Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/daucuTSP4BgCwmnyzOXiAzkz0h4.roa
File: daucuTSP4BgCwmnyzOXiAzkz0h4.roa (raw, json)
Hash identifier: VqbAVxjD/t3yDH31lNmAZEZRbLvVVJWCSbtcP2MTm/w=
Subject key identifier: 75:AB:9C:B9:34:8F:E0:18:02:C2:69:F2:CC:E5:E2:03:39:33:D2:1E
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019811B8F03C61CC34CC784A2F9AF3D96432
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/daucuTSP4BgCwmnyzOXiAzkz0h4.roa
Signing time: Wed 16 Jul 2025 05:33:09 +0000
ROA not before: Wed 16 Jul 2025 05:33:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211373
IP address blocks: 151.242.21.0/24 maxlen: 24
151.243.248.0/24 maxlen: 24
151.243.251.0/24 maxlen: 24
151.245.134.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Jul 2025 07:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:11:b8:f0:3c:61:cc:34:cc:78:4a:2f:9a:f3:d9:64:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Jul 16 05:33:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=75ab9cb9348fe01802c269f2cce5e2033933d21e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:bb:89:d9:fe:72:18:e3:37:24:84:39:90:3b:
d8:ab:d2:31:b7:36:79:e9:fa:f0:b2:28:f9:56:88:
91:ce:2e:55:e6:27:80:20:ad:16:27:bd:a8:4d:e4:
b8:a2:56:a0:09:a8:cc:7c:51:9d:85:a9:f5:2d:0f:
19:9c:47:2a:14:64:fd:b3:52:b6:59:fb:01:03:91:
1c:f1:0e:64:6b:7a:d7:c3:44:55:ba:8e:09:6e:da:
21:53:28:40:da:23:48:81:da:25:a2:49:cf:a1:94:
55:7c:9d:c0:fb:f5:9e:e4:a1:f2:58:b7:f6:bc:62:
a8:35:66:75:ef:4c:55:df:2b:3a:14:c5:7c:59:57:
84:03:53:b3:09:0c:28:53:47:d4:2c:33:42:27:54:
91:f1:c7:e1:6c:f1:ad:f2:e7:eb:50:5d:86:fe:aa:
86:c4:58:8d:eb:06:38:13:dd:5f:34:98:a3:79:56:
c0:26:b2:1b:3b:3c:14:b2:37:9b:8c:63:2e:c5:0e:
30:09:35:eb:6e:3f:ba:5e:af:2d:55:90:b8:fe:27:
07:4d:37:7f:43:ce:72:3e:02:a7:2c:64:2c:05:47:
32:d0:7b:78:23:05:83:90:7e:30:83:bc:7c:6f:9d:
30:24:01:b2:46:6e:be:d5:33:9a:7c:93:f4:14:07:
c9:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:AB:9C:B9:34:8F:E0:18:02:C2:69:F2:CC:E5:E2:03:39:33:D2:1E
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/daucuTSP4BgCwmnyzOXiAzkz0h4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.242.21.0/24
151.243.248.0/24
151.243.251.0/24
151.245.134.0/24
Signature Algorithm: sha256WithRSAEncryption
a2:ba:0a:53:33:52:12:31:79:b0:1a:18:de:6f:b5:cb:e3:80:
b6:f9:2b:4e:39:ea:c5:81:17:2d:1d:4d:7c:c7:5c:0b:8c:a9:
7b:03:11:0a:f8:fe:0b:c1:75:07:bd:dd:e9:b8:98:12:a0:fc:
03:a1:19:02:e6:7b:04:50:90:1e:0d:14:bd:81:33:d3:0e:69:
d9:fb:82:73:52:b3:89:92:2f:7a:a6:dc:e9:32:cc:41:25:6b:
a4:26:3e:8f:ab:14:f3:7e:2e:83:b4:ff:0c:6b:a1:4a:9a:da:
f6:a0:ce:67:06:de:7d:d5:7a:92:9a:ee:62:c9:56:cb:4a:82:
5b:b5:33:b0:70:a6:88:d0:fb:d7:98:3b:a7:02:36:c5:93:9d:
a9:18:34:9f:a7:71:9a:40:35:53:5c:3e:f4:06:e7:33:9d:62:
e5:04:a7:e3:1c:bb:3f:25:75:ad:ca:8c:99:f5:3c:d3:50:47:
e8:a0:cc:32:3e:bf:a0:93:64:ba:29:55:fb:59:e0:e2:8f:aa:
10:e0:2f:71:1d:57:23:09:0a:c0:5d:e0:4d:ea:0c:ed:31:f1:
6b:74:28:d5:fd:a5:c1:9a:67:d6:50:24:9c:94:7a:c4:ce:3b:
c0:53:52:b9:04:3a:60:86:9f:78:b1:5e:fa:fa:bc:4f:1a:52:
c6:35:88:83
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZgRuPA8Ycw0zHhKL5rz2WQyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNzE2MDUzMzA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NWFiOWNiOTM0OGZlMDE4MDJjMjY5ZjJjY2U1ZTIwMzM5MzNkMjFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3buJ2f5yGOM3JIQ5kDvYq9IxtzZ5
6frwsij5VoiRzi5V5ieAIK0WJ72oTeS4olagCajMfFGdhan1LQ8ZnEcqFGT9s1K2
WfsBA5Ec8Q5ka3rXw0RVuo4JbtohUyhA2iNIgdoloknPoZRVfJ3A+/We5KHyWLf2
vGKoNWZ170xV3ys6FMV8WVeEA1OzCQwoU0fULDNCJ1SR8cfhbPGt8ufrUF2G/qqG
xFiN6wY4E91fNJijeVbAJrIbOzwUsjebjGMuxQ4wCTXrbj+6Xq8tVZC4/icHTTd/
Q85yPgKnLGQsBUcy0Ht4IwWDkH4wg7x8b50wJAGyRm6+1TOafJP0FAfJfQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFHWrnLk0j+AYAsJp8szl4gM5M9IeMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvZGF1Y3VUU1A0QmdDd21ueXpPWGlBemt6MGg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAl/IVAwQA
l/P4AwQAl/P7AwQAl/WGMA0GCSqGSIb3DQEBCwUAA4IBAQCiugpTM1ISMXmwGhje
b7XL44C2+StOOerFgRctHU18x1wLjKl7AxEK+P4LwXUHvd3puJgSoPwDoRkC5nsE
UJAeDRS9gTPTDmnZ+4JzUrOJki96ptzpMsxBJWukJj6PqxTzfi6DtP8Ma6FKmtr2
oM5nBt591XqSmu5iyVbLSoJbtTOwcKaI0PvXmDunAjbFk52pGDSfp3GaQDVTXD70
BucznWLlBKfjHLs/JXWtyoyZ9TzTUEfooMwyPr+gk2S6KVX7WeDij6oQ4C9xHVcj
CQrAXeBN6gztMfFrdCjV/aXBmmfWUCSclHrEzjvAU1K5BDpghp94sV76+rxPGlLG
NYiD
-----END CERTIFICATE-----
Generated at Mon Jul 21 12:51:36 2025 by rpki-client