Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135352e3133332e31372e302f32342d3234203d3e203632323430.roa
File: 3135352e3133332e31372e302f32342d3234203d3e203632323430.roa (raw, json)
Hash identifier: qLmkb+n92MZt3Jgcuhbp37MgXGzZIhe4cw75BqtmLfs=
Subject key identifier: A4:9B:89:B3:23:4D:8B:F8:79:B9:8F:33:04:18:E3:53:96:E3:B3:81
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 0D74846AB026030792FA3F72C1F1C08ECB242871
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135352e3133332e31372e302f32342d3234203d3e203632323430.roa
Signing time: Tue 07 Oct 2025 09:47:50 +0000
ROA not before: Tue 07 Oct 2025 09:42:50 +0000
ROA not after: Tue 06 Oct 2026 09:47:50 +0000
asID: 62240
IP address blocks: 155.133.17.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 17:43:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0d:74:84:6a:b0:26:03:07:92:fa:3f:72:c1:f1:c0:8e:cb:24:28:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Oct 7 09:42:50 2025 GMT
Not After : Oct 6 09:47:50 2026 GMT
Subject: CN=A49B89B3234D8BF879B98F330418E35396E3B381
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:ed:b7:61:6d:d0:93:b9:e0:af:21:9d:cd:81:
1f:de:05:c9:2b:a8:ea:e2:2f:ab:0b:a0:58:1b:20:
ef:ff:df:9c:6a:0a:62:b9:1b:23:c6:6e:de:5d:50:
0d:3c:56:3d:76:f3:be:4d:d4:8b:03:cb:80:bd:99:
4f:a8:f8:1e:c7:49:16:89:8f:6d:5d:b2:db:f5:a8:
aa:a1:86:eb:03:d4:9b:ec:47:67:11:34:9a:69:56:
7c:0a:91:4e:88:b1:5d:9f:44:71:0e:f3:da:06:38:
8f:03:7d:98:f0:00:6c:3a:b5:7a:75:0f:b7:be:4d:
fc:f7:dc:d1:da:cb:64:b0:29:e0:a2:58:15:9c:69:
e7:ff:50:5b:b1:00:e1:c4:fb:97:1d:c5:f4:84:b3:
22:89:c0:5c:0a:61:d9:15:63:bd:96:eb:7f:01:9e:
ad:22:f8:72:a7:3a:d9:1a:b3:db:85:99:ec:9e:93:
5d:c9:8e:2d:cf:ec:a2:84:4f:46:c5:00:3f:28:e3:
55:ab:a6:ea:e5:fd:8b:a6:a4:f7:26:46:86:86:65:
8e:83:0a:84:05:23:47:09:78:fc:29:c4:8f:8e:ae:
54:53:53:ba:92:53:e2:38:a4:ff:b1:0c:20:19:30:
86:ff:18:1e:b1:4e:08:af:8e:ac:a3:1e:5f:c4:08:
05:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:9B:89:B3:23:4D:8B:F8:79:B9:8F:33:04:18:E3:53:96:E3:B3:81
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135352e3133332e31372e302f32342d3234203d3e203632323430.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
155.133.17.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:d4:59:00:e2:07:a1:41:37:66:00:27:d5:ca:56:95:8f:c1:
6c:01:85:33:f5:48:48:e5:b8:0d:70:95:95:c9:ea:2b:2b:c8:
e3:59:cb:59:34:cd:40:5f:43:18:9d:5b:13:8b:fd:85:0d:28:
e9:60:bc:7e:4b:ae:b1:51:18:d2:5f:60:78:ce:30:72:39:20:
5c:7f:33:47:9f:a5:ca:4c:ba:a2:ac:29:38:44:ea:07:a8:05:
a3:7d:d5:0e:0b:23:dc:5b:61:67:c9:8f:68:85:d3:ec:7d:cb:
ae:f9:32:79:e6:38:23:8c:fa:5f:73:6f:08:f7:de:25:51:64:
ad:e6:c1:61:69:d7:3b:0c:1a:46:71:0e:8a:ad:d2:83:c6:5e:
3a:dc:74:be:a2:d1:f0:11:57:dc:e4:cf:a9:6a:e1:4e:36:a8:
d8:79:4a:2b:c3:cb:97:66:a8:b2:8e:b6:6e:6d:88:df:da:f4:
de:7d:81:ec:f7:3a:2e:95:5f:d3:3e:db:8c:4e:df:d0:8e:82:
f1:af:04:db:24:21:d3:83:d0:7e:2c:4f:22:12:bb:23:2b:2f:
c2:7b:74:62:b5:be:46:dd:4b:d7:7d:bf:05:3f:3a:12:a7:32:
0f:a9:dc:7e:ee:d9:39:e0:a8:51:4a:f3:e5:02:bd:74:c9:81:
25:05:c8:f0
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIUDXSEarAmAweS+j9ywfHAjsskKHEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTEwMDcwOTQyNTBaFw0yNjEwMDYwOTQ3NTBaMDMxMTAvBgNV
BAMTKEE0OUI4OUIzMjM0RDhCRjg3OUI5OEYzMzA0MThFMzUzOTZFM0IzODEwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCv7bdhbdCTueCvIZ3NgR/eBckr
qOriL6sLoFgbIO//35xqCmK5GyPGbt5dUA08Vj12875N1IsDy4C9mU+o+B7HSRaJ
j21dstv1qKqhhusD1JvsR2cRNJppVnwKkU6IsV2fRHEO89oGOI8DfZjwAGw6tXp1
D7e+Tfz33NHay2SwKeCiWBWcaef/UFuxAOHE+5cdxfSEsyKJwFwKYdkVY72W638B
nq0i+HKnOtkas9uFmeyek13Jji3P7KKET0bFAD8o41Wrpurl/YumpPcmRoaGZY6D
CoQFI0cJePwpxI+OrlRTU7qSU+I4pP+xDCAZMIb/GB6xTgivjqyjHl/ECAW7AgMB
AAGjggI9MIICOTAdBgNVHQ4EFgQUpJuJsyNNi/h5uY8zBBjjU5bjs4EwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga0GCCsGAQUFBwELBIGgMIGdMIGaBggrBgEFBQcwC4aBjXJzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNTM1MmUzMTMzMzMyZTMx
MzcyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzNjMyMzIzNDMwLnJvYTAYBgNVHSAB
Af8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA
m4URMA0GCSqGSIb3DQEBCwUAA4IBAQCP1FkA4gehQTdmACfVylaVj8FsAYUz9UhI
5bgNcJWVyeorK8jjWctZNM1AX0MYnVsTi/2FDSjpYLx+S66xURjSX2B4zjByOSBc
fzNHn6XKTLqirCk4ROoHqAWjfdUOCyPcW2FnyY9ohdPsfcuu+TJ55jgjjPpfc28I
994lUWSt5sFhadc7DBpGcQ6KrdKDxl463HS+otHwEVfc5M+pauFONqjYeUorw8uX
ZqiyjrZubYjf2vTefYHs9zoulV/TPtuMTt/QjoLxrwTbJCHTg9B+LE8iErsjKy/C
e3Ritb5G3UvXfb8FPzoSpzIPqdx+7tk54KhRSvPlAr10yYElBcjw
-----END CERTIFICATE-----
Generated at Mon Oct 20 01:54:47 2025 by rpki-client