Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135352e3133332e37372e302f32342d3234203d3e20313336373837.roa
File: 3135352e3133332e37372e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: SMBzOGKeTCUB8lVsA9TDL2icHe4azV9iFT0BnM6JEWg=
Subject key identifier: 58:B7:EA:61:EB:A4:B7:19:6A:09:7A:AD:DC:33:37:15:BA:4E:57:AC
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 1D22C9227F46DF3F30FE22851C1863F0E6F3D3C5
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135352e3133332e37372e302f32342d3234203d3e20313336373837.roa
Signing time: Mon 27 Jan 2025 09:44:55 +0000
ROA not before: Mon 27 Jan 2025 09:39:55 +0000
ROA not after: Mon 26 Jan 2026 09:44:55 +0000
asID: 136787
IP address blocks: 155.133.77.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Feb 2025 13:21:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1d:22:c9:22:7f:46:df:3f:30:fe:22:85:1c:18:63:f0:e6:f3:d3:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jan 27 09:39:55 2025 GMT
Not After : Jan 26 09:44:55 2026 GMT
Subject: CN=58B7EA61EBA4B7196A097AADDC333715BA4E57AC
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:db:c5:05:1b:6f:67:8a:ea:cd:1b:5c:0a:8f:
7b:ed:96:06:4f:6e:3b:15:e2:87:ce:ae:d7:f9:dd:
de:0c:6a:b3:dd:5f:99:46:92:52:8d:4e:b0:3f:bc:
cb:21:8f:3a:0b:0f:61:64:3d:e0:b5:ef:d1:41:df:
ef:29:6c:a7:66:a6:ab:40:dc:a3:63:5d:58:50:df:
36:8a:d0:b5:84:fd:70:1a:64:21:04:86:fc:5f:0b:
c8:02:4b:8b:70:a5:3d:3a:d7:11:1b:1e:60:c8:21:
4f:73:14:2f:77:ba:76:61:34:63:a3:08:c7:bd:16:
a0:cf:bb:72:08:4e:e8:8a:93:8d:cb:d6:16:41:f9:
c9:11:46:6a:b3:25:3a:3f:b6:74:4b:90:bf:ae:3c:
6a:22:a7:bd:52:e3:60:b7:c5:6e:5d:73:e9:10:76:
15:af:4d:1b:4b:9b:22:56:6f:1c:ab:9f:c9:0c:0d:
28:18:f1:34:76:59:67:19:a9:05:5d:6c:aa:02:9b:
57:2c:fa:5a:3b:38:33:a7:1c:bc:5a:2b:ae:97:d8:
fe:34:bb:12:9e:91:77:84:db:12:ab:df:b4:94:01:
73:75:a9:40:0c:07:34:ba:02:1e:38:75:fc:c5:59:
94:7d:f4:b6:27:73:39:c9:90:e8:24:3e:d2:0d:cb:
5e:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:B7:EA:61:EB:A4:B7:19:6A:09:7A:AD:DC:33:37:15:BA:4E:57:AC
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135352e3133332e37372e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
155.133.77.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:3b:ca:70:3e:94:67:4f:8e:11:8f:6f:8e:ed:78:16:61:54:
ac:bb:d5:9a:bf:78:33:8e:54:bd:fe:d2:97:9a:c0:fb:c8:59:
2a:86:da:5c:ad:dc:71:16:2e:a4:9c:2f:79:b6:18:3d:47:0d:
bb:77:4a:04:f6:bb:91:e0:ff:5e:2d:a2:5d:8b:46:a7:1e:a2:
1e:02:a5:f1:cc:57:38:3f:e1:d4:2e:70:84:c1:18:e5:da:73:
04:f5:2d:8c:6d:0c:18:c2:3f:2c:ba:f5:b6:78:47:42:5d:ad:
c1:82:50:7f:39:21:3e:f3:6b:dd:58:ec:34:04:d8:6e:01:1e:
f1:35:34:25:85:7b:a3:4f:90:81:29:40:a0:31:97:c8:67:5f:
57:5b:d6:e6:83:0c:ba:08:e6:07:f6:80:bb:e2:9c:c7:48:e7:
de:fb:17:a4:25:89:8f:c0:63:f7:71:00:e7:af:60:7a:d8:96:
34:d1:24:f2:81:2f:ff:b9:b9:71:f6:71:1a:ab:5a:5a:97:ed:
49:1f:a4:a5:8b:a5:0e:24:2f:25:ba:29:35:45:9a:81:a1:b8:
b2:a8:a1:a3:eb:4c:26:6c:2e:db:48:01:ce:8e:af:50:9f:94:
9d:94:c3:28:13:be:ac:dd:d0:84:96:bf:06:4c:37:0f:de:69:
d6:d5:89:7b
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUHSLJIn9G3z8w/iKFHBhj8Obz08UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTAxMjcwOTM5NTVaFw0yNjAxMjYwOTQ0NTVaMDMxMTAvBgNV
BAMTKDU4QjdFQTYxRUJBNEI3MTk2QTA5N0FBRERDMzMzNzE1QkE0RTU3QUMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCz28UFG29niurNG1wKj3vtlgZP
bjsV4ofOrtf53d4MarPdX5lGklKNTrA/vMshjzoLD2FkPeC179FB3+8pbKdmpqtA
3KNjXVhQ3zaK0LWE/XAaZCEEhvxfC8gCS4twpT061xEbHmDIIU9zFC93unZhNGOj
CMe9FqDPu3IITuiKk43L1hZB+ckRRmqzJTo/tnRLkL+uPGoip71S42C3xW5dc+kQ
dhWvTRtLmyJWbxyrn8kMDSgY8TR2WWcZqQVdbKoCm1cs+lo7ODOnHLxaK66X2P40
uxKekXeE2xKr37SUAXN1qUAMBzS6Ah44dfzFWZR99LYncznJkOgkPtINy17bAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUWLfqYeuktxlqCXqt3DM3FbpOV6wwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNTM1MmUzMTMzMzMyZTM3
MzcyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACbhU0wDQYJKoZIhvcNAQELBQADggEBAB07ynA+lGdPjhGPb47teBZhVKy71Zq/
eDOOVL3+0peawPvIWSqG2lyt3HEWLqScL3m2GD1HDbt3SgT2u5Hg/14tol2LRqce
oh4CpfHMVzg/4dQucITBGOXacwT1LYxtDBjCPyy69bZ4R0JdrcGCUH85IT7za91Y
7DQE2G4BHvE1NCWFe6NPkIEpQKAxl8hnX1db1uaDDLoI5gf2gLvinMdI5977F6Ql
iY/AY/dxAOevYHrYljTRJPKBL/+5uXH2cRqrWlqX7UkfpKWLpQ4kLyW6KTVFmoGh
uLKooaPrTCZsLttIAc6Or1CflJ2UwygTvqzd0ISWvwZMNw/eadbViXs=
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:11:43 2025 by rpki-client