Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/sRsA1sIu1OikD-4j40yx_06J27Q.roa
File: sRsA1sIu1OikD-4j40yx_06J27Q.roa (raw, json)
Hash identifier: 9vpWnttufx/P6MDduYS3Ar0LuJlFJ5ah3xUDi8CiQcU=
Subject key identifier: B1:1B:00:D6:C2:2E:D4:E8:A4:0F:EE:23:E3:4C:B1:FF:4E:89:DB:B4
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0195D8FB1F502990ACAE49D4EFC0C76F2D65
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/sRsA1sIu1OikD-4j40yx_06J27Q.roa
Signing time: Thu 27 Mar 2025 19:01:31 +0000
ROA not before: Thu 27 Mar 2025 19:01:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5065
IP address blocks: 37.202.219.0/24 maxlen: 24
151.242.9.0/24 maxlen: 24
151.242.13.0/24 maxlen: 24
151.242.46.0/24 maxlen: 24
151.242.47.0/24 maxlen: 24
151.242.48.0/24 maxlen: 24
151.242.60.0/24 maxlen: 24
151.242.62.0/24 maxlen: 24
151.242.64.0/24 maxlen: 24
151.242.121.0/24 maxlen: 24
151.243.57.0/24 maxlen: 24
151.243.80.0/24 maxlen: 24
151.243.140.0/24 maxlen: 24
151.243.164.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 04:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:d8:fb:1f:50:29:90:ac:ae:49:d4:ef:c0:c7:6f:2d:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Mar 27 19:01:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b11b00d6c22ed4e8a40fee23e34cb1ff4e89dbb4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:1f:a1:09:d8:1f:7c:78:8e:95:98:a6:42:50:
7a:aa:ad:09:4b:71:83:bd:7b:34:2a:0d:11:bc:9f:
f5:01:bc:a9:d6:d8:e7:35:3b:4c:36:43:57:79:40:
b0:05:0d:dc:6f:b8:f9:fd:14:80:dd:88:28:8b:7c:
e3:88:43:c7:7b:ad:2f:5f:a0:53:64:59:63:10:2d:
53:02:3b:29:97:08:a3:60:70:d5:24:73:a6:7b:ce:
c6:ad:6c:2c:0a:4c:95:80:26:75:1b:7c:41:66:dd:
24:9e:5c:7a:2e:50:87:db:42:b5:9a:12:c0:9b:3f:
3b:33:d9:c9:07:be:a1:f6:52:0e:a3:c7:fc:b3:7b:
39:cb:d7:07:c7:7a:d1:1e:6b:97:60:ea:a2:0f:bc:
8f:1d:56:4c:2a:0d:2d:3d:4c:8d:81:07:62:4d:e9:
6b:17:bf:83:db:8f:9a:31:dc:f5:72:72:fd:4c:06:
6b:90:7f:15:7b:ac:13:f2:13:45:3d:a5:5a:9a:c8:
40:ab:38:1c:dd:82:5a:87:49:1f:72:f5:a6:49:d5:
02:9b:61:4b:0b:10:5d:ad:40:bc:94:8d:39:e9:e6:
a3:8f:2c:51:61:93:5a:a9:ee:f1:70:60:b5:70:9c:
40:35:77:75:a1:45:9c:88:87:03:86:4c:f5:8e:18:
91:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:1B:00:D6:C2:2E:D4:E8:A4:0F:EE:23:E3:4C:B1:FF:4E:89:DB:B4
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/sRsA1sIu1OikD-4j40yx_06J27Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.202.219.0/24
151.242.9.0/24
151.242.13.0/24
151.242.46.0-151.242.48.255
151.242.60.0/24
151.242.62.0/24
151.242.64.0/24
151.242.121.0/24
151.243.57.0/24
151.243.80.0/24
151.243.140.0/24
151.243.164.0/24
Signature Algorithm: sha256WithRSAEncryption
28:8e:a8:7f:61:47:a4:a2:d7:d8:cc:40:67:9a:a4:d2:62:70:
bc:d2:8f:ad:89:e1:45:1c:7c:50:04:34:a5:a1:85:78:d4:0d:
9c:fb:3a:ff:a6:71:46:c2:76:79:89:29:a0:07:33:c6:04:f0:
09:b9:26:9c:37:9f:b6:38:54:0f:b0:c1:47:5e:a4:9a:9f:54:
16:b9:fe:db:3d:d8:dc:5c:f4:14:90:e7:7e:b6:6c:b7:09:d7:
5d:dd:cd:e3:d5:9e:4f:5b:08:69:47:af:18:85:69:a8:f3:f2:
66:fc:65:44:73:58:01:65:53:bb:8f:df:ae:8d:60:d5:a3:57:
f2:a3:1c:f6:8a:29:fc:b8:27:64:11:27:cc:db:40:3a:fa:08:
80:5a:bc:b7:10:8f:05:cd:38:5a:ab:dd:db:aa:aa:1e:eb:18:
ab:33:f7:e7:14:3f:11:8f:9f:03:a9:5d:b1:07:12:7f:6b:73:
fd:0e:d6:71:a5:3d:f4:98:b1:58:08:a3:d0:75:1d:5b:93:84:
37:9c:70:4b:19:bd:c4:a4:30:ff:80:54:d1:ea:15:05:95:a2:
01:90:19:88:3b:0f:70:14:e3:a7:dc:7e:8c:50:93:a2:d3:eb:
8f:ab:90:d9:ac:21:19:12:b3:77:f9:ef:e7:45:c4:31:38:5b:
25:77:8a:d9
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgISAZXY+x9QKZCsrknU78DHby1lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwMzI3MTkwMTMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTFiMDBkNmMyMmVkNGU4YTQwZmVlMjNlMzRjYjFmZjRlODlkYmI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlB+hCdgffHiOlZimQlB6qq0JS3GD
vXs0Kg0RvJ/1Abyp1tjnNTtMNkNXeUCwBQ3cb7j5/RSA3Ygoi3zjiEPHe60vX6BT
ZFljEC1TAjsplwijYHDVJHOme87GrWwsCkyVgCZ1G3xBZt0knlx6LlCH20K1mhLA
mz87M9nJB76h9lIOo8f8s3s5y9cHx3rRHmuXYOqiD7yPHVZMKg0tPUyNgQdiTelr
F7+D24+aMdz1cnL9TAZrkH8Ve6wT8hNFPaVamshAqzgc3YJah0kfcvWmSdUCm2FL
CxBdrUC8lI056eajjyxRYZNaqe7xcGC1cJxANXd1oUWciIcDhkz1jhiRawIDAQAB
o4ICUzCCAk8wHQYDVR0OBBYEFLEbANbCLtTopA/uI+NMsf9Oidu0MB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvc1JzQTFzSXUxT2lrRC00ajQweXhfMDZKMjdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGkGCCsGAQUFBwEHAQH/BFowWDBWBAIAATBQAwQAJcrbAwQA
l/IJAwQAl/INMAwDBAGX8i4DBACX8jADBACX8jwDBACX8j4DBACX8kADBACX8nkD
BACX8zkDBACX81ADBACX84wDBACX86QwDQYJKoZIhvcNAQELBQADggEBACiOqH9h
R6Si19jMQGeapNJicLzSj62J4UUcfFAENKWhhXjUDZz7Ov+mcUbCdnmJKaAHM8YE
8Am5Jpw3n7Y4VA+wwUdepJqfVBa5/ts92Nxc9BSQ5362bLcJ113dzePVnk9bCGlH
rxiFaajz8mb8ZURzWAFlU7uP366NYNWjV/KjHPaKKfy4J2QRJ8zbQDr6CIBavLcQ
jwXNOFqr3duqqh7rGKsz9+cUPxGPnwOpXbEHEn9rc/0O1nGlPfSYsVgIo9B1HVuT
hDeccEsZvcSkMP+AVNHqFQWVogGQGYg7D3AU46fcfoxQk6LT64+rkNmsIRkSs3f5
7+dFxDE4WyV3itk=
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:11:51 2025 by rpki-client