Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/jhrpH99Zcm6IhIB6idOaJwaTJIY.roa
File: jhrpH99Zcm6IhIB6idOaJwaTJIY.roa (raw, json)
Hash identifier: g8+QoxP9m/pTLhPcV0zZfR37oYyQVORUh1X5LwrhNC8=
Subject key identifier: 8E:1A:E9:1F:DF:59:72:6E:88:84:80:7A:89:D3:9A:27:06:93:24:86
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 01954D72BD6F617A76ED68E5D106EB91CA5B
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/jhrpH99Zcm6IhIB6idOaJwaTJIY.roa
Signing time: Fri 28 Feb 2025 16:45:20 +0000
ROA not before: Fri 28 Feb 2025 16:45:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214677
IP address blocks: 151.243.213.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 04:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:4d:72:bd:6f:61:7a:76:ed:68:e5:d1:06:eb:91:ca:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Feb 28 16:45:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8e1ae91fdf59726e8884807a89d39a2706932486
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:9f:8a:7f:e5:3c:60:a7:53:7a:0e:95:0b:53:
86:b7:09:5a:39:86:78:05:e3:7e:67:fb:57:80:25:
84:d1:91:74:2b:3f:d9:2d:2b:8d:3d:e4:9b:b2:e6:
0f:66:c6:32:d8:f0:14:cd:fc:aa:fb:e8:3c:c4:92:
93:3d:bc:a2:9c:08:e2:a8:e3:fd:79:da:49:2f:74:
f5:5f:ab:c7:0b:20:a2:9e:69:8e:ef:d9:4a:4d:1a:
85:28:8c:a7:5a:9f:a5:27:7d:5c:b6:15:6b:3d:10:
14:f6:91:ae:30:e5:5e:7f:5b:77:21:f3:b5:22:49:
70:ae:7b:f4:47:ac:0c:55:de:72:19:f4:20:35:9b:
0f:d1:3f:55:53:d0:8c:87:d9:69:7a:0c:2a:ec:26:
5c:30:92:06:f5:2d:bd:58:cb:ed:62:c7:ab:f0:7d:
ed:9b:51:cd:38:12:9d:1f:ba:6c:33:ac:68:4f:20:
10:4d:e8:30:f0:29:87:c5:c4:79:ad:2e:e7:57:17:
28:81:c4:0c:d6:11:e6:06:ca:59:24:84:0d:ab:df:
cf:85:c6:a4:c4:9a:a8:08:4e:af:0e:46:a4:da:f9:
c4:ca:8a:a3:08:2e:8a:d1:51:26:be:60:29:49:57:
5c:6a:ea:90:bd:69:1d:ea:14:ef:90:02:ae:ba:a2:
46:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:1A:E9:1F:DF:59:72:6E:88:84:80:7A:89:D3:9A:27:06:93:24:86
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/jhrpH99Zcm6IhIB6idOaJwaTJIY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.243.213.0/24
Signature Algorithm: sha256WithRSAEncryption
7b:1e:dd:2b:23:6a:97:96:3d:3e:87:db:8e:21:f0:c6:cf:6b:
d5:6a:f2:94:cd:42:3c:1c:da:d1:44:3f:65:e5:dc:7f:5c:36:
ba:85:50:26:5e:60:91:f9:9b:2d:f8:f2:95:94:3f:01:ad:16:
49:4e:4b:ae:22:75:15:f0:54:24:66:9f:71:56:c0:c6:2e:4a:
80:04:96:6b:87:cb:39:a8:4c:df:2d:9a:fc:92:d9:50:eb:1b:
f7:8a:19:a5:59:e5:8f:4f:5c:7b:91:31:e9:27:65:e8:4f:39:
26:63:a9:54:e1:f3:87:6f:fc:d0:07:e4:26:43:94:34:4f:fa:
cc:ff:6c:94:8e:eb:0a:a6:5e:0d:83:dd:a8:a0:ad:6d:b7:3f:
79:b1:6c:b3:71:5c:4b:de:c9:80:b2:c1:7e:20:7a:4b:c4:d0:
2f:74:eb:6c:db:8c:10:45:49:e1:8d:be:01:44:a2:a0:27:8a:
46:1b:1f:15:8c:ae:8b:b5:ac:47:ec:c7:12:c4:86:57:80:2f:
d4:e7:67:0f:3e:72:80:c9:fe:16:8e:80:6c:ec:ca:9f:c9:66:
05:5f:cd:97:5a:7a:de:b6:42:33:7b:be:6d:c4:75:68:fb:1d:
22:69:33:76:cd:f8:ad:4b:22:86:cb:a7:3c:10:35:b8:d7:e2:
26:eb:6d:2d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZVNcr1vYXp27Wjl0QbrkcpbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwMjI4MTY0NTIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTFhZTkxZmRmNTk3MjZlODg4NDgwN2E4OWQzOWEyNzA2OTMyNDg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9J+Kf+U8YKdTeg6VC1OGtwlaOYZ4
BeN+Z/tXgCWE0ZF0Kz/ZLSuNPeSbsuYPZsYy2PAUzfyq++g8xJKTPbyinAjiqOP9
edpJL3T1X6vHCyCinmmO79lKTRqFKIynWp+lJ31cthVrPRAU9pGuMOVef1t3IfO1
Iklwrnv0R6wMVd5yGfQgNZsP0T9VU9CMh9lpegwq7CZcMJIG9S29WMvtYser8H3t
m1HNOBKdH7psM6xoTyAQTegw8CmHxcR5rS7nVxcogcQM1hHmBspZJIQNq9/Phcak
xJqoCE6vDkak2vnEyoqjCC6K0VEmvmApSVdcauqQvWkd6hTvkAKuuqJGuQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI4a6R/fWXJuiISAeonTmicGkySGMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvamhycEg5OVpjbTZJaElCNmlkT2FKd2FUSklZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAl/PVMA0G
CSqGSIb3DQEBCwUAA4IBAQB7Ht0rI2qXlj0+h9uOIfDGz2vVavKUzUI8HNrRRD9l
5dx/XDa6hVAmXmCR+Zst+PKVlD8BrRZJTkuuInUV8FQkZp9xVsDGLkqABJZrh8s5
qEzfLZr8ktlQ6xv3ihmlWeWPT1x7kTHpJ2XoTzkmY6lU4fOHb/zQB+QmQ5Q0T/rM
/2yUjusKpl4Ng92ooK1ttz95sWyzcVxL3smAssF+IHpLxNAvdOts24wQRUnhjb4B
RKKgJ4pGGx8VjK6LtaxH7McSxIZXgC/U52cPPnKAyf4WjoBs7MqfyWYFX82XWnre
tkIze75txHVo+x0iaTN2zfitSyKGy6c8EDW41+Im620t
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:28:39 2025 by rpki-client