Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/jc3rruoHU6-qfDB1udP_y1fBEyM.roa
File: jc3rruoHU6-qfDB1udP_y1fBEyM.roa (raw, json)
Hash identifier: 5zAQgdiLKoSMG7B+cq545pYaBgefXySSmFcTXpjPaw0=
Subject key identifier: 8D:CD:EB:AE:EA:07:53:AF:AA:7C:30:75:B9:D3:FF:CB:57:C1:13:23
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0195D1B7116AC420D3BB14D271C055679C64
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/jc3rruoHU6-qfDB1udP_y1fBEyM.roa
Signing time: Wed 26 Mar 2025 09:09:50 +0000
ROA not before: Wed 26 Mar 2025 09:09:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 10753
IP address blocks: 151.242.3.0/24 maxlen: 24
151.242.6.0/24 maxlen: 24
151.242.24.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 04:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:d1:b7:11:6a:c4:20:d3:bb:14:d2:71:c0:55:67:9c:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Mar 26 09:09:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8dcdebaeea0753afaa7c3075b9d3ffcb57c11323
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:b9:6d:23:40:f3:ec:76:73:0b:3b:5d:37:6c:
d6:9a:c9:6f:b8:da:ee:04:6f:05:fd:63:a8:87:e6:
51:2a:75:ca:15:d6:40:5f:b7:c3:95:20:fe:da:4b:
11:d0:e0:f8:e0:7d:13:a6:9d:72:fc:51:b5:eb:aa:
5a:59:da:cd:b5:48:35:ea:37:fb:11:c9:c8:e4:6f:
01:7a:af:df:0f:9b:01:7f:e3:42:e8:ff:13:cf:3a:
14:bb:2b:d1:f4:28:16:b2:54:d2:0b:73:d2:28:ca:
8e:da:06:fc:95:eb:a0:b1:c9:2e:3c:07:f8:2d:a3:
aa:74:92:8f:81:77:dc:78:0a:20:d4:1d:87:f1:9b:
12:07:54:f0:aa:53:43:9d:ed:8c:12:5c:74:24:29:
fd:73:35:61:6d:01:41:2b:dc:1b:80:0e:e1:ce:82:
37:d5:52:38:64:30:d4:e8:14:57:b6:a3:8f:f0:66:
08:84:8b:4a:b4:84:3e:89:1d:97:b7:9d:cf:ef:88:
e9:a3:cb:86:a8:ed:0d:2d:a7:23:6f:48:48:e3:d7:
1e:4b:27:f3:57:ae:d4:a8:52:2f:db:c2:b9:52:e9:
f9:19:fe:58:0d:25:de:be:97:5d:0a:51:cd:01:64:
6d:f3:94:a8:52:ce:8e:df:19:42:17:c0:99:dd:21:
73:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:CD:EB:AE:EA:07:53:AF:AA:7C:30:75:B9:D3:FF:CB:57:C1:13:23
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/jc3rruoHU6-qfDB1udP_y1fBEyM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.242.3.0/24
151.242.6.0/24
151.242.24.0/24
Signature Algorithm: sha256WithRSAEncryption
19:67:92:f8:cd:d7:c8:77:d7:09:2f:40:a6:50:1d:1e:43:c5:
a5:eb:4b:16:22:7d:0c:18:8c:f6:0b:97:f3:94:46:a6:36:b7:
45:62:22:f9:32:60:b3:85:78:09:f7:89:99:f9:5b:38:55:92:
97:8b:77:6c:4e:d4:70:40:c7:81:96:c9:e3:f6:c9:05:cb:d9:
96:39:4c:49:ec:09:6b:47:9d:ae:96:b3:c3:5f:62:50:bb:b2:
07:54:83:5a:9d:a8:6d:46:43:0a:d2:b1:d4:b5:8e:08:f8:da:
20:f4:0c:bc:9c:9f:af:76:45:ff:a4:92:a2:a6:95:23:9a:90:
52:e0:ee:63:17:02:27:9a:88:c8:1f:76:17:53:2f:00:90:f9:
5c:bc:36:22:38:ba:23:23:e4:4a:ed:ee:a4:80:30:cc:36:83:
5a:24:b2:c4:58:a4:a7:7d:4e:8c:42:80:f7:8b:3d:35:9b:d8:
ab:de:74:7d:ff:01:93:c7:c6:21:5f:7c:6d:64:23:ef:5c:49:
f9:bb:dc:20:c9:7f:eb:2e:30:43:8b:3d:7b:b8:ad:bf:9d:a9:
3a:e2:11:06:d2:bc:52:cb:be:51:a0:b5:c3:97:4f:11:e1:d0:
55:14:02:83:5d:d9:a9:f1:a1:2c:36:f7:d1:07:f2:c9:e6:43:
f9:69:3a:3f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZXRtxFqxCDTuxTSccBVZ5xkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwMzI2MDkwOTUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZGNkZWJhZWVhMDc1M2FmYWE3YzMwNzViOWQzZmZjYjU3YzExMzIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzrltI0Dz7HZzCztdN2zWmslvuNru
BG8F/WOoh+ZRKnXKFdZAX7fDlSD+2ksR0OD44H0Tpp1y/FG166paWdrNtUg16jf7
EcnI5G8Beq/fD5sBf+NC6P8TzzoUuyvR9CgWslTSC3PSKMqO2gb8leugsckuPAf4
LaOqdJKPgXfceAog1B2H8ZsSB1TwqlNDne2MElx0JCn9czVhbQFBK9wbgA7hzoI3
1VI4ZDDU6BRXtqOP8GYIhItKtIQ+iR2Xt53P74jpo8uGqO0NLacjb0hI49ceSyfz
V67UqFIv28K5Uun5Gf5YDSXevpddClHNAWRt85SoUs6O3xlCF8CZ3SFzCQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFI3N667qB1OvqnwwdbnT/8tXwRMjMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvamMzcnJ1b0hVNi1xZkRCMXVkUF95MWZCRXlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAl/IDAwQA
l/IGAwQAl/IYMA0GCSqGSIb3DQEBCwUAA4IBAQAZZ5L4zdfId9cJL0CmUB0eQ8Wl
60sWIn0MGIz2C5fzlEamNrdFYiL5MmCzhXgJ94mZ+Vs4VZKXi3dsTtRwQMeBlsnj
9skFy9mWOUxJ7AlrR52ulrPDX2JQu7IHVINanahtRkMK0rHUtY4I+Nog9Ay8nJ+v
dkX/pJKippUjmpBS4O5jFwInmojIH3YXUy8AkPlcvDYiOLojI+RK7e6kgDDMNoNa
JLLEWKSnfU6MQoD3iz01m9ir3nR9/wGTx8YhX3xtZCPvXEn5u9wgyX/rLjBDiz17
uK2/nak64hEG0rxSy75RoLXDl08R4dBVFAKDXdmp8aEsNvfRB/LJ5kP5aTo/
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:17:11 2025 by rpki-client