Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/gtTt7itCQcvvDofzt0F1WAS-uIQ.roa
File: gtTt7itCQcvvDofzt0F1WAS-uIQ.roa (raw, json)
Hash identifier: Ph2Xi+H+h8C/Yut4ByjXq9S2+yAf2vkqmnK1e5OgmRU=
Subject key identifier: 82:D4:ED:EE:2B:42:41:CB:EF:0E:87:F3:B7:41:75:58:04:BE:B8:84
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0196DCECD5A49D98C46815625DD00970934F
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/gtTt7itCQcvvDofzt0F1WAS-uIQ.roa
Signing time: Sat 17 May 2025 06:27:10 +0000
ROA not before: Sat 17 May 2025 06:27:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14618
IP address blocks: 151.240.128.0/21 maxlen: 24
151.240.136.0/21 maxlen: 24
151.241.132.0/22 maxlen: 22
151.242.56.0/24 maxlen: 24
151.243.8.0/23 maxlen: 23
151.243.204.0/23 maxlen: 23
151.245.56.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Jun 2025 14:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:dc:ec:d5:a4:9d:98:c4:68:15:62:5d:d0:09:70:93:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: May 17 06:27:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=82d4edee2b4241cbef0e87f3b741755804beb884
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:1b:b5:da:f4:13:e7:3e:21:3c:55:88:c2:8f:
f4:7a:6b:b0:1b:7e:16:47:60:f7:a2:6b:4e:4e:23:
f8:d9:72:d6:32:39:e2:9a:89:b8:06:45:a2:b8:1d:
1d:95:a7:e1:ab:57:dc:da:6e:8c:5c:39:41:b2:cc:
ae:75:3a:f6:8f:67:7b:2f:78:56:4c:79:c3:70:09:
fb:26:91:e0:10:1c:40:4c:5e:69:f7:42:7d:56:49:
85:a9:28:b9:e8:35:e3:71:94:89:e7:84:a0:f6:68:
93:fb:82:a7:7f:53:02:4b:82:64:d9:ea:26:6f:fb:
a4:55:a1:62:e3:08:f1:92:d3:06:f7:14:64:49:7b:
ab:5e:cc:dc:ea:a5:36:4b:52:4f:49:ea:ad:12:3e:
0f:78:96:11:e7:ac:80:f3:76:b2:15:0f:a3:53:e9:
c5:e3:7f:1d:30:9a:ea:45:74:6d:54:5e:f7:00:2d:
92:06:8a:b8:76:f9:5d:82:ab:47:dd:d2:2c:6f:bc:
d9:4b:bc:77:d3:b9:07:94:cb:50:0a:fb:5b:bd:ea:
6b:5a:39:ec:9f:81:9f:b8:8b:85:fa:dd:1c:07:f9:
6a:b2:0f:ca:da:13:4e:7c:13:d9:d0:bd:2c:cf:a6:
02:1e:6c:5f:4c:55:04:19:15:c3:a3:5d:ac:38:d8:
bb:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:D4:ED:EE:2B:42:41:CB:EF:0E:87:F3:B7:41:75:58:04:BE:B8:84
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/gtTt7itCQcvvDofzt0F1WAS-uIQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.240.128.0/20
151.241.132.0/22
151.242.56.0/24
151.243.8.0/23
151.243.204.0/23
151.245.56.0/22
Signature Algorithm: sha256WithRSAEncryption
40:3c:29:0a:6f:97:2c:a7:bf:0e:27:74:59:ba:5a:7b:2b:17:
9c:89:67:66:df:9a:ab:95:19:95:07:b3:84:fc:c4:91:06:85:
f2:b5:a2:32:f7:48:41:0c:43:62:4f:90:56:1c:4b:a7:0d:0f:
f9:43:2e:8c:db:57:af:d8:55:90:f5:75:63:18:11:1b:67:5a:
68:a2:f6:e2:07:d8:db:06:ed:0a:f2:75:73:09:40:8d:07:e6:
82:3a:00:1d:74:19:a0:47:00:f5:f5:a5:81:db:7a:86:1f:e9:
c0:c7:b6:d2:3c:86:40:4a:e7:f2:23:46:4d:19:db:21:44:40:
86:f8:97:18:ae:7b:6c:e6:a5:9a:90:88:2e:16:83:3f:5a:7f:
03:8f:9f:a4:32:ea:cc:9f:b4:1c:0a:c6:10:bf:c1:f5:1d:7a:
51:d3:ee:07:2e:3b:f6:b4:6b:c0:6c:5f:e6:5f:74:a0:cb:7b:
59:9d:11:d7:97:c5:61:d0:07:9e:2f:37:50:07:32:c4:29:8e:
8b:e7:3a:41:30:b4:47:f7:82:53:cf:f8:8f:77:8b:42:d3:51:
c6:f7:05:07:cb:40:45:47:e4:79:cc:05:ee:21:f1:9f:f2:8f:
43:1a:8e:03:28:48:74:cf:73:f8:19:83:ff:28:65:11:ed:c2:
38:a4:70:6f
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZbc7NWknZjEaBViXdAJcJNPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNTE3MDYyNzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MmQ0ZWRlZTJiNDI0MWNiZWYwZTg3ZjNiNzQxNzU1ODA0YmViODg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjxu12vQT5z4hPFWIwo/0emuwG34W
R2D3omtOTiP42XLWMjnimom4BkWiuB0dlafhq1fc2m6MXDlBssyudTr2j2d7L3hW
THnDcAn7JpHgEBxATF5p90J9VkmFqSi56DXjcZSJ54Sg9miT+4Knf1MCS4Jk2eom
b/ukVaFi4wjxktMG9xRkSXurXszc6qU2S1JPSeqtEj4PeJYR56yA83ayFQ+jU+nF
438dMJrqRXRtVF73AC2SBoq4dvldgqtH3dIsb7zZS7x307kHlMtQCvtbveprWjns
n4GfuIuF+t0cB/lqsg/K2hNOfBPZ0L0sz6YCHmxfTFUEGRXDo12sONi73QIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFILU7e4rQkHL7w6H87dBdVgEvriEMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvZ3RUdDdpdENRY3Z2RG9menQwRjFXQVMtdUlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQEl/CAAwQC
l/GEAwQAl/I4AwQBl/MIAwQBl/PMAwQCl/U4MA0GCSqGSIb3DQEBCwUAA4IBAQBA
PCkKb5csp78OJ3RZulp7KxeciWdm35qrlRmVB7OE/MSRBoXytaIy90hBDENiT5BW
HEunDQ/5Qy6M21ev2FWQ9XVjGBEbZ1poovbiB9jbBu0K8nVzCUCNB+aCOgAddBmg
RwD19aWB23qGH+nAx7bSPIZASufyI0ZNGdshRECG+JcYrnts5qWakIguFoM/Wn8D
j5+kMurMn7QcCsYQv8H1HXpR0+4HLjv2tGvAbF/mX3Sgy3tZnRHXl8Vh0AeeLzdQ
BzLEKY6L5zpBMLRH94JTz/iPd4tC01HG9wUHy0BFR+R5zAXuIfGf8o9DGo4DKEh0
z3P4GYP/KGUR7cI4pHBv
-----END CERTIFICATE-----
Generated at Mon Jun 2 17:01:55 2025 by rpki-client