Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/5f2e31-9ad6-438e-ad7c-e3e0c2dbf067/1/KF4rj8wK1krzl3OrFPy-CqSf5Rg.roa
File: KF4rj8wK1krzl3OrFPy-CqSf5Rg.roa (raw, json)
Hash identifier: Uyam0YZMVbS8n8u951YwMNv1LEzQgAQ1BgazVuDTRGI=
Subject key identifier: 28:5E:2B:8F:CC:0A:D6:4A:F3:97:73:AB:14:FC:BE:0A:A4:9F:E5:18
Certificate issuer: /CN=04aaff87f6dc0d3699bc2937a34dc717f94f007e
Certificate serial: 019421B226857D61AEBB045AD516AFA37CAB
Authority key identifier: 04:AA:FF:87:F6:DC:0D:36:99:BC:29:37:A3:4D:C7:17:F9:4F:00:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BKr_h_bcDTaZvCk3o03HF_lPAH4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/5f2e31-9ad6-438e-ad7c-e3e0c2dbf067/1/KF4rj8wK1krzl3OrFPy-CqSf5Rg.roa
Signing time: Wed 01 Jan 2025 11:48:30 +0000
ROA not before: Wed 01 Jan 2025 11:48:30 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6453
IP address blocks: 151.88.22.0/24 maxlen: 24
151.88.40.0/24 maxlen: 24
151.88.41.0/24 maxlen: 24
151.88.109.0/24 maxlen: 24
151.88.176.0/24 maxlen: 24
151.92.2.0/24 maxlen: 24
151.92.12.0/24 maxlen: 24
151.92.83.0/24 maxlen: 24
151.92.154.0/24 maxlen: 24
151.92.155.0/24 maxlen: 24
151.92.158.0/24 maxlen: 24
151.92.166.0/24 maxlen: 24
151.92.198.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c1/5f2e31-9ad6-438e-ad7c-e3e0c2dbf067/1/BKr_h_bcDTaZvCk3o03HF_lPAH4.crl
rsync://rpki.ripe.net/repository/DEFAULT/c1/5f2e31-9ad6-438e-ad7c-e3e0c2dbf067/1/BKr_h_bcDTaZvCk3o03HF_lPAH4.mft
rsync://rpki.ripe.net/repository/DEFAULT/BKr_h_bcDTaZvCk3o03HF_lPAH4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 12 Apr 2025 23:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:26:85:7d:61:ae:bb:04:5a:d5:16:af:a3:7c:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=04aaff87f6dc0d3699bc2937a34dc717f94f007e
Validity
Not Before: Jan 1 11:48:30 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=285e2b8fcc0ad64af39773ab14fcbe0aa49fe518
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:9f:12:06:8a:7c:21:dc:13:19:12:eb:dc:35:
22:69:1e:88:93:f7:f7:f5:8e:b4:7d:5d:f0:d6:72:
5e:0a:5a:d5:52:46:06:c5:b7:9d:ce:84:c7:cb:57:
ce:73:85:7e:ac:db:7f:cf:9b:ce:c7:71:0d:fb:43:
03:69:41:75:3e:93:6d:55:63:21:25:34:e0:f5:19:
b9:c9:e3:7f:cc:ec:2d:12:6d:8b:2b:dd:64:e4:40:
53:95:13:71:65:7e:89:e9:76:e2:6f:54:1d:ee:93:
42:1e:b0:45:e8:a8:4b:4a:e0:12:5e:a8:c6:ba:98:
0c:74:4d:a0:66:d5:48:90:e0:ac:43:65:42:31:ff:
6d:f2:e1:e5:3e:ea:11:f3:75:0e:9c:6e:87:2b:9b:
05:ae:3b:b8:b3:c5:9b:a6:53:07:5c:69:b3:6f:bd:
a0:87:3d:41:4f:b1:fc:f8:dc:ce:db:70:02:e7:ad:
e6:6b:c3:53:3e:17:0c:71:0b:18:25:4a:5c:03:13:
9f:b0:73:bb:19:a4:5b:86:37:61:f4:4c:5a:b8:80:
9c:0f:6a:40:cd:25:a5:4a:19:54:bf:37:9f:cf:0e:
3e:70:8c:6c:88:07:5b:6b:d4:19:71:9b:e3:40:02:
c6:94:78:59:da:2a:d0:45:30:0b:69:57:49:40:93:
e5:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:5E:2B:8F:CC:0A:D6:4A:F3:97:73:AB:14:FC:BE:0A:A4:9F:E5:18
X509v3 Authority Key Identifier:
keyid:04:AA:FF:87:F6:DC:0D:36:99:BC:29:37:A3:4D:C7:17:F9:4F:00:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BKr_h_bcDTaZvCk3o03HF_lPAH4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/5f2e31-9ad6-438e-ad7c-e3e0c2dbf067/1/KF4rj8wK1krzl3OrFPy-CqSf5Rg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/5f2e31-9ad6-438e-ad7c-e3e0c2dbf067/1/BKr_h_bcDTaZvCk3o03HF_lPAH4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.88.22.0/24
151.88.40.0/23
151.88.109.0/24
151.88.176.0/24
151.92.2.0/24
151.92.12.0/24
151.92.83.0/24
151.92.154.0/23
151.92.158.0/24
151.92.166.0/24
151.92.198.0/24
Signature Algorithm: sha256WithRSAEncryption
27:b8:12:77:52:49:a5:ce:e8:21:d1:dc:01:12:28:0a:1b:39:
28:89:51:94:fb:09:a8:00:08:04:35:4f:16:0f:55:53:d1:59:
12:3d:f9:d8:81:02:d0:b5:b3:3e:53:79:4d:16:98:10:54:dd:
37:f8:7d:3f:62:f0:58:9f:bc:3b:37:39:a7:5f:c7:0c:01:d0:
8a:4c:65:eb:40:fd:7c:31:f2:17:46:be:26:d4:7b:e7:6d:67:
b2:15:76:b8:8e:76:51:68:c3:b0:8e:6b:5a:05:93:97:1b:81:
5c:d3:f7:28:ee:96:14:81:1d:f1:12:d2:82:78:54:9c:da:29:
38:ee:1d:de:66:a6:ff:b4:79:14:d6:12:a7:70:fc:5b:4d:1d:
bc:f1:ce:5d:cf:c1:9f:ae:b9:d3:1f:cc:aa:e2:93:d9:96:05:
43:5f:72:cd:d4:ed:be:36:2c:c4:24:89:c3:6c:45:c1:58:c6:
cd:98:9c:83:ae:e7:3e:65:04:a3:47:25:af:fd:ef:b8:b9:39:
f6:f7:33:0f:43:4f:e5:41:30:de:90:e7:6e:34:fb:7b:75:e9:
3d:59:57:15:c0:e1:96:75:ef:b9:67:c5:f9:c7:13:7a:22:ae:
be:2a:81:3c:94:21:0a:b3:51:66:ac:7f:00:4e:17:0e:d7:83:
a2:b9:a6:44
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAZQhsiaFfWGuuwRa1Ravo3yrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0YWFmZjg3ZjZkYzBkMzY5OWJjMjkzN2EzNGRjNzE3Zjk0
ZjAwN2UwHhcNMjUwMTAxMTE0ODMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODVlMmI4ZmNjMGFkNjRhZjM5NzczYWIxNGZjYmUwYWE0OWZlNTE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzp8SBop8IdwTGRLr3DUiaR6Ik/f3
9Y60fV3w1nJeClrVUkYGxbedzoTHy1fOc4V+rNt/z5vOx3EN+0MDaUF1PpNtVWMh
JTTg9Rm5yeN/zOwtEm2LK91k5EBTlRNxZX6J6Xbib1Qd7pNCHrBF6KhLSuASXqjG
upgMdE2gZtVIkOCsQ2VCMf9t8uHlPuoR83UOnG6HK5sFrju4s8WbplMHXGmzb72g
hz1BT7H8+NzO23AC563ma8NTPhcMcQsYJUpcAxOfsHO7GaRbhjdh9ExauICcD2pA
zSWlShlUvzefzw4+cIxsiAdba9QZcZvjQALGlHhZ2irQRTALaVdJQJPlOQIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFCheK4/MCtZK85dzqxT8vgqkn+UYMB8GA1UdIwQY
MBaAFASq/4f23A02mbwpN6NNxxf5TwB+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQktyX2hfYmNEVGFadkNrM28wM0hGX2xQQUg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS81ZjJlMzEtOWFkNi00MzhlLWFkN2Mt
ZTNlMGMyZGJmMDY3LzEvS0Y0cmo4d0sxa3J6bDNPckZQeS1DcVNmNVJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS81ZjJlMzEtOWFkNi00MzhlLWFkN2MtZTNlMGMyZGJmMDY3
LzEvQktyX2hfYmNEVGFadkNrM28wM0hGX2xQQUg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQAl1gWAwQB
l1goAwQAl1htAwQAl1iwAwQAl1wCAwQAl1wMAwQAl1xTAwQBl1yaAwQAl1yeAwQA
l1ymAwQAl1zGMA0GCSqGSIb3DQEBCwUAA4IBAQAnuBJ3Ukmlzugh0dwBEigKGzko
iVGU+wmoAAgENU8WD1VT0VkSPfnYgQLQtbM+U3lNFpgQVN03+H0/YvBYn7w7Nzmn
X8cMAdCKTGXrQP18MfIXRr4m1HvnbWeyFXa4jnZRaMOwjmtaBZOXG4Fc0/co7pYU
gR3xEtKCeFSc2ik47h3eZqb/tHkU1hKncPxbTR288c5dz8GfrrnTH8yq4pPZlgVD
X3LN1O2+NizEJInDbEXBWMbNmJyDruc+ZQSjRyWv/e+4uTn29zMPQ0/lQTDekOdu
NPt7dek9WVcVwOGWde+5Z8X5xxN6Iq6+KoE8lCEKs1FmrH8AThcO14OiuaZE
-----END CERTIFICATE-----
Generated at Sat Apr 12 08:10:09 2025 by rpki-client