Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/q4Eoft8rP4k6cjfnJI1oPqi1K3Q.roa
File: q4Eoft8rP4k6cjfnJI1oPqi1K3Q.roa (raw, json)
Hash identifier: wxeRkV/45T/97IR7ziUNiB6zD+/XiunPMDatGiw/7RA=
Subject key identifier: AB:81:28:7E:DF:2B:3F:89:3A:72:37:E7:24:8D:68:3E:A8:B5:2B:74
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0194CBC0F0426298AA9CA680625B37973647
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/q4Eoft8rP4k6cjfnJI1oPqi1K3Q.roa
Signing time: Mon 03 Feb 2025 12:20:06 +0000
ROA not before: Mon 03 Feb 2025 12:20:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43641
IP address blocks: 151.243.245.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 04:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:cb:c0:f0:42:62:98:aa:9c:a6:80:62:5b:37:97:36:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Feb 3 12:20:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ab81287edf2b3f893a7237e7248d683ea8b52b74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:75:b6:b1:2e:96:af:e5:10:e4:a2:f8:7a:fc:
79:fa:1c:47:24:ca:ce:5b:a9:fc:6f:5d:0c:80:4c:
d1:a5:d1:45:9a:75:fe:c6:4d:06:7f:b7:d2:d0:84:
e0:4f:77:06:b8:4f:67:ae:ba:80:80:ef:42:9f:b4:
0b:25:80:a2:7a:df:ca:fe:37:98:34:4e:78:d4:0f:
8a:07:96:77:cd:f5:59:76:7a:e0:35:a4:d8:43:85:
db:9b:63:10:4c:7d:82:fa:59:97:b1:01:5c:94:04:
17:8e:d8:6b:5b:a3:5d:d2:a3:70:62:1a:9c:4f:91:
75:ab:d3:e6:db:ca:d3:98:45:cb:e4:b9:01:b6:e0:
11:a8:9d:58:76:6a:aa:4b:dc:f3:9f:80:6a:eb:0e:
62:8e:6f:3a:f6:2e:dc:88:e7:01:7c:af:f9:3e:a1:
c5:78:d4:4a:7f:53:fd:c8:fb:15:8e:58:93:39:29:
8e:1e:0f:8d:e9:0a:36:02:fc:8e:b8:ec:91:14:a6:
c7:dc:e1:67:34:2c:5c:ab:10:71:a4:41:ea:07:a3:
cd:b1:86:c1:80:2f:0d:25:a1:9b:eb:29:78:32:a3:
c2:5d:2f:07:0f:be:26:06:92:55:a6:08:b0:f7:2b:
38:a6:0c:12:9b:bf:af:5b:4c:91:66:11:0b:4c:fe:
03:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:81:28:7E:DF:2B:3F:89:3A:72:37:E7:24:8D:68:3E:A8:B5:2B:74
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/q4Eoft8rP4k6cjfnJI1oPqi1K3Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.243.245.0/24
Signature Algorithm: sha256WithRSAEncryption
07:e3:06:b6:1d:76:c3:c5:8b:04:7d:b7:13:8e:64:32:3a:f2:
06:23:54:f5:48:77:06:70:84:14:8d:df:13:7d:8f:ad:c6:17:
4f:c2:34:d7:bd:40:13:ab:56:12:34:de:82:5f:32:65:ae:12:
54:54:fa:38:c2:ce:9b:56:26:f3:d0:3c:aa:b3:a9:1d:6b:3b:
b9:2f:ad:2b:65:5a:7f:a4:1e:34:1f:a5:32:10:7e:c6:a0:26:
a7:de:fc:c1:21:08:3e:76:c6:fd:58:e6:a4:7b:d2:f7:7d:f5:
2e:6d:4d:ac:d7:b8:8c:c0:3e:b4:8f:a7:d2:1f:f6:7e:5a:17:
fa:06:c0:cc:08:85:86:fa:b5:bb:ee:86:6a:62:33:b1:9a:fb:
ef:01:09:5a:70:0a:eb:1c:d6:e3:85:0d:d0:23:41:19:0a:d3:
5a:6b:7c:ee:c2:70:54:ff:7e:a6:46:22:c1:c2:21:16:3b:fe:
2f:6b:22:fa:86:0e:e3:03:c9:b1:4c:47:4a:92:4a:0d:a6:1b:
58:79:b4:c3:ee:8d:38:39:97:62:96:ab:62:b8:b8:b8:0d:21:
a7:02:c7:03:3f:d7:b6:25:5f:ce:28:a8:60:ef:00:0e:6c:bc:
5b:1c:d8:05:18:83:33:b1:4c:af:c6:27:d8:1d:d7:8f:df:86:
b5:50:6c:8b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZTLwPBCYpiqnKaAYls3lzZHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwMjAzMTIyMDA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjgxMjg3ZWRmMmIzZjg5M2E3MjM3ZTcyNDhkNjgzZWE4YjUyYjc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvnW2sS6Wr+UQ5KL4evx5+hxHJMrO
W6n8b10MgEzRpdFFmnX+xk0Gf7fS0ITgT3cGuE9nrrqAgO9Cn7QLJYCiet/K/jeY
NE541A+KB5Z3zfVZdnrgNaTYQ4Xbm2MQTH2C+lmXsQFclAQXjthrW6Nd0qNwYhqc
T5F1q9Pm28rTmEXL5LkBtuARqJ1YdmqqS9zzn4Bq6w5ijm869i7ciOcBfK/5PqHF
eNRKf1P9yPsVjliTOSmOHg+N6Qo2AvyOuOyRFKbH3OFnNCxcqxBxpEHqB6PNsYbB
gC8NJaGb6yl4MqPCXS8HD74mBpJVpgiw9ys4pgwSm7+vW0yRZhELTP4DSwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKuBKH7fKz+JOnI35ySNaD6otSt0MB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvcTRFb2Z0OHJQNGs2Y2pmbkpJMW9QcWkxSzNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAl/P1MA0G
CSqGSIb3DQEBCwUAA4IBAQAH4wa2HXbDxYsEfbcTjmQyOvIGI1T1SHcGcIQUjd8T
fY+txhdPwjTXvUATq1YSNN6CXzJlrhJUVPo4ws6bVibz0Dyqs6kdazu5L60rZVp/
pB40H6UyEH7GoCan3vzBIQg+dsb9WOake9L3ffUubU2s17iMwD60j6fSH/Z+Whf6
BsDMCIWG+rW77oZqYjOxmvvvAQlacArrHNbjhQ3QI0EZCtNaa3zuwnBU/36mRiLB
wiEWO/4vayL6hg7jA8mxTEdKkkoNphtYebTD7o04OZdilqtiuLi4DSGnAscDP9e2
JV/OKKhg7wAObLxbHNgFGIMzsUyvxifYHdeP34a1UGyL
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:28:25 2025 by rpki-client