Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135352e3133332e37362e302f32342d3234203d3e20313336373837.roa
File: 3135352e3133332e37362e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: /22QbkEFmst4gz/uHTOdeYd3AoR96/ov0vR66HozfJU=
Subject key identifier: 54:9A:C2:A6:9F:B1:6E:87:FA:EF:DA:F5:52:8E:51:5F:FB:85:BA:D3
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 48E99FBE12050D2C1967AD5D5395EBB59463D167
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135352e3133332e37362e302f32342d3234203d3e20313336373837.roa
Signing time: Mon 27 Jan 2025 09:45:23 +0000
ROA not before: Mon 27 Jan 2025 09:40:23 +0000
ROA not after: Mon 26 Jan 2026 09:45:23 +0000
asID: 136787
IP address blocks: 155.133.76.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 13:21:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
48:e9:9f:be:12:05:0d:2c:19:67:ad:5d:53:95:eb:b5:94:63:d1:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jan 27 09:40:23 2025 GMT
Not After : Jan 26 09:45:23 2026 GMT
Subject: CN=549AC2A69FB16E87FAEFDAF5528E515FFB85BAD3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:9d:7f:c8:58:5c:3b:46:02:67:11:c1:bf:ec:
10:51:4b:91:fc:d2:d6:a4:f5:1b:c9:5c:4c:37:b6:
71:09:5d:82:5d:f2:6b:e1:91:7a:bb:f3:79:52:eb:
2e:a2:1b:a7:81:e9:c0:fa:fd:e3:29:75:fe:06:ba:
fc:94:d8:2c:1f:fa:fa:78:32:01:5a:18:ef:c7:c5:
00:64:4a:d1:a0:3d:38:a8:b7:62:ff:7d:cf:bd:93:
56:b7:54:e5:54:6f:e4:b2:d0:2c:a3:a0:6b:df:a3:
8f:08:d1:0e:18:13:a1:d4:06:b3:f7:40:01:9c:3a:
36:74:1c:00:77:63:4a:2a:b5:99:4a:2b:03:b2:44:
ed:1e:92:45:82:42:6d:00:0c:d1:85:52:9d:49:68:
36:4b:ec:cb:8b:a5:9a:61:8e:0c:62:d3:f9:c0:bc:
52:f8:43:7b:17:09:c0:df:54:cb:15:79:9d:11:bf:
5b:45:ec:ab:16:67:73:e2:87:ca:fb:d6:ca:9d:de:
50:ae:8e:16:03:0b:c0:11:58:32:87:a9:2a:3e:c3:
cd:2a:c6:c3:1b:63:e1:af:61:9b:31:5f:6a:76:bd:
eb:8d:3b:5b:e4:4e:dd:ab:83:db:f6:22:c4:c6:3f:
e5:07:fd:c4:a3:e3:e8:c2:97:c9:ff:e2:83:3f:56:
26:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:9A:C2:A6:9F:B1:6E:87:FA:EF:DA:F5:52:8E:51:5F:FB:85:BA:D3
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135352e3133332e37362e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
155.133.76.0/24
Signature Algorithm: sha256WithRSAEncryption
33:d5:74:70:98:e6:00:44:0e:a3:39:59:f0:8c:d0:28:39:23:
ce:76:9c:9e:bc:d0:82:a4:fd:4d:d3:51:f0:72:53:e3:16:10:
b4:4c:9a:47:14:a8:e0:06:24:a4:64:90:f1:ad:45:43:3f:3a:
07:50:33:56:ca:60:c6:6e:e7:b4:5d:23:4b:f2:99:aa:8d:db:
fa:bb:91:b6:39:b4:ce:58:dd:6a:22:e1:3f:83:1f:a6:dd:62:
0b:71:9d:81:8a:9c:fc:2c:d0:5a:4f:38:c0:f8:18:2d:70:09:
db:83:47:e4:1f:45:b8:04:b6:52:31:14:ea:6b:10:7f:6d:cc:
16:74:70:ef:93:db:61:65:aa:8d:f3:9c:bf:c6:13:19:cc:6b:
c2:16:b3:6b:a6:0b:f2:f2:41:c8:e5:ed:55:0d:63:64:d4:27:
78:71:ca:d3:7b:6c:5b:ac:7a:50:83:59:9c:20:9e:46:ec:73:
a3:ec:4a:20:a9:7c:05:59:60:7a:10:d4:e2:e2:7e:99:b2:a0:
2a:47:9e:28:70:f6:8e:c1:8e:1f:fc:0c:3f:35:e7:95:80:da:
02:59:ba:7a:e5:5e:39:e3:d0:98:a5:ca:86:74:29:f4:5d:67:
f8:0b:6f:0d:39:6a:0c:fc:78:74:05:ac:e8:df:c6:58:0d:38:
2e:d5:21:ab
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUSOmfvhIFDSwZZ61dU5XrtZRj0WcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTAxMjcwOTQwMjNaFw0yNjAxMjYwOTQ1MjNaMDMxMTAvBgNV
BAMTKDU0OUFDMkE2OUZCMTZFODdGQUVGREFGNTUyOEU1MTVGRkI4NUJBRDMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCknX/IWFw7RgJnEcG/7BBRS5H8
0tak9RvJXEw3tnEJXYJd8mvhkXq783lS6y6iG6eB6cD6/eMpdf4GuvyU2Cwf+vp4
MgFaGO/HxQBkStGgPTiot2L/fc+9k1a3VOVUb+Sy0CyjoGvfo48I0Q4YE6HUBrP3
QAGcOjZ0HAB3Y0oqtZlKKwOyRO0ekkWCQm0ADNGFUp1JaDZL7MuLpZphjgxi0/nA
vFL4Q3sXCcDfVMsVeZ0Rv1tF7KsWZ3Pih8r71sqd3lCujhYDC8ARWDKHqSo+w80q
xsMbY+GvYZsxX2p2veuNO1vkTt2rg9v2IsTGP+UH/cSj4+jCl8n/4oM/VibXAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUVJrCpp+xbof679r1Uo5RX/uFutMwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNTM1MmUzMTMzMzMyZTM3
MzYyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACbhUwwDQYJKoZIhvcNAQELBQADggEBADPVdHCY5gBEDqM5WfCM0Cg5I852nJ68
0IKk/U3TUfByU+MWELRMmkcUqOAGJKRkkPGtRUM/OgdQM1bKYMZu57RdI0vymaqN
2/q7kbY5tM5Y3Woi4T+DH6bdYgtxnYGKnPws0FpPOMD4GC1wCduDR+QfRbgEtlIx
FOprEH9tzBZ0cO+T22Flqo3znL/GExnMa8IWs2umC/LyQcjl7VUNY2TUJ3hxytN7
bFuselCDWZwgnkbsc6PsSiCpfAVZYHoQ1OLifpmyoCpHnihw9o7Bjh/8DD8155WA
2gJZunrlXjnj0JilyoZ0KfRdZ/gLbw05agz8eHQFrOjfxlgNOC7VIas=
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:37:27 2025 by rpki-client