Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/6E8wEN63x-uG6Y1tRE82slPh214.roa
File: 6E8wEN63x-uG6Y1tRE82slPh214.roa (raw, json)
Hash identifier: AY7T4GNZ3F+NF94DbmRYa+/Ht2JlcETkrgDfE0txWbI=
Subject key identifier: E8:4F:30:10:DE:B7:C7:EB:86:E9:8D:6D:44:4F:36:B2:53:E1:DB:5E
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0195D8FF13692A3BC828845C5997AC5094A1
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/6E8wEN63x-uG6Y1tRE82slPh214.roa
Signing time: Thu 27 Mar 2025 19:05:50 +0000
ROA not before: Thu 27 Mar 2025 19:05:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 151.243.8.0/23 maxlen: 23
151.243.204.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 04:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:d8:ff:13:69:2a:3b:c8:28:84:5c:59:97:ac:50:94:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Mar 27 19:05:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e84f3010deb7c7eb86e98d6d444f36b253e1db5e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:c2:5d:61:4a:fe:5d:6c:46:f1:6d:ac:49:c2:
3d:c6:9f:48:2c:d3:a0:d0:4e:d4:b6:d5:05:89:16:
9e:0e:33:d6:b5:c6:0c:7d:13:16:67:1d:75:3c:09:
65:6b:45:d2:ab:5e:ff:1d:91:cf:54:4d:20:e1:82:
bd:16:80:0c:70:7b:4b:03:9b:81:ff:21:c5:7e:2a:
d0:ec:98:c6:b7:81:23:c3:4f:5e:45:8b:1c:01:68:
91:10:29:72:a8:d4:dd:3f:fb:ae:f0:e2:30:12:64:
fc:5f:74:19:98:e2:a5:f2:e2:59:e2:54:36:4f:67:
bd:de:8a:e6:25:3f:b5:8e:62:40:f2:83:48:4a:34:
74:6c:e4:04:75:9e:bb:ca:b9:d7:71:b4:7e:7d:5c:
01:24:a3:a2:d2:a3:b7:2b:9b:e3:10:a4:f0:f0:bc:
4f:58:c7:95:9d:59:d6:2e:ec:b1:63:e6:25:75:f7:
62:40:9d:e7:13:0b:40:d0:b6:ab:01:92:41:40:cd:
99:92:6e:7e:c8:b2:d0:c8:26:54:4b:79:46:8e:77:
9e:24:8f:9a:d6:f3:5d:9c:4c:38:79:ff:8d:c1:c2:
2c:68:d9:fa:a7:c3:46:e1:30:74:a9:52:e8:81:5c:
54:22:22:69:dd:90:76:34:ee:7a:f9:a3:cf:4f:54:
5e:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:4F:30:10:DE:B7:C7:EB:86:E9:8D:6D:44:4F:36:B2:53:E1:DB:5E
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/6E8wEN63x-uG6Y1tRE82slPh214.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.243.8.0/23
151.243.204.0/23
Signature Algorithm: sha256WithRSAEncryption
28:74:9c:6b:8d:32:c7:95:cf:9d:ae:68:5b:f1:8b:f9:4a:fc:
a5:b5:c1:78:8c:f0:65:54:bb:69:41:80:46:a1:42:bc:2b:3e:
78:29:80:51:af:d3:f9:0d:87:97:2e:4b:4c:5f:86:d7:6a:1b:
03:aa:f2:a8:14:2a:41:23:16:4b:d9:55:1b:c3:7b:63:68:35:
f6:e9:fb:63:4b:b8:b2:a9:20:60:7e:0d:c7:a8:19:c9:f7:2a:
82:e5:c2:56:60:eb:87:1f:ac:4d:ef:ea:61:ce:b6:78:64:bc:
67:0f:7e:d9:90:db:a9:96:e1:98:79:6d:33:fb:df:0e:fd:1b:
c7:97:08:33:e8:3d:b1:58:1a:7d:b2:d9:d5:a9:c5:f9:4e:50:
24:a5:98:38:ae:be:f7:0e:49:4c:48:6a:0b:b2:77:a2:25:93:
20:ab:a5:f9:8a:4e:d4:dd:bc:9c:13:c1:7f:4d:06:e4:23:af:
28:43:bd:b3:aa:ed:ee:d8:be:3b:28:c2:31:3c:73:6a:5d:44:
9b:5e:2f:cc:58:c3:82:2f:07:7e:77:04:03:14:8f:39:8c:6e:
4b:1c:f8:37:ad:a9:aa:06:80:c4:43:6b:d8:39:d1:95:05:14:
06:96:a2:1d:54:88:b9:48:70:e6:c5:b8:ef:b0:f9:a2:40:19:
b6:28:3a:94
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZXY/xNpKjvIKIRcWZesUJShMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwMzI3MTkwNTUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlODRmMzAxMGRlYjdjN2ViODZlOThkNmQ0NDRmMzZiMjUzZTFkYjVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzsJdYUr+XWxG8W2sScI9xp9ILNOg
0E7UttUFiRaeDjPWtcYMfRMWZx11PAlla0XSq17/HZHPVE0g4YK9FoAMcHtLA5uB
/yHFfirQ7JjGt4Ejw09eRYscAWiREClyqNTdP/uu8OIwEmT8X3QZmOKl8uJZ4lQ2
T2e93ormJT+1jmJA8oNISjR0bOQEdZ67yrnXcbR+fVwBJKOi0qO3K5vjEKTw8LxP
WMeVnVnWLuyxY+YldfdiQJ3nEwtA0LarAZJBQM2Zkm5+yLLQyCZUS3lGjneeJI+a
1vNdnEw4ef+NwcIsaNn6p8NG4TB0qVLogVxUIiJp3ZB2NO56+aPPT1RehQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOhPMBDet8frhumNbURPNrJT4dteMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvNkU4d0VONjN4LXVHNlkxdFJFODJzbFBoMjE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBl/MIAwQB
l/PMMA0GCSqGSIb3DQEBCwUAA4IBAQAodJxrjTLHlc+drmhb8Yv5SvyltcF4jPBl
VLtpQYBGoUK8Kz54KYBRr9P5DYeXLktMX4bXahsDqvKoFCpBIxZL2VUbw3tjaDX2
6ftjS7iyqSBgfg3HqBnJ9yqC5cJWYOuHH6xN7+phzrZ4ZLxnD37ZkNupluGYeW0z
+98O/RvHlwgz6D2xWBp9stnVqcX5TlAkpZg4rr73DklMSGoLsneiJZMgq6X5ik7U
3bycE8F/TQbkI68oQ72zqu3u2L47KMIxPHNqXUSbXi/MWMOCLwd+dwQDFI85jG5L
HPg3ramqBoDEQ2vYOdGVBRQGlqIdVIi5SHDmxbjvsPmiQBm2KDqU
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:28:32 2025 by rpki-client