Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/2_uLFyBEr0ZL03Djj8Cz_F6RmrI.roa
File: 2_uLFyBEr0ZL03Djj8Cz_F6RmrI.roa (raw, json)
Hash identifier: 3p3GhXCfn8J7ONA66WpBxxiMB/Gx5x5I6cpVdi8S11c=
Subject key identifier: DB:FB:8B:17:20:44:AF:46:4B:D3:70:E3:8F:C0:B3:FC:5E:91:9A:B2
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0195511FE7608146DC171D368410BCE8FFD0
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/2_uLFyBEr0ZL03Djj8Cz_F6RmrI.roa
Signing time: Sat 01 Mar 2025 09:53:20 +0000
ROA not before: Sat 01 Mar 2025 09:53:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 13347
IP address blocks: 37.202.193.0/24 maxlen: 24
37.202.195.0/24 maxlen: 24
37.202.196.0/24 maxlen: 24
37.202.197.0/24 maxlen: 24
37.202.198.0/24 maxlen: 24
37.202.199.0/24 maxlen: 24
37.202.200.0/24 maxlen: 24
37.202.201.0/24 maxlen: 24
151.243.16.0/20 maxlen: 20
151.243.246.0/24 maxlen: 24
151.243.247.0/24 maxlen: 24
151.243.248.0/24 maxlen: 24
151.243.249.0/24 maxlen: 24
151.243.250.0/24 maxlen: 24
151.243.251.0/24 maxlen: 24
151.243.252.0/24 maxlen: 24
151.243.253.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 04:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:51:1f:e7:60:81:46:dc:17:1d:36:84:10:bc:e8:ff:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Mar 1 09:53:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dbfb8b172044af464bd370e38fc0b3fc5e919ab2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:79:51:57:97:1f:a7:2a:35:9c:9b:72:60:6d:
04:73:3e:80:bf:ef:64:8a:36:91:50:f6:c6:46:d1:
42:7d:7d:d8:e9:72:f9:3a:eb:c9:9b:53:15:ef:93:
58:d7:84:72:ea:ff:d1:74:c9:77:06:ff:1b:59:15:
c5:7b:5e:c2:a6:03:26:36:95:62:f3:f1:28:ea:27:
09:5b:6d:6d:d7:35:16:d2:50:a6:83:65:8d:90:a5:
27:8f:14:8a:5d:93:c9:60:76:b9:dd:e9:fb:a2:25:
86:d4:d1:b3:c5:d7:20:13:74:79:a4:8a:c5:49:f4:
9d:1e:5b:b0:04:77:1a:d2:47:6d:1f:0b:f7:58:fb:
32:6e:90:d1:9e:d4:4a:07:2a:8c:ff:17:bc:79:1d:
7c:ec:05:0d:5d:1d:5e:c3:d8:34:03:1d:09:41:f0:
57:47:04:f0:29:ab:25:76:97:ad:06:b0:4d:0d:fc:
1d:9b:bc:3d:b6:86:12:3d:a1:28:5d:97:50:1a:fa:
85:e0:72:c9:88:1d:01:7e:12:b4:81:96:04:f9:4c:
ec:47:4d:c3:03:87:63:12:bd:55:f0:47:c0:ca:24:
85:84:c3:fc:5f:45:07:e6:c2:0f:dc:19:6b:44:12:
01:07:27:16:0b:93:a8:9a:71:bd:b2:38:98:3c:01:
f4:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:FB:8B:17:20:44:AF:46:4B:D3:70:E3:8F:C0:B3:FC:5E:91:9A:B2
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/2_uLFyBEr0ZL03Djj8Cz_F6RmrI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.202.193.0/24
37.202.195.0-37.202.201.255
151.243.16.0/20
151.243.246.0-151.243.253.255
Signature Algorithm: sha256WithRSAEncryption
2b:83:d7:9e:d1:fc:16:48:31:bc:0f:e0:6f:94:02:10:c7:1a:
d7:f7:40:df:53:c0:7b:bd:8e:9a:41:39:fb:88:d1:65:17:7a:
4b:32:3a:01:6e:ab:01:28:a3:f2:e3:86:a2:5d:0d:5c:d4:e3:
b9:1d:11:a0:0a:d9:d1:d9:ac:c5:f1:08:9f:9f:1f:aa:8f:24:
3a:79:14:8c:be:25:aa:d6:62:7c:1e:0c:40:a0:8d:b1:18:45:
ca:e4:3f:fb:a7:ec:08:ed:b9:26:f9:c2:ed:8e:f9:49:92:f6:
ad:12:f3:ad:30:94:8f:e9:05:b8:ae:13:db:df:10:21:99:c2:
17:95:79:4e:8c:41:5e:dc:09:7d:84:a2:ae:85:25:71:e6:0b:
41:10:7a:f5:55:ca:2e:6a:6e:de:ec:e0:43:5e:3e:8c:9b:66:
96:ea:4e:46:75:ba:db:99:9f:34:bd:86:01:91:1e:95:f5:d5:
5b:b7:c2:a1:99:88:f2:90:ff:88:31:31:ce:3c:6c:28:57:4e:
f4:7b:fe:a5:d0:36:70:e2:20:a3:37:c6:01:d6:96:86:31:14:
df:0f:7e:36:19:15:cb:30:45:d7:98:7c:eb:bf:d6:f2:12:87:
2f:6b:c6:fc:52:26:25:dc:42:92:24:79:45:8c:9f:6a:53:7f:
a5:7b:a8:17
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZVRH+dggUbcFx02hBC86P/QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwMzAxMDk1MzIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYmZiOGIxNzIwNDRhZjQ2NGJkMzcwZTM4ZmMwYjNmYzVlOTE5YWIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3HlRV5cfpyo1nJtyYG0Ecz6Av+9k
ijaRUPbGRtFCfX3Y6XL5OuvJm1MV75NY14Ry6v/RdMl3Bv8bWRXFe17CpgMmNpVi
8/Eo6icJW21t1zUW0lCmg2WNkKUnjxSKXZPJYHa53en7oiWG1NGzxdcgE3R5pIrF
SfSdHluwBHca0kdtHwv3WPsybpDRntRKByqM/xe8eR187AUNXR1ew9g0Ax0JQfBX
RwTwKasldpetBrBNDfwdm7w9toYSPaEoXZdQGvqF4HLJiB0BfhK0gZYE+UzsR03D
A4djEr1V8EfAyiSFhMP8X0UH5sIP3BlrRBIBBycWC5OomnG9sjiYPAH0zQIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFNv7ixcgRK9GS9Nw44/As/xekZqyMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvMl91TEZ5QkVyMFpMMDNEamo4Q3pfRjZSbXJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoAwQAJcrBMAwD
BAAlysMDBAElysgDBASX8xAwDAMEAZfz9gMEAZfz/DANBgkqhkiG9w0BAQsFAAOC
AQEAK4PXntH8FkgxvA/gb5QCEMca1/dA31PAe72OmkE5+4jRZRd6SzI6AW6rASij
8uOGol0NXNTjuR0RoArZ0dmsxfEIn58fqo8kOnkUjL4lqtZifB4MQKCNsRhFyuQ/
+6fsCO25JvnC7Y75SZL2rRLzrTCUj+kFuK4T298QIZnCF5V5ToxBXtwJfYSiroUl
ceYLQRB69VXKLmpu3uzgQ14+jJtmlupORnW625mfNL2GAZEelfXVW7fCoZmI8pD/
iDExzjxsKFdO9Hv+pdA2cOIgozfGAdaWhjEU3w9+NhkVyzBF15h867/W8hKHL2vG
/FImJdxCkiR5RYyfalN/pXuoFw==
-----END CERTIFICATE-----
Generated at Sat Apr 5 08:44:43 2025 by rpki-client