Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/t-CGkcUNNmbQMnBQHt2Y4Zfo2oY.roa
File: t-CGkcUNNmbQMnBQHt2Y4Zfo2oY.roa (raw, json)
Hash identifier: PsEcIrMYXK57SMbbItnNxctn7a50Mzm/Pb2uKaretXI=
Subject key identifier: B7:E0:86:91:C5:0D:36:66:D0:32:70:50:1E:DD:98:E1:97:E8:DA:86
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0196F12E62BEEE0B76499982FF183ABC7643
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/t-CGkcUNNmbQMnBQHt2Y4Zfo2oY.roa
Signing time: Wed 21 May 2025 04:51:10 +0000
ROA not before: Wed 21 May 2025 04:51:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 53356
IP address blocks: 151.240.16.0/24 maxlen: 24
151.243.104.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Jun 2025 12:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:f1:2e:62:be:ee:0b:76:49:99:82:ff:18:3a:bc:76:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: May 21 04:51:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b7e08691c50d3666d03270501edd98e197e8da86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:7e:2c:a2:4b:15:7d:2a:36:af:db:06:06:fb:
97:d5:9a:fc:67:96:a7:33:58:ba:45:98:5e:6a:70:
6b:26:9d:65:6d:b4:42:c7:01:49:33:10:72:c0:08:
02:4f:da:86:c1:29:00:1e:49:11:24:f6:59:04:71:
53:c7:04:60:df:74:ec:af:f0:13:0a:d0:1a:e5:21:
c7:c3:6a:ff:72:ec:6c:89:e8:f4:e0:2b:08:2d:a0:
4f:17:78:5b:2d:fe:cf:8f:ab:18:f5:62:8f:ad:6b:
f2:d3:15:2e:68:30:48:c0:55:52:04:fa:53:f9:29:
8f:59:2c:2b:e1:64:4a:b5:3f:7d:2e:7e:d4:6b:93:
f3:a9:bf:08:a1:2d:21:45:b7:90:a6:80:df:93:77:
90:63:3e:92:b8:c7:09:e8:09:98:ea:55:51:3d:72:
77:db:11:ee:c7:11:ef:3a:e4:69:e0:1d:75:96:e0:
74:8b:55:36:68:6a:ae:70:8b:88:63:e4:6f:7c:55:
ed:92:6d:42:8a:16:af:b1:47:17:45:df:1d:1b:f6:
e9:8a:a6:7f:1f:1c:c8:79:16:33:2c:d3:d3:7e:f1:
ee:b2:ac:f4:f4:35:a7:18:0f:bb:6d:03:16:1d:59:
ae:62:1e:41:98:28:df:38:bd:1c:7f:de:77:64:c2:
13:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:E0:86:91:C5:0D:36:66:D0:32:70:50:1E:DD:98:E1:97:E8:DA:86
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/t-CGkcUNNmbQMnBQHt2Y4Zfo2oY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.240.16.0/24
151.243.104.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:8a:41:fd:d8:ae:ea:00:5e:a9:10:9f:9d:88:53:e0:85:a4:
8e:6f:19:2c:d3:28:ca:2d:48:f2:45:3a:47:c3:3b:29:8d:90:
08:da:ba:6b:62:a8:c7:a6:31:f3:f9:73:d5:4b:af:15:ae:82:
87:a4:8f:8c:56:d1:69:92:2c:7d:5f:1b:0d:b9:7a:e1:7a:ad:
ef:96:e0:44:a3:ba:16:be:8d:b1:96:07:e4:ef:48:2a:92:9d:
a0:57:92:59:b9:18:23:c2:86:4e:40:83:7d:73:54:37:68:2a:
a0:f1:58:0d:41:1b:ec:f6:1c:6a:40:a8:d8:41:48:ca:99:c0:
17:5a:44:02:c1:3a:f8:0e:ab:a5:6a:7d:6a:72:06:88:ea:6f:
ef:94:05:7e:4c:39:26:28:95:47:52:ad:2c:54:ac:95:bf:28:
d3:aa:02:4b:90:a1:c2:83:da:c5:dc:ba:d0:42:fc:85:58:fe:
a4:3a:2d:e6:9f:bc:d9:bb:ad:a3:0b:56:95:e4:b4:52:19:67:
61:26:fb:7c:a8:d9:8f:42:7b:be:86:75:9c:1b:00:b7:b3:d8:
b6:14:79:85:1c:38:5e:e7:54:58:8b:a8:e4:f5:05:27:53:2f:
9e:6b:d1:12:bf:a7:4d:ad:99:6b:6a:c3:94:46:62:2c:d9:67:
87:45:cb:2e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZbxLmK+7gt2SZmC/xg6vHZDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNTIxMDQ1MTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiN2UwODY5MWM1MGQzNjY2ZDAzMjcwNTAxZWRkOThlMTk3ZThkYTg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuX4soksVfSo2r9sGBvuX1Zr8Z5an
M1i6RZheanBrJp1lbbRCxwFJMxBywAgCT9qGwSkAHkkRJPZZBHFTxwRg33Tsr/AT
CtAa5SHHw2r/cuxsiej04CsILaBPF3hbLf7Pj6sY9WKPrWvy0xUuaDBIwFVSBPpT
+SmPWSwr4WRKtT99Ln7Ua5Pzqb8IoS0hRbeQpoDfk3eQYz6SuMcJ6AmY6lVRPXJ3
2xHuxxHvOuRp4B11luB0i1U2aGqucIuIY+RvfFXtkm1CihavsUcXRd8dG/bpiqZ/
HxzIeRYzLNPTfvHusqz09DWnGA+7bQMWHVmuYh5BmCjfOL0cf953ZMITZQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLfghpHFDTZm0DJwUB7dmOGX6NqGMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvdC1DR2tjVU5ObWJRTW5CUUh0Mlk0WmZvMm9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAl/AQAwQA
l/NoMA0GCSqGSIb3DQEBCwUAA4IBAQBOikH92K7qAF6pEJ+diFPghaSObxks0yjK
LUjyRTpHwzspjZAI2rprYqjHpjHz+XPVS68VroKHpI+MVtFpkix9XxsNuXrheq3v
luBEo7oWvo2xlgfk70gqkp2gV5JZuRgjwoZOQIN9c1Q3aCqg8VgNQRvs9hxqQKjY
QUjKmcAXWkQCwTr4Dqulan1qcgaI6m/vlAV+TDkmKJVHUq0sVKyVvyjTqgJLkKHC
g9rF3LrQQvyFWP6kOi3mn7zZu62jC1aV5LRSGWdhJvt8qNmPQnu+hnWcGwC3s9i2
FHmFHDhe51RYi6jk9QUnUy+ea9ESv6dNrZlrasOURmIs2WeHRcsu
-----END CERTIFICATE-----
Generated at Thu Jun 5 19:08:04 2025 by rpki-client