Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/2typ-5Z7O39jSP26yI8ccmlgLp4.roa
File: 2typ-5Z7O39jSP26yI8ccmlgLp4.roa (raw, json)
Hash identifier: YVqLkN+NnTwqE8o2oOLCLKqmqjWZnT3S3VqJ/dou800=
Subject key identifier: DA:DC:A9:FB:96:7B:3B:7F:63:48:FD:BA:C8:8F:1C:72:69:60:2E:9E
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0197A7413FD20EDC62A7A6F0A5B05C7F5C81
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/2typ-5Z7O39jSP26yI8ccmlgLp4.roa
Signing time: Wed 25 Jun 2025 13:22:40 +0000
ROA not before: Wed 25 Jun 2025 13:22:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 216059
IP address blocks: 151.244.242.0/23 maxlen: 23
151.244.244.0/23 maxlen: 23
151.244.246.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 04 Jul 2025 04:00:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:a7:41:3f:d2:0e:dc:62:a7:a6:f0:a5:b0:5c:7f:5c:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Jun 25 13:22:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dadca9fb967b3b7f6348fdbac88f1c7269602e9e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:09:ab:c8:27:64:f2:64:d2:14:d7:c3:56:87:
c4:58:6d:ed:ee:77:8a:ae:6c:57:7d:1f:11:de:3d:
31:49:06:9a:8b:36:88:8f:03:bd:52:52:8d:d0:a5:
5a:b5:15:c4:03:02:2e:d7:4b:c1:5d:38:65:ea:cd:
aa:fe:ba:17:52:f5:99:0d:88:3c:57:93:10:b7:66:
85:9b:ed:8b:8c:cb:e6:4b:59:7f:20:96:11:6d:ed:
43:36:c9:02:41:85:3c:f0:ad:21:ea:81:21:80:6e:
fd:79:c4:82:ce:9e:35:15:99:d4:63:79:34:c6:bb:
47:92:56:ab:23:47:b9:98:f5:51:82:75:a4:ec:67:
ce:5a:56:1b:51:ba:19:d4:7b:fa:07:c1:e4:1f:a6:
22:e1:d5:43:31:72:9e:7f:6e:a7:cb:01:8a:6c:ba:
4d:b0:d8:40:35:1b:16:7f:9f:d5:1a:2b:f2:0a:e1:
5d:e4:29:2c:08:3c:b5:4c:71:65:af:d0:d2:36:d9:
c1:f7:d8:8c:54:92:81:52:2e:c2:f0:3b:56:12:8c:
08:a2:5d:a3:26:11:44:63:59:1d:d6:e9:be:db:a2:
d5:1d:5f:e5:74:e0:a8:60:11:01:cc:b5:48:85:9a:
38:44:0a:60:fb:9e:8a:52:3a:ad:f0:8b:2a:f4:41:
6e:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:DC:A9:FB:96:7B:3B:7F:63:48:FD:BA:C8:8F:1C:72:69:60:2E:9E
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/2typ-5Z7O39jSP26yI8ccmlgLp4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.244.242.0-151.244.247.255
Signature Algorithm: sha256WithRSAEncryption
2b:86:14:a8:e4:f6:b9:9b:42:03:47:09:39:59:32:7d:07:82:
c1:ac:54:71:36:9d:7a:80:85:b6:99:10:55:03:75:98:52:31:
0e:81:a0:f4:5c:26:65:fd:ea:b8:84:83:36:f4:3a:cf:ce:db:
76:ee:2a:3d:67:5f:f3:d9:4a:a1:ca:87:15:71:54:ca:ff:7f:
ae:cd:85:8d:d9:e6:43:23:86:ba:b7:bf:13:5c:3c:45:ae:dc:
c9:d4:5d:40:38:c2:69:8b:ba:ad:ed:c1:fc:bc:76:1f:4d:b9:
ef:f7:ef:bb:65:98:7d:fa:8d:b8:e4:9e:91:a2:e0:c3:89:3c:
0c:3b:4d:90:2a:b5:ae:7a:6d:e1:0b:9a:ef:b5:68:bb:a8:b7:
b9:7b:89:ea:57:3a:46:b4:6b:ad:46:80:c8:a2:37:f2:b5:8c:
26:6a:38:4d:5f:6d:bb:db:d6:31:1e:96:62:43:98:d5:0d:f0:
7f:0f:b2:5b:92:7d:3d:ac:7a:97:c7:af:a5:2c:d4:71:d7:ab:
81:0e:cd:ef:02:ba:42:5d:c2:94:8f:74:37:d3:1c:fe:f0:b8:
5b:b5:9d:06:53:e8:d3:17:b6:bb:aa:72:fe:e7:66:3a:fe:1e:
db:e9:2f:a4:4f:af:f3:bb:a4:70:37:5c:b5:9e:ba:a8:75:09:
2f:29:8c:65
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZenQT/SDtxip6bwpbBcf1yBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNjI1MTMyMjQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYWRjYTlmYjk2N2IzYjdmNjM0OGZkYmFjODhmMWM3MjY5NjAyZTllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmAmryCdk8mTSFNfDVofEWG3t7neK
rmxXfR8R3j0xSQaaizaIjwO9UlKN0KVatRXEAwIu10vBXThl6s2q/roXUvWZDYg8
V5MQt2aFm+2LjMvmS1l/IJYRbe1DNskCQYU88K0h6oEhgG79ecSCzp41FZnUY3k0
xrtHklarI0e5mPVRgnWk7GfOWlYbUboZ1Hv6B8HkH6Yi4dVDMXKef26nywGKbLpN
sNhANRsWf5/VGivyCuFd5CksCDy1THFlr9DSNtnB99iMVJKBUi7C8DtWEowIol2j
JhFEY1kd1um+26LVHV/ldOCoYBEBzLVIhZo4RApg+56KUjqt8Isq9EFuYwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFNrcqfuWezt/Y0j9usiPHHJpYC6eMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvMnR5cC01WjdPMzlqU1AyNnlJOGNjbWxnTHA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAGX9PID
BAOX9PAwDQYJKoZIhvcNAQELBQADggEBACuGFKjk9rmbQgNHCTlZMn0HgsGsVHE2
nXqAhbaZEFUDdZhSMQ6BoPRcJmX96riEgzb0Os/O23buKj1nX/PZSqHKhxVxVMr/
f67NhY3Z5kMjhrq3vxNcPEWu3MnUXUA4wmmLuq3twfy8dh9Nue/377tlmH36jbjk
npGi4MOJPAw7TZAqta56beELmu+1aLuot7l7iepXOka0a61GgMiiN/K1jCZqOE1f
bbvb1jEelmJDmNUN8H8PsluSfT2sepfHr6Us1HHXq4EOze8CukJdwpSPdDfTHP7w
uFu1nQZT6NMXtruqcv7nZjr+HtvpL6RPr/O7pHA3XLWeuqh1CS8pjGU=
-----END CERTIFICATE-----
Generated at Thu Jul 3 07:05:23 2025 by rpki-client