Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/tlaQsGx4Jf6W0jCRvoKBShl4f7o.roa
File: tlaQsGx4Jf6W0jCRvoKBShl4f7o.roa (raw, json)
Hash identifier: 47XnscuHtnboKTz6b+bofJ0NgABH0tyifdFLIvObJSY=
Subject key identifier: B6:56:90:B0:6C:78:25:FE:96:D2:30:91:BE:82:81:4A:19:78:7F:BA
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0196F931D7AE862DDD6712C7315AA5F0CD8A
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/tlaQsGx4Jf6W0jCRvoKBShl4f7o.roa
Signing time: Thu 22 May 2025 18:11:55 +0000
ROA not before: Thu 22 May 2025 18:11:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208212
IP address blocks: 151.242.83.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 11 Jun 2025 14:00:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:f9:31:d7:ae:86:2d:dd:67:12:c7:31:5a:a5:f0:cd:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: May 22 18:11:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b65690b06c7825fe96d23091be82814a19787fba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:e7:4e:db:f5:c5:09:35:4c:bc:8e:4a:5b:42:
b7:fc:90:c3:74:31:7a:d6:d6:d9:6b:2f:db:05:18:
11:7d:da:9a:04:00:1a:be:c9:f2:d6:dd:c9:2b:fd:
98:b8:92:29:34:61:f0:46:76:45:d4:fb:84:ac:bf:
a5:d1:75:30:30:9b:00:e2:01:0f:88:18:2d:ce:c6:
38:7c:f7:f7:07:be:ba:62:6d:93:8a:2a:9c:7a:cb:
e4:d7:51:30:8f:7c:61:40:0f:d2:17:b1:a5:dc:25:
0b:d4:d4:75:cb:7e:85:8e:83:95:4e:e9:c5:86:65:
9e:60:4e:92:78:a8:77:27:ee:dc:f2:a1:30:80:d8:
fa:e6:24:1c:02:84:4e:e2:c7:f7:5d:1d:e6:22:ef:
0c:40:a3:ee:6e:39:75:d0:d4:e3:85:9a:26:6e:fa:
b2:5f:1b:bb:12:cc:94:9a:59:ce:21:10:09:21:32:
39:56:1c:44:d8:4f:6f:08:ff:ab:8f:69:62:48:f4:
4d:d1:9c:75:bd:95:d2:20:cd:18:44:87:83:fc:90:
88:be:fc:26:30:b8:1e:47:22:bd:04:5e:be:ba:f3:
fe:b8:01:43:d6:69:7d:a5:24:72:81:55:f7:18:37:
b9:61:2b:08:ea:d5:72:4d:2a:a8:f4:81:3e:6e:83:
94:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:56:90:B0:6C:78:25:FE:96:D2:30:91:BE:82:81:4A:19:78:7F:BA
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/tlaQsGx4Jf6W0jCRvoKBShl4f7o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.242.83.0/24
Signature Algorithm: sha256WithRSAEncryption
43:33:af:47:72:e6:ba:07:5c:e9:9e:f5:43:7d:4d:cf:db:32:
72:8b:23:84:a3:f9:8c:ec:af:c1:ca:20:fc:31:73:1d:4c:88:
d0:18:20:b1:87:dc:53:b6:3e:b0:1d:f0:f7:a4:89:8c:d6:37:
02:6a:c3:95:6b:19:b2:c7:47:88:9d:e7:e9:e2:8f:80:a3:38:
0a:ed:8c:a4:32:b6:20:ee:1c:07:ed:93:44:6c:d1:e3:87:94:
44:be:4f:a2:3f:b6:8c:a2:50:97:19:d7:cf:fe:9a:f7:b0:d2:
48:fd:7b:6d:99:b8:5a:0d:3a:7a:50:bf:29:32:d8:86:a3:fe:
24:16:dc:c0:1f:79:f7:1a:07:d6:e5:d1:89:5e:ae:e5:3e:e4:
5e:c1:23:bd:8b:24:b3:72:1e:52:0e:ae:8f:b1:60:67:38:e0:
dc:42:ee:1e:58:09:4d:81:a5:51:49:e2:46:18:5d:b0:6d:c9:
03:57:68:32:2e:9f:13:a9:98:1a:a5:ac:6b:af:78:85:d2:38:
29:9c:d3:5a:c3:58:9c:f7:88:0d:53:16:6a:0f:aa:c3:f9:a9:
d0:c3:fa:50:b0:a1:99:91:bf:46:43:33:81:05:d4:74:4e:62:
6b:b1:75:53:f6:6a:8f:a5:07:cc:d0:c0:e4:fe:e0:54:93:c8:
34:dc:1a:85
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZb5Mdeuhi3dZxLHMVql8M2KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNTIyMTgxMTU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjU2OTBiMDZjNzgyNWZlOTZkMjMwOTFiZTgyODE0YTE5Nzg3ZmJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk+dO2/XFCTVMvI5KW0K3/JDDdDF6
1tbZay/bBRgRfdqaBAAavsny1t3JK/2YuJIpNGHwRnZF1PuErL+l0XUwMJsA4gEP
iBgtzsY4fPf3B766Ym2Tiiqcesvk11Ewj3xhQA/SF7Gl3CUL1NR1y36FjoOVTunF
hmWeYE6SeKh3J+7c8qEwgNj65iQcAoRO4sf3XR3mIu8MQKPubjl10NTjhZombvqy
Xxu7EsyUmlnOIRAJITI5VhxE2E9vCP+rj2liSPRN0Zx1vZXSIM0YRIeD/JCIvvwm
MLgeRyK9BF6+uvP+uAFD1ml9pSRygVX3GDe5YSsI6tVyTSqo9IE+boOUWQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLZWkLBseCX+ltIwkb6CgUoZeH+6MB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvdGxhUXNHeDRKZjZXMGpDUnZvS0JTaGw0ZjdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAl/JTMA0G
CSqGSIb3DQEBCwUAA4IBAQBDM69Hcua6B1zpnvVDfU3P2zJyiyOEo/mM7K/ByiD8
MXMdTIjQGCCxh9xTtj6wHfD3pImM1jcCasOVaxmyx0eInefp4o+AozgK7YykMrYg
7hwH7ZNEbNHjh5REvk+iP7aMolCXGdfP/pr3sNJI/XttmbhaDTp6UL8pMtiGo/4k
FtzAH3n3GgfW5dGJXq7lPuRewSO9iySzch5SDq6PsWBnOODcQu4eWAlNgaVRSeJG
GF2wbckDV2gyLp8TqZgapaxrr3iF0jgpnNNaw1ic94gNUxZqD6rD+anQw/pQsKGZ
kb9GQzOBBdR0TmJrsXVT9mqPpQfM0MDk/uBUk8g03BqF
-----END CERTIFICATE-----
Generated at Tue Jun 10 23:12:45 2025 by rpki-client