Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/AepHIb26-t8Cxm2sfAEyfAERkgA.roa
File: AepHIb26-t8Cxm2sfAEyfAERkgA.roa (raw, json)
Hash identifier: IL2IJexAt1AmvfEoDBs6EMYN3Wq9IjU4SdZSHE5jsVY=
Subject key identifier: 01:EA:47:21:BD:BA:FA:DF:02:C6:6D:AC:7C:01:32:7C:01:11:92:00
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0196C9BCB340CBA0AA4005513C19403D9622
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/AepHIb26-t8Cxm2sfAEyfAERkgA.roa
Signing time: Tue 13 May 2025 13:01:49 +0000
ROA not before: Tue 13 May 2025 13:01:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 36530
IP address blocks: 151.241.128.0/22 maxlen: 24
151.242.40.0/24 maxlen: 24
151.242.170.0/24 maxlen: 24
151.242.171.0/24 maxlen: 24
151.242.172.0/24 maxlen: 24
151.242.173.0/24 maxlen: 24
151.242.242.0/24 maxlen: 24
151.243.115.0/24 maxlen: 24
151.243.120.0/24 maxlen: 24
151.243.214.0/24 maxlen: 24
151.244.4.0/24 maxlen: 24
151.244.5.0/24 maxlen: 24
151.244.6.0/24 maxlen: 24
151.244.56.0/24 maxlen: 24
151.244.58.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 16 May 2025 23:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:c9:bc:b3:40:cb:a0:aa:40:05:51:3c:19:40:3d:96:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: May 13 13:01:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=01ea4721bdbafadf02c66dac7c01327c01119200
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:8e:0b:6a:c1:cd:da:55:2f:81:32:5a:f5:f3:
fc:4c:ac:fa:90:e1:6e:45:6c:74:80:ea:fd:24:2c:
45:0d:21:09:6a:dc:9e:c8:c9:85:5d:8a:ab:cd:1e:
ae:fe:5f:5f:84:ea:50:b4:2e:c5:a8:c1:2c:63:e2:
cf:c5:1d:56:20:92:f7:c3:18:fd:7c:d4:9a:09:97:
94:f1:2f:eb:08:46:13:c0:bf:50:57:80:08:8c:94:
c3:b9:db:84:cd:be:ee:ad:3a:4f:fb:0a:6e:a3:49:
e4:dc:62:d8:cf:bd:8f:c7:a3:c3:a7:11:f8:8b:2d:
26:77:04:0f:50:0f:f0:02:3b:a1:dc:cf:eb:64:68:
25:57:14:9d:cb:ad:38:f2:57:76:b2:a1:44:ec:1e:
1d:b8:49:73:5b:14:3b:8a:ae:99:57:e8:77:41:be:
f2:eb:79:be:7f:7f:7d:24:e8:c6:a1:47:9a:93:5b:
7e:ec:5d:eb:52:15:88:26:7c:68:ab:84:bd:47:d1:
2f:b5:9b:d0:67:04:34:a0:3c:c1:aa:5f:98:24:3d:
e3:60:51:8f:58:fe:cf:58:c9:72:2f:d7:ac:7c:53:
22:fe:7c:86:93:f1:a4:be:64:57:09:eb:ce:02:18:
cf:7c:42:c8:eb:2e:87:25:99:be:49:8b:0e:3a:34:
be:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:EA:47:21:BD:BA:FA:DF:02:C6:6D:AC:7C:01:32:7C:01:11:92:00
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/AepHIb26-t8Cxm2sfAEyfAERkgA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.241.128.0/22
151.242.40.0/24
151.242.170.0-151.242.173.255
151.242.242.0/24
151.243.115.0/24
151.243.120.0/24
151.243.214.0/24
151.244.4.0-151.244.6.255
151.244.56.0/24
151.244.58.0/24
Signature Algorithm: sha256WithRSAEncryption
18:dd:d5:99:e8:68:92:07:0a:b2:70:bb:da:c8:32:7f:7e:fc:
3a:cb:c4:d9:52:b7:67:d1:61:03:58:ba:e3:36:3f:81:80:ad:
6a:7e:f1:5f:36:79:97:8b:19:32:91:80:29:71:fd:c9:90:3b:
c9:49:28:24:bc:a3:d5:dc:2c:76:8b:94:ee:a6:e3:cc:02:e9:
40:d7:94:0f:7a:d5:00:5a:07:0b:2e:67:7d:b5:1d:c9:f9:4c:
0b:e3:af:89:2b:56:8a:32:fc:1c:56:04:14:40:e6:ca:25:5f:
cc:ca:23:8f:2d:39:09:1d:32:1d:63:65:6f:04:95:64:d8:d0:
63:9e:a8:94:a8:e4:1a:23:93:40:1d:10:79:36:09:68:0a:3a:
50:8f:38:6c:74:fc:90:ce:1e:6f:5b:49:38:00:6b:5d:c0:5c:
ec:81:18:c5:79:19:bb:c2:44:47:7e:36:3b:73:1d:8b:63:90:
ad:6d:49:71:c8:92:26:b6:37:cc:35:59:8f:f8:c3:b9:04:31:
ba:56:87:1a:d3:1b:34:29:18:76:8d:f5:76:e7:da:20:2f:c4:
94:fd:b1:16:7f:52:48:bb:0c:f6:26:53:4d:3a:55:a0:6d:a1:
7a:8e:5a:ce:53:20:70:96:04:c3:e6:e8:5a:bf:40:90:99:b9:
08:2e:9a:1d
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAZbJvLNAy6CqQAVRPBlAPZYiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNTEzMTMwMTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMWVhNDcyMWJkYmFmYWRmMDJjNjZkYWM3YzAxMzI3YzAxMTE5MjAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjo4LasHN2lUvgTJa9fP8TKz6kOFu
RWx0gOr9JCxFDSEJatyeyMmFXYqrzR6u/l9fhOpQtC7FqMEsY+LPxR1WIJL3wxj9
fNSaCZeU8S/rCEYTwL9QV4AIjJTDuduEzb7urTpP+wpuo0nk3GLYz72Px6PDpxH4
iy0mdwQPUA/wAjuh3M/rZGglVxSdy6048ld2sqFE7B4duElzWxQ7iq6ZV+h3Qb7y
63m+f399JOjGoUeak1t+7F3rUhWIJnxoq4S9R9EvtZvQZwQ0oDzBql+YJD3jYFGP
WP7PWMlyL9esfFMi/nyGk/GkvmRXCevOAhjPfELI6y6HJZm+SYsOOjS+MQIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFAHqRyG9uvrfAsZtrHwBMnwBEZIAMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvQWVwSEliMjYtdDhDeG0yc2ZBRXlmQUVSa2dBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDBSBAIAATBMAwQCl/GAAwQA
l/IoMAwDBAGX8qoDBAGX8qwDBACX8vIDBACX83MDBACX83gDBACX89YwDAMEApf0
BAMEAJf0BgMEAJf0OAMEAJf0OjANBgkqhkiG9w0BAQsFAAOCAQEAGN3VmehokgcK
snC72sgyf378OsvE2VK3Z9FhA1i64zY/gYCtan7xXzZ5l4sZMpGAKXH9yZA7yUko
JLyj1dwsdouU7qbjzALpQNeUD3rVAFoHCy5nfbUdyflMC+OviStWijL8HFYEFEDm
yiVfzMojjy05CR0yHWNlbwSVZNjQY56olKjkGiOTQB0QeTYJaAo6UI84bHT8kM4e
b1tJOABrXcBc7IEYxXkZu8JER342O3Mdi2OQrW1JcciSJrY3zDVZj/jDuQQxulaH
GtMbNCkYdo31dufaIC/ElP2xFn9SSLsM9iZTTTpVoG2heo5azlMgcJYEw+boWr9A
kJm5CC6aHQ==
-----END CERTIFICATE-----
Generated at Fri May 16 08:19:30 2025 by rpki-client