Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/N9MN2jLkWRR-akzW9Mk1zCCkRKc.roa
File: N9MN2jLkWRR-akzW9Mk1zCCkRKc.roa (raw, json)
Hash identifier: l3OXa/DFKw6XnGR6QgdxX62LgFk40ToZbQqCGskIuAE=
Subject key identifier: 37:D3:0D:DA:32:E4:59:14:7E:6A:4C:D6:F4:C9:35:CC:20:A4:44:A7
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019699CE368BC3048A5F5E4585141047292A
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/N9MN2jLkWRR-akzW9Mk1zCCkRKc.roa
Signing time: Sun 04 May 2025 05:39:10 +0000
ROA not before: Sun 04 May 2025 05:39:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 36530
IP address blocks: 151.242.40.0/24 maxlen: 24
151.242.170.0/24 maxlen: 24
151.242.171.0/24 maxlen: 24
151.242.172.0/24 maxlen: 24
151.242.173.0/24 maxlen: 24
151.242.242.0/24 maxlen: 24
151.243.115.0/24 maxlen: 24
151.243.120.0/24 maxlen: 24
151.244.4.0/24 maxlen: 24
151.244.5.0/24 maxlen: 24
151.244.6.0/24 maxlen: 24
151.244.56.0/24 maxlen: 24
151.244.58.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 11 May 2025 13:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:99:ce:36:8b:c3:04:8a:5f:5e:45:85:14:10:47:29:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: May 4 05:39:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=37d30dda32e459147e6a4cd6f4c935cc20a444a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:c5:d4:6f:93:ea:32:89:6d:74:02:70:15:a1:
fb:ef:37:b3:92:33:19:c6:67:8a:40:e1:50:89:dc:
81:80:b1:2e:43:b9:f9:c7:b3:c2:42:0f:62:30:24:
9b:26:f0:b7:18:3a:21:82:ce:96:ed:ff:b9:b0:b3:
4c:54:2a:4c:20:b0:c6:56:78:ea:10:9a:45:3e:2c:
b7:16:da:3d:09:2f:4d:36:8e:cc:6c:ff:36:7d:d5:
ae:c8:3a:9d:d4:0c:04:5f:c9:87:32:08:41:af:9d:
c9:b0:74:6b:54:be:47:50:bd:30:9e:c6:9b:0c:b4:
c5:b2:62:14:b1:a6:87:41:b3:f2:0c:fd:34:18:32:
2b:e9:e1:fa:f4:48:0d:42:b2:e0:98:ec:f7:65:f8:
80:82:62:72:3f:d8:4e:a3:39:73:9e:5d:13:b6:a9:
f1:86:0a:6c:04:05:06:11:a1:e0:c2:86:51:5d:2d:
a6:59:49:e4:21:d1:a3:52:82:a5:05:13:52:b5:99:
61:1b:08:e3:d6:9e:35:aa:62:fa:94:e1:15:a9:3c:
74:c5:f5:cf:5b:3e:f5:59:b7:54:b0:57:5d:04:cf:
e7:37:47:6d:b4:d4:c3:63:35:bc:12:55:8c:63:2f:
6a:26:47:bc:e6:3a:88:37:e4:17:51:d1:3d:18:7d:
22:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:D3:0D:DA:32:E4:59:14:7E:6A:4C:D6:F4:C9:35:CC:20:A4:44:A7
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/N9MN2jLkWRR-akzW9Mk1zCCkRKc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.242.40.0/24
151.242.170.0-151.242.173.255
151.242.242.0/24
151.243.115.0/24
151.243.120.0/24
151.244.4.0-151.244.6.255
151.244.56.0/24
151.244.58.0/24
Signature Algorithm: sha256WithRSAEncryption
55:d1:eb:ea:94:bc:bb:cd:85:7b:80:4a:6f:da:e6:8f:7f:4f:
02:76:63:86:d0:98:3d:40:af:a8:db:d4:4d:4c:8a:d9:5a:52:
59:40:40:5b:4b:b1:7d:27:c8:af:71:3a:f3:58:fe:76:5c:91:
42:24:e7:c8:92:e5:06:42:94:2d:7c:6b:f9:a8:fc:9e:8d:53:
c0:f8:1a:eb:96:2e:99:38:a8:dd:fa:f6:ad:35:30:b4:e5:7a:
fd:07:a9:74:bf:de:1a:13:06:72:1b:63:3d:d0:65:5a:8b:41:
7e:62:52:cd:71:c6:63:eb:31:a5:8a:d2:82:82:d5:52:e6:e6:
fe:0c:40:a4:ee:76:19:28:45:f1:a8:1f:4a:63:57:92:ed:c7:
ee:cf:80:c2:1d:d1:90:4b:5c:46:a6:22:44:a6:af:cf:22:4e:
9d:bc:09:fd:81:e8:76:ab:fa:ce:9e:6a:3b:41:4a:1d:59:5d:
03:17:da:1f:1e:1a:79:51:25:e9:8a:23:ab:2a:8a:ae:91:a1:
72:c4:66:70:4e:26:65:f2:ce:fd:d0:33:a1:a5:6a:4b:5f:95:
71:db:07:4f:64:ab:46:f6:e1:93:6a:51:5b:41:1f:da:85:42:
e0:09:d1:af:ee:18:2d:02:ed:61:dd:af:81:44:6b:66:d0:5f:
7a:99:ff:72
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAZaZzjaLwwSKX15FhRQQRykqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNTA0MDUzOTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzN2QzMGRkYTMyZTQ1OTE0N2U2YTRjZDZmNGM5MzVjYzIwYTQ0NGE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu8XUb5PqMoltdAJwFaH77zezkjMZ
xmeKQOFQidyBgLEuQ7n5x7PCQg9iMCSbJvC3GDohgs6W7f+5sLNMVCpMILDGVnjq
EJpFPiy3Fto9CS9NNo7MbP82fdWuyDqd1AwEX8mHMghBr53JsHRrVL5HUL0wnsab
DLTFsmIUsaaHQbPyDP00GDIr6eH69EgNQrLgmOz3ZfiAgmJyP9hOozlznl0Ttqnx
hgpsBAUGEaHgwoZRXS2mWUnkIdGjUoKlBRNStZlhGwjj1p41qmL6lOEVqTx0xfXP
Wz71WbdUsFddBM/nN0dttNTDYzW8ElWMYy9qJke85jqIN+QXUdE9GH0iSwIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFDfTDdoy5FkUfmpM1vTJNcwgpESnMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvTjlNTjJqTGtXUlItYWt6VzlNazF6Q0NrUktjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDBGBAIAATBAAwQAl/IoMAwD
BAGX8qoDBAGX8qwDBACX8vIDBACX83MDBACX83gwDAMEApf0BAMEAJf0BgMEAJf0
OAMEAJf0OjANBgkqhkiG9w0BAQsFAAOCAQEAVdHr6pS8u82Fe4BKb9rmj39PAnZj
htCYPUCvqNvUTUyK2VpSWUBAW0uxfSfIr3E681j+dlyRQiTnyJLlBkKULXxr+aj8
no1TwPga65YumTio3fr2rTUwtOV6/QepdL/eGhMGchtjPdBlWotBfmJSzXHGY+sx
pYrSgoLVUubm/gxApO52GShF8agfSmNXku3H7s+Awh3RkEtcRqYiRKavzyJOnbwJ
/YHodqv6zp5qO0FKHVldAxfaHx4aeVEl6YojqyqKrpGhcsRmcE4mZfLO/dAzoaVq
S1+VcdsHT2SrRvbhk2pRW0Ef2oVC4AnRr+4YLQLtYd2vgURrZtBfepn/cg==
-----END CERTIFICATE-----
Generated at Sat May 10 21:38:25 2025 by rpki-client