Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/YM28tu4_W1WdDe7OrYuy8lN7GSw.roa
File: YM28tu4_W1WdDe7OrYuy8lN7GSw.roa (raw, json)
Hash identifier: QyM2xl7oQfMFq6Ji6OC/uTg3kvrkpQat9A28d9GIys4=
Subject key identifier: 60:CD:BC:B6:EE:3F:5B:55:9D:0D:EE:CE:AD:8B:B2:F2:53:7B:19:2C
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0196CD3F2A34190DC99A6C58ACA24EFD6D66
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/YM28tu4_W1WdDe7OrYuy8lN7GSw.roa
Signing time: Wed 14 May 2025 05:23:10 +0000
ROA not before: Wed 14 May 2025 05:23:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 64267
IP address blocks: 151.240.24.0/24 maxlen: 24
151.240.26.0/24 maxlen: 24
151.240.27.0/24 maxlen: 24
151.240.179.0/24 maxlen: 24
151.241.7.0/24 maxlen: 24
151.241.35.0/24 maxlen: 24
151.241.36.0/24 maxlen: 24
151.241.37.0/24 maxlen: 24
151.241.40.0/24 maxlen: 24
151.241.47.0/24 maxlen: 24
151.241.171.0/24 maxlen: 24
151.241.179.0/24 maxlen: 24
151.244.3.0/24 maxlen: 24
151.244.69.0/24 maxlen: 24
151.244.76.0/24 maxlen: 24
151.244.90.0/24 maxlen: 24
151.244.199.0/24 maxlen: 24
151.245.69.0/24 maxlen: 24
151.245.199.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 16 May 2025 23:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:cd:3f:2a:34:19:0d:c9:9a:6c:58:ac:a2:4e:fd:6d:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: May 14 05:23:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=60cdbcb6ee3f5b559d0deecead8bb2f2537b192c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:4f:19:c1:c1:35:58:48:c5:70:c8:fd:1a:7d:
8a:b8:91:5e:f8:5e:73:46:07:8f:b3:37:0a:b8:ab:
28:f8:20:3a:78:5f:27:2f:bd:78:99:af:d3:c8:62:
3d:04:3c:51:7a:cf:5a:78:9c:59:e4:38:02:44:a2:
cf:16:51:15:23:8e:31:86:a1:26:eb:eb:2b:d8:bf:
5c:fa:02:2c:7a:e0:09:c7:03:29:5c:67:c7:bf:be:
71:d7:60:27:4f:ec:3c:52:f4:c7:b4:02:d0:16:1d:
08:d1:38:de:9a:94:53:bd:f0:d4:cc:a2:4d:0f:eb:
71:f5:7a:91:d2:a7:a6:7c:8a:b0:f5:6e:fd:fd:3a:
e2:d0:b9:03:27:40:01:64:4a:0b:23:34:bd:ed:2c:
ef:63:21:b5:4a:cf:ec:11:9d:52:e0:c9:46:db:f7:
5a:37:8b:0c:3a:26:70:5a:bc:14:b2:e2:3f:e6:0b:
19:fe:9c:4c:f0:03:7c:9a:28:d3:ad:9e:26:8a:e1:
f5:26:be:e5:e4:17:ef:c9:2c:82:89:2e:e8:98:2f:
30:f2:b8:2e:9e:d0:11:a3:b7:a1:93:c8:82:ad:8c:
b8:4c:6a:a7:67:aa:8d:70:f6:5d:f2:b3:69:ff:8e:
9e:16:00:4e:36:10:31:4d:37:51:ab:44:ba:91:c2:
4b:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:CD:BC:B6:EE:3F:5B:55:9D:0D:EE:CE:AD:8B:B2:F2:53:7B:19:2C
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/YM28tu4_W1WdDe7OrYuy8lN7GSw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.240.24.0/24
151.240.26.0/23
151.240.179.0/24
151.241.7.0/24
151.241.35.0-151.241.37.255
151.241.40.0/24
151.241.47.0/24
151.241.171.0/24
151.241.179.0/24
151.244.3.0/24
151.244.69.0/24
151.244.76.0/24
151.244.90.0/24
151.244.199.0/24
151.245.69.0/24
151.245.199.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:62:e1:d4:34:10:8e:a6:c7:4f:27:eb:69:24:30:47:65:f9:
e5:a3:f9:b8:43:fa:eb:33:1e:50:a1:b5:7a:6f:d0:13:dd:24:
51:f5:e9:e6:8a:08:94:61:31:0e:8f:7f:96:79:81:71:65:68:
c1:e3:6c:34:df:a7:72:ac:35:3f:15:c1:6c:ca:9a:bf:34:82:
3d:e2:fa:77:f9:a4:50:78:34:21:de:86:25:74:91:73:cf:34:
ed:07:59:92:cf:11:27:44:7e:4f:c8:50:ea:c4:61:8f:d6:76:
ac:03:3a:ed:ee:e0:5a:1a:46:24:4d:71:e2:b2:33:fe:8c:b7:
42:ec:1f:28:0b:01:4a:af:54:61:a6:95:ee:df:f8:da:6b:18:
69:12:9c:f4:89:ed:7c:3a:89:4c:fd:8c:2b:41:dd:0f:4f:37:
d9:89:1f:47:25:0b:c5:b1:e2:54:2d:f7:52:99:24:00:c0:44:
a2:c3:9e:d5:bd:68:71:b9:1d:e5:58:6c:ef:cf:78:96:55:50:
58:57:6e:44:34:86:1b:3c:50:16:74:7b:4e:69:0a:5b:f6:5a:
c2:ed:b1:c0:9d:cc:68:37:9c:f6:f0:be:8b:8c:5d:22:6a:e4:
27:b0:20:d1:a4:6e:8c:3d:89:4b:41:2e:84:ee:53:b7:c1:cc:
ac:89:c4:3d
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgISAZbNPyo0GQ3JmmxYrKJO/W1mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNTE0MDUyMzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MGNkYmNiNmVlM2Y1YjU1OWQwZGVlY2VhZDhiYjJmMjUzN2IxOTJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwk8ZwcE1WEjFcMj9Gn2KuJFe+F5z
RgePszcKuKso+CA6eF8nL714ma/TyGI9BDxRes9aeJxZ5DgCRKLPFlEVI44xhqEm
6+sr2L9c+gIseuAJxwMpXGfHv75x12AnT+w8UvTHtALQFh0I0TjempRTvfDUzKJN
D+tx9XqR0qemfIqw9W79/Tri0LkDJ0ABZEoLIzS97SzvYyG1Ss/sEZ1S4MlG2/da
N4sMOiZwWrwUsuI/5gsZ/pxM8AN8mijTrZ4miuH1Jr7l5BfvySyCiS7omC8w8rgu
ntARo7ehk8iCrYy4TGqnZ6qNcPZd8rNp/46eFgBONhAxTTdRq0S6kcJL9QIDAQAB
o4ICbDCCAmgwHQYDVR0OBBYEFGDNvLbuP1tVnQ3uzq2LsvJTexksMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvWU0yOHR1NF9XMVdkRGU3T3JZdXk4bE43R1N3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGBBggrBgEFBQcBBwEB/wRyMHAwbgQCAAEwaAMEAJfwGAME
AZfwGgMEAJfwswMEAJfxBzAMAwQAl/EjAwQBl/EkAwQAl/EoAwQAl/EvAwQAl/Gr
AwQAl/GzAwQAl/QDAwQAl/RFAwQAl/RMAwQAl/RaAwQAl/THAwQAl/VFAwQAl/XH
MA0GCSqGSIb3DQEBCwUAA4IBAQB6YuHUNBCOpsdPJ+tpJDBHZfnlo/m4Q/rrMx5Q
obV6b9AT3SRR9enmigiUYTEOj3+WeYFxZWjB42w036dyrDU/FcFsypq/NII94vp3
+aRQeDQh3oYldJFzzzTtB1mSzxEnRH5PyFDqxGGP1nasAzrt7uBaGkYkTXHisjP+
jLdC7B8oCwFKr1RhppXu3/jaaxhpEpz0ie18OolM/YwrQd0PTzfZiR9HJQvFseJU
LfdSmSQAwESiw57VvWhxuR3lWGzvz3iWVVBYV25ENIYbPFAWdHtOaQpb9lrC7bHA
ncxoN5z28L6LjF0iauQnsCDRpG6MPYlLQS6E7lO3wcysicQ9
-----END CERTIFICATE-----
Generated at Fri May 16 08:17:24 2025 by rpki-client