:75:ca:5d:da:d2:5a:36:
c5:ba:13:6f:e2:27:69:4b:50:a6:4d:f7:0b:5f:a8:d2:0a:b7:
68:9f:a1:53:4a:41:a1:71:e1:c4:ec:8e:c2:74:89:3c:f7:ee:
85:98:a2:d3:d6:1e:75:44:ec:c1:d5:74:51:82:14:6c:af:ba:
6a:cb:a7:9a:06:d1:6b:25:d2:de:e1:62:25:6a:19:3e:58:83:
c8:8d:bb:a1:e7:fa:f0:0f:f1:c3:ca:46:2c:05:f7:59:0d:cd:
d7:b5:40:aa:1c:4c:3a:cd:ee:8d:f4:f9:23:ec:eb:88:af:b8:
80:29:b4:df:d0:df:5e:e8:a3:73:cd:00:89:93:06:ad:72:c2:
58:3f:23:c2:a4:b6:f0:0e:ac:2e:97:27:9a:e1:8e:a9:d4:a5:
8b:4e:23:73:8b:5a:6f:e2:28:2b:21:f2:4c:94:9a:a9:67:bb:
bf:6a:56:5b:b2:42:78:a4:bf:5b:c9:5d:4b:97:79:15:11:d0:
55:9a:c6:09:50:a7:1f:b5:5e:eb:59:95:4a:df:4e:cf:5b:d7:
af:1a:45:34:80:57:08:26:2b:31:7a:bd:f7:a7:69:ab:3b:a8:
42:21:7f:24:d4:0d:23:e5:f4:12:0e:db:6f:df:48:43:6d:bd:
19:a4:2e:49
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUcH+pv4FSj0fzY8vM973UbXGDp7gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTAyMDQxNDQwNDBaFw0yNjAyMDMxNDQ1NDBaMDMxMTAvBgNV
BAMTKDE2MEZBMTRDRTBDMjY5ODRGNDJCNjIwODQxNUU3NkNCQjkyQkE2QzMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCoJrnGYHL+9bLfSqT+PF++v9ZC
0ijeLNEhNDuf17lWwkD2kr1LKss1enrly+uIlow3KV7bHkIo/irRJvOeXGu1JaAr
48NWnrr0wxrvhgYxXkLequCwf7CTqcrsd296SUvg/IsnGhAzOWg+FxMmjr9sFzV0
7+mAVIKHL/PzWcmAZzrNPY4GrgTqM0ArGpxJDDFz6AFFGs6u0j2S2kE/pmdmP7Rv
3ji6G0bwO35EouMS8VdPKya9ey1D6UKhaszoTWZECDbA5nF2miNw883IH8yWHPWd
c2+1xycr71nl0dP1ygtqpXfiWAf/ErCwQMSZExryb5aubHdv/W9hzrq0AkfnAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUFg+hTODCaYT0K2IIQV52y7krpsMwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNTM1MmUzMTMzMzMyZTMy
MzAyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNjMyMzIzNDMwLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
m4UUMA0GCSqGSIb3DQEBCwUAA4IBAQAFbQ0kroG1VQbH93XKXdrSWjbFuhNv4idp
S1CmTfcLX6jSCrdon6FTSkGhceHE7I7CdIk89+6FmKLT1h51ROzB1XRRghRsr7pq
y6eaBtFrJdLe4WIlahk+WIPIjbuh5/rwD/HDykYsBfdZDc3XtUCqHEw6ze6N9Pkj
7OuIr7iAKbTf0N9e6KNzzQCJkwatcsJYPyPCpLbwDqwulyea4Y6p1KWLTiNzi1pv
4igrIfJMlJqpZ7u/alZbskJ4pL9byV1Ll3kVEdBVmsYJUKcftV7rWZVK307PW9ev
GkU0gFcIJisxer33p2mrO6hCIX8k1A0j5fQSDttv30hDbb0ZpC5J
-----END CERTIFICATE-----
Generated at Thu Apr 3 22:20:19 2025 by rpki-client