Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/ALfvr0MIkG9OT4tzfgcmEgF8eOM.roa
File: ALfvr0MIkG9OT4tzfgcmEgF8eOM.roa (raw, json)
Hash identifier: NZEhTIw3I3mRwExW2r2uL8lpldQ8MbpcBIj/MaT7qgo=
Subject key identifier: 00:B7:EF:AF:43:08:90:6F:4E:4F:8B:73:7E:07:26:12:01:7C:78:E3
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0195B4CD054393C145DC52EE6718506BF350
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/ALfvr0MIkG9OT4tzfgcmEgF8eOM.roa
Signing time: Thu 20 Mar 2025 18:24:49 +0000
ROA not before: Thu 20 Mar 2025 18:24:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21443
IP address blocks: 151.242.30.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 04:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:b4:cd:05:43:93:c1:45:dc:52:ee:67:18:50:6b:f3:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Mar 20 18:24:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=00b7efaf4308906f4e4f8b737e072612017c78e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:7c:f3:25:e9:03:d4:66:f2:ff:80:45:da:d7:
d2:d1:f5:7b:21:c0:ff:84:82:d6:ba:43:9c:a2:61:
40:d2:4e:52:d5:88:9c:e1:e4:92:77:a9:dd:05:21:
c6:87:a8:bf:76:99:7e:3a:a3:b6:b4:fa:ec:7e:2c:
71:a6:0d:3a:e6:ef:38:e5:77:c9:77:9d:39:f7:8d:
d4:5a:ad:53:e3:cd:5a:b7:07:9b:11:6a:39:58:ea:
28:09:0e:7d:ec:24:ff:ae:92:78:e7:e1:fb:4a:42:
bd:4d:ea:a1:4e:eb:ae:b3:3e:79:ee:4a:0b:d7:14:
5d:3d:6b:85:9b:54:e7:65:8b:8b:c0:12:d7:9e:9d:
3a:4c:74:e5:16:b5:b7:fb:9c:f9:01:b3:6d:8a:c2:
ed:d1:b5:ca:63:b7:01:ea:7d:e8:7e:f2:af:1b:b5:
03:7d:12:d3:0a:a4:a2:f9:bf:cd:9e:96:fa:b8:f7:
4a:f9:2d:be:f5:48:3f:c2:55:50:0f:fa:40:79:87:
0a:7e:31:f2:20:80:5e:28:ac:c3:15:af:35:e4:99:
90:42:db:1c:78:03:d5:6a:6d:75:78:93:ea:60:db:
3b:86:4e:6c:48:4e:42:f0:cb:f3:ec:ad:03:52:35:
ef:db:58:04:54:4e:3f:4b:7c:95:59:ef:78:59:40:
6b:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:B7:EF:AF:43:08:90:6F:4E:4F:8B:73:7E:07:26:12:01:7C:78:E3
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/ALfvr0MIkG9OT4tzfgcmEgF8eOM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.242.30.0/24
Signature Algorithm: sha256WithRSAEncryption
ac:52:26:51:48:56:1e:0a:0a:4a:e4:0d:ce:20:87:18:3a:ce:
23:f4:5d:57:9c:97:f4:cc:f9:9c:5f:d9:4c:ce:1b:31:67:2e:
c6:01:f7:3c:67:8a:01:a6:5d:48:7b:35:d1:c6:46:fb:30:ab:
67:a0:86:fa:a9:91:5c:c7:77:67:25:bd:b0:e7:8e:23:b3:82:
b5:4c:51:71:33:c3:bb:57:ea:70:8d:3c:e0:b6:dc:af:ee:ca:
54:4b:5c:ca:42:d6:a1:cd:f4:ba:cc:35:de:b3:d6:d4:49:19:
63:17:39:d0:20:fd:60:8a:96:06:ad:5b:64:a3:95:a3:09:63:
89:a6:1f:b1:37:37:7c:45:d8:58:0b:24:84:6f:59:47:49:43:
70:7e:03:4a:bf:7e:6a:ee:de:7c:49:95:d5:47:c3:96:8f:11:
bf:3e:83:aa:bb:db:6d:db:10:eb:05:72:15:4c:8f:8a:b4:5d:
92:6a:5d:7f:4e:e9:f6:c9:97:87:8d:fe:1c:b2:f7:e9:82:eb:
21:45:14:96:16:67:b8:e5:cf:99:13:9a:ca:2f:a3:81:6b:ef:
3b:df:9e:bf:ee:4e:96:5a:ce:e5:b4:9e:e9:68:3a:56:5a:bf:
af:54:09:5a:5d:05:29:6d:9e:0f:a2:12:9b:82:b9:81:4a:6d:
e5:83:9f:a9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZW0zQVDk8FF3FLuZxhQa/NQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwMzIwMTgyNDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMGI3ZWZhZjQzMDg5MDZmNGU0ZjhiNzM3ZTA3MjYxMjAxN2M3OGUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtnzzJekD1Gby/4BF2tfS0fV7IcD/
hILWukOcomFA0k5S1Yic4eSSd6ndBSHGh6i/dpl+OqO2tPrsfixxpg065u845XfJ
d505943UWq1T481atwebEWo5WOooCQ597CT/rpJ45+H7SkK9TeqhTuuusz557koL
1xRdPWuFm1TnZYuLwBLXnp06THTlFrW3+5z5AbNtisLt0bXKY7cB6n3ofvKvG7UD
fRLTCqSi+b/Nnpb6uPdK+S2+9Ug/wlVQD/pAeYcKfjHyIIBeKKzDFa815JmQQtsc
eAPVam11eJPqYNs7hk5sSE5C8Mvz7K0DUjXv21gEVE4/S3yVWe94WUBrmQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAC3769DCJBvTk+Lc34HJhIBfHjjMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvQUxmdnIwTUlrRzlPVDR0emZnY21FZ0Y4ZU9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAl/IeMA0G
CSqGSIb3DQEBCwUAA4IBAQCsUiZRSFYeCgpK5A3OIIcYOs4j9F1XnJf0zPmcX9lM
zhsxZy7GAfc8Z4oBpl1IezXRxkb7MKtnoIb6qZFcx3dnJb2w544js4K1TFFxM8O7
V+pwjTzgttyv7spUS1zKQtahzfS6zDXes9bUSRljFznQIP1gipYGrVtko5WjCWOJ
ph+xNzd8RdhYCySEb1lHSUNwfgNKv35q7t58SZXVR8OWjxG/PoOqu9tt2xDrBXIV
TI+KtF2Sal1/Tun2yZeHjf4csvfpgushRRSWFme45c+ZE5rKL6OBa+87356/7k6W
Ws7ltJ7paDpWWr+vVAlaXQUpbZ4PohKbgrmBSm3lg5+p
-----END CERTIFICATE-----
Generated at Sat Apr 5 08:58:48 2025 by rpki-client