Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/cnLn2NGmIrcPfIecpyaem_QPBuY.roa
File: cnLn2NGmIrcPfIecpyaem_QPBuY.roa (raw, json)
Hash identifier: JkMk2w4g7DtSOIdEYPEUZoEBMjiDiH9wDbys2MZ8hv0=
Subject key identifier: 72:72:E7:D8:D1:A6:22:B7:0F:7C:87:9C:A7:26:9E:9B:F4:0F:06:E6
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 01973B5E3148C51C8E66AB1AB190614FA228
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/cnLn2NGmIrcPfIecpyaem_QPBuY.roa
Signing time: Wed 04 Jun 2025 14:35:18 +0000
ROA not before: Wed 04 Jun 2025 14:35:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212238
IP address blocks: 151.240.45.0/24 maxlen: 24
151.242.45.0/24 maxlen: 24
151.242.57.0/24 maxlen: 24
151.242.158.0/24 maxlen: 24
151.242.204.0/22 maxlen: 22
151.243.2.0/24 maxlen: 24
151.243.105.0/24 maxlen: 24
151.243.159.0/24 maxlen: 24
151.243.248.0/22 maxlen: 22
151.244.57.0/24 maxlen: 24
151.244.111.0/24 maxlen: 24
151.244.115.0/24 maxlen: 24
151.245.116.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 10 Jun 2025 04:08:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:3b:5e:31:48:c5:1c:8e:66:ab:1a:b1:90:61:4f:a2:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Jun 4 14:35:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7272e7d8d1a622b70f7c879ca7269e9bf40f06e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:d0:6c:55:69:32:69:b6:c8:52:32:70:c7:81:
0d:27:5b:44:4f:11:c8:a2:01:a2:06:aa:7e:ea:03:
70:2a:3d:15:28:20:6e:25:93:6b:6d:cc:45:b4:66:
93:3c:91:a4:a1:74:d1:c2:77:5a:67:a1:20:25:b6:
92:b2:65:52:b2:c4:64:d4:cd:72:09:71:1e:dc:ad:
3c:77:c0:ca:7a:e3:ae:8b:e5:c2:2e:e5:8e:e7:e2:
61:3a:9b:1c:8e:25:c4:bd:f8:7b:c9:ae:a3:33:28:
4b:4b:e4:55:42:bd:b6:de:fb:07:11:de:b6:19:06:
31:01:b8:02:60:8e:07:7b:4e:c5:65:5c:b6:57:dc:
a1:a8:b2:53:95:48:08:d4:62:7d:66:12:ea:fc:d6:
b3:e7:a0:43:a6:21:65:4c:c3:5e:72:64:48:98:9e:
a0:d4:5d:58:da:79:4f:f4:c3:10:96:02:0e:45:2b:
81:f4:1b:d3:71:72:7a:98:2b:e8:5d:68:74:69:e5:
cc:48:cf:30:9f:93:78:1b:5d:8f:40:8c:8e:0c:a6:
b6:76:9b:90:a7:4c:09:d1:de:4b:22:50:8f:7d:3a:
4c:cd:8f:b3:a5:9c:a7:31:88:b3:77:5f:39:bd:8b:
0b:21:c9:37:c0:0d:05:e7:61:2c:da:f8:6f:c8:6f:
b6:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:72:E7:D8:D1:A6:22:B7:0F:7C:87:9C:A7:26:9E:9B:F4:0F:06:E6
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/cnLn2NGmIrcPfIecpyaem_QPBuY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.240.45.0/24
151.242.45.0/24
151.242.57.0/24
151.242.158.0/24
151.242.204.0/22
151.243.2.0/24
151.243.105.0/24
151.243.159.0/24
151.243.248.0/22
151.244.57.0/24
151.244.111.0/24
151.244.115.0/24
151.245.116.0/22
Signature Algorithm: sha256WithRSAEncryption
98:56:97:7a:29:88:f8:01:e3:e0:e2:5b:0e:2b:fa:53:aa:b0:
02:98:43:2c:6b:66:68:83:0f:d6:fc:b3:b2:b3:8a:43:4f:8a:
65:dc:71:71:c2:4a:3b:68:78:1b:1c:50:58:f1:44:c8:3c:5f:
07:15:ff:db:0a:a5:f5:f0:61:3d:22:67:42:e9:81:f1:5c:9b:
03:be:65:c6:71:16:bd:b6:79:01:84:f2:9c:89:bc:85:f9:45:
9b:1c:d4:c6:49:7d:95:77:39:12:3c:e6:f4:e0:35:ac:aa:32:
da:bd:2b:6c:e2:e6:1c:e0:1e:27:97:8a:6a:41:5e:15:cd:46:
82:80:95:3e:c5:29:a1:97:8f:82:c8:85:56:93:cc:fa:86:60:
23:78:41:e5:23:57:94:2f:32:55:79:40:58:51:b0:a3:6e:84:
cf:88:40:6e:23:ee:40:84:38:cf:ba:25:10:78:c7:39:2e:59:
05:92:49:a4:fa:c4:ea:ef:9a:99:15:1f:f0:8b:2d:5e:9a:5f:
4d:35:a7:a1:55:1e:ce:9b:cc:18:d2:0e:e2:5c:8f:fe:e5:35:
6d:a9:dd:30:f9:b4:4c:1d:0d:7c:26:26:e9:f4:8a:af:36:35:
75:8a:a7:86:25:68:71:55:ba:3b:8e:16:69:d5:e3:0d:79:f0:
34:5b:fb:c4
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAZc7XjFIxRyOZqsasZBhT6IoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNjA0MTQzNTE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjcyZTdkOGQxYTYyMmI3MGY3Yzg3OWNhNzI2OWU5YmY0MGYwNmU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAptBsVWkyabbIUjJwx4ENJ1tETxHI
ogGiBqp+6gNwKj0VKCBuJZNrbcxFtGaTPJGkoXTRwndaZ6EgJbaSsmVSssRk1M1y
CXEe3K08d8DKeuOui+XCLuWO5+JhOpscjiXEvfh7ya6jMyhLS+RVQr223vsHEd62
GQYxAbgCYI4He07FZVy2V9yhqLJTlUgI1GJ9ZhLq/Naz56BDpiFlTMNecmRImJ6g
1F1Y2nlP9MMQlgIORSuB9BvTcXJ6mCvoXWh0aeXMSM8wn5N4G12PQIyODKa2dpuQ
p0wJ0d5LIlCPfTpMzY+zpZynMYizd185vYsLIck3wA0F52Es2vhvyG+2XwIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFHJy59jRpiK3D3yHnKcmnpv0DwbmMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvY25MbjJOR21JcmNQZkllY3B5YWVtX1FQQnVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQAl/AtAwQA
l/ItAwQAl/I5AwQAl/KeAwQCl/LMAwQAl/MCAwQAl/NpAwQAl/OfAwQCl/P4AwQA
l/Q5AwQAl/RvAwQAl/RzAwQCl/V0MA0GCSqGSIb3DQEBCwUAA4IBAQCYVpd6KYj4
AePg4lsOK/pTqrACmEMsa2Zogw/W/LOys4pDT4pl3HFxwko7aHgbHFBY8UTIPF8H
Ff/bCqX18GE9ImdC6YHxXJsDvmXGcRa9tnkBhPKcibyF+UWbHNTGSX2VdzkSPOb0
4DWsqjLavSts4uYc4B4nl4pqQV4VzUaCgJU+xSmhl4+CyIVWk8z6hmAjeEHlI1eU
LzJVeUBYUbCjboTPiEBuI+5AhDjPuiUQeMc5LlkFkkmk+sTq75qZFR/wiy1eml9N
NaehVR7Om8wY0g7iXI/+5TVtqd0w+bRMHQ18Jibp9IqvNjV1iqeGJWhxVbo7jhZp
1eMNefA0W/vE
-----END CERTIFICATE-----
Generated at Mon Jun 9 14:38:31 2025 by rpki-client