Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/17P2tK1D9_UooSpawIPEv3i6LV4.roa
File: 17P2tK1D9_UooSpawIPEv3i6LV4.roa (raw, json)
Hash identifier: thb2idJErKA6FMl72KY49b+nJz+i4245kTlHDUXdzVE=
Subject key identifier: D7:B3:F6:B4:AD:43:F7:F5:28:A1:2A:5A:C0:83:C4:BF:78:BA:2D:5E
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0196708732D7B720672BC6A7FCDEBF8104E1
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/17P2tK1D9_UooSpawIPEv3i6LV4.roa
Signing time: Sat 26 Apr 2025 05:17:10 +0000
ROA not before: Sat 26 Apr 2025 05:17:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29802
IP address blocks: 37.202.194.0/24 maxlen: 24
37.202.220.0/24 maxlen: 24
151.242.190.0/24 maxlen: 24
151.242.194.0/24 maxlen: 24
151.242.254.0/24 maxlen: 24
151.243.228.0/24 maxlen: 24
151.243.243.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:70:87:32:d7:b7:20:67:2b:c6:a7:fc:de:bf:81:04:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Apr 26 05:17:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d7b3f6b4ad43f7f528a12a5ac083c4bf78ba2d5e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:58:0d:c9:cd:db:63:24:34:16:17:7a:ea:60:
b2:50:92:06:67:5b:a1:1b:0c:40:67:24:f1:8f:f0:
31:a0:1d:7a:86:b5:32:dc:0e:51:26:0d:7a:66:36:
3c:59:dd:ce:6e:26:57:b5:67:fa:57:93:7e:f1:1c:
d9:1b:88:e5:8f:4d:ca:01:6a:85:39:9f:23:8d:9b:
c4:77:2f:8d:b8:7e:72:30:6f:94:13:96:77:a7:19:
6d:f4:2c:a5:7d:59:81:72:8e:4d:27:b6:52:f1:40:
09:e8:11:4e:a2:ae:f2:be:ca:93:3d:fe:b1:dc:02:
88:04:84:98:08:5c:10:62:0b:77:f1:ac:1a:ac:31:
9c:bd:18:37:ba:00:f6:2b:97:e9:21:7e:f8:9d:1b:
e8:3e:17:a8:2a:b4:52:3b:4b:65:6f:4e:41:d9:98:
6c:94:27:24:38:46:53:c3:f3:ff:0f:88:a7:0f:8a:
8e:7c:d5:7e:a5:28:43:89:14:43:a5:68:41:57:20:
6f:22:1d:ea:22:ab:40:a5:f9:6b:79:f1:a5:97:00:
1c:2f:b6:8e:fe:84:49:82:f7:6e:66:81:ff:ad:f9:
d2:b9:6e:e5:3a:fc:da:fe:0b:93:01:54:75:6c:e8:
e7:04:22:10:b9:8b:a1:1a:b1:cc:41:47:98:2b:79:
8b:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:B3:F6:B4:AD:43:F7:F5:28:A1:2A:5A:C0:83:C4:BF:78:BA:2D:5E
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/17P2tK1D9_UooSpawIPEv3i6LV4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.202.194.0/24
37.202.220.0/24
151.242.190.0/24
151.242.194.0/24
151.242.254.0/24
151.243.228.0/24
151.243.243.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:0d:dd:f8:88:39:83:a7:e2:2d:d3:4e:e7:2d:de:0f:d8:00:
cd:58:6f:b2:0a:12:96:7d:1c:22:de:72:ab:20:d2:ed:11:27:
61:d0:0f:e4:92:92:c3:17:20:db:f7:62:71:76:32:80:9b:02:
cd:ad:a1:3b:ca:eb:da:fd:58:17:d7:f5:30:53:9d:9a:99:7b:
44:1a:5c:83:33:4e:c6:c0:89:04:e1:fd:52:95:75:22:f6:bc:
a0:b5:a6:ba:58:b8:dc:e2:60:06:05:6d:e8:9d:14:24:e4:8a:
e4:86:12:bd:99:43:4a:8c:92:b8:bb:f4:e3:6d:39:66:f9:39:
a0:dc:c1:73:56:ca:b5:99:0a:67:07:73:fb:d3:eb:b3:9b:87:
71:55:aa:c1:b4:46:3d:7f:3b:de:31:b0:4b:72:29:77:e5:77:
6e:1b:35:f6:93:5f:fa:27:b9:c6:ed:06:5d:80:bb:c8:d3:6e:
38:25:c3:08:1c:6b:26:c6:cc:ac:ac:dc:3f:0b:7f:33:7f:27:
2f:d2:f3:e7:86:ae:7d:4c:f9:b4:b5:de:5f:c6:f9:04:f8:d6:
78:2b:fc:50:bd:a8:cd:53:ca:4a:80:28:7e:9a:5f:20:0d:e4:
ee:d7:0f:d5:3c:20:f2:67:52:fc:be:34:d1:8d:82:b1:c9:5d:
69:87:b8:35
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZZwhzLXtyBnK8an/N6/gQThMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNDI2MDUxNzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkN2IzZjZiNGFkNDNmN2Y1MjhhMTJhNWFjMDgzYzRiZjc4YmEyZDVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1lgNyc3bYyQ0Fhd66mCyUJIGZ1uh
GwxAZyTxj/AxoB16hrUy3A5RJg16ZjY8Wd3ObiZXtWf6V5N+8RzZG4jlj03KAWqF
OZ8jjZvEdy+NuH5yMG+UE5Z3pxlt9CylfVmBco5NJ7ZS8UAJ6BFOoq7yvsqTPf6x
3AKIBISYCFwQYgt38awarDGcvRg3ugD2K5fpIX74nRvoPheoKrRSO0tlb05B2Zhs
lCckOEZTw/P/D4inD4qOfNV+pShDiRRDpWhBVyBvIh3qIqtApflrefGllwAcL7aO
/oRJgvduZoH/rfnSuW7lOvza/guTAVR1bOjnBCIQuYuhGrHMQUeYK3mLAwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFNez9rStQ/f1KKEqWsCDxL94ui1eMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvMTdQMnRLMUQ5X1Vvb1NwYXdJUEV2M2k2TFY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAJcrCAwQA
JcrcAwQAl/K+AwQAl/LCAwQAl/L+AwQAl/PkAwQAl/PzMA0GCSqGSIb3DQEBCwUA
A4IBAQAMDd34iDmDp+It007nLd4P2ADNWG+yChKWfRwi3nKrINLtESdh0A/kkpLD
FyDb92JxdjKAmwLNraE7yuva/VgX1/UwU52amXtEGlyDM07GwIkE4f1SlXUi9ryg
taa6WLjc4mAGBW3onRQk5IrkhhK9mUNKjJK4u/TjbTlm+Tmg3MFzVsq1mQpnB3P7
0+uzm4dxVarBtEY9fzveMbBLcil35XduGzX2k1/6J7nG7QZdgLvI0244JcMIHGsm
xsysrNw/C38zfycv0vPnhq59TPm0td5fxvkE+NZ4K/xQvajNU8pKgCh+ml8gDeTu
1w/VPCDyZ1L8vjTRjYKxyV1ph7g1
-----END CERTIFICATE-----
Generated at Sat Apr 26 16:54:32 2025 by rpki-client