Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/35uzIXBVpmNgWdG0hh2NS_E-4xs.roa
File: 35uzIXBVpmNgWdG0hh2NS_E-4xs.roa (raw, json)
Hash identifier: RzNRq7SArnlpOvLVe83WCqrDUvxhgrtgzDl2jQMwu+E=
Subject key identifier: DF:9B:B3:21:70:55:A6:63:60:59:D1:B4:86:1D:8D:4B:F1:3E:E3:1B
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019686DBC0B3FFB4C2ABB08717B1195BB837
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/35uzIXBVpmNgWdG0hh2NS_E-4xs.roa
Signing time: Wed 30 Apr 2025 13:21:10 +0000
ROA not before: Wed 30 Apr 2025 13:21:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213736
IP address blocks: 151.242.245.0/24 maxlen: 24
151.242.246.0/24 maxlen: 24
151.242.247.0/24 maxlen: 24
151.242.248.0/24 maxlen: 24
151.242.249.0/24 maxlen: 24
151.242.250.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 15:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:86:db:c0:b3:ff:b4:c2:ab:b0:87:17:b1:19:5b:b8:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Apr 30 13:21:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=df9bb3217055a6636059d1b4861d8d4bf13ee31b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:7f:42:4c:09:9f:2f:45:c0:5b:3a:ee:4e:4b:
31:31:f5:10:57:f9:46:af:53:fb:b8:e1:17:8a:fe:
06:d2:07:96:76:cf:5a:af:96:85:41:98:be:77:7a:
77:72:91:0a:f9:e1:13:4a:6c:3c:46:0f:a8:41:28:
12:09:09:46:45:4e:2f:a3:4a:b3:83:77:ff:7c:24:
59:7e:a5:3a:f3:78:a7:34:1e:50:3a:12:75:54:8f:
cc:4e:b9:64:f0:b9:bc:61:fb:3d:90:d3:1d:83:1c:
5b:36:cb:b2:7c:a8:ea:49:66:28:85:a3:10:db:d3:
79:93:4d:6f:06:1d:d8:d1:5c:5b:58:20:1e:4f:6b:
87:d4:b2:b8:aa:78:07:28:64:e0:d6:1d:66:66:57:
f5:c3:b4:0a:12:3a:8f:0e:62:95:a0:b7:4f:a9:67:
a6:6e:df:53:1d:27:0b:85:09:91:07:da:ea:7a:15:
8b:de:72:1e:5d:c6:b8:7d:41:fc:b9:ed:a7:64:ed:
b6:23:6d:53:97:ad:54:0e:71:6f:67:e6:b5:4b:47:
4f:61:dd:a5:e9:e2:61:57:69:c4:3b:d3:03:99:2b:
44:49:c7:ed:09:ce:9a:40:01:6c:e1:57:25:7b:a2:
73:b9:98:26:4c:1b:d5:33:c3:3b:03:2c:d1:f8:d7:
e1:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:9B:B3:21:70:55:A6:63:60:59:D1:B4:86:1D:8D:4B:F1:3E:E3:1B
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/35uzIXBVpmNgWdG0hh2NS_E-4xs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.242.245.0-151.242.250.255
Signature Algorithm: sha256WithRSAEncryption
46:2a:2a:27:99:bc:6a:b4:f6:37:6e:9d:a5:2b:96:ab:78:12:
73:c4:c0:7b:5e:36:26:84:07:cb:f8:b7:42:83:94:d1:d6:3a:
59:3c:ae:d7:55:68:c3:35:3b:a2:61:e5:3e:21:94:63:fd:29:
33:d1:76:a2:b7:84:be:6d:af:41:28:f9:e8:7e:51:8a:df:82:
32:9f:26:75:c9:48:33:a3:db:74:8d:d1:4c:80:bc:46:f8:f2:
5a:4f:08:4a:90:f6:b4:ca:fe:7d:6e:e8:00:2f:08:e7:03:02:
30:67:8d:74:b2:c0:0b:f8:38:d1:82:43:18:c7:1e:81:19:56:
8f:3f:e3:cf:bf:39:55:0e:88:07:f7:a5:84:53:72:ce:ee:47:
2f:79:27:23:84:8e:a5:63:a1:82:09:27:4c:04:cf:25:f8:ca:
0f:bb:7a:01:e7:06:91:13:23:8e:ca:c2:c9:c0:a1:d2:a4:52:
09:11:d4:3d:1e:6b:70:c2:74:15:d8:21:f6:82:3d:73:70:29:
b1:5e:9a:53:7b:f3:10:4e:f9:1c:bd:15:0d:32:d2:18:a6:d3:
01:3d:d4:38:d4:ce:b8:ae:9a:07:5b:a1:35:ba:44:9d:20:1e:
06:c7:6f:98:ba:70:28:3d:5a:ae:de:c7:71:76:1f:2e:b6:f1:
1a:e4:ea:5b
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZaG28Cz/7TCq7CHF7EZW7g3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNDMwMTMyMTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjliYjMyMTcwNTVhNjYzNjA1OWQxYjQ4NjFkOGQ0YmYxM2VlMzFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo39CTAmfL0XAWzruTksxMfUQV/lG
r1P7uOEXiv4G0geWds9ar5aFQZi+d3p3cpEK+eETSmw8Rg+oQSgSCQlGRU4vo0qz
g3f/fCRZfqU683inNB5QOhJ1VI/MTrlk8Lm8Yfs9kNMdgxxbNsuyfKjqSWYohaMQ
29N5k01vBh3Y0VxbWCAeT2uH1LK4qngHKGTg1h1mZlf1w7QKEjqPDmKVoLdPqWem
bt9THScLhQmRB9rqehWL3nIeXca4fUH8ue2nZO22I21Tl61UDnFvZ+a1S0dPYd2l
6eJhV2nEO9MDmStEScftCc6aQAFs4Vcle6JzuZgmTBvVM8M7AyzR+NfhrwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFN+bsyFwVaZjYFnRtIYdjUvxPuMbMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvMzV1eklYQlZwbU5nV2RHMGhoMk5TX0UtNHhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBACX8vUD
BACX8vowDQYJKoZIhvcNAQELBQADggEBAEYqKieZvGq09jdunaUrlqt4EnPEwHte
NiaEB8v4t0KDlNHWOlk8rtdVaMM1O6Jh5T4hlGP9KTPRdqK3hL5tr0Eo+eh+UYrf
gjKfJnXJSDOj23SN0UyAvEb48lpPCEqQ9rTK/n1u6AAvCOcDAjBnjXSywAv4ONGC
QxjHHoEZVo8/48+/OVUOiAf3pYRTcs7uRy95JyOEjqVjoYIJJ0wEzyX4yg+7egHn
BpETI47KwsnAodKkUgkR1D0ea3DCdBXYIfaCPXNwKbFemlN78xBO+Ry9FQ0y0him
0wE91DjUzriumgdboTW6RJ0gHgbHb5i6cCg9Wq7ex3F2Hy628Rrk6ls=
-----END CERTIFICATE-----
Generated at Fri Jun 6 20:17:17 2025 by rpki-client