Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/3ibZQawHv5kjDdsnbIEL-4G_4cM.roa
File: 3ibZQawHv5kjDdsnbIEL-4G_4cM.roa (raw, json)
Hash identifier: OVCVQsw+HKMp5gQZwL+28VM/DNlnQxQma4DB5/yCh2M=
Subject key identifier: DE:26:D9:41:AC:07:BF:99:23:0D:DB:27:6C:81:0B:FB:81:BF:E1:C3
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0196A91F6AF779A73E9C660100320D3BD273
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/3ibZQawHv5kjDdsnbIEL-4G_4cM.roa
Signing time: Wed 07 May 2025 05:02:10 +0000
ROA not before: Wed 07 May 2025 05:02:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 18811
IP address blocks: 151.242.133.0/24 maxlen: 24
151.242.136.0/24 maxlen: 24
151.242.137.0/24 maxlen: 24
151.242.138.0/24 maxlen: 24
151.242.144.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 16 May 2025 23:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:a9:1f:6a:f7:79:a7:3e:9c:66:01:00:32:0d:3b:d2:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: May 7 05:02:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=de26d941ac07bf99230ddb276c810bfb81bfe1c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:11:5c:81:3e:25:aa:bf:5b:42:b7:e6:91:98:
b4:5e:5a:a1:bc:73:8c:03:53:b3:c9:8b:21:ed:cb:
38:f6:05:29:bb:11:b6:91:2f:a9:33:80:7d:53:67:
3c:c7:19:6f:d5:f5:e7:05:dd:ae:01:27:6c:a3:ee:
cb:e0:5c:33:99:bb:c5:ca:2c:9b:4d:3c:30:00:c1:
36:82:1f:aa:25:9f:f0:d8:88:d9:da:90:42:1d:25:
67:9c:a8:ad:e1:c2:6b:a8:c4:73:07:70:23:18:2c:
6d:f7:63:90:3d:97:22:a5:f6:a0:32:97:1b:6a:45:
59:8c:41:50:19:56:19:4c:74:ae:65:d8:c0:1e:fa:
76:7e:c6:45:60:1e:ea:97:38:77:96:fa:7a:75:1a:
5a:9d:32:1e:ec:ad:94:c9:bf:de:d6:71:dd:ac:46:
73:1a:45:8d:36:da:c6:ac:85:04:1f:4f:ec:c8:6f:
51:05:82:e0:6a:b1:57:73:86:7c:1b:b0:dd:77:d9:
45:72:50:98:fe:35:50:03:b4:ba:2b:a7:5a:f4:78:
79:a8:eb:f0:d9:2d:b9:43:2d:4d:1a:aa:31:3f:a0:
75:da:70:20:c0:a7:1d:bf:3e:4d:b3:ee:46:83:c9:
48:e5:d8:9d:52:bc:63:f8:06:e7:c8:76:7d:45:d6:
2e:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:26:D9:41:AC:07:BF:99:23:0D:DB:27:6C:81:0B:FB:81:BF:E1:C3
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/3ibZQawHv5kjDdsnbIEL-4G_4cM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.242.133.0/24
151.242.136.0-151.242.138.255
151.242.144.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:e6:e0:ab:6e:13:c9:5a:b1:3b:93:f2:f7:79:39:6b:72:55:
6e:9a:62:ff:f1:9f:f3:ea:2d:21:7a:e9:6e:18:aa:b3:31:60:
9e:2d:e3:97:9a:82:a9:03:36:9b:6a:c3:68:08:64:5f:08:0e:
38:36:5e:23:ed:32:36:27:bf:0e:f8:64:b8:47:70:af:06:6e:
f4:4a:ea:91:e4:86:a1:44:7c:a0:5d:19:14:8c:04:09:4d:cc:
5e:3c:e9:42:45:3e:b7:23:2b:6e:c6:fd:ea:9a:7c:91:49:6f:
44:57:81:ca:ee:90:a0:2c:3b:16:4d:d5:5b:b2:3b:67:4b:26:
5e:e2:cc:b5:65:64:c8:0c:55:b1:e4:04:59:c4:b2:75:70:58:
a1:23:c7:93:19:fb:67:71:6b:b1:c1:ba:70:e9:02:8b:36:b6:
ee:fa:d6:60:c4:f0:29:c6:dd:69:79:be:7f:b5:cc:43:94:2d:
f4:6a:0a:ca:61:53:8d:d1:b2:a6:53:81:3e:4d:2c:8f:ea:29:
b2:ae:ec:f8:3a:ba:6a:02:8d:58:4c:35:56:1f:88:2b:bd:f7:
c4:bd:3f:37:1d:e4:f4:e2:f2:ed:5c:e1:fe:d2:17:3d:16:5f:
72:e6:ea:85:ac:f3:86:86:11:a5:31:87:ef:4b:69:1e:df:1b:
45:3d:7e:06
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZapH2r3eac+nGYBADINO9JzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNTA3MDUwMjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTI2ZDk0MWFjMDdiZjk5MjMwZGRiMjc2YzgxMGJmYjgxYmZlMWMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmhFcgT4lqr9bQrfmkZi0XlqhvHOM
A1OzyYsh7cs49gUpuxG2kS+pM4B9U2c8xxlv1fXnBd2uASdso+7L4FwzmbvFyiyb
TTwwAME2gh+qJZ/w2IjZ2pBCHSVnnKit4cJrqMRzB3AjGCxt92OQPZcipfagMpcb
akVZjEFQGVYZTHSuZdjAHvp2fsZFYB7qlzh3lvp6dRpanTIe7K2Uyb/e1nHdrEZz
GkWNNtrGrIUEH0/syG9RBYLgarFXc4Z8G7Ddd9lFclCY/jVQA7S6K6da9Hh5qOvw
2S25Qy1NGqoxP6B12nAgwKcdvz5Ns+5Gg8lI5didUrxj+AbnyHZ9RdYutwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFN4m2UGsB7+ZIw3bJ2yBC/uBv+HDMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvM2liWlFhd0h2NWtqRGRzbmJJRUwtNEdfNGNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAl/KFMAwD
BAOX8ogDBACX8ooDBACX8pAwDQYJKoZIhvcNAQELBQADggEBAJrm4KtuE8lasTuT
8vd5OWtyVW6aYv/xn/PqLSF66W4YqrMxYJ4t45eagqkDNptqw2gIZF8IDjg2XiPt
MjYnvw74ZLhHcK8GbvRK6pHkhqFEfKBdGRSMBAlNzF486UJFPrcjK27G/eqafJFJ
b0RXgcrukKAsOxZN1VuyO2dLJl7izLVlZMgMVbHkBFnEsnVwWKEjx5MZ+2dxa7HB
unDpAos2tu761mDE8CnG3Wl5vn+1zEOULfRqCsphU43RsqZTgT5NLI/qKbKu7Pg6
umoCjVhMNVYfiCu998S9Pzcd5PTi8u1c4f7SFz0WX3Lm6oWs84aGEaUxh+9LaR7f
G0U9fgY=
-----END CERTIFICATE-----
Generated at Fri May 16 08:14:00 2025 by rpki-client