Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135352e3133332e38302e302f32342d3234203d3e20313336373837.roa
File: 3135352e3133332e38302e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: jnAbg3pDLLWhPOPKLhD9motRDNkm7BmAvy/sc9/irr4=
Subject key identifier: 5C:31:E1:06:FB:1B:B4:28:DF:C7:23:02:89:88:22:F0:F6:08:18:6F
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 2A57E2F3EE25B99D6413DE75F21A969728683695
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135352e3133332e38302e302f32342d3234203d3e20313336373837.roa
Signing time: Sat 01 Feb 2025 22:45:37 +0000
ROA not before: Sat 01 Feb 2025 22:40:37 +0000
ROA not after: Sat 31 Jan 2026 22:45:37 +0000
asID: 136787
IP address blocks: 155.133.80.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 10:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2a:57:e2:f3:ee:25:b9:9d:64:13:de:75:f2:1a:96:97:28:68:36:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Feb 1 22:40:37 2025 GMT
Not After : Jan 31 22:45:37 2026 GMT
Subject: CN=5C31E106FB1BB428DFC72302898822F0F608186F
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:b6:0c:cb:a9:4c:28:9f:08:be:3b:68:13:eb:
4a:7e:10:7f:7d:39:98:f1:15:8d:52:81:07:a8:cb:
7b:77:bf:52:67:19:98:19:f5:a2:85:2f:98:6c:79:
3c:f1:fb:d2:41:68:1f:95:b8:6d:5a:e1:65:7d:6a:
d5:d7:84:6e:cf:ad:70:4a:12:28:9d:e8:2b:31:f8:
53:34:19:b1:db:6e:0e:f3:28:1d:11:ee:1b:1e:86:
73:a3:21:69:d8:ff:52:fa:dd:48:72:d5:f1:bf:d5:
d5:2d:c7:7b:23:0e:6e:48:62:e6:9f:fd:3a:ca:57:
ff:1c:71:3e:c3:0d:27:d8:4a:f5:47:da:63:76:54:
46:a9:e1:64:39:14:6c:d1:6b:21:a1:10:ba:f7:f8:
e9:dd:44:50:b0:0f:6b:6d:42:3f:d1:ac:b7:5a:dc:
be:96:a6:ec:04:4a:7b:96:65:03:1f:de:1b:09:ef:
d6:47:67:9d:0b:ec:b2:71:e1:16:63:bd:c4:04:af:
09:f4:de:98:4b:7c:21:e1:0e:1a:d2:6f:0e:ea:e8:
0d:ee:2c:1e:1d:65:09:1a:8b:c5:cf:20:16:95:8e:
20:4f:5a:fc:f8:2b:c0:22:f5:8e:41:e4:23:57:9d:
5a:88:26:c1:2e:a6:ec:b8:20:33:b3:a0:a9:2f:95:
62:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:31:E1:06:FB:1B:B4:28:DF:C7:23:02:89:88:22:F0:F6:08:18:6F
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135352e3133332e38302e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
155.133.80.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:39:eb:ec:d0:00:58:f1:3e:7a:8c:bd:43:58:55:e6:fe:f6:
90:04:13:b4:04:83:1b:d5:bb:e4:f4:5a:05:64:67:08:13:1c:
2d:3b:5c:f8:04:73:af:37:ea:c2:40:71:e5:86:22:f4:84:64:
9b:b1:8c:7f:c5:c1:0b:47:f6:da:2c:8a:d2:ca:d7:6f:0a:08:
f8:9c:36:eb:d4:d5:da:8e:ba:50:57:64:f4:d2:25:9c:8a:d1:
92:b8:f1:e0:ba:1c:d3:36:19:8e:d1:f3:97:fe:30:7e:ec:55:
90:8e:e4:58:18:19:1e:05:ca:b4:d4:a9:39:1c:54:ea:ff:72:
22:55:11:7d:0b:cc:d6:e9:9d:87:59:5d:a3:7d:4b:a5:e4:cb:
4f:b1:0b:81:69:36:10:6b:08:fd:58:a5:83:14:d4:be:a5:e7:
a7:ba:89:d3:ef:4a:fc:b1:90:57:44:33:95:f7:f6:5f:e1:fb:
ea:e1:3a:e9:e1:c1:bf:27:bb:d3:0c:d1:3c:96:db:79:9c:41:
04:23:e4:cb:fd:4a:56:2f:39:c9:54:9f:3a:64:3b:70:0e:3e:
26:94:1f:bf:38:99:74:54:ab:1b:2d:21:97:85:7b:0b:70:b4:
07:4b:8b:9c:9d:c5:a3:ce:5f:56:bf:ad:fa:50:ad:dd:ff:f9:
93:07:6f:1c
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUKlfi8+4luZ1kE9518hqWlyhoNpUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTAyMDEyMjQwMzdaFw0yNjAxMzEyMjQ1MzdaMDMxMTAvBgNV
BAMTKDVDMzFFMTA2RkIxQkI0MjhERkM3MjMwMjg5ODgyMkYwRjYwODE4NkYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCgtgzLqUwonwi+O2gT60p+EH99
OZjxFY1SgQeoy3t3v1JnGZgZ9aKFL5hseTzx+9JBaB+VuG1a4WV9atXXhG7PrXBK
Eiid6Csx+FM0GbHbbg7zKB0R7hsehnOjIWnY/1L63Uhy1fG/1dUtx3sjDm5IYuaf
/TrKV/8ccT7DDSfYSvVH2mN2VEap4WQ5FGzRayGhELr3+OndRFCwD2ttQj/RrLda
3L6WpuwESnuWZQMf3hsJ79ZHZ50L7LJx4RZjvcQErwn03phLfCHhDhrSbw7q6A3u
LB4dZQkai8XPIBaVjiBPWvz4K8Ai9Y5B5CNXnVqIJsEupuy4IDOzoKkvlWKtAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUXDHhBvsbtCjfxyMCiYgi8PYIGG8wHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNTM1MmUzMTMzMzMyZTM4
MzAyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACbhVAwDQYJKoZIhvcNAQELBQADggEBADs56+zQAFjxPnqMvUNYVeb+9pAEE7QE
gxvVu+T0WgVkZwgTHC07XPgEc6836sJAceWGIvSEZJuxjH/FwQtH9tositLK128K
CPicNuvU1dqOulBXZPTSJZyK0ZK48eC6HNM2GY7R85f+MH7sVZCO5FgYGR4FyrTU
qTkcVOr/ciJVEX0LzNbpnYdZXaN9S6Xky0+xC4FpNhBrCP1YpYMU1L6l56e6idPv
SvyxkFdEM5X39l/h++rhOunhwb8nu9MM0TyW23mcQQQj5Mv9SlYvOclUnzpkO3AO
PiaUH784mXRUqxstIZeFewtwtAdLi5ydxaPOX1a/rfpQrd3/+ZMHbxw=
-----END CERTIFICATE-----
Generated at Fri Apr 4 16:13:09 2025 by rpki-client