Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135352e3133332e38372e302f32342d3234203d3e20313336373837.roa
File: 3135352e3133332e38372e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: DFEx92x3G+lwG+8SxVoDtsJF8Dbdq0iIoL3VimEY+wI=
Subject key identifier: 68:CE:D0:D2:DE:55:57:FC:63:C0:83:2D:D0:18:A0:1C:E4:B5:3A:03
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 36DF6C426B2F7B217D644D5E4F18D9074ED60932
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135352e3133332e38372e302f32342d3234203d3e20313336373837.roa
Signing time: Sun 28 Sep 2025 20:47:41 +0000
ROA not before: Sun 28 Sep 2025 20:42:41 +0000
ROA not after: Sun 27 Sep 2026 20:47:41 +0000
asID: 136787
IP address blocks: 155.133.87.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 12:36:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
36:df:6c:42:6b:2f:7b:21:7d:64:4d:5e:4f:18:d9:07:4e:d6:09:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Sep 28 20:42:41 2025 GMT
Not After : Sep 27 20:47:41 2026 GMT
Subject: CN=68CED0D2DE5557FC63C0832DD018A01CE4B53A03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:d2:20:51:26:63:4a:55:7e:88:f8:d6:0b:fd:
51:d3:6e:9f:cc:85:ea:ba:0c:f1:0e:2d:53:42:65:
d2:35:a6:d2:7d:cb:8e:39:6e:4c:3c:fa:94:a6:0a:
62:23:51:90:d8:02:ad:ed:d0:11:8f:8a:be:f7:2a:
95:f5:38:66:05:12:02:4e:60:ca:8c:01:29:9c:ee:
fb:57:aa:13:c2:e5:fc:bb:7c:6f:02:27:ff:8d:16:
cf:bc:ed:ae:0f:c7:fe:0a:3e:6a:24:07:7a:a1:9c:
61:24:40:90:cb:01:92:be:21:e7:37:64:ee:a8:ee:
0f:de:7a:d2:4e:82:fe:42:1b:e3:96:4a:b5:01:66:
94:3a:fa:2d:dd:4f:c1:ec:a4:a8:e7:0c:46:d4:a2:
69:dd:cb:46:e4:b5:9c:37:56:5c:ab:24:ac:9c:cb:
cd:bd:69:2b:28:66:b9:39:20:2b:09:bd:5e:0e:d7:
f8:21:f8:c1:c9:6d:d8:07:0d:40:5c:dc:c0:72:86:
53:b4:7b:8f:bd:08:c6:31:aa:70:68:a5:8d:b2:86:
0f:c7:31:19:d7:29:d1:fe:4f:d5:a7:02:b3:52:1e:
ea:47:c4:25:67:36:ba:10:b2:69:82:8f:97:4a:93:
3d:77:2a:5f:92:95:7f:7f:73:0f:3d:9b:47:7c:c7:
d1:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:CE:D0:D2:DE:55:57:FC:63:C0:83:2D:D0:18:A0:1C:E4:B5:3A:03
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135352e3133332e38372e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
155.133.87.0/24
Signature Algorithm: sha256WithRSAEncryption
63:75:40:4c:30:c2:60:39:4a:22:66:5f:3c:1a:61:81:ca:f8:
a4:db:18:31:02:22:60:db:ef:ae:09:9a:90:ba:52:d3:52:46:
7d:2b:52:ec:40:09:6b:e3:10:e8:5a:be:ef:46:7c:54:66:9d:
85:80:3f:d8:98:f5:da:e7:b3:d0:7f:3b:cf:fd:cb:6e:6e:98:
c5:5c:d6:47:58:50:67:53:16:9c:85:38:26:c2:aa:93:10:9a:
49:ec:c8:aa:9d:1c:0c:51:10:c1:21:f9:9b:e8:53:47:c5:1c:
37:a3:90:c7:90:da:07:ef:82:91:a3:bc:18:0c:30:a8:f8:ca:
eb:3e:09:53:1f:4b:ba:79:91:91:e0:fe:fc:93:db:a2:6d:59:
01:84:be:3a:96:3d:b6:c6:2c:b5:7b:b4:c6:f7:40:4c:b7:ef:
db:a0:2c:84:8d:64:51:ea:d4:8a:d8:ad:f4:33:bc:d7:d9:a5:
9b:81:fd:dd:91:f9:28:49:11:ac:d1:66:65:35:98:f1:89:a6:
71:6c:46:28:96:a1:b0:e1:34:dc:d2:0d:82:96:2d:ac:70:0a:
00:ad:c8:69:27:94:6c:7d:ae:9a:5e:a9:e5:a8:ec:0e:01:00:
3a:75:4a:5d:d1:8d:1e:51:2d:28:e5:d2:28:5c:3d:8c:5e:d0:
5a:49:2f:cc
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUNt9sQmsveyF9ZE1eTxjZB07WCTIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA5MjgyMDQyNDFaFw0yNjA5MjcyMDQ3NDFaMDMxMTAvBgNV
BAMTKDY4Q0VEMEQyREU1NTU3RkM2M0MwODMyREQwMThBMDFDRTRCNTNBMDMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC60iBRJmNKVX6I+NYL/VHTbp/M
heq6DPEOLVNCZdI1ptJ9y445bkw8+pSmCmIjUZDYAq3t0BGPir73KpX1OGYFEgJO
YMqMASmc7vtXqhPC5fy7fG8CJ/+NFs+87a4Px/4KPmokB3qhnGEkQJDLAZK+Iec3
ZO6o7g/eetJOgv5CG+OWSrUBZpQ6+i3dT8HspKjnDEbUomndy0bktZw3VlyrJKyc
y829aSsoZrk5ICsJvV4O1/gh+MHJbdgHDUBc3MByhlO0e4+9CMYxqnBopY2yhg/H
MRnXKdH+T9WnArNSHupHxCVnNroQsmmCj5dKkz13Kl+SlX9/cw89m0d8x9GhAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUaM7Q0t5VV/xjwIMt0BigHOS1OgMwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNTM1MmUzMTMzMzMyZTM4
MzcyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACbhVcwDQYJKoZIhvcNAQELBQADggEBAGN1QEwwwmA5SiJmXzwaYYHK+KTbGDEC
ImDb764JmpC6UtNSRn0rUuxACWvjEOhavu9GfFRmnYWAP9iY9drns9B/O8/9y25u
mMVc1kdYUGdTFpyFOCbCqpMQmknsyKqdHAxREMEh+ZvoU0fFHDejkMeQ2gfvgpGj
vBgMMKj4yus+CVMfS7p5kZHg/vyT26JtWQGEvjqWPbbGLLV7tMb3QEy379ugLISN
ZFHq1IrYrfQzvNfZpZuB/d2R+ShJEazRZmU1mPGJpnFsRiiWobDhNNzSDYKWLaxw
CgCtyGknlGx9rppeqeWo7A4BADp1Sl3RjR5RLSjl0ihcPYxe0FpJL8w=
-----END CERTIFICATE-----
Generated at Mon Oct 20 15:56:17 2025 by rpki-client