Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/_zybipFtE1dJwV-sywkYlWzrlgQ.roa
File: _zybipFtE1dJwV-sywkYlWzrlgQ.roa (raw, json)
Hash identifier: qiI3XQL69QDcZfdZUcpTSqfF0tRkxOTs6aYg+qK8PQg=
Subject key identifier: FF:3C:9B:8A:91:6D:13:57:49:C1:5F:AC:CB:09:18:95:6C:EB:96:04
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0196FE7AFD396783F92D75EFA8913AA3B749
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/_zybipFtE1dJwV-sywkYlWzrlgQ.roa
Signing time: Fri 23 May 2025 18:49:55 +0000
ROA not before: Fri 23 May 2025 18:49:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214025
IP address blocks: 151.242.40.0/24 maxlen: 24
151.242.64.0/24 maxlen: 24
151.242.170.0/24 maxlen: 24
151.242.171.0/24 maxlen: 24
151.242.172.0/24 maxlen: 24
151.242.173.0/24 maxlen: 24
151.242.242.0/24 maxlen: 24
151.243.115.0/24 maxlen: 24
151.243.120.0/24 maxlen: 24
151.244.4.0/24 maxlen: 24
151.244.5.0/24 maxlen: 24
151.244.6.0/24 maxlen: 24
151.244.56.0/24 maxlen: 24
151.244.58.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 22:50:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:fe:7a:fd:39:67:83:f9:2d:75:ef:a8:91:3a:a3:b7:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: May 23 18:49:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ff3c9b8a916d135749c15faccb0918956ceb9604
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:e7:40:7b:eb:2e:10:4a:c3:16:d3:76:7d:16:
9d:63:69:3c:42:0b:03:3e:3f:0e:65:2d:9e:1e:ed:
ce:30:50:19:d4:44:a3:2a:54:56:d6:56:a0:7a:3f:
79:6c:3c:bc:2b:95:5f:eb:4d:ed:ef:8d:74:6a:fc:
c0:69:6f:d3:e0:47:fe:18:c9:fb:51:63:74:d2:e2:
82:44:f1:29:cf:ba:6e:07:03:5e:4f:b5:a6:2f:02:
e4:07:ed:9a:1a:bd:96:6a:70:42:72:f3:89:60:62:
80:3c:98:a7:7a:c3:db:4d:57:c1:fd:06:ad:42:11:
a0:97:b2:75:09:ff:23:85:82:15:9b:32:6c:30:46:
ff:cb:01:a5:ed:c8:2a:b8:55:ed:6d:8d:1b:01:51:
ac:f6:ec:68:f3:d1:6b:f9:45:cd:80:ed:44:cd:20:
17:ee:65:0c:fc:ba:49:d8:f6:95:88:ed:9d:ab:c5:
4c:96:f9:c9:9d:c0:5a:0d:bd:f3:6e:be:a3:c4:5b:
6c:e8:bb:6f:8b:87:28:3a:e8:5c:62:96:5c:6e:ed:
6c:55:bf:7f:ff:3e:8f:be:21:63:e9:b4:52:56:02:
db:22:c6:70:4d:4b:4a:2f:53:10:8a:82:0c:c6:23:
93:a7:73:a5:2f:91:b4:6b:e3:b6:1b:a4:9e:52:b7:
51:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:3C:9B:8A:91:6D:13:57:49:C1:5F:AC:CB:09:18:95:6C:EB:96:04
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/_zybipFtE1dJwV-sywkYlWzrlgQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.242.40.0/24
151.242.64.0/24
151.242.170.0-151.242.173.255
151.242.242.0/24
151.243.115.0/24
151.243.120.0/24
151.244.4.0-151.244.6.255
151.244.56.0/24
151.244.58.0/24
Signature Algorithm: sha256WithRSAEncryption
60:82:22:6b:88:49:81:a1:43:39:05:7c:ec:8f:8e:3e:a8:13:
e1:ea:c5:0a:50:f0:23:66:33:6b:af:a0:03:b6:5c:85:7c:c4:
9a:a8:04:a3:9a:4c:8b:37:07:fb:34:cd:2f:6d:75:c8:04:5e:
66:69:1b:a6:3b:11:d5:05:2d:98:7d:53:1d:59:10:e3:88:a7:
25:68:e2:71:41:b3:8b:d6:50:1f:a9:54:00:dd:e2:b0:d2:a4:
c3:1d:69:26:59:b3:14:e8:28:18:73:7a:05:0f:b8:94:a1:c2:
89:7d:59:d3:89:92:70:63:c8:13:0c:1e:72:17:fd:ca:77:6e:
d9:9c:31:c2:b4:8e:72:6a:f7:dd:cb:73:17:ed:d6:f3:df:c4:
c0:0b:fd:ce:58:6f:0c:a6:be:32:5e:ed:1f:b7:89:50:3b:86:
e3:16:a0:14:48:18:8e:b7:1d:1c:0d:77:d8:9e:2d:e7:93:ec:
41:b6:a7:0f:82:87:32:27:9f:79:42:dc:15:21:3b:14:a4:b2:
59:fc:7a:fd:84:b0:c2:d4:c1:cc:b7:aa:b1:1a:bd:0a:11:3c:
f7:ff:43:83:34:ad:f6:6d:47:2a:c1:21:83:12:e2:9b:c2:1c:
cd:88:2c:07:b8:61:cf:1f:fe:8e:02:8d:a3:ce:cd:14:43:29:
cf:eb:f2:62
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAZb+ev05Z4P5LXXvqJE6o7dJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNTIzMTg0OTU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjNjOWI4YTkxNmQxMzU3NDljMTVmYWNjYjA5MTg5NTZjZWI5NjA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsudAe+suEErDFtN2fRadY2k8QgsD
Pj8OZS2eHu3OMFAZ1ESjKlRW1lagej95bDy8K5Vf603t7410avzAaW/T4Ef+GMn7
UWN00uKCRPEpz7puBwNeT7WmLwLkB+2aGr2WanBCcvOJYGKAPJinesPbTVfB/Qat
QhGgl7J1Cf8jhYIVmzJsMEb/ywGl7cgquFXtbY0bAVGs9uxo89Fr+UXNgO1EzSAX
7mUM/LpJ2PaViO2dq8VMlvnJncBaDb3zbr6jxFts6Ltvi4coOuhcYpZcbu1sVb9/
/z6PviFj6bRSVgLbIsZwTUtKL1MQioIMxiOTp3OlL5G0a+O2G6SeUrdRGwIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFP88m4qRbRNXScFfrMsJGJVs65YEMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvX3p5YmlwRnRFMWRKd1Ytc3l3a1lsV3pybGdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjBMBAIAATBGAwQAl/IoAwQA
l/JAMAwDBAGX8qoDBAGX8qwDBACX8vIDBACX83MDBACX83gwDAMEApf0BAMEAJf0
BgMEAJf0OAMEAJf0OjANBgkqhkiG9w0BAQsFAAOCAQEAYIIia4hJgaFDOQV87I+O
PqgT4erFClDwI2Yza6+gA7ZchXzEmqgEo5pMizcH+zTNL211yAReZmkbpjsR1QUt
mH1THVkQ44inJWjicUGzi9ZQH6lUAN3isNKkwx1pJlmzFOgoGHN6BQ+4lKHCiX1Z
04mScGPIEwwechf9yndu2ZwxwrSOcmr33ctzF+3W89/EwAv9zlhvDKa+Ml7tH7eJ
UDuG4xagFEgYjrcdHA132J4t55PsQbanD4KHMiefeULcFSE7FKSyWfx6/YSwwtTB
zLeqsRq9ChE89/9DgzSt9m1HKsEhgxLim8IczYgsB7hhzx/+jgKNo87NFEMpz+vy
Yg==
-----END CERTIFICATE-----
Generated at Sat Jun 7 06:48:10 2025 by rpki-client