Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135352e3133332e39302e302f32342d3234203d3e20313336373837.roa
File: 3135352e3133332e39302e302f32342d3234203d3e20313336373837.roa (raw, json)
Hash identifier: see0A66n1dXbVw6VuRy+aumQ6+eTwZQ/YYVxDfHlkmo=
Subject key identifier: 31:C0:D2:31:EB:A9:4C:42:F8:EB:94:9A:13:33:88:EA:5B:01:A8:C6
Certificate issuer: /CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Certificate serial: 7CACAAE9DFCBC8611EF4F9C5768E1DFB5D0A023C
Authority key identifier: AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135352e3133332e39302e302f32342d3234203d3e20313336373837.roa
Signing time: Sun 28 Sep 2025 20:47:40 +0000
ROA not before: Sun 28 Sep 2025 20:42:40 +0000
ROA not after: Sun 27 Sep 2026 20:47:40 +0000
asID: 136787
IP address blocks: 155.133.90.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.mft
rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7c:ac:aa:e9:df:cb:c8:61:1e:f4:f9:c5:76:8e:1d:fb:5d:0a:02:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab2dcc169c95f2b14df31dd24a1f67034ea7779c
Validity
Not Before: Sep 28 20:42:40 2025 GMT
Not After : Sep 27 20:47:40 2026 GMT
Subject: CN=31C0D231EBA94C42F8EB949A133388EA5B01A8C6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:19:93:d5:7f:23:6a:41:71:3f:71:c5:69:ed:
83:e8:38:d0:9e:8d:50:1c:91:70:0f:93:91:e5:0f:
b3:96:a6:4e:0d:13:90:52:1f:2c:41:20:fa:1f:d3:
e0:a3:c0:3d:f8:23:3c:8a:51:95:25:32:27:a5:65:
3b:ea:aa:72:95:c2:29:51:40:75:db:f9:3e:25:06:
85:ae:1a:5b:51:db:a0:68:fc:1c:d8:74:ce:ad:07:
8e:5a:84:2e:f6:bb:b6:81:7e:dd:4e:a9:96:f4:a6:
4d:35:02:72:25:65:30:5d:a8:0c:12:10:69:4b:49:
ed:7c:23:5a:53:2b:bf:dc:c4:77:9d:bf:fb:43:3a:
7a:07:ae:d2:f0:f2:3f:54:3e:59:c6:4c:ba:7a:e0:
21:b9:8f:13:37:8e:a7:e6:28:35:db:79:2a:4b:5a:
8c:08:1e:dc:96:1c:43:15:12:2d:cd:90:d8:f4:07:
71:5e:4d:53:32:fd:59:7d:a6:3a:bb:a3:20:ec:f1:
f1:ec:5f:b1:21:11:10:e1:04:63:a4:0b:00:f5:04:
76:4a:1d:ff:82:8e:fc:b0:bc:65:29:9d:bf:5b:f4:
bd:90:35:7e:70:4d:28:30:be:20:fa:62:23:08:32:
2d:f2:da:e0:e9:ad:02:86:42:dc:06:ce:b5:32:11:
1b:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:C0:D2:31:EB:A9:4C:42:F8:EB:94:9A:13:33:88:EA:5B:01:A8:C6
X509v3 Authority Key Identifier:
keyid:AB:2D:CC:16:9C:95:F2:B1:4D:F3:1D:D2:4A:1F:67:03:4E:A7:77:9C
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/AB2DCC169C95F2B14DF31DD24A1F67034EA7779C.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qy3MFpyV8rFN8x3SSh9nA06nd5w.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/fe3708a0-67d5-4ac2-abc4-a332590b99af/4/3135352e3133332e39302e302f32342d3234203d3e20313336373837.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
155.133.90.0/24
Signature Algorithm: sha256WithRSAEncryption
68:57:9f:04:b8:f8:48:e7:5b:c1:e0:54:ec:e0:a2:e4:5c:91:
f9:a2:94:26:a5:23:25:c5:f6:1f:fb:68:03:8b:52:55:93:ae:
87:e9:7f:3b:71:6c:6f:8a:ab:15:da:8e:b1:3b:90:54:1d:00:
35:72:d3:54:5c:9f:2b:55:96:d8:8e:85:d4:75:f1:ed:75:dc:
e8:4c:5c:73:5e:28:36:5a:ca:7e:d4:57:ba:ac:f3:43:fc:09:
77:47:1e:fa:00:71:f9:ea:e1:f7:6d:69:35:64:c4:9d:fb:63:
ce:e7:17:ec:4d:8b:5c:ba:0b:4e:36:a9:fe:82:af:23:31:4b:
b5:38:5e:d0:d0:37:15:00:9a:99:30:cc:9d:4d:96:8e:de:3e:
42:67:c5:7d:5d:bf:90:b0:e0:bc:35:64:f6:b2:a8:12:a2:20:
2f:fa:e0:99:82:0c:68:d5:33:8d:73:3d:79:fa:32:54:50:c6:
d3:24:c3:8e:ae:fd:ee:79:44:90:29:74:67:fd:be:99:0f:fc:
d0:12:d0:3b:d9:bb:36:73:26:d5:a5:33:71:8f:08:a9:a5:4f:
85:df:94:73:10:4c:f3:52:16:bf:b8:ee:1e:2b:fb:76:8c:99:
22:55:49:d5:ef:30:7c:06:ce:bd:a3:b8:a2:5e:00:0b:5c:5c:
64:5a:39:e0
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIUfKyq6d/LyGEe9PnFdo4d+10KAjwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoYWIyZGNjMTY5Yzk1ZjJiMTRkZjMxZGQyNGExZjY3MDM0
ZWE3Nzc5YzAeFw0yNTA5MjgyMDQyNDBaFw0yNjA5MjcyMDQ3NDBaMDMxMTAvBgNV
BAMTKDMxQzBEMjMxRUJBOTRDNDJGOEVCOTQ5QTEzMzM4OEVBNUIwMUE4QzYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDrGZPVfyNqQXE/ccVp7YPoONCe
jVAckXAPk5HlD7OWpk4NE5BSHyxBIPof0+CjwD34IzyKUZUlMielZTvqqnKVwilR
QHXb+T4lBoWuGltR26Bo/BzYdM6tB45ahC72u7aBft1OqZb0pk01AnIlZTBdqAwS
EGlLSe18I1pTK7/cxHedv/tDOnoHrtLw8j9UPlnGTLp64CG5jxM3jqfmKDXbeSpL
WowIHtyWHEMVEi3NkNj0B3FeTVMy/Vl9pjq7oyDs8fHsX7EhERDhBGOkCwD1BHZK
Hf+CjvywvGUpnb9b9L2QNX5wTSgwviD6YiMIMi3y2uDprQKGQtwGzrUyERsTAgMB
AAGjggI/MIICOzAdBgNVHQ4EFgQUMcDSMeupTEL465SaEzOI6lsBqMYwHwYDVR0j
BBgwFoAUqy3MFpyV8rFN8x3SSh9nA06nd5wwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAtNjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5
OWFmLzQvQUIyRENDMTY5Qzk1RjJCMTRERjMxREQyNEExRjY3MDM0RUE3Nzc5Qy5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL3F5M01GcHlWOHJGTjh4M1NTaDluQTA2
bmQ1dy5jZXIwga8GCCsGAQUFBwELBIGiMIGfMIGcBggrBgEFBQcwC4aBj3JzeW5j
Oi8vcnN5bmMucGFhcy5ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvZmUzNzA4YTAt
NjdkNS00YWMyLWFiYzQtYTMzMjU5MGI5OWFmLzQvMzEzNTM1MmUzMTMzMzMyZTM5
MzAyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMzMzYzNzM4Mzcucm9hMBgGA1Ud
IAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BACbhVowDQYJKoZIhvcNAQELBQADggEBAGhXnwS4+EjnW8HgVOzgouRckfmilCal
IyXF9h/7aAOLUlWTrofpfztxbG+KqxXajrE7kFQdADVy01RcnytVltiOhdR18e11
3OhMXHNeKDZayn7UV7qs80P8CXdHHvoAcfnq4fdtaTVkxJ37Y87nF+xNi1y6C042
qf6CryMxS7U4XtDQNxUAmpkwzJ1Nlo7ePkJnxX1dv5Cw4Lw1ZPayqBKiIC/64JmC
DGjVM41zPXn6MlRQxtMkw46u/e55RJApdGf9vpkP/NAS0DvZuzZzJtWlM3GPCKml
T4XflHMQTPNSFr+47h4r+3aMmSJVSdXvMHwGzr2juKJeAAtcXGRaOeA=
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:26:55 2025 by rpki-client