Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/ew0R0jY4ElSeR83izzkwlA0tj-4.roa
File: ew0R0jY4ElSeR83izzkwlA0tj-4.roa (raw, json)
Hash identifier: CinBKDQTtHvIMtAvzloHeKpeQ0pH4N+5V1N5q9XpLoU=
Subject key identifier: 7B:0D:11:D2:36:38:12:54:9E:47:CD:E2:CF:39:30:94:0D:2D:8F:EE
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019482092B5D0576874EA3EDDD5AC43FFE7D
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/ew0R0jY4ElSeR83izzkwlA0tj-4.roa
Signing time: Mon 20 Jan 2025 04:47:06 +0000
ROA not before: Mon 20 Jan 2025 04:47:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3356
IP address blocks: 151.243.113.0/24 maxlen: 24
151.243.115.0/24 maxlen: 24
151.243.116.0/24 maxlen: 24
151.243.117.0/24 maxlen: 24
151.243.119.0/24 maxlen: 24
151.243.120.0/24 maxlen: 24
151.243.121.0/24 maxlen: 24
151.243.122.0/24 maxlen: 24
151.243.123.0/24 maxlen: 24
151.243.124.0/24 maxlen: 24
151.243.232.0/24 maxlen: 24
151.243.236.0/24 maxlen: 24
151.243.238.0/24 maxlen: 24
151.243.240.0/24 maxlen: 24
151.243.242.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 09:27:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:82:09:2b:5d:05:76:87:4e:a3:ed:dd:5a:c4:3f:fe:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Jan 20 04:47:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7b0d11d2363812549e47cde2cf3930940d2d8fee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:3f:8c:e2:fd:47:c3:92:9a:d7:85:85:94:29:
e5:7d:d2:ee:16:b8:f6:52:ef:eb:e0:25:49:be:15:
31:33:53:f8:db:35:ae:76:89:56:17:71:b6:e4:9d:
af:8f:99:ad:f5:97:83:03:13:8b:5c:a1:b3:87:c8:
0a:c7:f2:40:a1:91:d7:7e:d4:18:62:48:04:73:f4:
9c:34:57:30:aa:95:fb:0b:2e:ac:79:fa:7e:f1:b5:
83:0d:c1:5a:51:1f:1e:e7:7c:a0:6d:63:d2:5f:4a:
a6:bf:07:31:19:4b:9a:31:fc:19:4b:76:5d:88:ee:
e7:78:b0:c4:ad:b0:80:ff:d0:74:5f:17:e9:22:3e:
ea:38:d2:3f:53:55:65:b1:24:62:83:e7:3b:79:1d:
73:8b:04:25:70:47:4b:87:ba:3a:0c:6d:c2:1c:57:
f1:f1:d6:b4:4d:ee:02:af:da:df:f7:d5:67:34:10:
f5:fc:a3:29:0a:32:50:d6:00:63:17:91:18:8b:de:
a2:cb:94:ba:79:d4:c3:a4:35:2e:d5:e8:8f:0e:96:
12:a5:84:61:ac:26:50:a2:0a:eb:e4:58:f3:fb:fd:
10:8e:e7:01:c8:cc:6b:39:5d:8f:c5:8b:53:7d:72:
79:2f:7e:b6:5a:e5:39:3e:eb:a7:c2:ae:03:1b:a3:
f5:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:0D:11:D2:36:38:12:54:9E:47:CD:E2:CF:39:30:94:0D:2D:8F:EE
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/ew0R0jY4ElSeR83izzkwlA0tj-4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.243.113.0/24
151.243.115.0-151.243.117.255
151.243.119.0-151.243.124.255
151.243.232.0/24
151.243.236.0/24
151.243.238.0/24
151.243.240.0/24
151.243.242.0/24
Signature Algorithm: sha256WithRSAEncryption
84:b9:0b:02:24:a5:72:23:12:79:95:48:63:8e:9a:78:0d:68:
e2:d6:95:ea:67:48:ac:08:49:38:f8:17:b6:fe:1a:a3:c4:1f:
e3:49:c6:25:4c:89:ad:c8:a3:8a:ea:20:96:80:a5:49:c8:61:
86:9b:85:2a:c8:7a:c7:eb:26:0c:bd:1d:c0:b2:f0:27:95:99:
c5:d5:09:12:d0:81:ce:cb:29:eb:d9:7d:f4:e4:9f:78:4f:13:
c7:65:47:41:ab:32:17:06:9c:8f:d0:96:f9:69:4e:ad:db:99:
47:16:03:73:6f:e3:3e:2c:a7:8a:41:39:fa:a3:77:93:b0:aa:
79:a8:2e:76:67:19:8d:00:34:95:05:a0:c0:69:a1:e3:1e:29:
ba:b2:65:d1:76:3e:07:90:1d:b4:3e:6e:96:25:b0:c3:bf:81:
69:8f:db:16:b2:ff:49:42:2e:dd:71:38:36:70:6b:4a:2b:c5:
00:1e:df:05:8e:f4:4e:19:6f:3c:75:19:5f:59:40:38:5a:ab:
73:9b:02:37:86:95:b3:f2:bb:d3:29:8e:d5:33:5b:b8:39:32:
b2:b3:27:a1:bb:86:86:96:73:f4:87:90:33:b2:88:92:df:4f:
cb:0e:fe:01:d3:ae:ca:c5:26:5f:12:55:e0:b6:46:25:03:72:
39:9f:04:60
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAZSCCStdBXaHTqPt3VrEP/59MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwMTIwMDQ0NzA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YjBkMTFkMjM2MzgxMjU0OWU0N2NkZTJjZjM5MzA5NDBkMmQ4ZmVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArT+M4v1Hw5Ka14WFlCnlfdLuFrj2
Uu/r4CVJvhUxM1P42zWudolWF3G25J2vj5mt9ZeDAxOLXKGzh8gKx/JAoZHXftQY
YkgEc/ScNFcwqpX7Cy6sefp+8bWDDcFaUR8e53ygbWPSX0qmvwcxGUuaMfwZS3Zd
iO7neLDErbCA/9B0XxfpIj7qONI/U1VlsSRig+c7eR1ziwQlcEdLh7o6DG3CHFfx
8da0Te4Cr9rf99VnNBD1/KMpCjJQ1gBjF5EYi96iy5S6edTDpDUu1eiPDpYSpYRh
rCZQogrr5Fjz+/0QjucByMxrOV2PxYtTfXJ5L362WuU5Puunwq4DG6P1GwIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFHsNEdI2OBJUnkfN4s85MJQNLY/uMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvZXcwUjBqWTRFbFNlUjgzaXp6a3dsQTB0ai00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDBGBAIAATBAAwQAl/NxMAwD
BACX83MDBAGX83QwDAMEAJfzdwMEAJfzfAMEAJfz6AMEAJfz7AMEAJfz7gMEAJfz
8AMEAJfz8jANBgkqhkiG9w0BAQsFAAOCAQEAhLkLAiSlciMSeZVIY46aeA1o4taV
6mdIrAhJOPgXtv4ao8Qf40nGJUyJrcijiuogloClSchhhpuFKsh6x+smDL0dwLLw
J5WZxdUJEtCBzssp69l99OSfeE8Tx2VHQasyFwacj9CW+WlOrduZRxYDc2/jPiyn
ikE5+qN3k7CqeagudmcZjQA0lQWgwGmh4x4purJl0XY+B5AdtD5uliWww7+BaY/b
FrL/SUIu3XE4NnBrSivFAB7fBY70ThlvPHUZX1lAOFqrc5sCN4aVs/K70ymO1TNb
uDkysrMnobuGhpZz9IeQM7KIkt9Pyw7+AdOuysUmXxJV4LZGJQNyOZ8EYA==
-----END CERTIFICATE-----
Generated at Wed Feb 5 18:57:50 2025 by rpki-client