Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xCVPI3xZDzfQU4sxl_ZQ2jJwW6w.roa
File: xCVPI3xZDzfQU4sxl_ZQ2jJwW6w.roa (raw, json)
Hash identifier: SrxSNxNZUXSp+xea8GPHK3pZpOOgVPyCAgtwJ6ruCkg=
Subject key identifier: C4:25:4F:23:7C:59:0F:37:D0:53:8B:31:97:F6:50:DA:32:70:5B:AC
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0196853D039D57A655F6E3CDCD33365351A4
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xCVPI3xZDzfQU4sxl_ZQ2jJwW6w.roa
Signing time: Wed 30 Apr 2025 05:48:10 +0000
ROA not before: Wed 30 Apr 2025 05:48:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214654
IP address blocks: 151.242.15.0/24 maxlen: 24
151.242.23.0/24 maxlen: 24
151.242.73.0/24 maxlen: 24
151.242.74.0/24 maxlen: 24
151.242.75.0/24 maxlen: 24
151.242.76.0/24 maxlen: 24
151.242.77.0/24 maxlen: 24
151.242.78.0/24 maxlen: 24
151.242.79.0/24 maxlen: 24
151.242.80.0/24 maxlen: 24
151.242.81.0/24 maxlen: 24
151.242.82.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 16 May 2025 13:00:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:85:3d:03:9d:57:a6:55:f6:e3:cd:cd:33:36:53:51:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Apr 30 05:48:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c4254f237c590f37d0538b3197f650da32705bac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:75:2e:b5:a6:8f:c5:6b:51:f2:69:73:dc:54:
41:50:dd:92:ba:c3:b0:3c:7d:c7:e2:f2:6a:17:34:
da:81:c1:3d:09:05:4f:35:4a:a0:7b:6f:c2:65:cb:
d9:5d:d5:e1:8f:ab:2a:92:d8:9a:c8:b3:ee:ea:51:
79:a4:2f:43:2b:67:6f:de:5d:4d:95:39:c5:22:2c:
9d:cc:df:7b:0c:b6:4c:62:38:a7:54:e5:e7:f3:c4:
37:74:8b:3a:c9:d1:9e:f4:ea:ef:55:a1:9d:d5:7d:
4e:56:8b:57:30:ff:8c:83:b0:2b:ff:52:20:b1:88:
8d:bd:ba:89:33:c8:59:fd:13:a1:fe:ed:3b:4a:0c:
1b:0d:f2:50:d6:b1:e4:88:ae:e0:8c:99:ee:f4:c6:
ee:0c:8e:b9:11:13:e1:36:aa:35:e6:a8:34:39:95:
25:48:62:34:a7:60:07:92:51:0e:ff:6a:05:1d:a7:
71:41:ba:70:3a:33:d7:56:e5:4c:c6:cd:3b:28:03:
63:92:49:b4:c1:1e:fd:77:24:f0:fa:4e:2c:72:7a:
c9:6f:fa:aa:a6:1b:72:1f:8a:f5:4e:29:f4:32:f3:
85:f9:d5:8d:90:b3:f3:91:1d:32:fc:dc:ae:b5:6c:
64:93:b5:28:aa:b0:77:a6:da:e9:39:2b:b0:7d:34:
da:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:25:4F:23:7C:59:0F:37:D0:53:8B:31:97:F6:50:DA:32:70:5B:AC
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xCVPI3xZDzfQU4sxl_ZQ2jJwW6w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.242.15.0/24
151.242.23.0/24
151.242.73.0-151.242.82.255
Signature Algorithm: sha256WithRSAEncryption
9c:6b:32:16:dd:7e:34:07:6d:86:3e:25:d8:08:18:5a:39:50:
76:04:65:f0:97:af:e2:5e:79:02:80:5a:2a:2e:97:54:45:f9:
4a:de:b4:b1:94:a8:e1:ba:ff:be:ea:57:b5:af:a6:05:75:d6:
74:39:74:f9:2a:f9:1c:3e:c0:c1:cf:4d:0f:51:34:72:f1:cc:
6b:4b:e4:a4:5b:57:16:fa:0f:a5:81:55:2e:c6:90:5a:b7:f1:
b6:62:f5:85:f6:cd:20:34:6d:f1:6c:6a:12:be:26:d3:bc:a0:
0c:66:b0:b2:21:b4:d7:52:4b:e6:0c:8d:05:4a:b2:d7:67:6e:
b1:7d:73:c9:ed:56:de:2f:7d:d9:42:42:fb:59:be:05:30:4a:
0f:d6:ad:a6:0f:8b:7b:2c:94:57:e8:66:6d:0a:64:d8:e6:2a:
77:74:ba:b9:5e:b6:c5:bb:e4:df:32:80:54:cc:dd:26:80:f7:
b2:31:d7:50:e1:5b:55:66:f5:d4:26:fa:b2:03:da:4c:14:9d:
6c:f0:8c:7c:f1:e5:7b:33:b3:34:e0:81:9a:9f:74:e4:49:7d:
19:30:89:f6:29:51:3d:60:dc:e2:76:16:6e:9e:3c:82:c9:08:
1f:6f:55:f0:89:d5:4e:63:1c:eb:45:e1:bd:d0:09:ae:13:b5:
36:70:d8:75
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZaFPQOdV6ZV9uPNzTM2U1GkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNDMwMDU0ODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDI1NGYyMzdjNTkwZjM3ZDA1MzhiMzE5N2Y2NTBkYTMyNzA1YmFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArXUutaaPxWtR8mlz3FRBUN2SusOw
PH3H4vJqFzTagcE9CQVPNUqge2/CZcvZXdXhj6sqktiayLPu6lF5pC9DK2dv3l1N
lTnFIiydzN97DLZMYjinVOXn88Q3dIs6ydGe9OrvVaGd1X1OVotXMP+Mg7Ar/1Ig
sYiNvbqJM8hZ/ROh/u07SgwbDfJQ1rHkiK7gjJnu9MbuDI65ERPhNqo15qg0OZUl
SGI0p2AHklEO/2oFHadxQbpwOjPXVuVMxs07KANjkkm0wR79dyTw+k4scnrJb/qq
phtyH4r1Tin0MvOF+dWNkLPzkR0y/NyutWxkk7UoqrB3ptrpOSuwfTTa5QIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFMQlTyN8WQ830FOLMZf2UNoycFusMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEveENWUEkzeFpEemZRVTRzeGxfWlEyakp3VzZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAl/IPAwQA
l/IXMAwDBACX8kkDBACX8lIwDQYJKoZIhvcNAQELBQADggEBAJxrMhbdfjQHbYY+
JdgIGFo5UHYEZfCXr+JeeQKAWioul1RF+UretLGUqOG6/77qV7WvpgV11nQ5dPkq
+Rw+wMHPTQ9RNHLxzGtL5KRbVxb6D6WBVS7GkFq38bZi9YX2zSA0bfFsahK+JtO8
oAxmsLIhtNdSS+YMjQVKstdnbrF9c8ntVt4vfdlCQvtZvgUwSg/WraYPi3sslFfo
Zm0KZNjmKnd0urletsW75N8ygFTM3SaA97Ix11DhW1Vm9dQm+rID2kwUnWzwjHzx
5XszszTggZqfdORJfRkwifYpUT1g3OJ2Fm6ePILJCB9vVfCJ1U5jHOtF4b3QCa4T
tTZw2HU=
-----END CERTIFICATE-----
Generated at Thu May 15 19:09:15 2025 by rpki-client