Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/AS6G7K3dwqssPZO3aiSmxvQ7jiQ.roa
File: AS6G7K3dwqssPZO3aiSmxvQ7jiQ.roa (raw, json)
Hash identifier: 1pTdKHPQqciYqIqqWqGXqVOloiBFSuqDF6PMsO+pI48=
Subject key identifier: 01:2E:86:EC:AD:DD:C2:AB:2C:3D:93:B7:6A:24:A6:C6:F4:3B:8E:24
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0196B8ADF806606969203B431ADAC605A984
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/AS6G7K3dwqssPZO3aiSmxvQ7jiQ.roa
Signing time: Sat 10 May 2025 05:32:11 +0000
ROA not before: Sat 10 May 2025 05:32:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 400202
IP address blocks: 151.244.125.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 16 May 2025 23:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:b8:ad:f8:06:60:69:69:20:3b:43:1a:da:c6:05:a9:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: May 10 05:32:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=012e86ecadddc2ab2c3d93b76a24a6c6f43b8e24
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:2e:1d:7e:31:7b:fb:9e:53:79:56:82:90:ab:
74:d3:e4:88:64:46:dd:af:fa:de:55:38:ef:d9:5e:
cb:32:aa:45:ae:dd:35:c6:7c:7a:4b:92:a4:85:cd:
97:ab:97:ff:11:e0:11:96:e8:90:e9:61:34:d7:63:
e7:a1:96:48:35:5a:0e:e3:29:04:36:5d:97:c0:18:
3a:c1:7e:10:ac:c8:ef:50:d2:7a:b1:a9:ed:c3:e5:
51:f6:aa:45:c8:25:d9:3f:21:b4:8a:85:e5:57:8d:
30:c5:ee:d3:1c:0c:2d:9a:02:cc:37:69:19:13:b1:
2f:83:80:3f:58:7c:3c:38:35:48:17:af:7f:28:28:
29:06:d7:0a:9f:04:5d:59:f6:9b:bb:3b:47:e7:4b:
cc:8a:e6:e5:91:e1:4e:b5:6b:d7:18:e6:d6:f3:67:
18:de:85:75:b5:5b:4b:a8:df:85:df:45:82:97:f0:
a7:9f:b9:33:c3:56:2c:78:8e:22:51:41:28:bb:73:
d1:84:0e:27:66:87:2d:53:8f:93:64:97:7a:c3:8b:
c8:e8:fd:d1:2c:bd:d0:25:b8:f4:94:7c:07:43:26:
d9:bf:8f:da:75:92:e2:aa:5d:28:ae:34:88:db:1a:
da:cf:2e:cd:2e:21:c9:61:40:3a:41:3b:53:ff:53:
2b:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:2E:86:EC:AD:DD:C2:AB:2C:3D:93:B7:6A:24:A6:C6:F4:3B:8E:24
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/AS6G7K3dwqssPZO3aiSmxvQ7jiQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.244.125.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:09:0c:51:4b:a1:ad:f2:f4:66:a0:87:19:8d:10:6c:48:ba:
05:e0:9b:90:ef:c9:19:89:dc:4f:09:ba:66:da:99:63:7e:4d:
71:34:bc:dc:d0:06:e7:23:04:31:0c:d1:e8:74:09:5e:15:1b:
72:e5:d6:09:a6:39:81:db:22:45:e8:5a:04:b1:50:5b:f6:e5:
1b:d2:fb:f0:d7:78:fb:3d:05:ae:40:29:9c:22:d8:47:bd:f3:
3b:bc:6c:b0:0d:ce:f1:c9:63:8b:5a:9f:47:ea:97:6a:6e:8c:
33:84:d0:c1:45:1b:09:27:d9:b7:bd:69:4b:e0:c8:11:5c:e7:
a8:c6:10:3c:9a:56:9a:2e:98:65:9f:f6:bf:a5:7a:11:49:2e:
2c:e9:78:8a:28:54:1d:18:a3:a7:e3:ee:ae:4e:13:0c:3c:0d:
90:b1:1b:9a:32:ff:2e:89:0f:3d:fa:2a:d6:fd:18:f9:0c:71:
02:38:ec:61:f9:96:fd:3e:db:b9:fb:d3:a6:11:f6:a3:b7:b2:
5f:ed:3b:ea:b6:60:eb:b2:27:37:43:60:df:f1:01:ef:c8:c0:
d9:e1:45:42:43:0d:5a:e9:23:e8:ed:ea:8c:d6:78:03:51:27:
a7:e8:79:cf:d5:38:b9:49:da:ac:04:f0:cb:0d:fc:aa:4c:a9:
67:8f:ae:14
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZa4rfgGYGlpIDtDGtrGBamEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNTEwMDUzMjExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTJlODZlY2FkZGRjMmFiMmMzZDkzYjc2YTI0YTZjNmY0M2I4ZTI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuS4dfjF7+55TeVaCkKt00+SIZEbd
r/reVTjv2V7LMqpFrt01xnx6S5Kkhc2Xq5f/EeARluiQ6WE012PnoZZINVoO4ykE
Nl2XwBg6wX4QrMjvUNJ6santw+VR9qpFyCXZPyG0ioXlV40wxe7THAwtmgLMN2kZ
E7Evg4A/WHw8ODVIF69/KCgpBtcKnwRdWfabuztH50vMiublkeFOtWvXGObW82cY
3oV1tVtLqN+F30WCl/Cnn7kzw1YseI4iUUEou3PRhA4nZoctU4+TZJd6w4vI6P3R
LL3QJbj0lHwHQybZv4/adZLiql0orjSI2xrazy7NLiHJYUA6QTtT/1MrOwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAEuhuyt3cKrLD2Tt2okpsb0O44kMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvQVM2RzdLM2R3cXNzUFpPM2FpU214dlE3amlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAl/R9MA0G
CSqGSIb3DQEBCwUAA4IBAQCKCQxRS6Gt8vRmoIcZjRBsSLoF4JuQ78kZidxPCbpm
2pljfk1xNLzc0AbnIwQxDNHodAleFRty5dYJpjmB2yJF6FoEsVBb9uUb0vvw13j7
PQWuQCmcIthHvfM7vGywDc7xyWOLWp9H6pdqbowzhNDBRRsJJ9m3vWlL4MgRXOeo
xhA8mlaaLphln/a/pXoRSS4s6XiKKFQdGKOn4+6uThMMPA2QsRuaMv8uiQ89+irW
/Rj5DHECOOxh+Zb9Ptu5+9OmEfajt7Jf7TvqtmDrsic3Q2Df8QHvyMDZ4UVCQw1a
6SPo7eqM1ngDUSen6HnP1Ti5SdqsBPDLDfyqTKlnj64U
-----END CERTIFICATE-----
Generated at Fri May 16 08:10:49 2025 by rpki-client