Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/IyQTfMbkuqrrIshTYzFYY63-H94.roa
File: IyQTfMbkuqrrIshTYzFYY63-H94.roa (raw, json)
Hash identifier: 78r/5L/LL1WAkDAPSzIxE4j7J3kYVuny4JzY5Qepjd4=
Subject key identifier: 23:24:13:7C:C6:E4:BA:AA:EB:22:C8:53:63:31:58:63:AD:FE:1F:DE
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0196A57B6B87592C4E0E5C6F334FE92AAD44
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/IyQTfMbkuqrrIshTYzFYY63-H94.roa
Signing time: Tue 06 May 2025 12:04:11 +0000
ROA not before: Tue 06 May 2025 12:04:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 395374
IP address blocks: 151.242.146.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 16 May 2025 23:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:a5:7b:6b:87:59:2c:4e:0e:5c:6f:33:4f:e9:2a:ad:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: May 6 12:04:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2324137cc6e4baaaeb22c85363315863adfe1fde
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:4b:e1:f6:55:12:c7:17:81:82:b0:44:b5:6e:
9f:c6:4e:ce:b2:9d:b4:75:15:fb:50:c0:a7:81:2a:
2e:78:ad:58:85:0d:d9:a7:90:1b:ca:30:31:e9:7d:
be:9c:7a:52:5a:30:ea:75:2b:c5:82:05:82:a4:d6:
cd:38:c2:19:84:90:ba:33:91:97:0a:35:46:4d:cf:
5e:51:3e:45:1f:30:ed:60:39:e8:34:25:3a:31:56:
ea:73:92:44:66:ce:a4:59:e4:c4:0f:1e:6c:32:8b:
75:5b:9d:35:d6:f0:45:b8:f3:16:92:e8:07:57:54:
d8:0a:0f:56:a9:26:0c:74:41:ac:11:9f:09:59:05:
e9:de:33:c1:a3:ac:6f:ca:2f:69:f1:b4:b9:24:47:
d0:e2:64:dd:f1:e9:e3:37:e0:dc:d2:8f:fe:6c:d0:
3d:a6:54:0e:a6:3a:ae:f1:9b:29:58:2e:79:71:04:
8f:24:5e:e4:d9:93:16:0a:90:d3:63:db:99:ff:5b:
ff:03:d8:89:7e:e5:31:76:04:f5:e7:07:37:15:28:
c1:42:3e:4b:40:26:21:62:eb:d1:f1:ae:81:c8:08:
0f:4a:ab:39:bf:42:e9:51:ae:1a:b1:44:53:df:1f:
a5:47:2b:d2:4c:e6:c0:ea:9b:98:81:57:4f:8d:b4:
3d:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:24:13:7C:C6:E4:BA:AA:EB:22:C8:53:63:31:58:63:AD:FE:1F:DE
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/IyQTfMbkuqrrIshTYzFYY63-H94.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.242.146.0/24
Signature Algorithm: sha256WithRSAEncryption
06:db:b5:8e:6e:be:e5:70:82:27:23:47:4f:b3:7d:fa:cf:ae:
5f:50:e2:ea:28:ef:c4:f7:30:59:15:fc:b6:71:bb:92:a8:5d:
a0:c7:5f:a4:6b:c6:45:4b:cb:6d:c7:9b:26:87:8d:56:3a:b5:
d1:6b:57:74:23:7e:0d:4f:35:84:9b:7a:36:2f:01:46:60:15:
a9:d9:b7:89:d3:a2:49:f1:d8:1a:16:47:a8:4c:ac:7a:6c:f4:
e0:5f:ba:9c:61:89:e2:c5:ba:a5:59:36:4f:53:87:e0:b4:c5:
f8:90:25:e1:f6:9e:af:30:53:84:58:e0:e0:1b:fb:36:e6:ab:
26:b2:72:e7:35:a0:9d:d1:3b:6b:13:59:51:28:b0:fc:ce:26:
2c:7a:ec:06:02:5a:1a:30:0b:d8:a9:e7:b6:97:6e:25:ec:01:
cc:07:fa:40:62:ef:73:ef:87:ed:99:05:5f:03:42:e5:ca:5a:
82:de:39:b2:1e:fc:1c:f1:13:d2:da:aa:33:23:65:c4:33:1a:
66:90:ae:fe:a3:14:0d:f1:73:d8:93:55:cb:6a:aa:18:02:39:
02:3a:12:f9:b6:77:6f:44:8f:2f:f9:86:92:e4:c8:88:2a:dd:
bc:1d:2f:e4:fe:c7:93:69:69:54:fc:e1:ab:40:c7:64:24:13:
62:2e:fa:ce
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZale2uHWSxODlxvM0/pKq1EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNTA2MTIwNDExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzI0MTM3Y2M2ZTRiYWFhZWIyMmM4NTM2MzMxNTg2M2FkZmUxZmRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArkvh9lUSxxeBgrBEtW6fxk7Osp20
dRX7UMCngSoueK1YhQ3Zp5AbyjAx6X2+nHpSWjDqdSvFggWCpNbNOMIZhJC6M5GX
CjVGTc9eUT5FHzDtYDnoNCU6MVbqc5JEZs6kWeTEDx5sMot1W5011vBFuPMWkugH
V1TYCg9WqSYMdEGsEZ8JWQXp3jPBo6xvyi9p8bS5JEfQ4mTd8enjN+Dc0o/+bNA9
plQOpjqu8ZspWC55cQSPJF7k2ZMWCpDTY9uZ/1v/A9iJfuUxdgT15wc3FSjBQj5L
QCYhYuvR8a6ByAgPSqs5v0LpUa4asURT3x+lRyvSTObA6puYgVdPjbQ9CQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCMkE3zG5Lqq6yLIU2MxWGOt/h/eMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvSXlRVGZNYmt1cXJySXNoVFl6RllZNjMtSDk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAl/KSMA0G
CSqGSIb3DQEBCwUAA4IBAQAG27WObr7lcIInI0dPs336z65fUOLqKO/E9zBZFfy2
cbuSqF2gx1+ka8ZFS8ttx5smh41WOrXRa1d0I34NTzWEm3o2LwFGYBWp2beJ06JJ
8dgaFkeoTKx6bPTgX7qcYYnixbqlWTZPU4fgtMX4kCXh9p6vMFOEWODgG/s25qsm
snLnNaCd0TtrE1lRKLD8ziYseuwGAloaMAvYqee2l24l7AHMB/pAYu9z74ftmQVf
A0LlylqC3jmyHvwc8RPS2qozI2XEMxpmkK7+oxQN8XPYk1XLaqoYAjkCOhL5tndv
RI8v+YaS5MiIKt28HS/k/seTaWlU/OGrQMdkJBNiLvrO
-----END CERTIFICATE-----
Generated at Fri May 16 08:17:24 2025 by rpki-client