Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/0-ZMVUsTjuZuDmzOCPXV9BIDmEo.roa
File: 0-ZMVUsTjuZuDmzOCPXV9BIDmEo.roa (raw, json)
Hash identifier: +WRNRHT15WT8rN7s6CvWQQ7Veg3I6G4kJcpEC7VURo0=
Subject key identifier: D3:E6:4C:55:4B:13:8E:E6:6E:0E:6C:CE:08:F5:D5:F4:12:03:98:4A
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019699C7CEDE6FE42251EECDF72E16471ED6
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/0-ZMVUsTjuZuDmzOCPXV9BIDmEo.roa
Signing time: Sun 04 May 2025 05:32:10 +0000
ROA not before: Sun 04 May 2025 05:32:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 10753
IP address blocks: 151.242.3.0/24 maxlen: 24
151.242.6.0/24 maxlen: 24
151.242.24.0/24 maxlen: 24
151.242.180.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 15 May 2025 10:39:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:99:c7:ce:de:6f:e4:22:51:ee:cd:f7:2e:16:47:1e:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: May 4 05:32:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d3e64c554b138ee66e0e6cce08f5d5f41203984a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:5b:97:52:dc:cd:ac:2d:54:d3:68:4b:b8:5d:
ca:cc:76:b6:70:4b:b5:ee:72:c2:12:95:56:e9:ad:
22:2f:ba:d8:8c:50:2a:fe:86:8b:57:b7:48:e8:ca:
4b:61:b2:3f:d6:43:bf:ed:19:b1:53:6a:97:78:8b:
94:c9:e7:00:d9:ea:dd:a0:42:99:e3:75:cd:e2:98:
86:12:3d:f9:af:3c:89:ef:03:ae:1d:8d:ca:9d:30:
6a:01:56:ff:5f:d1:94:60:b9:42:69:ab:26:11:f9:
d9:62:58:ef:c9:d4:c2:00:d4:76:e7:e4:3a:68:c3:
63:fe:99:09:db:83:68:93:66:b5:58:bc:2f:6d:c1:
b8:f7:a1:81:b1:a1:4e:16:5a:7b:46:00:b6:51:61:
06:2a:fc:27:17:f2:6f:34:d2:fc:58:3a:b6:fd:da:
3b:53:63:ce:da:28:b3:2f:12:fc:f8:01:f4:07:91:
32:ab:9e:a7:fc:b9:ac:f3:bf:6f:dd:ff:9c:1e:4a:
33:7c:be:c0:7c:07:65:54:ec:25:61:04:b2:59:e6:
9c:6a:ce:c8:0d:05:46:4b:0e:d2:e9:47:af:8e:ef:
b6:23:57:6a:48:b9:0e:a3:e9:e8:7c:49:4e:e1:66:
d9:6f:51:04:76:ba:3e:24:29:db:e0:ca:ad:1c:cd:
d4:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:E6:4C:55:4B:13:8E:E6:6E:0E:6C:CE:08:F5:D5:F4:12:03:98:4A
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/0-ZMVUsTjuZuDmzOCPXV9BIDmEo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.242.3.0/24
151.242.6.0/24
151.242.24.0/24
151.242.180.0/22
Signature Algorithm: sha256WithRSAEncryption
0f:4d:11:26:07:c0:6e:e6:d6:f0:81:c1:e2:97:fb:94:43:ba:
d7:e0:e2:6d:1b:e7:8b:f6:f9:bf:8f:6d:3d:b1:23:b8:8e:e0:
ce:0a:91:6e:5a:f2:04:22:e8:14:96:e1:cc:4c:52:52:0b:36:
40:cc:50:ec:4e:0f:e6:11:b2:a4:9d:b7:9a:62:52:6c:e7:64:
3c:80:f1:47:14:ab:00:04:b1:ac:15:47:d5:bb:39:f9:61:4f:
31:70:0f:1c:11:0e:e1:a3:fe:af:41:58:ba:16:8c:c2:78:45:
fe:08:8b:0d:81:34:23:a1:d8:15:e8:e8:2f:4f:4b:bd:b5:8c:
27:18:f5:3a:a1:80:41:50:2a:77:8c:c2:26:aa:a2:dd:99:41:
5c:b3:61:48:25:09:7b:cd:29:e2:5e:95:c5:9d:c8:30:c5:59:
31:0f:75:7c:1f:75:78:c2:8d:ec:fe:9b:38:ed:b7:7b:3a:96:
09:97:79:be:ed:93:38:a5:95:b0:7a:3d:52:ad:f5:b6:d6:88:
eb:04:0f:68:de:ae:af:4c:a4:53:ac:0c:c0:19:30:09:c3:5b:
06:b2:52:a3:b4:fc:c5:f9:f0:18:e7:48:27:47:9c:a6:c5:cf:
59:b0:62:e8:19:78:16:a3:c6:8c:b6:01:49:6e:6a:12:4c:cf:
24:a1:f7:ae
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZaZx87eb+QiUe7N9y4WRx7WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNTA0MDUzMjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkM2U2NGM1NTRiMTM4ZWU2NmUwZTZjY2UwOGY1ZDVmNDEyMDM5ODRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1FuXUtzNrC1U02hLuF3KzHa2cEu1
7nLCEpVW6a0iL7rYjFAq/oaLV7dI6MpLYbI/1kO/7RmxU2qXeIuUyecA2erdoEKZ
43XN4piGEj35rzyJ7wOuHY3KnTBqAVb/X9GUYLlCaasmEfnZYljvydTCANR25+Q6
aMNj/pkJ24Nok2a1WLwvbcG496GBsaFOFlp7RgC2UWEGKvwnF/JvNNL8WDq2/do7
U2PO2iizLxL8+AH0B5Eyq56n/Lms879v3f+cHkozfL7AfAdlVOwlYQSyWeacas7I
DQVGSw7S6Uevju+2I1dqSLkOo+nofElO4WbZb1EEdro+JCnb4MqtHM3UowIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFNPmTFVLE47mbg5szgj11fQSA5hKMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvMC1aTVZVc1RqdVp1RG16T0NQWFY5QklEbUVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAl/IDAwQA
l/IGAwQAl/IYAwQCl/K0MA0GCSqGSIb3DQEBCwUAA4IBAQAPTREmB8Bu5tbwgcHi
l/uUQ7rX4OJtG+eL9vm/j209sSO4juDOCpFuWvIEIugUluHMTFJSCzZAzFDsTg/m
EbKknbeaYlJs52Q8gPFHFKsABLGsFUfVuzn5YU8xcA8cEQ7ho/6vQVi6FozCeEX+
CIsNgTQjodgV6OgvT0u9tYwnGPU6oYBBUCp3jMImqqLdmUFcs2FIJQl7zSniXpXF
ncgwxVkxD3V8H3V4wo3s/ps47bd7OpYJl3m+7ZM4pZWwej1SrfW21ojrBA9o3q6v
TKRTrAzAGTAJw1sGslKjtPzF+fAY50gnR5ymxc9ZsGLoGXgWo8aMtgFJbmoSTM8k
ofeu
-----END CERTIFICATE-----
Generated at Wed May 14 20:16:25 2025 by rpki-client