Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135352e3133332e36382e302f32342d3234203d3e20313336373837.roa
File: 3135352e3133332e36382e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: LNGbOt2maRNYUmmnit+e6KaG5l6wlIkA6RcfsInOkQ4=
Subject key identifier: 95:64:CF:B5:3E:45:69:18:6B:39:B2:03:A1:A8:E2:DD:7F:9E:94:CB
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 47A62553611217327E99BEF18F762E27849755B4
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135352e3133332e36382e302f32342d3234203d3e20313336373837.roa
Signing time: Sun 28 Sep 2025 20:47:39 +0000
ROA not before: Sun 28 Sep 2025 20:42:39 +0000
ROA not after: Sun 27 Sep 2026 20:47:39 +0000
asID: 136787
IP address blocks: 155.133.68.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 17:43:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:a6:25:53:61:12:17:32:7e:99:be:f1:8f:76:2e:27:84:97:55:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Sep 28 20:42:39 2025 GMT
Not After : Sep 27 20:47:39 2026 GMT
Subject: CN=9564CFB53E4569186B39B203A1A8E2DD7F9E94CB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:73:48:4c:8f:74:bb:cf:21:bc:57:2a:e5:ec:
3b:6f:f6:d7:5d:64:98:83:f3:21:96:1f:95:6d:62:
a0:ce:cb:40:53:2b:65:26:4f:c1:60:df:ab:dd:3c:
c0:32:88:dd:c8:f8:08:33:87:9b:af:71:a7:35:b9:
f8:f2:30:80:65:4f:c3:4b:a7:6e:32:ca:7d:85:62:
ba:c9:c9:d2:0e:7a:aa:f9:ae:a8:f4:e9:a0:0e:cb:
b4:f0:83:03:40:49:10:22:41:5a:db:d5:0b:77:35:
e3:b3:33:bc:28:22:a5:e5:b5:18:49:0b:e0:15:18:
72:b9:76:f6:8b:6f:74:38:da:b5:a1:c0:2d:60:68:
38:b7:d5:f5:a9:ad:a2:36:27:64:ec:53:49:a8:19:
d9:87:ba:c5:d9:f1:8d:6a:a6:ef:4c:73:7f:99:f2:
35:e6:d1:f2:b1:6e:db:ca:fb:33:e4:7e:a5:8f:83:
46:26:c2:55:8f:2f:58:97:64:37:52:c4:b9:0f:da:
c7:89:50:1f:2b:5d:23:2a:39:77:a1:a4:5e:a8:49:
7d:eb:3a:99:f6:52:36:b4:6e:49:e2:93:ec:5b:11:
12:89:63:05:8b:7f:75:a8:17:5b:ae:4c:ad:4d:c9:
7b:a8:91:0e:56:aa:6c:77:33:de:1c:be:07:4e:ae:
9b:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:64:CF:B5:3E:45:69:18:6B:39:B2:03:A1:A8:E2:DD:7F:9E:94:CB
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135352e3133332e36382e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
155.133.68.0/24
Signature Algorithm: sha256WithRSAEncryption
89:e1:8b:d9:2d:fa:f7:c4:2e:b0:93:f5:d3:bb:62:6d:b9:e2:
83:70:0d:59:b7:20:6a:56:81:a2:39:9d:cd:20:a9:7c:45:d8:
e0:63:92:d5:80:48:82:a1:85:70:2e:92:d4:71:01:bc:31:5a:
5b:a4:fc:c6:d3:2e:33:78:7f:22:e0:a0:b4:1e:04:a0:b9:24:
d4:b5:59:3a:3b:5f:f2:c6:b3:a6:93:a5:15:81:93:f6:4b:1e:
d0:63:a3:71:f9:34:eb:9d:b7:9f:a7:fd:d4:8b:68:4d:e6:cc:
ef:2b:2b:3e:32:66:14:19:7f:b2:17:67:95:ba:79:1d:b3:83:
4a:3b:ac:c9:63:56:a7:d0:c0:86:96:ce:32:b7:6b:96:de:b9:
bb:e5:44:9c:a6:74:f1:a6:8d:90:c2:e1:a1:9f:3c:bd:37:d2:
10:b4:dc:cd:9c:4c:92:2d:73:42:1c:5b:e0:a9:6c:89:3b:71:
b9:50:87:0a:16:6d:5b:5c:f0:c8:28:29:8c:89:35:94:a4:da:
77:6c:4f:85:25:c5:9d:10:bb:0d:f8:ab:4e:2f:6e:7c:a9:63:
9d:fc:fa:b2:ab:d7:31:4d:c1:1c:0f:93:15:46:b3:64:db:e6:
55:27:67:73:bb:7a:dd:41:0e:3c:c9:de:35:1a:30:44:3c:d9:
b4:38:35:4e
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUR6YlU2ESFzJ+mb7xj3YuJ4SXVbQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA5MjgyMDQyMzlaFw0yNjA5MjcyMDQ3MzlaMDMxMTAvBgNV
BAMTKDk1NjRDRkI1M0U0NTY5MTg2QjM5QjIwM0ExQThFMkREN0Y5RTk0Q0IwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6c0hMj3S7zyG8Vyrl7Dtv9tdd
ZJiD8yGWH5VtYqDOy0BTK2UmT8Fg36vdPMAyiN3I+Agzh5uvcac1ufjyMIBlT8NL
p24yyn2FYrrJydIOeqr5rqj06aAOy7TwgwNASRAiQVrb1Qt3NeOzM7woIqXltRhJ
C+AVGHK5dvaLb3Q42rWhwC1gaDi31fWpraI2J2TsU0moGdmHusXZ8Y1qpu9Mc3+Z
8jXm0fKxbtvK+zPkfqWPg0YmwlWPL1iXZDdSxLkP2seJUB8rXSMqOXehpF6oSX3r
Opn2Uja0bknik+xbERKJYwWLf3WoF1uuTK1NyXuokQ5Wqmx3M94cvgdOrpvZAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUlWTPtT5FaRhrObIDoaji3X+elMswHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNTM1MmUzMTMzMzMyZTM2
MzgyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACbhUQwDQYJKoZIhvcNAQELBQADggEBAInhi9kt+vfELrCT9dO7Ym254oNwDVm3
IGpWgaI5nc0gqXxF2OBjktWASIKhhXAuktRxAbwxWluk/MbTLjN4fyLgoLQeBKC5
JNS1WTo7X/LGs6aTpRWBk/ZLHtBjo3H5NOudt5+n/dSLaE3mzO8rKz4yZhQZf7IX
Z5W6eR2zg0o7rMljVqfQwIaWzjK3a5beubvlRJymdPGmjZDC4aGfPL030hC03M2c
TJItc0IcW+CpbIk7cblQhwoWbVtc8MgoKYyJNZSk2ndsT4UlxZ0Quw34q04vbnyp
Y538+rKr1zFNwRwPkxVGs2Tb5lUnZ3O7et1BDjzJ3jUaMEQ82bQ4NU4=
-----END CERTIFICATE-----
Generated at Mon Oct 20 02:09:04 2025 by rpki-client