Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135352e3133332e3132362e302f32342d3234203d3e20323132393638.roa
File: 3135352e3133332e3132362e302f32342d3234203d3e20323132393638.roa (raw, json)
Hash identifier: 94Q3RCaHXnccW0oBhmxRRj+6FpHg7f64Ea7SDA7zWUs=
Subject key identifier: F8:46:3C:EC:B9:3E:6A:B9:57:E5:A5:E9:ED:A9:54:77:8A:94:9C:F9
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 3C1EE69D3FAA752091F3066C88E2D495C349DF22
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135352e3133332e3132362e302f32342d3234203d3e20323132393638.roa
Signing time: Wed 11 Jun 2025 05:29:34 +0000
ROA not before: Wed 11 Jun 2025 05:24:34 +0000
ROA not after: Wed 10 Jun 2026 05:29:34 +0000
asID: 212968
IP address blocks: 155.133.126.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 16 Jun 2025 13:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3c:1e:e6:9d:3f:aa:75:20:91:f3:06:6c:88:e2:d4:95:c3:49:df:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Jun 11 05:24:34 2025 GMT
Not After : Jun 10 05:29:34 2026 GMT
Subject: CN=F8463CECB93E6AB957E5A5E9EDA954778A949CF9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:e9:80:ea:ba:6b:2c:cc:5e:96:25:ce:3b:5c:
b9:88:76:00:45:58:a2:31:5f:7a:59:a2:4c:5a:f1:
75:b6:d5:1b:fb:a4:77:7d:3d:11:c8:a4:6e:d6:68:
2b:e7:4c:a1:79:6e:1a:11:3e:c1:40:4e:db:00:6d:
db:ea:74:83:b2:da:50:48:2c:f0:da:b5:48:0f:a7:
19:ce:04:ee:8d:dd:c0:57:20:07:d6:07:a2:da:3e:
d8:a4:16:9e:62:60:7a:f8:2e:f6:7f:40:2e:fc:b8:
4b:d9:c7:6c:47:94:42:c2:89:6e:4a:2b:78:be:6f:
fe:12:79:0b:41:e6:af:a2:bf:35:bd:54:f3:6a:39:
64:d8:90:e3:44:0b:8b:5d:ba:35:a9:94:25:b7:45:
99:3b:96:a4:a9:a0:1d:67:99:a9:53:db:cb:19:7a:
34:b1:c9:66:c3:d9:97:59:34:0b:11:ad:81:83:8d:
2e:31:de:59:91:99:a3:e2:b3:5e:ce:35:1c:93:eb:
00:a0:c2:dd:a8:ac:a6:f9:4e:e2:7d:d6:f4:35:7e:
62:c6:37:5f:cc:b8:39:95:04:80:43:d9:ee:22:5b:
79:b5:d1:25:16:81:34:3b:48:cd:da:29:aa:5a:36:
f0:a8:d1:97:26:9a:6b:f6:31:1a:d6:3d:26:a5:76:
dd:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:46:3C:EC:B9:3E:6A:B9:57:E5:A5:E9:ED:A9:54:77:8A:94:9C:F9
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135352e3133332e3132362e302f32342d3234203d3e20323132393638.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
155.133.126.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:4f:1a:09:f9:4a:4c:f7:10:d5:82:09:ff:57:27:51:65:19:
39:cf:ae:e9:c8:32:37:15:4c:80:b1:b3:ab:91:bc:47:64:db:
01:a3:ff:29:f5:e7:11:c5:b0:9f:0d:32:b9:0a:77:2a:86:b8:
cd:24:61:15:be:c2:ae:f2:5f:05:a7:ba:c9:cb:87:5b:cf:a6:
42:d0:e0:48:c9:73:4e:c0:7c:70:47:b5:8b:6e:92:58:9a:05:
5d:8c:2e:f5:5f:ce:de:d4:ef:55:b7:44:d2:b0:02:22:76:dd:
ea:32:bc:9f:d1:6e:11:d9:e2:8b:61:7b:f3:8c:89:85:b8:c9:
b8:50:9e:fa:d5:f7:10:76:77:ac:17:ab:3e:a5:38:8e:f0:65:
c1:04:aa:d9:3f:2e:9f:a5:c3:3b:75:c6:f1:57:8b:27:b9:26:
7b:a2:53:ac:e4:80:2c:7a:72:e3:c2:ae:f9:0c:a9:e2:ba:5a:
14:f2:cb:af:64:e4:09:75:33:fc:86:e0:ed:fb:6e:99:94:db:
3d:55:59:bd:e6:4c:de:cb:5e:e4:80:6e:b5:ee:6f:09:da:52:
54:76:4d:9d:52:a0:5e:a7:74:3b:c2:0c:38:77:a9:f0:bc:75:
0d:96:9c:79:e8:4d:89:13:3f:d3:d5:89:19:06:f2:fd:b4:82:
bb:85:ce:cc
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIUPB7mnT+qdSCR8wZsiOLUlcNJ3yIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA2MTEwNTI0MzRaFw0yNjA2MTAwNTI5MzRaMDMxMTAvBgNV
BAMTKEY4NDYzQ0VDQjkzRTZBQjk1N0U1QTVFOUVEQTk1NDc3OEE5NDlDRjkwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDP6YDqumsszF6WJc47XLmIdgBF
WKIxX3pZokxa8XW21Rv7pHd9PRHIpG7WaCvnTKF5bhoRPsFATtsAbdvqdIOy2lBI
LPDatUgPpxnOBO6N3cBXIAfWB6LaPtikFp5iYHr4LvZ/QC78uEvZx2xHlELCiW5K
K3i+b/4SeQtB5q+ivzW9VPNqOWTYkONEC4tdujWplCW3RZk7lqSpoB1nmalT28sZ
ejSxyWbD2ZdZNAsRrYGDjS4x3lmRmaPis17ONRyT6wCgwt2orKb5TuJ91vQ1fmLG
N1/MuDmVBIBD2e4iW3m10SUWgTQ7SM3aKapaNvCo0Zcmmmv2MRrWPSaldt0vAgMB
AAGjggJBMIICPTAdBgNVHQ4EFgQU+EY87Lk+arlX5aXp7alUd4qUnPkwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwgbEGCCsGAQUFBwELBIGkMIGhMIGeBggrBgEFBQcwC4aBkXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNTM1MmUzMTMzMzMyZTMx
MzIzNjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMyMzEzMjM5MzYzOC5yb2EwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAJuFfjANBgkqhkiG9w0BAQsFAAOCAQEADU8aCflKTPcQ1YIJ/1cnUWUZOc+u
6cgyNxVMgLGzq5G8R2TbAaP/KfXnEcWwnw0yuQp3Koa4zSRhFb7CrvJfBae6ycuH
W8+mQtDgSMlzTsB8cEe1i26SWJoFXYwu9V/O3tTvVbdE0rACInbd6jK8n9FuEdni
i2F784yJhbjJuFCe+tX3EHZ3rBerPqU4jvBlwQSq2T8un6XDO3XG8VeLJ7kme6JT
rOSALHpy48Ku+Qyp4rpaFPLLr2TkCXUz/Ibg7ftumZTbPVVZveZM3ste5IBute5v
CdpSVHZNnVKgXqd0O8IMOHep8Lx1DZaceehNiRM/09WJGQby/bSCu4XOzA==
-----END CERTIFICATE-----
Generated at Sun Jun 15 20:05:52 2025 by rpki-client