Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135352e3133332e38312e302f32342d3234203d3e20313336373837.roa
File: 3135352e3133332e38312e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: 0arBdX6w0ZRrDNHnWdS0I4urvuGnWH6Z7AXXhA1jlDw=
Subject key identifier: 3C:37:D4:3D:9E:D0:C7:56:93:E2:D3:F2:B3:55:FC:05:5F:86:20:95
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 49857F3D93CC3EE5AB831669DD52F8083AB4D593
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135352e3133332e38312e302f32342d3234203d3e20313336373837.roa
Signing time: Sat 01 Feb 2025 22:45:36 +0000
ROA not before: Sat 01 Feb 2025 22:40:36 +0000
ROA not after: Sat 31 Jan 2026 22:45:36 +0000
asID: 136787
IP address blocks: 155.133.81.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 10:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
49:85:7f:3d:93:cc:3e:e5:ab:83:16:69:dd:52:f8:08:3a:b4:d5:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Feb 1 22:40:36 2025 GMT
Not After : Jan 31 22:45:36 2026 GMT
Subject: CN=3C37D43D9ED0C75693E2D3F2B355FC055F862095
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:01:63:0e:0d:d6:53:52:1f:01:ed:38:66:7d:
c3:da:7b:ab:e9:55:e5:8a:12:13:74:b5:70:6c:12:
b4:c5:e8:a1:c5:6d:c7:ee:a3:87:4b:43:69:a3:0f:
b2:e2:24:07:6a:c3:60:c8:d4:0b:c6:dd:f4:31:2a:
d3:6f:fb:68:cf:16:69:c5:ba:0e:e5:95:12:e1:0b:
04:77:7f:ed:5f:8e:d9:a0:62:17:ca:d1:1e:a6:da:
86:f2:bf:15:3c:e6:12:07:78:97:94:05:ad:d9:05:
4b:32:9f:33:26:3a:22:22:30:e0:88:c3:13:d4:31:
86:77:77:94:e9:b5:f5:d6:df:ef:5f:d2:83:c9:67:
18:83:ce:1f:6c:d3:b7:2b:92:94:ec:62:b9:9e:fd:
ab:eb:d3:78:76:30:21:49:0f:11:b2:a8:0f:cd:21:
99:07:ec:79:ec:36:a9:bb:62:1b:d6:e2:c1:8d:c7:
9b:f4:d0:f4:19:d5:f0:54:ad:12:d9:df:c8:03:66:
5b:16:77:ac:ac:a3:d0:1c:85:db:77:35:93:3a:7f:
8b:ff:98:a8:bb:04:87:e9:28:2f:d1:37:d1:ba:8d:
8b:7c:5b:a0:7a:b5:23:4c:d3:18:d8:ff:8b:c7:9b:
a2:2b:0a:8b:2d:78:5f:fd:b3:06:1e:4c:14:79:8d:
e2:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:37:D4:3D:9E:D0:C7:56:93:E2:D3:F2:B3:55:FC:05:5F:86:20:95
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135352e3133332e38312e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
155.133.81.0/24
Signature Algorithm: sha256WithRSAEncryption
01:7e:49:a8:9f:41:a7:b6:79:4f:cf:c3:7f:7d:43:a9:98:bb:
4e:e1:eb:9b:b1:a2:04:1b:50:f9:0a:cf:b4:b8:86:f1:c6:cd:
12:16:bd:04:a2:5b:0d:0f:b2:ec:13:7b:72:d4:2d:b7:44:6e:
37:39:3c:1a:4a:6f:51:70:00:93:6d:b4:da:ce:36:47:ac:37:
c9:60:e8:45:56:49:d4:f5:94:ba:26:8c:52:11:52:fc:ef:bb:
e2:e9:7d:d3:30:48:c9:eb:fc:33:f3:59:0c:ab:f9:e2:68:1b:
0b:3b:3d:77:2d:3e:21:3f:a1:73:21:81:6a:5a:d3:0a:35:69:
b1:ed:e7:85:f5:0d:00:18:8d:da:fc:09:56:59:7d:eb:f8:66:
e4:de:56:81:32:28:6c:19:a5:3a:17:a7:c1:8f:61:c2:02:81:
ac:1b:fa:03:f5:de:40:e0:65:d5:0d:00:d2:c5:05:45:8f:2b:
ae:9c:b2:54:38:fd:8e:6d:08:c2:8c:34:be:a3:78:9d:42:51:
45:59:20:8b:ef:2a:0b:dc:1f:0e:ed:3f:7b:22:3c:ef:56:c9:
e0:76:05:d5:7e:2e:a2:a0:a7:a6:fb:62:a5:72:78:8c:e3:59:
82:5a:42:c2:fb:e4:64:89:8e:9e:8c:f9:44:b7:10:52:7a:ff:
25:c6:be:8c
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUSYV/PZPMPuWrgxZp3VL4CDq01ZMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTAyMDEyMjQwMzZaFw0yNjAxMzEyMjQ1MzZaMDMxMTAvBgNV
BAMTKDNDMzdENDNEOUVEMEM3NTY5M0UyRDNGMkIzNTVGQzA1NUY4NjIwOTUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMAWMODdZTUh8B7ThmfcPae6vp
VeWKEhN0tXBsErTF6KHFbcfuo4dLQ2mjD7LiJAdqw2DI1AvG3fQxKtNv+2jPFmnF
ug7llRLhCwR3f+1fjtmgYhfK0R6m2obyvxU85hIHeJeUBa3ZBUsynzMmOiIiMOCI
wxPUMYZ3d5TptfXW3+9f0oPJZxiDzh9s07crkpTsYrme/avr03h2MCFJDxGyqA/N
IZkH7HnsNqm7YhvW4sGNx5v00PQZ1fBUrRLZ38gDZlsWd6yso9Achdt3NZM6f4v/
mKi7BIfpKC/RN9G6jYt8W6B6tSNM0xjY/4vHm6IrCosteF/9swYeTBR5jeK3AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUPDfUPZ7Qx1aT4tPys1X8BV+GIJUwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNTM1MmUzMTMzMzMyZTM4
MzEyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACbhVEwDQYJKoZIhvcNAQELBQADggEBAAF+SaifQae2eU/Pw399Q6mYu07h65ux
ogQbUPkKz7S4hvHGzRIWvQSiWw0PsuwTe3LULbdEbjc5PBpKb1FwAJNttNrONkes
N8lg6EVWSdT1lLomjFIRUvzvu+LpfdMwSMnr/DPzWQyr+eJoGws7PXctPiE/oXMh
gWpa0wo1abHt54X1DQAYjdr8CVZZfev4ZuTeVoEyKGwZpToXp8GPYcICgawb+gP1
3kDgZdUNANLFBUWPK66cslQ4/Y5tCMKMNL6jeJ1CUUVZIIvvKgvcHw7tP3siPO9W
yeB2BdV+LqKgp6b7YqVyeIzjWYJaQsL75GSJjp6M+US3EFJ6/yXGvow=
-----END CERTIFICATE-----
Generated at Fri Apr 4 16:16:40 2025 by rpki-client