Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/UpJihIAnCDPKMb4tgy2oPvzIjOw.roa
File: UpJihIAnCDPKMb4tgy2oPvzIjOw.roa (raw, json)
Hash identifier: qAp5PH8WWaH6ou3LAQX2cFa2jeQxZkK0QHiv349Q2a8=
Subject key identifier: 52:92:62:84:80:27:08:33:CA:31:BE:2D:83:2D:A8:3E:FC:C8:8C:EC
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0197BF5F99EF51F76188C8DF74519E5FA83E
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/UpJihIAnCDPKMb4tgy2oPvzIjOw.roa
Signing time: Mon 30 Jun 2025 05:46:42 +0000
ROA not before: Mon 30 Jun 2025 05:46:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 139989
IP address blocks: 151.242.80.0/24 maxlen: 24
151.243.41.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 04 Jul 2025 04:00:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:bf:5f:99:ef:51:f7:61:88:c8:df:74:51:9e:5f:a8:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Jun 30 05:46:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5292628480270833ca31be2d832da83efcc88cec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:82:4f:0c:18:a9:25:47:ba:28:40:88:e5:1b:
c3:57:51:32:0e:09:0d:0b:8e:fd:44:c0:ae:e0:0d:
4e:47:9c:94:8f:34:de:79:49:a6:21:80:18:60:4b:
df:01:5d:49:1a:e7:0e:d0:6d:50:52:8b:5e:55:62:
21:b1:f1:f6:16:42:1b:05:92:66:87:a1:2e:8f:3e:
61:49:e8:09:d8:70:e3:cd:e3:1e:e0:d5:b0:f2:f5:
37:9b:a7:c3:c8:99:4b:8a:40:b7:94:51:e8:28:6e:
b5:25:56:07:64:da:76:b8:6c:24:50:0e:0f:bf:6e:
5f:1b:c2:83:fd:26:fd:41:7a:23:c7:35:2e:e4:45:
eb:fa:45:63:55:89:24:8d:63:a2:3f:e9:cb:60:91:
1c:8c:6d:52:8d:95:dd:98:41:23:b5:66:5d:70:ce:
ad:7e:72:d4:57:f3:7c:37:28:62:e0:ed:af:52:86:
42:f4:ad:a4:30:3a:4a:b8:ad:d0:a4:83:a0:d4:aa:
a9:1e:0b:79:69:a3:a4:7d:bc:5d:53:08:62:e5:58:
bd:49:cf:a9:43:25:be:5e:f5:3c:be:6b:0b:98:fc:
0e:f6:78:a1:d2:08:4a:c3:85:05:de:71:4f:9e:61:
d0:2e:33:9e:aa:5d:cb:80:44:f4:20:6b:ae:2f:8d:
3f:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:92:62:84:80:27:08:33:CA:31:BE:2D:83:2D:A8:3E:FC:C8:8C:EC
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/UpJihIAnCDPKMb4tgy2oPvzIjOw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.242.80.0/24
151.243.41.0/24
Signature Algorithm: sha256WithRSAEncryption
86:71:0b:0c:b5:ed:91:27:62:39:98:75:53:66:31:0b:d4:37:
6e:64:31:e0:de:ee:f0:5e:21:34:a8:42:35:fc:e1:cd:15:ec:
0f:3f:2b:db:20:46:86:69:29:c2:4f:59:2c:df:84:31:a9:4b:
8e:12:d0:0d:4b:03:93:c3:0e:36:da:d4:8d:0c:b8:c8:22:d3:
a7:b7:8f:70:fe:1e:26:d7:bf:00:b7:17:d4:ac:df:4e:67:08:
1f:62:00:eb:69:ef:65:07:bf:f5:d6:26:dd:53:f9:6e:98:91:
4f:49:f4:d8:96:2c:3f:f7:8a:aa:7f:e6:65:1a:2c:57:dd:19:
00:fa:e9:c5:5a:a2:67:18:a0:39:d9:c8:20:2e:32:87:f2:b6:
f4:a2:8c:6b:2c:fa:84:4f:df:c8:bc:ea:ca:96:c7:a0:b7:0b:
a7:66:e0:36:55:ba:d5:53:75:91:62:a6:91:5a:7c:e7:d4:bc:
2c:37:12:f0:92:26:7d:38:5a:6a:f8:5e:c9:cb:c9:af:cc:e7:
d8:7f:14:d0:a8:79:6d:a4:19:36:f0:ae:f3:5a:ee:49:25:d1:
db:39:68:15:4e:40:08:48:17:1b:60:f3:a3:86:c4:55:64:1a:
cb:87:37:56:c9:3f:18:31:f4:e6:5e:d2:bf:27:1f:fd:1a:14:
44:82:51:2c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZe/X5nvUfdhiMjfdFGeX6g+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNjMwMDU0NjQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjkyNjI4NDgwMjcwODMzY2EzMWJlMmQ4MzJkYTgzZWZjYzg4Y2VjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArIJPDBipJUe6KECI5RvDV1EyDgkN
C479RMCu4A1OR5yUjzTeeUmmIYAYYEvfAV1JGucO0G1QUoteVWIhsfH2FkIbBZJm
h6Eujz5hSegJ2HDjzeMe4NWw8vU3m6fDyJlLikC3lFHoKG61JVYHZNp2uGwkUA4P
v25fG8KD/Sb9QXojxzUu5EXr+kVjVYkkjWOiP+nLYJEcjG1SjZXdmEEjtWZdcM6t
fnLUV/N8Nyhi4O2vUoZC9K2kMDpKuK3QpIOg1KqpHgt5aaOkfbxdUwhi5Vi9Sc+p
QyW+XvU8vmsLmPwO9nih0ghKw4UF3nFPnmHQLjOeql3LgET0IGuuL40/ewIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFKSYoSAJwgzyjG+LYMtqD78yIzsMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvVXBKaWhJQW5DRFBLTWI0dGd5Mm9QdnpJak93LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAl/JQAwQA
l/MpMA0GCSqGSIb3DQEBCwUAA4IBAQCGcQsMte2RJ2I5mHVTZjEL1DduZDHg3u7w
XiE0qEI1/OHNFewPPyvbIEaGaSnCT1ks34QxqUuOEtANSwOTww422tSNDLjIItOn
t49w/h4m178AtxfUrN9OZwgfYgDrae9lB7/11ibdU/lumJFPSfTYliw/94qqf+Zl
GixX3RkA+unFWqJnGKA52cggLjKH8rb0ooxrLPqET9/IvOrKlsegtwunZuA2VbrV
U3WRYqaRWnzn1LwsNxLwkiZ9OFpq+F7Jy8mvzOfYfxTQqHltpBk28K7zWu5JJdHb
OWgVTkAISBcbYPOjhsRVZBrLhzdWyT8YMfTmXtK/Jx/9GhREglEs
-----END CERTIFICATE-----
Generated at Thu Jul 3 07:03:31 2025 by rpki-client