Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/DAhR27YrhPtlPhbbiD1tEaMZb38.roa
File: DAhR27YrhPtlPhbbiD1tEaMZb38.roa (raw, json)
Hash identifier: FY/yWXlty/fUGHH6RycKPhWM0JjjIgYm2V+JaUyngnQ=
Subject key identifier: 0C:08:51:DB:B6:2B:84:FB:65:3E:16:DB:88:3D:6D:11:A3:19:6F:7F
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 01969083AC155210C613BE7107AEB55E98EC
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/DAhR27YrhPtlPhbbiD1tEaMZb38.roa
Signing time: Fri 02 May 2025 10:21:10 +0000
ROA not before: Fri 02 May 2025 10:21:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9232
IP address blocks: 37.202.213.0/24 maxlen: 24
37.202.221.0/24 maxlen: 24
151.242.18.0/24 maxlen: 24
151.242.19.0/24 maxlen: 24
151.242.21.0/24 maxlen: 24
151.242.68.0/24 maxlen: 24
151.242.70.0/24 maxlen: 24
151.242.71.0/24 maxlen: 24
151.242.72.0/24 maxlen: 24
151.243.107.0/24 maxlen: 24
151.243.108.0/24 maxlen: 24
151.243.109.0/24 maxlen: 24
151.243.110.0/24 maxlen: 24
151.244.101.0/24 maxlen: 24
151.244.105.0/24 maxlen: 24
151.244.110.0/24 maxlen: 24
151.244.114.0/24 maxlen: 24
151.244.118.0/24 maxlen: 24
151.244.124.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 13 May 2025 23:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:90:83:ac:15:52:10:c6:13:be:71:07:ae:b5:5e:98:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: May 2 10:21:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0c0851dbb62b84fb653e16db883d6d11a3196f7f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:12:19:7a:b2:e2:91:25:b3:5e:2f:e8:fe:fc:
78:16:5c:c1:1b:81:83:d1:a1:59:1c:c5:5c:da:fc:
ea:71:6a:d3:34:e2:67:45:4f:43:d1:12:13:f0:33:
32:18:32:0b:f4:14:14:9c:22:32:dd:d9:07:25:c4:
d3:b0:65:16:bd:a0:77:fa:8a:db:75:00:e1:71:47:
00:64:b2:b8:b4:b3:7e:eb:e9:1b:84:7a:2d:9f:ea:
e6:63:30:c7:0f:c7:56:75:4c:c5:2d:4d:b2:3c:b7:
9c:bc:ee:55:a9:88:a0:39:92:c5:50:23:c1:a7:bd:
89:79:66:9d:73:e8:4b:a5:47:d6:e7:60:d0:a1:33:
c4:2f:57:49:12:6e:12:e4:87:84:bc:2e:b7:fe:5d:
01:cb:38:65:32:96:f8:57:49:0f:fa:1e:97:d2:d7:
75:66:8e:0d:ea:3a:5e:23:68:02:f6:ed:f6:98:79:
32:17:24:82:32:d8:93:dd:d3:47:58:ef:2b:5e:e1:
45:9d:49:c7:99:3b:af:b6:b9:eb:40:9d:3e:df:14:
01:2c:56:df:ec:70:29:85:56:57:28:14:34:04:69:
23:eb:a3:37:d1:24:ae:c6:56:13:50:5f:ae:99:14:
77:80:28:c2:b7:91:15:91:41:79:8d:50:0a:bd:cd:
de:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:08:51:DB:B6:2B:84:FB:65:3E:16:DB:88:3D:6D:11:A3:19:6F:7F
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/DAhR27YrhPtlPhbbiD1tEaMZb38.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.202.213.0/24
37.202.221.0/24
151.242.18.0/23
151.242.21.0/24
151.242.68.0/24
151.242.70.0-151.242.72.255
151.243.107.0-151.243.110.255
151.244.101.0/24
151.244.105.0/24
151.244.110.0/24
151.244.114.0/24
151.244.118.0/24
151.244.124.0/24
Signature Algorithm: sha256WithRSAEncryption
9c:57:b8:d8:c7:0f:f3:ab:c9:4a:a7:b9:e5:55:da:a4:2d:eb:
b0:59:37:ad:5d:c1:a3:19:eb:da:fe:99:ad:7f:93:72:2d:f3:
aa:9c:5e:06:68:4e:4d:08:4b:ef:91:bd:8a:a3:18:30:d1:78:
5e:58:3a:3c:74:b0:15:68:27:fe:2c:1c:14:ff:b3:23:87:3f:
1c:c3:3a:eb:ea:8c:45:5e:73:36:11:b3:29:71:b2:ff:a3:ae:
c0:d3:b0:c5:9e:89:b0:0d:5f:af:9f:29:07:b5:43:33:ee:f4:
32:08:db:b5:b8:42:35:f9:c3:b2:8e:6d:e2:5e:b9:26:f1:f9:
fd:67:38:9d:ac:1f:7c:0f:a0:51:7d:b7:bc:3c:fb:2d:44:55:
c2:00:73:18:37:12:9a:7c:5e:e0:96:e5:fb:e5:e2:e3:a4:d4:
da:9e:ca:5a:88:9b:fe:4e:67:f2:4f:47:41:52:8d:ee:d2:af:
6d:0d:01:11:4a:99:b1:9c:88:d8:38:e4:68:39:a8:cd:c3:07:
b3:18:8f:93:b9:36:a9:68:82:2c:17:e8:76:55:a5:25:90:d5:
77:8d:28:9f:49:e2:08:ff:cd:65:2f:fd:04:88:68:d7:72:70:
71:5f:9f:6d:f0:eb:8f:dd:bc:e0:89:88:e2:3c:e1:62:87:fe:
7f:53:55:8f
-----BEGIN CERTIFICATE-----
MIIFVTCCBD2gAwIBAgISAZaQg6wVUhDGE75xB661XpjsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNTAyMTAyMTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzA4NTFkYmI2MmI4NGZiNjUzZTE2ZGI4ODNkNmQxMWEzMTk2ZjdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAohIZerLikSWzXi/o/vx4FlzBG4GD
0aFZHMVc2vzqcWrTNOJnRU9D0RIT8DMyGDIL9BQUnCIy3dkHJcTTsGUWvaB3+orb
dQDhcUcAZLK4tLN+6+kbhHotn+rmYzDHD8dWdUzFLU2yPLecvO5VqYigOZLFUCPB
p72JeWadc+hLpUfW52DQoTPEL1dJEm4S5IeEvC63/l0ByzhlMpb4V0kP+h6X0td1
Zo4N6jpeI2gC9u32mHkyFySCMtiT3dNHWO8rXuFFnUnHmTuvtrnrQJ0+3xQBLFbf
7HAphVZXKBQ0BGkj66M30SSuxlYTUF+umRR3gCjCt5EVkUF5jVAKvc3e1wIDAQAB
o4ICYTCCAl0wHQYDVR0OBBYEFAwIUdu2K4T7ZT4W24g9bRGjGW9/MB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvREFoUjI3WXJoUHRsUGhiYmlEMXRFYU1aYjM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHcGCCsGAQUFBwEHAQH/BGgwZjBkBAIAATBeAwQAJcrVAwQA
JcrdAwQBl/ISAwQAl/IVAwQAl/JEMAwDBAGX8kYDBACX8kgwDAMEAJfzawMEAJfz
bgMEAJf0ZQMEAJf0aQMEAJf0bgMEAJf0cgMEAJf0dgMEAJf0fDANBgkqhkiG9w0B
AQsFAAOCAQEAnFe42McP86vJSqe55VXapC3rsFk3rV3Boxnr2v6ZrX+Tci3zqpxe
BmhOTQhL75G9iqMYMNF4Xlg6PHSwFWgn/iwcFP+zI4c/HMM66+qMRV5zNhGzKXGy
/6OuwNOwxZ6JsA1fr58pB7VDM+70MgjbtbhCNfnDso5t4l65JvH5/Wc4nawffA+g
UX23vDz7LURVwgBzGDcSmnxe4Jbl++Xi46TU2p7KWoib/k5n8k9HQVKN7tKvbQ0B
EUqZsZyI2DjkaDmozcMHsxiPk7k2qWiCLBfodlWlJZDVd40on0niCP/NZS/9BIho
13JwcV+fbfDrj9284ImI4jzhYof+f1NVjw==
-----END CERTIFICATE-----
Generated at Tue May 13 09:13:06 2025 by rpki-client