Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/mq2sHJtM1XwSAkBbv-2B-5R0ir4.roa
File: mq2sHJtM1XwSAkBbv-2B-5R0ir4.roa (raw, json)
Hash identifier: Gr1r6DJ1OCJM4T0Y3PzjEUc7R0bxWM/SnbH2CPB+D8g=
Subject key identifier: 9A:AD:AC:1C:9B:4C:D5:7C:12:02:40:5B:BF:ED:81:FB:94:74:8A:BE
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0196B3A311FF6F8069176ACCAA79D54B0C47
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/mq2sHJtM1XwSAkBbv-2B-5R0ir4.roa
Signing time: Fri 09 May 2025 06:02:10 +0000
ROA not before: Fri 09 May 2025 06:02:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29802
IP address blocks: 37.202.194.0/24 maxlen: 24
37.202.201.0/24 maxlen: 24
37.202.220.0/24 maxlen: 24
151.242.190.0/24 maxlen: 24
151.242.194.0/24 maxlen: 24
151.243.228.0/24 maxlen: 24
151.243.243.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 16 May 2025 14:01:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:b3:a3:11:ff:6f:80:69:17:6a:cc:aa:79:d5:4b:0c:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: May 9 06:02:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9aadac1c9b4cd57c1202405bbfed81fb94748abe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:4d:d3:cc:25:e6:35:37:9e:a5:68:16:9a:28:
58:79:d0:be:be:8a:2c:c8:25:c6:61:4a:35:2d:cc:
25:98:9d:3b:dd:c4:f4:02:d5:a9:66:54:a7:a4:92:
37:50:76:80:d9:9a:ce:d4:b8:fd:b0:13:b3:98:fd:
f8:8d:5e:fb:1c:ab:85:8b:83:e5:3d:2a:77:29:21:
96:ae:85:59:b9:65:99:24:60:4c:c9:c0:d6:b4:b8:
c9:8a:63:b0:40:fa:4c:60:f9:aa:82:67:90:c5:d6:
c6:c4:f8:c5:ac:95:81:9e:c0:1a:66:78:43:82:4f:
b7:ae:84:4b:62:42:05:ea:aa:3b:f5:ad:3d:68:32:
5f:36:a9:a9:8b:70:10:a3:11:ce:81:fe:c6:63:a4:
0a:0d:6e:18:0f:ce:e8:ce:41:d0:5d:bb:e4:49:05:
8d:a1:d4:ed:bc:2d:39:84:3c:cb:68:81:a8:9c:b7:
44:dd:7f:a5:45:1a:b9:86:94:19:a1:b5:67:2a:8d:
bb:50:a5:30:05:35:78:28:c9:06:0f:5a:89:50:be:
57:89:cf:e9:48:6a:1a:67:2a:a6:0d:34:ba:58:98:
6d:8c:ab:02:0c:c9:0d:fd:1b:d6:a7:1e:a4:db:09:
ce:45:f0:c4:57:d6:88:cb:0e:d9:95:b8:02:b3:98:
70:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:AD:AC:1C:9B:4C:D5:7C:12:02:40:5B:BF:ED:81:FB:94:74:8A:BE
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/mq2sHJtM1XwSAkBbv-2B-5R0ir4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.202.194.0/24
37.202.201.0/24
37.202.220.0/24
151.242.190.0/24
151.242.194.0/24
151.243.228.0/24
151.243.243.0/24
Signature Algorithm: sha256WithRSAEncryption
95:04:a6:19:51:56:35:07:3d:84:c0:86:f1:fc:d5:d5:eb:ff:
a9:ca:7c:8b:1b:5b:ef:cd:f5:a4:bc:1a:0e:87:af:42:57:88:
ff:52:75:45:ea:c0:ad:fe:d2:13:d7:1f:d5:c8:f8:f8:c4:0f:
7e:cb:fd:6f:6c:4e:dd:aa:de:12:8a:1c:10:14:91:f6:0c:fb:
d6:e3:d8:b0:de:11:0b:7f:d3:7f:54:4d:75:56:45:8a:9d:aa:
2e:96:b2:99:17:73:1c:c3:6d:35:97:8c:cb:aa:18:38:35:9f:
b9:df:bb:ad:af:03:c2:30:33:eb:d6:29:1a:de:91:4f:42:53:
83:ea:81:7a:2c:a1:c9:48:16:ef:0a:af:99:f2:8e:19:fa:56:
06:1b:7c:2c:f0:bc:2c:47:07:d2:60:33:4b:ea:5f:3d:07:ef:
c8:38:8f:4e:5a:60:09:36:46:3d:c8:08:0e:e8:c8:36:e4:a0:
1f:13:ce:91:a4:4e:6d:ff:54:9a:2b:1f:e9:33:cc:06:51:43:
0c:a5:92:a8:20:69:9c:5c:00:01:79:62:70:a5:4a:0b:ee:13:
22:3c:0f:d1:f2:ab:92:3e:5e:d0:ab:65:b4:e9:5f:f4:3d:1e:
3c:63:8e:62:37:73:61:de:47:28:b0:e3:3c:50:8b:f8:77:ef:
40:b9:97:8e
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZazoxH/b4BpF2rMqnnVSwxHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNTA5MDYwMjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YWFkYWMxYzliNGNkNTdjMTIwMjQwNWJiZmVkODFmYjk0NzQ4YWJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6U3TzCXmNTeepWgWmihYedC+voos
yCXGYUo1LcwlmJ073cT0AtWpZlSnpJI3UHaA2ZrO1Lj9sBOzmP34jV77HKuFi4Pl
PSp3KSGWroVZuWWZJGBMycDWtLjJimOwQPpMYPmqgmeQxdbGxPjFrJWBnsAaZnhD
gk+3roRLYkIF6qo79a09aDJfNqmpi3AQoxHOgf7GY6QKDW4YD87ozkHQXbvkSQWN
odTtvC05hDzLaIGonLdE3X+lRRq5hpQZobVnKo27UKUwBTV4KMkGD1qJUL5Xic/p
SGoaZyqmDTS6WJhtjKsCDMkN/RvWpx6k2wnORfDEV9aIyw7ZlbgCs5hwQwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFJqtrBybTNV8EgJAW7/tgfuUdIq+MB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvbXEyc0hKdE0xWHdTQWtCYnYtMkItNVIwaXI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAJcrCAwQA
JcrJAwQAJcrcAwQAl/K+AwQAl/LCAwQAl/PkAwQAl/PzMA0GCSqGSIb3DQEBCwUA
A4IBAQCVBKYZUVY1Bz2EwIbx/NXV6/+pynyLG1vvzfWkvBoOh69CV4j/UnVF6sCt
/tIT1x/VyPj4xA9+y/1vbE7dqt4SihwQFJH2DPvW49iw3hELf9N/VE11VkWKnaou
lrKZF3Mcw201l4zLqhg4NZ+537utrwPCMDPr1ika3pFPQlOD6oF6LKHJSBbvCq+Z
8o4Z+lYGG3ws8LwsRwfSYDNL6l89B+/IOI9OWmAJNkY9yAgO6Mg25KAfE86RpE5t
/1SaKx/pM8wGUUMMpZKoIGmcXAABeWJwpUoL7hMiPA/R8quSPl7Qq2W06V/0PR48
Y45iN3Nh3kcosOM8UIv4d+9AuZeO
-----END CERTIFICATE-----
Generated at Thu May 15 23:46:01 2025 by rpki-client