Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/lY1KdID5MOt23iXvslLD9QBqIRc.roa
File: lY1KdID5MOt23iXvslLD9QBqIRc.roa (raw, json)
Hash identifier: 3k/+K4LWs+5z2a4+KfO3RhRyDEObmcHWHuFjTMuQAVc=
Subject key identifier: 95:8D:4A:74:80:F9:30:EB:76:DE:25:EF:B2:52:C3:F5:00:6A:21:17
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0197A15F36F9BE42BF3806448713A1F1D73E
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/lY1KdID5MOt23iXvslLD9QBqIRc.roa
Signing time: Tue 24 Jun 2025 09:57:41 +0000
ROA not before: Tue 24 Jun 2025 09:57:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214432
IP address blocks: 151.240.73.0/24 maxlen: 24
151.240.78.0/24 maxlen: 24
151.240.144.0/24 maxlen: 24
151.244.62.0/24 maxlen: 24
151.244.75.0/24 maxlen: 24
151.244.87.0/24 maxlen: 24
151.244.103.0/24 maxlen: 24
151.244.108.0/24 maxlen: 24
151.244.109.0/24 maxlen: 24
151.245.102.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 02 Jul 2025 08:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:a1:5f:36:f9:be:42:bf:38:06:44:87:13:a1:f1:d7:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Jun 24 09:57:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=958d4a7480f930eb76de25efb252c3f5006a2117
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:80:63:03:de:52:b8:f8:57:73:72:da:8d:eb:
6f:9a:81:cb:43:b1:55:4f:1c:e6:b4:01:e9:bf:52:
64:65:fa:28:41:00:8b:3b:68:5d:83:27:b4:7a:27:
23:4b:5c:41:a8:ba:fc:bb:7d:56:4a:af:be:98:0d:
d6:e3:fa:ad:59:1b:f3:6b:a1:9f:04:88:23:ca:f1:
94:51:ab:02:98:45:ef:7b:04:66:32:e3:ae:0c:a9:
f9:d0:68:24:31:27:42:db:5c:1e:82:ad:14:7b:16:
5c:ec:f1:7b:45:1d:0d:02:d3:4e:bb:29:02:b6:4a:
8d:69:4a:bf:b6:e7:ce:a4:13:32:55:68:bd:6d:b6:
4d:51:40:7f:12:5f:29:6b:a4:8e:bf:3a:ca:70:b8:
41:c6:21:b8:8c:4e:3a:1b:78:0d:01:72:c3:97:04:
31:4a:9b:2a:72:4a:9e:17:cd:d1:65:f8:85:3a:e0:
9d:90:62:ab:8d:51:b6:9f:83:9c:91:4c:1a:3e:74:
c0:ad:cc:36:88:c0:41:b5:62:85:c1:76:b4:55:ac:
21:2d:b8:4e:84:92:ff:f3:81:16:cc:8b:62:10:62:
75:4e:96:ad:1f:22:31:78:4c:f6:40:9e:6b:0d:f6:
45:03:39:21:48:3a:1d:f4:fc:98:97:86:a0:3c:85:
17:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:8D:4A:74:80:F9:30:EB:76:DE:25:EF:B2:52:C3:F5:00:6A:21:17
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/lY1KdID5MOt23iXvslLD9QBqIRc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.240.73.0/24
151.240.78.0/24
151.240.144.0/24
151.244.62.0/24
151.244.75.0/24
151.244.87.0/24
151.244.103.0/24
151.244.108.0/23
151.245.102.0/24
Signature Algorithm: sha256WithRSAEncryption
78:07:9f:34:a0:7e:3e:d3:65:c8:6f:9f:17:9d:97:87:03:b8:
01:00:1b:79:0c:b2:34:39:99:28:cd:ec:9f:2f:ba:18:35:6e:
9a:a8:94:2a:ac:a9:20:f8:c8:f0:3e:c8:d9:f3:99:5f:45:06:
cb:8b:37:c3:66:49:0d:1d:6f:42:a0:12:c1:b9:fc:21:89:c3:
f9:c1:fa:b3:fe:f8:d5:59:2c:ab:93:1a:54:de:9f:9e:44:f9:
e0:33:ce:be:3a:3b:81:36:9a:c6:a7:2b:7b:e3:2c:80:4f:20:
c9:30:f5:0e:23:f9:97:89:a2:3f:75:a7:55:0d:9b:34:44:ae:
df:b3:38:09:e2:28:01:cd:e5:58:19:24:91:1d:da:b6:c8:0a:
8c:b7:e6:c6:92:ac:a3:ff:4b:04:35:4a:77:06:ce:4e:cc:ab:
53:1d:06:ee:76:58:af:46:ae:a1:49:f4:78:a6:5a:0d:9d:96:
ee:20:eb:59:9f:e9:d7:1b:15:27:e0:26:9c:6b:6d:03:ff:aa:
7b:da:26:68:c3:15:7c:a2:55:1b:1a:d7:0e:8c:45:63:44:95:
3c:30:ba:d1:e6:52:d6:c9:b3:a8:04:3a:5f:69:c4:95:e0:2d:
d2:47:33:ec:d3:33:9f:7e:fd:f1:bf:54:b4:bf:c2:07:36:96:
6c:2d:1a:b2
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZehXzb5vkK/OAZEhxOh8dc+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNjI0MDk1NzQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NThkNGE3NDgwZjkzMGViNzZkZTI1ZWZiMjUyYzNmNTAwNmEyMTE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzoBjA95SuPhXc3LajetvmoHLQ7FV
TxzmtAHpv1JkZfooQQCLO2hdgye0eicjS1xBqLr8u31WSq++mA3W4/qtWRvza6Gf
BIgjyvGUUasCmEXvewRmMuOuDKn50GgkMSdC21wegq0UexZc7PF7RR0NAtNOuykC
tkqNaUq/tufOpBMyVWi9bbZNUUB/El8pa6SOvzrKcLhBxiG4jE46G3gNAXLDlwQx
SpsqckqeF83RZfiFOuCdkGKrjVG2n4OckUwaPnTArcw2iMBBtWKFwXa0VawhLbhO
hJL/84EWzItiEGJ1TpatHyIxeEz2QJ5rDfZFAzkhSDod9PyYl4agPIUXRQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFJWNSnSA+TDrdt4l77JSw/UAaiEXMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvbFkxS2RJRDVNT3QyM2lYdnNsTEQ5UUJxSVJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAl/BJAwQA
l/BOAwQAl/CQAwQAl/Q+AwQAl/RLAwQAl/RXAwQAl/RnAwQBl/RsAwQAl/VmMA0G
CSqGSIb3DQEBCwUAA4IBAQB4B580oH4+02XIb58XnZeHA7gBABt5DLI0OZkozeyf
L7oYNW6aqJQqrKkg+MjwPsjZ85lfRQbLizfDZkkNHW9CoBLBufwhicP5wfqz/vjV
WSyrkxpU3p+eRPngM86+OjuBNprGpyt74yyATyDJMPUOI/mXiaI/dadVDZs0RK7f
szgJ4igBzeVYGSSRHdq2yAqMt+bGkqyj/0sENUp3Bs5OzKtTHQbudlivRq6hSfR4
ploNnZbuIOtZn+nXGxUn4Caca20D/6p72iZowxV8olUbGtcOjEVjRJU8MLrR5lLW
ybOoBDpfacSV4C3SRzPs0zOffv3xv1S0v8IHNpZsLRqy
-----END CERTIFICATE-----
Generated at Tue Jul 1 14:34:56 2025 by rpki-client