Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/q5xrLTqZeHINh0bYUQWsFNQeXkA.roa
File: q5xrLTqZeHINh0bYUQWsFNQeXkA.roa (raw, json)
Hash identifier: 9WBo4zW+hW7uwo3MQonB4mC5qZKAZDrDqYcSyUOZx8U=
Subject key identifier: AB:9C:6B:2D:3A:99:78:72:0D:87:46:D8:51:05:AC:14:D4:1E:5E:40
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0196DCECD609D5398989252640DC7803EE22
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/q5xrLTqZeHINh0bYUQWsFNQeXkA.roa
Signing time: Sat 17 May 2025 06:27:10 +0000
ROA not before: Sat 17 May 2025 06:27:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 151.240.128.0/21 maxlen: 24
151.240.136.0/21 maxlen: 24
151.241.132.0/22 maxlen: 22
151.242.56.0/24 maxlen: 24
151.243.8.0/23 maxlen: 23
151.243.204.0/23 maxlen: 23
151.245.56.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Jun 2025 14:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:dc:ec:d6:09:d5:39:89:89:25:26:40:dc:78:03:ee:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: May 17 06:27:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ab9c6b2d3a9978720d8746d85105ac14d41e5e40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:c3:90:12:2f:1d:a4:df:8a:eb:be:65:54:b0:
a4:d3:2d:50:ab:81:53:35:a5:19:be:df:7f:06:61:
8b:15:ba:c4:d5:13:e3:bd:42:0d:a8:54:cf:cf:8e:
f3:60:c4:99:0f:16:2a:26:31:a2:12:b5:8a:b5:8c:
2e:15:2d:47:be:ad:c8:56:8f:a3:ad:a9:07:99:24:
2c:81:c8:c7:d4:2d:04:90:55:8f:4c:95:3f:29:f0:
86:42:8b:cd:e4:be:cb:69:a1:98:f8:c3:8f:fd:be:
81:40:a4:ed:db:00:92:17:34:18:a8:32:b4:7e:b7:
b2:5f:db:82:ff:6e:97:89:94:f0:f6:f5:d7:c6:e0:
a3:07:12:82:67:21:e4:3b:1f:28:03:cf:0a:02:f1:
49:8b:df:a6:99:a2:43:27:21:a1:b6:fb:61:c4:1e:
e6:6f:b4:bc:95:b2:3d:17:cf:c9:c6:18:5d:9f:23:
03:98:23:ad:62:d7:b4:1b:79:ce:13:9b:ec:77:21:
0a:aa:0d:4c:d6:d5:2e:fc:e3:a1:d5:15:b6:9e:45:
3a:58:09:f9:6c:cb:97:2d:0a:ac:35:22:9d:d8:c4:
2a:29:7b:4f:17:9f:1b:78:65:77:38:89:55:33:b1:
09:f9:ec:8d:f9:44:26:09:41:9a:da:93:ca:5c:80:
cd:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:9C:6B:2D:3A:99:78:72:0D:87:46:D8:51:05:AC:14:D4:1E:5E:40
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/q5xrLTqZeHINh0bYUQWsFNQeXkA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.240.128.0/20
151.241.132.0/22
151.242.56.0/24
151.243.8.0/23
151.243.204.0/23
151.245.56.0/22
Signature Algorithm: sha256WithRSAEncryption
81:3b:9d:eb:20:70:f5:f8:32:99:e4:07:fa:33:85:34:93:2e:
8f:6c:6e:30:90:a9:86:8e:f1:94:bc:45:97:b9:d1:8d:64:df:
af:c8:ca:29:33:2b:75:ff:a1:bb:56:f9:d1:32:b3:20:ec:64:
e1:3f:05:63:32:bb:4b:ad:f9:86:91:44:c3:c5:54:cc:ee:6c:
3a:35:79:83:e4:c6:02:0e:e4:65:b6:7d:0a:48:8d:3f:8f:52:
51:36:96:c0:fc:fb:3a:66:5c:9b:24:cc:c3:21:e8:ff:96:fb:
02:48:99:33:04:79:e2:c9:f4:b1:7a:87:9f:19:83:37:35:5c:
d3:6d:16:f9:b2:38:5a:f5:ad:3d:bb:94:d2:8e:32:9c:fb:b4:
9b:c2:ac:68:3a:0a:cb:4e:6a:e8:cd:cb:b1:0d:74:6e:ec:ba:
4d:26:38:c7:47:d7:42:49:e3:33:d2:20:79:15:e5:8f:a4:00:
4d:b6:fa:26:a5:99:0d:ce:21:24:19:3f:df:25:e4:ee:fb:ec:
09:14:9c:e9:6b:17:2e:05:91:66:a5:5d:42:35:eb:ae:b7:40:
ff:32:7a:15:25:49:99:f4:b4:b4:d3:51:92:95:18:4e:04:2b:
50:af:ac:da:d2:1c:4e:95:b1:a7:f8:dc:1e:7f:83:ce:ff:4f:
84:ac:e5:ad
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZbc7NYJ1TmJiSUmQNx4A+4iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNTE3MDYyNzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjljNmIyZDNhOTk3ODcyMGQ4NzQ2ZDg1MTA1YWMxNGQ0MWU1ZTQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2sOQEi8dpN+K675lVLCk0y1Qq4FT
NaUZvt9/BmGLFbrE1RPjvUINqFTPz47zYMSZDxYqJjGiErWKtYwuFS1Hvq3IVo+j
rakHmSQsgcjH1C0EkFWPTJU/KfCGQovN5L7LaaGY+MOP/b6BQKTt2wCSFzQYqDK0
freyX9uC/26XiZTw9vXXxuCjBxKCZyHkOx8oA88KAvFJi9+mmaJDJyGhtvthxB7m
b7S8lbI9F8/JxhhdnyMDmCOtYte0G3nOE5vsdyEKqg1M1tUu/OOh1RW2nkU6WAn5
bMuXLQqsNSKd2MQqKXtPF58beGV3OIlVM7EJ+eyN+UQmCUGa2pPKXIDN3QIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFKucay06mXhyDYdG2FEFrBTUHl5AMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvcTV4ckxUcVplSElOaDBiWVVRV3NGTlFlWGtBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQEl/CAAwQC
l/GEAwQAl/I4AwQBl/MIAwQBl/PMAwQCl/U4MA0GCSqGSIb3DQEBCwUAA4IBAQCB
O53rIHD1+DKZ5Af6M4U0ky6PbG4wkKmGjvGUvEWXudGNZN+vyMopMyt1/6G7VvnR
MrMg7GThPwVjMrtLrfmGkUTDxVTM7mw6NXmD5MYCDuRltn0KSI0/j1JRNpbA/Ps6
ZlybJMzDIej/lvsCSJkzBHniyfSxeoefGYM3NVzTbRb5sjha9a09u5TSjjKc+7Sb
wqxoOgrLTmrozcuxDXRu7LpNJjjHR9dCSeMz0iB5FeWPpABNtvompZkNziEkGT/f
JeTu++wJFJzpaxcuBZFmpV1CNeuut0D/MnoVJUmZ9LS001GSlRhOBCtQr6za0hxO
lbGn+Nwef4PO/0+ErOWt
-----END CERTIFICATE-----
Generated at Mon Jun 2 17:02:11 2025 by rpki-client