Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/kVbSHeSAZLcRt1sNDz01Vgn0aII.roa
File: kVbSHeSAZLcRt1sNDz01Vgn0aII.roa (raw, json)
Hash identifier: RBczsGsQIk3IQNzYOiPDFhpPrxF0GSCt+sO5mVdmXi4=
Subject key identifier: 91:56:D2:1D:E4:80:64:B7:11:B7:5B:0D:0F:3D:35:56:09:F4:68:82
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0196A433A8724317E02CE3DC1404E1B8815D
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/kVbSHeSAZLcRt1sNDz01Vgn0aII.roa
Signing time: Tue 06 May 2025 06:06:10 +0000
ROA not before: Tue 06 May 2025 06:06:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214025
IP address blocks: 151.242.40.0/24 maxlen: 24
151.242.170.0/24 maxlen: 24
151.242.171.0/24 maxlen: 24
151.242.172.0/24 maxlen: 24
151.242.173.0/24 maxlen: 24
151.242.242.0/24 maxlen: 24
151.243.115.0/24 maxlen: 24
151.243.120.0/24 maxlen: 24
151.244.4.0/24 maxlen: 24
151.244.5.0/24 maxlen: 24
151.244.6.0/24 maxlen: 24
151.244.56.0/24 maxlen: 24
151.244.58.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 16 May 2025 14:01:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:a4:33:a8:72:43:17:e0:2c:e3:dc:14:04:e1:b8:81:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: May 6 06:06:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9156d21de48064b711b75b0d0f3d355609f46882
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:f1:0f:71:9e:54:53:bc:e2:b7:da:cf:2c:08:
14:36:95:63:86:dc:dd:7f:f8:0b:24:84:a4:c0:05:
fc:f3:ca:85:96:7b:2c:db:b8:b8:ae:f2:c6:7c:99:
c6:49:34:a5:52:72:c4:ca:ae:7d:a3:0b:f1:82:c6:
06:27:6e:35:23:51:d5:5f:2d:ac:f1:9c:8b:4a:60:
a6:9e:3d:ba:42:55:12:8f:81:73:ac:1f:a7:78:28:
aa:c5:35:4b:b2:b0:38:a5:4b:5a:58:08:fa:03:e1:
95:fb:aa:70:fb:88:94:35:e2:89:8d:45:bc:2d:3d:
37:12:da:6b:a9:3b:36:61:d9:f2:83:7d:6f:f4:7b:
13:93:bc:fd:84:59:38:4f:61:b2:84:f9:0c:e7:b4:
af:5b:ab:89:c9:86:78:8f:db:37:0b:80:8f:57:6f:
6f:20:e4:c0:aa:9b:e2:ff:88:d4:57:fb:02:50:fa:
c5:7c:35:b3:ee:25:c7:0f:6b:4c:c9:65:65:e5:00:
d7:d2:4c:8d:8f:f6:35:ca:e9:09:0c:42:a0:ed:34:
57:ef:15:8b:29:80:96:68:9c:a1:7d:18:fe:ed:98:
be:c1:32:a7:c3:3b:87:0a:61:94:96:7a:2c:d6:5b:
e7:a6:fd:7b:14:1b:54:76:8d:c0:0a:75:e4:aa:65:
e2:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:56:D2:1D:E4:80:64:B7:11:B7:5B:0D:0F:3D:35:56:09:F4:68:82
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/kVbSHeSAZLcRt1sNDz01Vgn0aII.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.242.40.0/24
151.242.170.0-151.242.173.255
151.242.242.0/24
151.243.115.0/24
151.243.120.0/24
151.244.4.0-151.244.6.255
151.244.56.0/24
151.244.58.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:ab:b2:f3:a7:ca:ed:f1:09:67:2f:26:0d:79:48:27:6a:02:
c2:15:9b:1f:eb:b6:08:33:3e:7d:17:cb:e3:a9:f7:4a:17:7e:
6e:94:33:3b:a4:28:a1:6b:c3:85:d1:e1:27:14:22:9c:d5:0a:
d4:d7:1c:46:0d:6f:d5:1f:0b:b6:f3:2d:78:ab:a7:a1:e2:98:
c8:cc:47:9f:32:15:8d:65:93:95:3e:98:c1:21:d0:27:1e:1d:
d6:1e:e8:d9:fd:ec:34:25:de:16:a3:00:32:ab:2a:9a:cd:c0:
7e:2f:66:95:46:92:5a:6e:81:52:e1:cd:a0:90:9a:67:3a:5e:
93:b9:b7:5c:72:5c:25:cd:ce:a3:4f:ac:aa:f6:f2:45:63:90:
62:86:b2:e9:c9:f6:c7:e5:27:e6:9a:2d:cd:40:7e:3a:cf:81:
19:7c:40:bf:08:e3:ed:74:a0:66:17:b7:5e:ab:a9:c0:0a:0e:
93:16:0f:e9:03:9a:71:b9:d8:95:51:ce:9f:90:7e:39:9f:5e:
0a:2e:2e:36:58:66:3b:3c:48:8e:23:de:9d:c9:74:73:bf:43:
60:0c:2b:63:7d:57:1f:13:44:37:48:77:fc:f0:ab:23:c3:b5:
38:05:f1:e7:51:fa:06:41:60:32:94:9e:69:4b:0f:98:0d:75:
60:34:ee:21
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAZakM6hyQxfgLOPcFAThuIFdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNTA2MDYwNjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTU2ZDIxZGU0ODA2NGI3MTFiNzViMGQwZjNkMzU1NjA5ZjQ2ODgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh/EPcZ5UU7zit9rPLAgUNpVjhtzd
f/gLJISkwAX888qFlnss27i4rvLGfJnGSTSlUnLEyq59owvxgsYGJ241I1HVXy2s
8ZyLSmCmnj26QlUSj4FzrB+neCiqxTVLsrA4pUtaWAj6A+GV+6pw+4iUNeKJjUW8
LT03EtprqTs2Ydnyg31v9HsTk7z9hFk4T2GyhPkM57SvW6uJyYZ4j9s3C4CPV29v
IOTAqpvi/4jUV/sCUPrFfDWz7iXHD2tMyWVl5QDX0kyNj/Y1yukJDEKg7TRX7xWL
KYCWaJyhfRj+7Zi+wTKnwzuHCmGUlnos1lvnpv17FBtUdo3ACnXkqmXiIQIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFJFW0h3kgGS3EbdbDQ89NVYJ9GiCMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEva1ZiU0hlU0FaTGNSdDFzTkR6MDFWZ24wYUlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDBGBAIAATBAAwQAl/IoMAwD
BAGX8qoDBAGX8qwDBACX8vIDBACX83MDBACX83gwDAMEApf0BAMEAJf0BgMEAJf0
OAMEAJf0OjANBgkqhkiG9w0BAQsFAAOCAQEAbKuy86fK7fEJZy8mDXlIJ2oCwhWb
H+u2CDM+fRfL46n3Shd+bpQzO6QooWvDhdHhJxQinNUK1NccRg1v1R8LtvMteKun
oeKYyMxHnzIVjWWTlT6YwSHQJx4d1h7o2f3sNCXeFqMAMqsqms3Afi9mlUaSWm6B
UuHNoJCaZzpek7m3XHJcJc3Oo0+sqvbyRWOQYoay6cn2x+Un5potzUB+Os+BGXxA
vwjj7XSgZhe3XqupwAoOkxYP6QOacbnYlVHOn5B+OZ9eCi4uNlhmOzxIjiPencl0
c79DYAwrY31XHxNEN0h3/PCrI8O1OAXx51H6BkFgMpSeaUsPmA11YDTuIQ==
-----END CERTIFICATE-----
Generated at Thu May 15 23:50:22 2025 by rpki-client