Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135352e3133332e38392e302f32342d3234203d3e20313336373837.roa
File: 3135352e3133332e38392e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: wj6Bw+XVr9XhyH13o97RtzsIa+QpDHQpdg+8kW12R68=
Subject key identifier: 59:F4:A5:AA:1D:93:76:6E:60:DB:61:D6:65:46:86:E5:E7:E4:9A:C1
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 353AF4A8FA5701581C90040B1B8D2DFDACDD3DB3
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135352e3133332e38392e302f32342d3234203d3e20313336373837.roa
Signing time: Mon 27 Jan 2025 09:45:25 +0000
ROA not before: Mon 27 Jan 2025 09:40:25 +0000
ROA not after: Mon 26 Jan 2026 09:45:25 +0000
asID: 136787
IP address blocks: 155.133.89.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 10:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
35:3a:f4:a8:fa:57:01:58:1c:90:04:0b:1b:8d:2d:fd:ac:dd:3d:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jan 27 09:40:25 2025 GMT
Not After : Jan 26 09:45:25 2026 GMT
Subject: CN=59F4A5AA1D93766E60DB61D6654686E5E7E49AC1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:5d:c1:eb:1b:69:1e:a8:ae:4f:c8:5d:2b:4e:
2a:19:03:77:8d:b6:8b:78:bd:1c:17:f9:67:4c:bb:
51:de:de:84:a9:73:3f:e4:19:56:0c:ba:7d:d7:a5:
3e:cd:02:95:5d:8c:1d:7b:e1:73:01:35:48:b1:b5:
a0:ec:08:87:bd:18:a3:f1:75:69:4e:6c:88:fd:26:
4b:56:a7:fd:0e:74:6f:90:a3:46:0d:7a:8a:b1:b3:
78:ae:b9:ce:c0:49:ae:de:c2:f1:01:fc:fe:1c:87:
92:6c:4c:8f:64:c3:1c:4c:a8:62:ea:22:aa:5e:c8:
f5:00:b7:7b:54:30:4c:ff:28:63:95:43:4e:f1:e9:
ce:73:1a:ba:1e:f8:88:c4:29:59:6e:d2:ac:69:7b:
3e:67:c0:e6:71:40:13:ea:0a:d2:3c:b6:78:89:cd:
d6:6d:95:0a:56:19:c8:74:a5:1f:47:32:7f:1d:f9:
dc:e8:51:95:12:8c:9e:84:9a:d6:d9:d3:ca:c4:0b:
d7:7d:7c:9e:49:17:21:ce:0a:d5:0b:db:c8:eb:ed:
9d:75:81:03:12:7d:ae:c7:97:50:f2:68:23:22:ce:
e0:0c:14:a5:03:68:dc:49:31:e5:ee:de:c9:52:bd:
97:12:94:f6:86:80:18:cb:b4:3d:c3:b1:23:09:eb:
6a:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:F4:A5:AA:1D:93:76:6E:60:DB:61:D6:65:46:86:E5:E7:E4:9A:C1
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135352e3133332e38392e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
155.133.89.0/24
Signature Algorithm: sha256WithRSAEncryption
14:9a:05:0e:50:1e:45:5b:8b:7d:68:91:34:f3:38:b8:3c:5c:
ef:dd:d1:ad:7f:b8:cd:a4:7e:fe:1d:67:73:50:8c:7b:30:22:
36:44:79:f2:4e:76:7c:09:9d:a3:00:64:f4:56:0e:74:25:2a:
95:aa:d8:25:16:06:01:ee:5c:35:94:d9:c1:c6:d1:99:aa:93:
02:37:73:2e:5c:9d:42:26:3a:55:c2:9b:97:5c:f8:cf:6d:60:
8b:82:c6:4c:4c:15:47:cc:f7:c5:55:2e:b1:45:b6:c8:13:c6:
5e:b2:22:05:d8:87:8a:c4:44:5e:84:63:06:00:c8:57:e8:af:
19:67:c2:76:86:35:16:18:52:f0:46:66:24:b0:29:4e:34:b0:
d1:a5:90:92:31:ea:8a:ae:33:a5:94:9d:c2:06:c0:92:fe:34:
50:92:d0:bb:dc:20:16:44:73:6e:26:2c:fa:e8:7e:8b:ad:61:
94:64:7d:97:18:46:a2:55:8f:53:08:2c:86:72:e0:96:1f:19:
99:e0:59:6b:a1:58:31:40:74:0e:b8:0b:f3:84:57:de:8e:ca:
ef:e6:69:c0:09:cb:d6:65:06:a1:dd:3b:13:a3:bb:1a:78:5d:
f7:3c:f7:41:bd:2c:71:98:4f:f7:a0:63:ca:d7:f7:3e:e7:77:
18:9d:2c:e5
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUNTr0qPpXAVgckAQLG40t/azdPbMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTAxMjcwOTQwMjVaFw0yNjAxMjYwOTQ1MjVaMDMxMTAvBgNV
BAMTKDU5RjRBNUFBMUQ5Mzc2NkU2MERCNjFENjY1NDY4NkU1RTdFNDlBQzEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCtXcHrG2keqK5PyF0rTioZA3eN
tot4vRwX+WdMu1He3oSpcz/kGVYMun3XpT7NApVdjB174XMBNUixtaDsCIe9GKPx
dWlObIj9JktWp/0OdG+Qo0YNeoqxs3iuuc7ASa7ewvEB/P4ch5JsTI9kwxxMqGLq
IqpeyPUAt3tUMEz/KGOVQ07x6c5zGroe+IjEKVlu0qxpez5nwOZxQBPqCtI8tniJ
zdZtlQpWGch0pR9HMn8d+dzoUZUSjJ6EmtbZ08rEC9d9fJ5JFyHOCtUL28jr7Z11
gQMSfa7Hl1DyaCMizuAMFKUDaNxJMeXu3slSvZcSlPaGgBjLtD3DsSMJ62r5AgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUWfSlqh2Tdm5g22HWZUaG5efkmsEwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNTM1MmUzMTMzMzMyZTM4
MzkyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACbhVkwDQYJKoZIhvcNAQELBQADggEBABSaBQ5QHkVbi31okTTzOLg8XO/d0a1/
uM2kfv4dZ3NQjHswIjZEefJOdnwJnaMAZPRWDnQlKpWq2CUWBgHuXDWU2cHG0Zmq
kwI3cy5cnUImOlXCm5dc+M9tYIuCxkxMFUfM98VVLrFFtsgTxl6yIgXYh4rERF6E
YwYAyFforxlnwnaGNRYYUvBGZiSwKU40sNGlkJIx6oquM6WUncIGwJL+NFCS0Lvc
IBZEc24mLProfoutYZRkfZcYRqJVj1MILIZy4JYfGZngWWuhWDFAdA64C/OEV96O
yu/macAJy9ZlBqHdOxOjuxp4Xfc890G9LHGYT/egY8rX9z7ndxidLOU=
-----END CERTIFICATE-----
Generated at Fri Apr 4 16:16:39 2025 by rpki-client