Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/0AgljS4nrHx6tgajQiSZrNISfQM.roa
File: 0AgljS4nrHx6tgajQiSZrNISfQM.roa (raw, json)
Hash identifier: gLTXIw7KXfzEQiHSQiB/rQh7dp+9QYShZ+ELMZdG2Dk=
Subject key identifier: D0:08:25:8D:2E:27:AC:7C:7A:B6:06:A3:42:24:99:AC:D2:12:7D:03
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0196759795B5F4A857ED218337BBFBDF0BB6
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/0AgljS4nrHx6tgajQiSZrNISfQM.roa
Signing time: Sun 27 Apr 2025 04:53:10 +0000
ROA not before: Sun 27 Apr 2025 04:53:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 216022
IP address blocks: 151.243.43.0/24 maxlen: 24
151.243.99.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 17 May 2025 14:51:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:75:97:95:b5:f4:a8:57:ed:21:83:37:bb:fb:df:0b:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Apr 27 04:53:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d008258d2e27ac7c7ab606a3422499acd2127d03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:4e:e8:fa:e3:14:c3:f2:6a:c0:cc:97:8f:25:
82:09:eb:a1:81:bc:ff:61:8f:ac:1e:92:c6:c2:3b:
3b:46:b2:96:4d:c7:ce:38:97:81:3d:60:0d:62:ae:
a9:a8:93:f4:24:fb:ab:40:ec:5a:8a:00:59:c2:13:
8b:24:36:2b:47:10:2d:12:a0:a2:86:fd:64:56:60:
c2:b0:54:31:5c:96:26:f5:1b:71:45:f7:90:5d:94:
bb:06:b7:37:14:c4:b2:08:82:fe:75:f1:73:b5:f5:
ba:76:f2:8c:8c:5f:42:52:0a:bb:66:ae:96:9b:06:
db:6c:b0:a5:6f:64:6f:38:ba:cf:b1:9c:b6:f2:11:
6c:6b:a7:0b:17:86:98:44:bb:5f:94:9b:43:ed:74:
b6:c1:96:7f:18:b4:d6:34:f6:3e:5e:6c:e9:ab:82:
85:10:07:2a:83:f8:35:d1:8c:d5:76:3c:60:99:18:
28:5e:07:4a:3e:63:0d:65:83:a7:f0:a6:c2:05:8a:
5b:13:58:44:51:ab:61:37:87:ff:f9:7d:60:44:7c:
fa:9e:30:9d:bc:41:25:31:83:29:55:02:fa:fe:c8:
a7:77:9f:ae:84:88:de:15:97:e1:bd:24:13:ea:a7:
b0:9b:91:62:3d:8c:22:31:57:43:54:b7:6f:cc:57:
b2:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:08:25:8D:2E:27:AC:7C:7A:B6:06:A3:42:24:99:AC:D2:12:7D:03
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/0AgljS4nrHx6tgajQiSZrNISfQM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.243.43.0/24
151.243.99.0/24
Signature Algorithm: sha256WithRSAEncryption
a1:ee:e6:c5:d1:ce:30:8c:c7:c4:58:7e:4e:ae:7c:59:14:38:
6f:64:6a:8c:33:6b:45:9b:85:6a:ce:b6:50:ee:e0:81:b8:2f:
c5:82:9d:aa:49:0b:a9:89:74:24:f1:0f:89:eb:1b:5e:d5:29:
47:f8:d9:c9:d7:fb:4d:8b:2c:f7:f0:3e:54:53:be:8e:a9:a4:
53:91:9f:02:b0:1a:a0:68:28:2b:e7:cd:53:2d:f5:d7:13:70:
21:d3:e8:85:24:84:f2:b1:7a:23:ca:f9:3b:a7:a8:35:77:3d:
a1:46:e0:6c:49:86:88:48:23:e2:f0:63:77:3f:10:01:af:e2:
ef:94:56:f2:9c:08:14:b8:74:04:5b:51:db:02:d0:65:69:fb:
4a:00:3e:5a:f6:09:96:bd:64:39:fd:e9:b8:7b:85:0f:1f:a6:
83:7b:bb:31:00:e6:68:1d:c7:2f:92:09:61:91:e4:51:67:12:
91:82:14:1d:a7:c6:68:81:79:04:f9:78:07:b7:5f:f7:29:5d:
39:97:12:46:76:0b:7b:52:9a:cc:85:bd:0e:d8:be:b2:0b:42:
57:45:34:ab:41:7b:56:25:20:f5:d9:33:b3:c9:e7:2a:69:38:
08:1a:74:a6:35:09:d3:9e:c5:19:b7:16:96:1a:34:7b:88:dc:
f8:3c:ca:4c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZZ1l5W19KhX7SGDN7v73wu2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNDI3MDQ1MzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDA4MjU4ZDJlMjdhYzdjN2FiNjA2YTM0MjI0OTlhY2QyMTI3ZDAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3k7o+uMUw/JqwMyXjyWCCeuhgbz/
YY+sHpLGwjs7RrKWTcfOOJeBPWANYq6pqJP0JPurQOxaigBZwhOLJDYrRxAtEqCi
hv1kVmDCsFQxXJYm9RtxRfeQXZS7Brc3FMSyCIL+dfFztfW6dvKMjF9CUgq7Zq6W
mwbbbLClb2RvOLrPsZy28hFsa6cLF4aYRLtflJtD7XS2wZZ/GLTWNPY+Xmzpq4KF
EAcqg/g10YzVdjxgmRgoXgdKPmMNZYOn8KbCBYpbE1hEUathN4f/+X1gRHz6njCd
vEElMYMpVQL6/sind5+uhIjeFZfhvSQT6qewm5FiPYwiMVdDVLdvzFey9wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNAIJY0uJ6x8erYGo0IkmazSEn0DMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvMEFnbGpTNG5ySHg2dGdhalFpU1pyTklTZlFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAl/MrAwQA
l/NjMA0GCSqGSIb3DQEBCwUAA4IBAQCh7ubF0c4wjMfEWH5OrnxZFDhvZGqMM2tF
m4VqzrZQ7uCBuC/Fgp2qSQupiXQk8Q+J6xte1SlH+NnJ1/tNiyz38D5UU76OqaRT
kZ8CsBqgaCgr581TLfXXE3Ah0+iFJITysXojyvk7p6g1dz2hRuBsSYaISCPi8GN3
PxABr+LvlFbynAgUuHQEW1HbAtBlaftKAD5a9gmWvWQ5/em4e4UPH6aDe7sxAOZo
HccvkglhkeRRZxKRghQdp8ZogXkE+XgHt1/3KV05lxJGdgt7UprMhb0O2L6yC0JX
RTSrQXtWJSD12TOzyecqaTgIGnSmNQnTnsUZtxaWGjR7iNz4PMpM
-----END CERTIFICATE-----
Generated at Fri May 16 23:35:39 2025 by rpki-client