Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/ZVmimBSIOPkISmkoUk9S5h5kcJ0.roa
File: ZVmimBSIOPkISmkoUk9S5h5kcJ0.roa (raw, json)
Hash identifier: Wb14OPZ5L/13b7J6isxsn+3WIwhoT0rsankyvTmO78M=
Subject key identifier: 65:59:A2:98:14:88:38:F9:08:4A:69:28:52:4F:52:E6:1E:64:70:9D
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0196BDC86BF9BBF54B98D30F8E51BB444F15
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/ZVmimBSIOPkISmkoUk9S5h5kcJ0.roa
Signing time: Sun 11 May 2025 05:19:10 +0000
ROA not before: Sun 11 May 2025 05:19:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9304
IP address blocks: 151.240.60.0/23 maxlen: 24
151.240.74.0/24 maxlen: 24
151.242.134.0/24 maxlen: 24
151.242.135.0/24 maxlen: 24
151.242.236.0/22 maxlen: 24
151.244.48.0/24 maxlen: 24
151.244.102.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 16 May 2025 14:01:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:bd:c8:6b:f9:bb:f5:4b:98:d3:0f:8e:51:bb:44:4f:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: May 11 05:19:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6559a298148838f9084a6928524f52e61e64709d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:4e:c4:b5:36:9c:54:6e:52:76:b5:42:d2:a6:
cf:cb:dd:71:a3:c3:01:be:d8:3b:c5:6e:ba:44:e3:
ef:5e:f8:69:ac:54:f0:cc:3a:1e:13:c2:6c:a6:0a:
bd:73:1c:ec:1f:23:d1:98:bf:35:57:a5:da:43:e8:
77:89:54:0a:9d:ce:95:5e:85:a5:5a:0c:b0:30:b2:
1c:b4:28:83:36:a3:e4:65:33:ef:1a:8b:f1:7f:bc:
6c:1b:7b:4a:f7:ba:01:00:e5:36:e7:26:99:5b:28:
b8:89:3e:7e:1a:c0:03:66:23:c1:fd:02:95:0a:a7:
ab:d7:16:53:6d:e1:24:23:d7:97:3f:3a:9c:64:98:
49:63:90:b1:f5:4c:78:74:8e:99:38:3f:65:1f:76:
fd:87:4f:21:b8:f0:5d:40:1f:14:44:fa:86:87:f0:
df:64:73:7e:80:a7:f2:67:c5:89:54:70:40:d4:da:
26:79:73:97:c7:08:98:41:d6:55:73:3f:ca:5d:88:
7a:f0:69:1a:ef:79:c2:92:1d:76:a8:09:08:87:ba:
35:52:67:5e:2a:af:70:9b:b8:19:7a:84:b1:cc:2e:
a8:39:e0:f4:25:8c:6a:d8:75:48:0e:57:87:17:cd:
27:2a:33:76:d0:d9:8e:98:5a:0b:2c:e0:88:ad:2c:
57:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:59:A2:98:14:88:38:F9:08:4A:69:28:52:4F:52:E6:1E:64:70:9D
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/ZVmimBSIOPkISmkoUk9S5h5kcJ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.240.60.0/23
151.240.74.0/24
151.242.134.0/23
151.242.236.0/22
151.244.48.0/24
151.244.102.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:56:e5:a3:bf:f9:62:a0:f3:7f:45:0b:c9:b7:e2:a4:99:cc:
a9:c8:7d:03:f7:32:8c:ac:a6:cf:f5:89:3b:85:ad:36:38:44:
52:97:8f:ef:9d:67:df:11:61:ce:16:99:5a:36:f4:c9:1d:13:
d8:7a:84:41:50:9d:a7:5d:14:a9:b1:c1:b6:a8:70:93:fe:41:
c4:81:a5:21:af:9d:ad:3c:e6:46:e4:9d:91:2b:86:cc:3e:4f:
fa:1f:88:b9:1e:6e:aa:72:34:17:1e:2c:ee:0d:c9:63:4d:92:
1f:df:fc:26:a2:7a:ea:3c:92:b6:b3:a3:95:a7:80:96:24:20:
f5:f7:be:69:1c:fc:7b:0d:9c:51:38:1e:f0:a7:e0:82:7d:56:
9d:ea:24:19:8e:26:ae:f0:fa:81:7b:04:eb:ae:68:12:d1:18:
86:81:20:95:76:a3:ee:a0:cc:03:d5:6d:6b:91:b6:8e:3e:6b:
2c:b1:da:ba:38:2c:62:67:80:df:62:b3:2f:3f:65:1c:22:ef:
d9:df:a0:54:15:fb:48:f2:a4:83:cc:28:ab:be:9b:2e:67:d7:
3b:fc:10:5d:16:53:6e:9e:d4:54:45:95:6d:87:e5:19:47:a1:
9a:33:f3:b5:bc:27:cb:7f:9f:40:12:da:a6:8f:d7:c5:fd:e9:
b1:d2:2f:90
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZa9yGv5u/VLmNMPjlG7RE8VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNTExMDUxOTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTU5YTI5ODE0ODgzOGY5MDg0YTY5Mjg1MjRmNTJlNjFlNjQ3MDlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyE7EtTacVG5SdrVC0qbPy91xo8MB
vtg7xW66ROPvXvhprFTwzDoeE8Jspgq9cxzsHyPRmL81V6XaQ+h3iVQKnc6VXoWl
WgywMLIctCiDNqPkZTPvGovxf7xsG3tK97oBAOU25yaZWyi4iT5+GsADZiPB/QKV
Cqer1xZTbeEkI9eXPzqcZJhJY5Cx9Ux4dI6ZOD9lH3b9h08huPBdQB8URPqGh/Df
ZHN+gKfyZ8WJVHBA1NomeXOXxwiYQdZVcz/KXYh68Gka73nCkh12qAkIh7o1Umde
Kq9wm7gZeoSxzC6oOeD0JYxq2HVIDleHF80nKjN20NmOmFoLLOCIrSxXfQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFGVZopgUiDj5CEppKFJPUuYeZHCdMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvWlZtaW1CU0lPUGtJU21rb1VrOVM1aDVrY0owLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQBl/A8AwQA
l/BKAwQBl/KGAwQCl/LsAwQAl/QwAwQAl/RmMA0GCSqGSIb3DQEBCwUAA4IBAQA9
VuWjv/lioPN/RQvJt+KkmcypyH0D9zKMrKbP9Yk7ha02OERSl4/vnWffEWHOFpla
NvTJHRPYeoRBUJ2nXRSpscG2qHCT/kHEgaUhr52tPOZG5J2RK4bMPk/6H4i5Hm6q
cjQXHizuDcljTZIf3/wmonrqPJK2s6OVp4CWJCD1975pHPx7DZxROB7wp+CCfVad
6iQZjiau8PqBewTrrmgS0RiGgSCVdqPuoMwD1W1rkbaOPmsssdq6OCxiZ4DfYrMv
P2UcIu/Z36BUFftI8qSDzCirvpsuZ9c7/BBdFlNuntRURZVth+UZR6GaM/O1vCfL
f59AEtqmj9fF/emx0i+Q
-----END CERTIFICATE-----
Generated at Thu May 15 23:47:04 2025 by rpki-client