Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135352e3133332e362e302f32342d3234203d3e20313336373837.roa
File: 3135352e3133332e362e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: JWiNf27kKIA0ztP2uK2NgP1sxa+NJRIJ3eXnMTHtyCY=
Subject key identifier: 06:CD:09:EA:76:96:62:65:03:CA:EA:53:7B:C4:62:78:19:2A:6E:24
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 74C36DBEC506B45828188EF9C37D296CE9E870C3
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135352e3133332e362e302f32342d3234203d3e20313336373837.roa
Signing time: Sun 13 Apr 2025 11:46:05 +0000
ROA not before: Sun 13 Apr 2025 11:41:05 +0000
ROA not after: Sun 12 Apr 2026 11:46:05 +0000
asID: 136787
IP address blocks: 155.133.6.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Apr 2025 05:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
74:c3:6d:be:c5:06:b4:58:28:18:8e:f9:c3:7d:29:6c:e9:e8:70:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Apr 13 11:41:05 2025 GMT
Not After : Apr 12 11:46:05 2026 GMT
Subject: CN=06CD09EA7696626503CAEA537BC46278192A6E24
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:fb:35:29:59:bf:e3:5b:e8:94:ab:6c:ce:7c:
e1:b3:dd:0c:38:aa:47:81:0a:58:0e:03:8e:41:81:
c3:83:5d:70:45:25:72:e7:4d:a4:a8:7c:09:b4:4a:
3b:9b:06:2c:89:ac:3b:f8:cb:be:d7:c6:de:5d:dd:
9a:e2:aa:4f:26:7c:24:a5:b5:f4:9a:b0:c5:b2:5c:
fc:6f:8f:ff:4a:cf:d6:34:09:3e:ef:88:e1:79:2a:
c2:d5:19:61:9a:a9:7b:2e:9a:91:f3:ae:19:53:68:
54:1b:4e:67:4c:7d:30:9d:38:bf:cc:f5:da:c0:b5:
14:65:b7:56:bb:4e:09:ec:1c:9e:bb:50:8e:6e:1f:
65:66:73:6a:3a:4c:5f:b4:f0:1c:f9:5f:1c:47:e1:
e4:c9:35:6e:79:27:31:cd:18:82:ca:b9:59:68:de:
ca:d2:9e:95:88:59:e8:17:ee:d7:b3:12:fb:36:95:
7c:cc:ee:d4:26:d6:23:e9:d1:ac:ff:f0:49:c7:4b:
58:56:13:91:a2:28:bc:22:67:e9:cc:cd:42:9a:59:
d8:ca:51:c4:f5:e0:28:48:9a:f8:30:53:30:f5:3e:
c7:0b:0f:69:58:fe:33:42:63:9f:91:21:79:f9:89:
76:2f:e0:4c:0d:00:f0:1d:47:91:c1:ba:f5:97:9a:
1c:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:CD:09:EA:76:96:62:65:03:CA:EA:53:7B:C4:62:78:19:2A:6E:24
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135352e3133332e362e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
155.133.6.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:a7:f1:08:58:ce:54:a5:7f:45:a8:91:0b:93:00:0e:c6:ac:
26:6d:f5:cc:c5:06:72:22:cf:10:06:4f:ca:ae:4d:dc:db:68:
e4:19:f9:da:17:f3:50:f6:24:ed:20:2c:e9:05:08:0c:bb:46:
1b:a0:a2:96:b4:74:5a:c7:42:fa:15:6d:a1:dc:8e:f0:f3:bd:
eb:7c:a1:83:59:88:32:46:4b:08:e7:c9:1b:8f:5d:56:11:bf:
6f:cc:0a:08:42:ce:b9:bf:40:d4:ac:66:08:7b:65:c5:75:b7:
bf:16:4a:49:29:ce:75:27:e2:1f:68:77:03:d4:02:2f:db:98:
d4:ad:dd:13:d1:f4:b0:a7:b4:c7:05:ff:f5:82:83:84:cb:3e:
9a:08:ad:e3:1d:f5:d7:27:1b:7f:f1:13:83:89:e3:b5:db:d8:
b7:6f:5c:20:32:15:f0:fc:03:24:a9:a6:b5:b6:b5:31:96:25:
e5:ce:b7:a4:1a:83:a6:51:83:37:ad:1e:67:00:0f:ba:f4:83:
e0:4b:68:2f:d0:7e:97:fb:00:f3:7b:5e:56:65:1c:bf:7e:7d:
07:ef:b1:58:80:9a:bd:5e:2e:4c:d1:97:75:dd:36:11:ef:c0:
91:33:2f:82:bb:38:c2:7d:c7:3a:6c:7d:ee:ff:0b:7d:c9:87:
0c:d2:cf:24
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUdMNtvsUGtFgoGI75w30pbOnocMMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA0MTMxMTQxMDVaFw0yNjA0MTIxMTQ2MDVaMDMxMTAvBgNV
BAMTKDA2Q0QwOUVBNzY5NjYyNjUwM0NBRUE1MzdCQzQ2Mjc4MTkyQTZFMjQwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3+zUpWb/jW+iUq2zOfOGz3Qw4
qkeBClgOA45BgcODXXBFJXLnTaSofAm0SjubBiyJrDv4y77Xxt5d3Zriqk8mfCSl
tfSasMWyXPxvj/9Kz9Y0CT7viOF5KsLVGWGaqXsumpHzrhlTaFQbTmdMfTCdOL/M
9drAtRRlt1a7TgnsHJ67UI5uH2Vmc2o6TF+08Bz5XxxH4eTJNW55JzHNGILKuVlo
3srSnpWIWegX7tezEvs2lXzM7tQm1iPp0az/8EnHS1hWE5GiKLwiZ+nMzUKaWdjK
UcT14ChImvgwUzD1PscLD2lY/jNCY5+RIXn5iXYv4EwNAPAdR5HBuvWXmhyxAgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUBs0J6naWYmUDyupTe8RieBkqbiQwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNTM1MmUzMTMzMzMyZTM2
MmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIwMzEzMzM2MzczODM3LnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
m4UGMA0GCSqGSIb3DQEBCwUAA4IBAQBdp/EIWM5UpX9FqJELkwAOxqwmbfXMxQZy
Is8QBk/Krk3c22jkGfnaF/NQ9iTtICzpBQgMu0YboKKWtHRax0L6FW2h3I7w873r
fKGDWYgyRksI58kbj11WEb9vzAoIQs65v0DUrGYIe2XFdbe/FkpJKc51J+IfaHcD
1AIv25jUrd0T0fSwp7THBf/1goOEyz6aCK3jHfXXJxt/8RODieO129i3b1wgMhXw
/AMkqaa1trUxliXlzrekGoOmUYM3rR5nAA+69IPgS2gv0H6X+wDze15WZRy/fn0H
77FYgJq9Xi5M0Zd13TYR78CRMy+CuzjCfcc6bH3u/wt9yYcM0s8k
-----END CERTIFICATE-----
Generated at Sun Apr 27 11:32:08 2025 by rpki-client