Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/Q8D5Pdq_wgBubzQMTGI3FpQH-wY.roa
File: Q8D5Pdq_wgBubzQMTGI3FpQH-wY.roa (raw, json)
Hash identifier: Vl9Q7cVGR/B0HG8lGa7B7aH0WNUftK/keGRn/1//tb8=
Subject key identifier: 43:C0:F9:3D:DA:BF:C2:00:6E:6F:34:0C:4C:62:37:16:94:07:FB:06
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019600B60154AD8A3E6E0FB93466BDA3DABC
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/Q8D5Pdq_wgBubzQMTGI3FpQH-wY.roa
Signing time: Fri 04 Apr 2025 12:10:49 +0000
ROA not before: Fri 04 Apr 2025 12:10:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25369
IP address blocks: 151.240.4.0/22 maxlen: 22
151.240.20.0/22 maxlen: 22
151.240.68.0/22 maxlen: 22
151.240.84.0/22 maxlen: 22
151.240.96.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 16:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:00:b6:01:54:ad:8a:3e:6e:0f:b9:34:66:bd:a3:da:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Apr 4 12:10:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=43c0f93ddabfc2006e6f340c4c6237169407fb06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:30:6a:c0:ab:11:9f:f8:c2:a7:c7:c1:4e:6d:
38:4a:88:d4:00:36:1e:4e:90:98:72:3e:37:cf:16:
43:67:25:41:45:49:0a:72:db:70:2e:a1:bc:52:0e:
73:57:fd:39:cc:c9:2e:1c:8a:bf:e0:06:6d:81:08:
8c:54:60:e1:c5:c0:a3:b9:71:89:4d:94:45:41:2e:
61:aa:95:c1:a1:f2:c0:61:93:34:7d:2f:c6:ac:43:
04:8f:69:ad:40:ee:23:64:25:1e:95:1d:cd:3f:f5:
6e:80:4b:2a:b5:a7:db:69:25:f3:bf:4a:a1:51:72:
3d:1e:cd:63:c3:2d:f7:f5:4d:73:ae:7e:53:9a:2b:
d4:b1:d0:c8:c8:4a:2e:6c:80:ba:e3:44:ec:55:59:
00:01:55:53:a8:ae:df:60:84:a8:c3:98:5f:3a:59:
60:2a:60:48:52:1f:b2:99:d7:bb:4f:89:1c:6f:5e:
9b:08:f6:38:89:b9:70:11:32:61:09:32:97:e9:e5:
34:65:c3:ad:1b:9d:d5:40:4d:7c:89:f1:4b:7a:a2:
bb:09:e4:66:49:8f:3f:b5:09:23:4b:21:c9:0d:46:
79:ab:c4:04:27:51:99:f2:f5:5d:26:dc:6e:12:78:
9a:07:0f:7a:c5:c7:60:52:a5:92:a9:d4:b1:61:2b:
40:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:C0:F9:3D:DA:BF:C2:00:6E:6F:34:0C:4C:62:37:16:94:07:FB:06
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/Q8D5Pdq_wgBubzQMTGI3FpQH-wY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.240.4.0/22
151.240.20.0/22
151.240.68.0/22
151.240.84.0/22
151.240.96.0/22
Signature Algorithm: sha256WithRSAEncryption
5d:1f:37:c3:21:72:62:be:d1:49:e0:84:d9:e8:1a:07:12:66:
fa:65:09:ec:bd:90:1c:68:1d:68:30:23:1b:0f:2f:35:29:80:
68:2f:fb:8b:c2:e3:1c:32:6b:87:ed:b0:14:8f:75:e5:0b:be:
34:40:cb:39:f6:57:b3:6e:a0:d4:3e:1a:4c:ef:37:f9:89:40:
1a:88:5c:f2:3d:49:ce:91:ad:ea:dc:eb:95:33:55:d8:f9:4b:
c0:67:0a:2b:3c:f6:47:80:86:6e:62:b2:35:7d:4d:95:80:25:
72:b1:b4:5d:d7:94:5e:6c:fa:12:7e:b9:59:9c:08:f0:da:6a:
90:f6:05:2e:95:a1:d4:a2:e3:e6:41:ee:ce:55:38:47:70:ba:
dd:1b:8e:5e:4f:10:1f:b1:6e:38:63:c5:eb:a3:05:1a:91:da:
78:ab:95:b7:4f:30:71:ff:b1:2e:f6:ea:07:50:41:54:5f:0f:
93:53:25:28:cf:e2:77:5c:d3:39:ed:01:db:f6:c7:cc:b3:f9:
f5:d7:8f:05:84:64:d2:12:94:81:76:a3:10:b8:53:c9:f9:89:
ff:de:b0:66:c7:da:2c:bb:14:ce:03:44:e1:3f:73:8c:44:78:
6a:7a:37:df:2e:d6:a7:81:77:fc:6a:3f:c5:8a:79:0c:51:fd:
4e:91:ea:05
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZYAtgFUrYo+bg+5NGa9o9q8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNDA0MTIxMDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0M2MwZjkzZGRhYmZjMjAwNmU2ZjM0MGM0YzYyMzcxNjk0MDdmYjA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiTBqwKsRn/jCp8fBTm04SojUADYe
TpCYcj43zxZDZyVBRUkKcttwLqG8Ug5zV/05zMkuHIq/4AZtgQiMVGDhxcCjuXGJ
TZRFQS5hqpXBofLAYZM0fS/GrEMEj2mtQO4jZCUelR3NP/VugEsqtafbaSXzv0qh
UXI9Hs1jwy339U1zrn5TmivUsdDIyEoubIC640TsVVkAAVVTqK7fYISow5hfOllg
KmBIUh+ymde7T4kcb16bCPY4iblwETJhCTKX6eU0ZcOtG53VQE18ifFLeqK7CeRm
SY8/tQkjSyHJDUZ5q8QEJ1GZ8vVdJtxuEniaBw96xcdgUqWSqdSxYStA4wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFEPA+T3av8IAbm80DExiNxaUB/sGMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvUThENVBkcV93Z0J1YnpRTVRHSTNGcFFILXdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCl/AEAwQC
l/AUAwQCl/BEAwQCl/BUAwQCl/BgMA0GCSqGSIb3DQEBCwUAA4IBAQBdHzfDIXJi
vtFJ4ITZ6BoHEmb6ZQnsvZAcaB1oMCMbDy81KYBoL/uLwuMcMmuH7bAUj3XlC740
QMs59lezbqDUPhpM7zf5iUAaiFzyPUnOka3q3OuVM1XY+UvAZworPPZHgIZuYrI1
fU2VgCVysbRd15RebPoSfrlZnAjw2mqQ9gUulaHUouPmQe7OVThHcLrdG45eTxAf
sW44Y8XrowUakdp4q5W3TzBx/7Eu9uoHUEFUXw+TUyUoz+J3XNM57QHb9sfMs/n1
148FhGTSEpSBdqMQuFPJ+Yn/3rBmx9osuxTOA0ThP3OMRHhqejffLtangXf8aj/F
inkMUf1OkeoF
-----END CERTIFICATE-----
Generated at Mon Apr 7 01:28:30 2025 by rpki-client