Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/lVV67c9PTCDhRtLL1CTDqA6M724.roa
File: lVV67c9PTCDhRtLL1CTDqA6M724.roa (raw, json)
Hash identifier: HFwBxVIITpHfr6W91ADB3pEIH7Lb6V4aoflR0n3AMUg=
Subject key identifier: 95:55:7A:ED:CF:4F:4C:20:E1:46:D2:CB:D4:24:C3:A8:0E:8C:EF:6E
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019735F855DAB3EEB52B64801C6DAA5805C3
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/lVV67c9PTCDhRtLL1CTDqA6M724.roa
Signing time: Tue 03 Jun 2025 13:25:56 +0000
ROA not before: Tue 03 Jun 2025 13:25:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5065
IP address blocks: 37.202.219.0/24 maxlen: 24
151.240.31.0/24 maxlen: 24
151.240.229.0/24 maxlen: 24
151.240.233.0/24 maxlen: 24
151.240.234.0/24 maxlen: 24
151.240.235.0/24 maxlen: 24
151.240.236.0/24 maxlen: 24
151.240.237.0/24 maxlen: 24
151.240.238.0/24 maxlen: 24
151.240.240.0/24 maxlen: 24
151.242.9.0/24 maxlen: 24
151.242.46.0/24 maxlen: 24
151.242.47.0/24 maxlen: 24
151.242.48.0/24 maxlen: 24
151.242.60.0/24 maxlen: 24
151.242.62.0/24 maxlen: 24
151.242.121.0/24 maxlen: 24
151.242.166.0/23 maxlen: 24
151.242.195.0/24 maxlen: 24
151.243.140.0/24 maxlen: 24
151.244.59.0/24 maxlen: 24
151.244.117.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 06:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:35:f8:55:da:b3:ee:b5:2b:64:80:1c:6d:aa:58:05:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Jun 3 13:25:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=95557aedcf4f4c20e146d2cbd424c3a80e8cef6e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:0f:81:45:d2:00:c1:1e:90:f3:40:99:b5:90:
8b:5f:24:a7:f3:9d:59:0a:a4:b0:8a:1f:93:96:4a:
ea:45:ee:4e:6a:81:a0:e0:a3:d1:74:24:b2:b4:fc:
7f:0a:74:0a:62:23:f7:26:33:f5:1c:f2:0f:0b:b4:
3b:a4:90:92:82:2d:00:ac:30:9c:eb:58:a1:de:df:
09:a0:9c:48:a8:30:50:2d:8d:5d:05:86:fd:ed:18:
5b:4a:6d:40:65:50:4f:b5:1b:74:20:51:db:5d:05:
44:30:74:1c:e7:2e:e3:86:3c:3c:51:1e:9b:07:ac:
0d:ad:ee:76:7f:c1:67:89:6d:40:4d:9e:d5:4a:1e:
70:5e:f3:74:a6:1e:28:6c:d3:c8:b4:b6:b3:4b:09:
d0:7f:f4:3f:89:2e:25:e7:aa:c4:e0:73:dc:ac:5b:
ea:d2:13:b4:10:7f:d3:08:96:dd:c9:30:9f:c7:fd:
9c:65:07:ce:6c:92:39:da:1b:e9:40:29:89:d4:60:
44:7e:67:c5:64:d6:89:35:08:fc:bd:bd:3d:24:64:
72:de:57:68:75:7f:13:34:84:59:77:b9:21:07:cf:
7a:11:24:f5:89:5f:83:db:8e:b4:3b:06:f5:88:62:
8d:4c:9a:1d:c4:c0:1e:58:20:b8:95:7b:e8:37:d4:
d9:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:55:7A:ED:CF:4F:4C:20:E1:46:D2:CB:D4:24:C3:A8:0E:8C:EF:6E
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/lVV67c9PTCDhRtLL1CTDqA6M724.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.202.219.0/24
151.240.31.0/24
151.240.229.0/24
151.240.233.0-151.240.238.255
151.240.240.0/24
151.242.9.0/24
151.242.46.0-151.242.48.255
151.242.60.0/24
151.242.62.0/24
151.242.121.0/24
151.242.166.0/23
151.242.195.0/24
151.243.140.0/24
151.244.59.0/24
151.244.117.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:78:cc:2a:03:77:b9:53:6c:6f:ac:25:35:35:6c:87:5c:00:
a7:5d:6a:d9:0d:70:1b:73:e2:ff:fe:96:6b:5c:27:81:b7:05:
02:10:da:1d:08:84:ef:ca:0e:31:28:ea:4a:db:90:19:b4:10:
38:2b:4b:c5:66:f0:e1:48:d0:5b:f4:d5:87:de:14:94:97:36:
b5:b5:f7:39:96:80:8a:77:64:a3:a8:87:d1:d2:8b:7c:da:45:
3b:6f:84:55:6a:1a:38:7f:36:24:58:b8:0f:d7:0f:13:c3:50:
63:06:4e:bc:ba:55:31:0f:f7:79:4a:15:80:4c:fd:5a:61:e6:
39:00:00:7a:3c:e0:2c:f3:bd:fd:e4:3e:2e:a8:ac:bd:86:1e:
2e:40:1f:ba:1b:be:34:ec:7b:7e:77:75:fb:a0:90:64:ac:a1:
a3:32:79:49:5c:fd:02:33:04:45:72:ba:a8:7a:f7:e5:bc:cc:
41:dd:95:49:06:ac:cc:f7:71:b1:7c:f9:bf:0d:38:4b:2e:e8:
74:bb:dc:4a:88:ee:cc:55:27:66:14:21:f2:83:1b:3d:0e:44:
4c:bc:44:d6:75:68:2b:f7:f2:01:aa:bb:d7:25:b0:24:68:ff:
74:c1:d4:ee:c7:6d:c0:bc:48:af:b3:e0:27:f3:34:9c:aa:b4:
61:03:73:ea
-----BEGIN CERTIFICATE-----
MIIFYjCCBEqgAwIBAgISAZc1+FXas+61K2SAHG2qWAXDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNjAzMTMyNTU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTU1N2FlZGNmNGY0YzIwZTE0NmQyY2JkNDI0YzNhODBlOGNlZjZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtg+BRdIAwR6Q80CZtZCLXySn851Z
CqSwih+TlkrqRe5OaoGg4KPRdCSytPx/CnQKYiP3JjP1HPIPC7Q7pJCSgi0ArDCc
61ih3t8JoJxIqDBQLY1dBYb97RhbSm1AZVBPtRt0IFHbXQVEMHQc5y7jhjw8UR6b
B6wNre52f8FniW1ATZ7VSh5wXvN0ph4obNPItLazSwnQf/Q/iS4l56rE4HPcrFvq
0hO0EH/TCJbdyTCfx/2cZQfObJI52hvpQCmJ1GBEfmfFZNaJNQj8vb09JGRy3ldo
dX8TNIRZd7khB896EST1iV+D2460Owb1iGKNTJodxMAeWCC4lXvoN9TZOQIDAQAB
o4ICbjCCAmowHQYDVR0OBBYEFJVVeu3PT0wg4UbSy9Qkw6gOjO9uMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvbFZWNjdjOVBUQ0RoUnRMTDFDVERxQTZNNzI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGDBggrBgEFBQcBBwEB/wR0MHIwcAQCAAEwagMEACXK2wME
AJfwHwMEAJfw5TAMAwQAl/DpAwQAl/DuAwQAl/DwAwQAl/IJMAwDBAGX8i4DBACX
8jADBACX8jwDBACX8j4DBACX8nkDBAGX8qYDBACX8sMDBACX84wDBACX9DsDBACX
9HUwDQYJKoZIhvcNAQELBQADggEBAJt4zCoDd7lTbG+sJTU1bIdcAKddatkNcBtz
4v/+lmtcJ4G3BQIQ2h0IhO/KDjEo6krbkBm0EDgrS8Vm8OFI0Fv01YfeFJSXNrW1
9zmWgIp3ZKOoh9HSi3zaRTtvhFVqGjh/NiRYuA/XDxPDUGMGTry6VTEP93lKFYBM
/Vph5jkAAHo84Czzvf3kPi6orL2GHi5AH7obvjTse353dfugkGSsoaMyeUlc/QIz
BEVyuqh69+W8zEHdlUkGrMz3cbF8+b8NOEsu6HS73EqI7sxVJ2YUIfKDGz0OREy8
RNZ1aCv38gGqu9clsCRo/3TB1O7HbcC8SK+z4CfzNJyqtGEDc+o=
-----END CERTIFICATE-----
Generated at Fri Jun 6 16:49:09 2025 by rpki-client