Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/GznVaL0t-qU4B6byKuF268rpYpg.roa
File: GznVaL0t-qU4B6byKuF268rpYpg.roa (raw, json)
Hash identifier: 6YW2TC/A7ak15nQZT0m8k2nZ0eXkrlIijw24KpajtDg=
Subject key identifier: 1B:39:D5:68:BD:2D:FA:A5:38:07:A6:F2:2A:E1:76:EB:CA:E9:62:98
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0197D95BD26346B273C13ECA52DC26EF951E
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/GznVaL0t-qU4B6byKuF268rpYpg.roa
Signing time: Sat 05 Jul 2025 06:52:42 +0000
ROA not before: Sat 05 Jul 2025 06:52:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2914
IP address blocks: 151.244.194.0/24 maxlen: 24
151.244.195.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Jul 2025 20:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:d9:5b:d2:63:46:b2:73:c1:3e:ca:52:dc:26:ef:95:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Jul 5 06:52:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1b39d568bd2dfaa53807a6f22ae176ebcae96298
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:26:0d:33:f9:13:79:37:b8:d7:d0:5b:96:76:
ca:8b:da:c7:91:d1:93:a3:62:0a:de:36:3a:b2:06:
0c:76:fb:64:ac:a9:7b:88:f0:0f:f9:33:ab:e2:d6:
e7:0e:f2:d2:58:83:cd:ca:55:d2:23:bd:d8:b5:90:
a6:e6:3b:05:b4:15:8a:ec:4a:4e:5f:31:d0:1d:31:
89:15:c7:26:6c:12:f9:2a:75:15:a3:7e:37:1d:2c:
5a:5d:82:4a:5d:f7:bd:56:40:5a:8b:68:9f:01:78:
3a:bf:83:61:97:dd:15:72:5c:ec:cc:8d:94:61:af:
22:6c:94:8f:29:b8:40:d0:8a:7d:ed:7f:4e:d1:7d:
e8:3e:50:7d:55:43:d2:2b:ac:94:42:fd:a7:d3:4c:
93:5e:2e:7d:3b:dd:5b:1c:2b:df:8c:05:57:e5:d3:
2c:74:12:50:17:a8:90:d4:ac:2e:9e:b5:fb:18:e1:
50:bf:fa:31:6e:be:1e:00:15:39:f9:32:ce:2b:73:
86:7c:25:58:09:b5:b9:f0:34:f1:59:d5:d0:86:c4:
95:e0:6a:8d:ee:0b:ac:b4:63:fd:df:06:a7:99:28:
3f:50:7c:b2:11:7b:d8:8f:f2:38:5a:10:e5:fd:85:
64:12:f7:ad:df:32:31:84:d7:b0:07:89:6a:f1:ab:
94:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:39:D5:68:BD:2D:FA:A5:38:07:A6:F2:2A:E1:76:EB:CA:E9:62:98
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/GznVaL0t-qU4B6byKuF268rpYpg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.244.194.0/23
Signature Algorithm: sha256WithRSAEncryption
50:0e:3b:f6:0d:91:0e:aa:39:1a:f2:2f:21:78:c9:63:3c:63:
a9:34:83:ce:41:b1:69:8e:72:68:7c:76:5f:3d:53:40:3b:9a:
23:1d:b0:fd:a2:7e:da:89:88:e8:a5:58:53:d2:58:ea:b9:43:
42:7b:44:3a:9b:99:50:c7:2c:35:8b:49:e7:36:21:f0:20:1a:
3a:dd:f2:7d:03:5d:36:7a:a1:7d:db:78:96:58:53:e7:ac:ad:
85:d7:08:83:57:32:5e:b8:61:29:7f:8f:8a:fc:f7:1e:be:c7:
fb:8d:f4:f1:c0:bd:c0:4f:ca:0b:68:69:07:a8:16:3a:c3:ea:
71:bd:db:1a:6d:ba:77:d1:58:0e:cb:ed:8f:07:6c:02:44:bd:
c1:43:16:9e:bc:72:f9:c5:40:f1:88:a9:ce:b4:78:14:6a:d3:
89:af:5f:8f:f5:63:a2:0c:61:b4:f3:c3:d0:8f:b3:84:f8:b1:
5e:a2:da:e6:3d:e0:25:58:6d:c1:89:35:8b:09:5c:ab:2a:95:
57:c0:3b:1e:ff:99:26:aa:89:19:08:e2:c0:28:90:46:3d:eb:
4d:47:0d:7f:55:c9:cd:4f:a6:a7:fa:55:be:aa:6f:b1:fe:e3:
a4:de:c1:0a:60:76:c8:8b:e9:38:27:51:6a:23:73:ef:59:6a:
2e:5d:d0:1c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZfZW9JjRrJzwT7KUtwm75UeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNzA1MDY1MjQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjM5ZDU2OGJkMmRmYWE1MzgwN2E2ZjIyYWUxNzZlYmNhZTk2Mjk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4CYNM/kTeTe419BblnbKi9rHkdGT
o2IK3jY6sgYMdvtkrKl7iPAP+TOr4tbnDvLSWIPNylXSI73YtZCm5jsFtBWK7EpO
XzHQHTGJFccmbBL5KnUVo343HSxaXYJKXfe9VkBai2ifAXg6v4Nhl90VclzszI2U
Ya8ibJSPKbhA0Ip97X9O0X3oPlB9VUPSK6yUQv2n00yTXi59O91bHCvfjAVX5dMs
dBJQF6iQ1KwunrX7GOFQv/oxbr4eABU5+TLOK3OGfCVYCbW58DTxWdXQhsSV4GqN
7gustGP93wanmSg/UHyyEXvYj/I4WhDl/YVkEvet3zIxhNewB4lq8auUMwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBs51Wi9LfqlOAem8irhduvK6WKYMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvR3puVmFMMHQtcVU0QjZieUt1RjI2OHJwWXBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBl/TCMA0G
CSqGSIb3DQEBCwUAA4IBAQBQDjv2DZEOqjka8i8heMljPGOpNIPOQbFpjnJofHZf
PVNAO5ojHbD9on7aiYjopVhT0ljquUNCe0Q6m5lQxyw1i0nnNiHwIBo63fJ9A102
eqF923iWWFPnrK2F1wiDVzJeuGEpf4+K/Pcevsf7jfTxwL3AT8oLaGkHqBY6w+px
vdsabbp30VgOy+2PB2wCRL3BQxaevHL5xUDxiKnOtHgUatOJr1+P9WOiDGG088PQ
j7OE+LFeotrmPeAlWG3BiTWLCVyrKpVXwDse/5kmqokZCOLAKJBGPetNRw1/VcnN
T6an+lW+qm+x/uOk3sEKYHbIi+k4J1FqI3PvWWouXdAc
-----END CERTIFICATE-----
Generated at Sun Jul 6 02:54:18 2025 by rpki-client