Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/SzsY5E3mo6YP89upeZdYQSyrZcg.roa
File: SzsY5E3mo6YP89upeZdYQSyrZcg.roa (raw, json)
Hash identifier: L+7UQ7KyPpREXeEKrlz3UOc3rmLQr+d7axU0+1v+2SE=
Subject key identifier: 4B:3B:18:E4:4D:E6:A3:A6:0F:F3:DB:A9:79:97:58:41:2C:AB:65:C8
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0197C08F8E35F7000B4D033797141179E8F7
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/SzsY5E3mo6YP89upeZdYQSyrZcg.roa
Signing time: Mon 30 Jun 2025 11:18:42 +0000
ROA not before: Mon 30 Jun 2025 11:18:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16276
IP address blocks: 37.202.202.0/24 maxlen: 24
151.240.1.0/24 maxlen: 24
151.240.9.0/24 maxlen: 24
151.240.14.0/24 maxlen: 24
151.240.17.0/24 maxlen: 24
151.242.39.0/24 maxlen: 24
151.242.67.0/24 maxlen: 24
151.242.117.0/24 maxlen: 24
151.242.159.0/24 maxlen: 24
151.243.6.0/24 maxlen: 24
151.243.160.0/22 maxlen: 22
151.244.78.0/24 maxlen: 24
151.245.112.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 04 Jul 2025 04:00:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:c0:8f:8e:35:f7:00:0b:4d:03:37:97:14:11:79:e8:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Jun 30 11:18:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4b3b18e44de6a3a60ff3dba9799758412cab65c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:3c:4c:70:25:6f:02:5f:fc:b6:fb:94:08:42:
1e:c2:a5:db:ae:ac:5b:e5:50:c9:52:af:97:df:e8:
06:92:2c:f6:85:50:0b:86:55:03:0d:d1:0d:92:0d:
01:c1:de:ed:e5:60:43:54:dc:9e:ad:ce:b9:3e:cb:
2a:c6:d9:16:f8:fe:de:dd:10:b4:5d:b8:cc:57:d9:
0e:87:bb:df:83:a4:06:b2:08:39:ec:9e:36:21:c7:
50:36:12:01:3f:4d:43:54:85:dc:5f:bd:ff:18:d7:
d6:2e:ee:9b:29:1c:37:3e:02:06:6c:0a:39:20:50:
15:26:dd:c4:16:bd:4a:ef:39:f9:83:b1:ec:10:43:
f2:7d:3f:9d:a3:8e:a4:5e:9e:b4:d8:22:6d:fc:df:
1a:ee:ed:7f:ef:ad:10:d6:cc:c6:a8:25:9f:7f:41:
15:d2:bd:96:a2:e5:f3:ea:0d:3d:e1:77:f9:18:c6:
24:22:02:be:ef:a2:ad:ea:94:8b:38:eb:c2:a8:07:
ba:fe:ae:89:da:54:b4:eb:f0:b2:4b:70:46:c0:b0:
c2:d7:fd:73:95:ea:b1:76:dc:7e:6b:b8:d7:73:ac:
c1:5d:11:c7:69:e0:f2:38:37:bf:cf:30:9a:4a:16:
e8:0a:2d:4e:3d:47:85:49:dc:54:46:52:0c:53:fc:
67:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:3B:18:E4:4D:E6:A3:A6:0F:F3:DB:A9:79:97:58:41:2C:AB:65:C8
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/SzsY5E3mo6YP89upeZdYQSyrZcg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.202.202.0/24
151.240.1.0/24
151.240.9.0/24
151.240.14.0/24
151.240.17.0/24
151.242.39.0/24
151.242.67.0/24
151.242.117.0/24
151.242.159.0/24
151.243.6.0/24
151.243.160.0/22
151.244.78.0/24
151.245.112.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:7b:25:4c:e4:69:5d:13:61:67:34:11:7e:fb:20:72:c9:f5:
aa:00:c8:38:8e:9b:b4:4e:71:84:85:a8:1d:57:f3:4d:47:0e:
3b:ca:02:29:84:9b:a3:92:25:2e:15:77:8e:ad:b6:98:f4:87:
e1:67:77:6d:21:ed:cf:3b:ad:27:a1:6c:60:61:7c:cd:a1:88:
cd:c2:85:67:74:b6:04:0f:0c:e9:9e:9f:c0:d2:c0:e4:f6:c7:
e0:95:30:eb:44:8f:f4:47:57:7e:98:b3:15:fc:5a:77:c5:a5:
9e:1d:11:4d:96:f7:03:b7:b7:be:08:28:af:50:8a:d6:19:c3:
3b:78:b5:bc:b2:af:a7:69:67:78:a5:d8:9e:a5:fc:13:8a:86:
8b:e8:6f:85:8e:ec:30:1b:5f:8f:54:b7:85:66:58:50:26:ac:
58:8c:55:38:40:47:78:08:c1:cd:6d:11:13:a2:ba:80:f5:1e:
69:61:a8:4f:5a:5f:62:af:e5:93:dd:de:bb:ff:63:bf:0b:7e:
69:79:12:9f:0b:99:86:cf:94:0f:0d:d7:8a:92:00:2d:77:3e:
11:7f:5a:55:13:c2:05:fb:57:44:58:05:9b:97:cd:d1:13:e3:
f3:de:72:97:05:61:cd:fb:fe:5a:7d:6c:94:14:65:ea:7b:07:
ae:83:72:5b
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAZfAj4419wALTQM3lxQReej3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNjMwMTExODQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjNiMThlNDRkZTZhM2E2MGZmM2RiYTk3OTk3NTg0MTJjYWI2NWM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvTxMcCVvAl/8tvuUCEIewqXbrqxb
5VDJUq+X3+gGkiz2hVALhlUDDdENkg0Bwd7t5WBDVNyerc65PssqxtkW+P7e3RC0
XbjMV9kOh7vfg6QGsgg57J42IcdQNhIBP01DVIXcX73/GNfWLu6bKRw3PgIGbAo5
IFAVJt3EFr1K7zn5g7HsEEPyfT+do46kXp602CJt/N8a7u1/760Q1szGqCWff0EV
0r2WouXz6g094Xf5GMYkIgK+76Kt6pSLOOvCqAe6/q6J2lS06/CyS3BGwLDC1/1z
leqxdtx+a7jXc6zBXRHHaeDyODe/zzCaShboCi1OPUeFSdxURlIMU/xntQIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFEs7GORN5qOmD/PbqXmXWEEsq2XIMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvU3pzWTVFM21vNllQODl1cGVaZFlRU3lyWmNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQAJcrKAwQA
l/ABAwQAl/AJAwQAl/AOAwQAl/ARAwQAl/InAwQAl/JDAwQAl/J1AwQAl/KfAwQA
l/MGAwQCl/OgAwQAl/ROAwQAl/VwMA0GCSqGSIb3DQEBCwUAA4IBAQAeeyVM5Gld
E2FnNBF++yByyfWqAMg4jpu0TnGEhagdV/NNRw47ygIphJujkiUuFXeOrbaY9Ifh
Z3dtIe3PO60noWxgYXzNoYjNwoVndLYEDwzpnp/A0sDk9sfglTDrRI/0R1d+mLMV
/Fp3xaWeHRFNlvcDt7e+CCivUIrWGcM7eLW8sq+naWd4pdiepfwTioaL6G+Fjuww
G1+PVLeFZlhQJqxYjFU4QEd4CMHNbRETorqA9R5pYahPWl9ir+WT3d67/2O/C35p
eRKfC5mGz5QPDdeKkgAtdz4Rf1pVE8IF+1dEWAWbl83RE+Pz3nKXBWHN+/5afWyU
FGXqeweug3Jb
-----END CERTIFICATE-----
Generated at Thu Jul 3 06:52:16 2025 by rpki-client