Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/AXS-Uw3U_ZIv6Rdj5MB0W-aKK8U.roa
File: AXS-Uw3U_ZIv6Rdj5MB0W-aKK8U.roa (raw, json)
Hash identifier: /bLQ54jKngOGH5apYuJ2jR4uFLe4SQijGnXCnvboEtc=
Subject key identifier: 01:74:BE:53:0D:D4:FD:92:2F:E9:17:63:E4:C0:74:5B:E6:8A:2B:C5
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 01978C48B1910CF2C0FCB25829D757CEFE72
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/AXS-Uw3U_ZIv6Rdj5MB0W-aKK8U.roa
Signing time: Fri 20 Jun 2025 07:41:03 +0000
ROA not before: Fri 20 Jun 2025 07:41:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 13335
IP address blocks: 151.242.227.0/24 maxlen: 24
151.243.132.0/24 maxlen: 24
151.243.133.0/24 maxlen: 24
151.243.134.0/24 maxlen: 24
151.243.135.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 01 Jul 2025 07:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:8c:48:b1:91:0c:f2:c0:fc:b2:58:29:d7:57:ce:fe:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Jun 20 07:41:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0174be530dd4fd922fe91763e4c0745be68a2bc5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:23:a9:3f:d7:e8:39:64:50:95:6f:6b:7d:7c:
5f:3d:69:4e:cf:7b:53:f3:8c:22:72:e4:5b:6c:e1:
0a:23:ad:a4:d4:61:34:40:50:73:c0:f5:b8:4a:53:
1f:b0:e7:bc:c5:02:a4:2f:f2:79:cb:0a:62:5e:ca:
e9:1e:22:e5:6e:74:c2:ba:83:12:a4:60:0c:e1:eb:
d5:87:e4:ce:bf:db:91:22:d5:e1:53:26:bc:b3:42:
bd:5f:ed:96:5e:f6:bf:d7:b1:b4:df:a1:8c:c4:93:
b0:16:9f:7d:7e:f1:a4:45:08:1a:81:b3:f2:b8:35:
61:40:fc:68:54:1b:69:db:f6:05:45:15:12:ef:66:
81:ae:e3:e3:cb:2b:36:28:11:a6:e9:26:06:57:ed:
c1:d4:35:6d:43:79:56:87:43:c2:b5:cf:fa:bc:14:
f5:45:1e:9a:7b:b6:2f:81:9d:4f:a7:84:5d:c4:23:
97:d8:7e:b1:4a:62:eb:d1:da:c8:ac:65:a6:68:34:
e6:1d:90:27:36:27:b2:1b:4b:20:a5:bf:43:7a:37:
1e:0c:b1:08:db:69:65:eb:06:8a:f8:5c:db:02:bf:
9f:70:81:be:18:13:8a:cf:b5:6c:3a:0d:bf:8c:39:
ef:dc:ad:e5:10:11:8a:51:63:cd:3b:c4:69:df:6b:
59:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:74:BE:53:0D:D4:FD:92:2F:E9:17:63:E4:C0:74:5B:E6:8A:2B:C5
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/AXS-Uw3U_ZIv6Rdj5MB0W-aKK8U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.242.227.0/24
151.243.132.0/22
Signature Algorithm: sha256WithRSAEncryption
80:3e:01:64:2f:17:48:67:e1:69:ec:c3:e9:f9:1e:5b:48:09:
86:ba:86:f7:10:ea:69:66:1f:5c:1c:44:a6:bc:0a:2e:c1:65:
dc:e1:71:92:99:bf:d7:4e:3e:e3:5f:e0:64:0e:e1:a8:b2:db:
c2:78:f2:0c:d9:21:66:82:81:65:59:17:4d:d8:ba:2d:43:51:
b9:ac:62:9c:2a:f7:00:9a:aa:be:88:37:2d:8a:99:e3:80:4c:
c9:28:3b:96:3b:e4:4c:6a:22:b2:07:eb:b1:4c:24:f4:ce:0b:
0e:54:80:c6:92:f8:48:4f:59:83:38:2f:95:c7:e2:bd:1f:90:
7c:e5:02:d7:2b:8e:c0:0e:4a:b8:44:b8:c4:21:19:1e:6e:33:
55:c1:5a:43:43:73:bd:74:0d:5c:3f:31:39:80:9a:9c:84:31:
a2:91:70:53:1b:e0:c6:43:d7:6c:f6:aa:5c:fd:22:65:cd:5e:
8c:d6:44:a4:da:e4:8a:cb:be:c2:7b:ad:bd:85:8d:f9:cc:8e:
9c:0a:dd:eb:ef:dc:cc:fa:8e:00:36:e0:08:e1:71:1f:9c:ec:
7e:1c:a8:09:db:02:03:fc:13:1c:f2:67:83:3d:e2:7a:d8:25:
df:22:51:1f:2f:d2:e2:78:51:0c:3c:bc:fb:12:4b:9a:91:84:
88:c7:be:bc
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZeMSLGRDPLA/LJYKddXzv5yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNjIwMDc0MTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTc0YmU1MzBkZDRmZDkyMmZlOTE3NjNlNGMwNzQ1YmU2OGEyYmM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuCOpP9foOWRQlW9rfXxfPWlOz3tT
84wicuRbbOEKI62k1GE0QFBzwPW4SlMfsOe8xQKkL/J5ywpiXsrpHiLlbnTCuoMS
pGAM4evVh+TOv9uRItXhUya8s0K9X+2WXva/17G036GMxJOwFp99fvGkRQgagbPy
uDVhQPxoVBtp2/YFRRUS72aBruPjyys2KBGm6SYGV+3B1DVtQ3lWh0PCtc/6vBT1
RR6ae7YvgZ1Pp4RdxCOX2H6xSmLr0drIrGWmaDTmHZAnNieyG0sgpb9DejceDLEI
22ll6waK+FzbAr+fcIG+GBOKz7VsOg2/jDnv3K3lEBGKUWPNO8Rp32tZBQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAF0vlMN1P2SL+kXY+TAdFvmiivFMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvQVhTLVV3M1VfWkl2NlJkajVNQjBXLWFLSzhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAl/LjAwQC
l/OEMA0GCSqGSIb3DQEBCwUAA4IBAQCAPgFkLxdIZ+Fp7MPp+R5bSAmGuob3EOpp
Zh9cHESmvAouwWXc4XGSmb/XTj7jX+BkDuGostvCePIM2SFmgoFlWRdN2LotQ1G5
rGKcKvcAmqq+iDctipnjgEzJKDuWO+RMaiKyB+uxTCT0zgsOVIDGkvhIT1mDOC+V
x+K9H5B85QLXK47ADkq4RLjEIRkebjNVwVpDQ3O9dA1cPzE5gJqchDGikXBTG+DG
Q9ds9qpc/SJlzV6M1kSk2uSKy77Ce629hY35zI6cCt3r79zM+o4ANuAI4XEfnOx+
HKgJ2wID/BMc8meDPeJ62CXfIlEfL9LieFEMPLz7EkuakYSIx768
-----END CERTIFICATE-----
Generated at Mon Jun 30 14:57:23 2025 by rpki-client