Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/7Exr-xdWvHvCng7C-dXxlPmFtz8.roa
File: 7Exr-xdWvHvCng7C-dXxlPmFtz8.roa (raw, json)
Hash identifier: xa7fAXPq3/U4QJyMLZed0RUNibNsGrelkzSrpx5Wv7E=
Subject key identifier: EC:4C:6B:FB:17:56:BC:7B:C2:9E:0E:C2:F9:D5:F1:94:F9:85:B7:3F
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019657C4185CEB6303B2016673724DF6AB3D
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/7Exr-xdWvHvCng7C-dXxlPmFtz8.roa
Signing time: Mon 21 Apr 2025 09:53:11 +0000
ROA not before: Mon 21 Apr 2025 09:53:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 139057
IP address blocks: 151.242.210.0/24 maxlen: 24
151.242.211.0/24 maxlen: 24
151.242.212.0/24 maxlen: 24
151.242.213.0/24 maxlen: 24
151.242.214.0/24 maxlen: 24
151.242.215.0/24 maxlen: 24
151.242.216.0/24 maxlen: 24
151.242.217.0/24 maxlen: 24
151.242.218.0/24 maxlen: 24
151.242.219.0/24 maxlen: 24
151.242.220.0/24 maxlen: 24
151.242.221.0/24 maxlen: 24
151.242.222.0/24 maxlen: 24
151.242.223.0/24 maxlen: 24
151.242.228.0/24 maxlen: 24
151.242.229.0/24 maxlen: 24
151.242.230.0/24 maxlen: 24
151.242.231.0/24 maxlen: 24
151.242.232.0/24 maxlen: 24
151.242.233.0/24 maxlen: 24
151.242.234.0/24 maxlen: 24
151.242.235.0/24 maxlen: 24
151.242.240.0/24 maxlen: 24
151.242.241.0/24 maxlen: 24
151.242.243.0/24 maxlen: 24
151.242.244.0/24 maxlen: 24
151.242.245.0/24 maxlen: 24
151.242.246.0/24 maxlen: 24
151.242.247.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 20:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:57:c4:18:5c:eb:63:03:b2:01:66:73:72:4d:f6:ab:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Apr 21 09:53:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ec4c6bfb1756bc7bc29e0ec2f9d5f194f985b73f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:dd:63:d5:c2:60:35:8d:7f:2a:87:da:5d:59:
5a:d4:5c:e4:c2:c4:72:84:f4:56:36:b6:6d:73:d7:
cf:22:23:f4:6e:c9:f0:98:d5:42:3c:fc:85:a2:2d:
6c:af:a1:d5:9b:d7:28:74:2c:bd:bd:4d:13:f4:c9:
10:19:d8:36:3d:f2:b2:2a:be:13:53:0f:dc:da:04:
50:59:53:ac:61:47:4d:ca:f3:66:95:27:60:5f:0d:
09:d4:57:5a:bd:d4:ea:39:cb:5b:30:a3:4b:96:d3:
30:da:10:bc:f7:6e:f7:7f:6c:d3:6f:a1:f4:cd:50:
08:4a:6a:94:61:55:0a:62:6b:68:67:f0:55:e6:39:
55:6f:0a:77:ee:94:61:9d:d9:e5:7b:d5:22:29:2e:
be:1b:06:0f:0e:ca:fc:6b:2f:bf:44:d6:aa:7a:52:
32:9e:e4:25:b8:24:af:ce:3b:73:90:64:b7:41:29:
f3:20:d8:57:cf:30:81:8d:1e:f1:7e:e7:97:0f:26:
1f:c8:e0:d3:a4:0c:d5:86:a0:bd:b7:c9:20:bb:2e:
c8:41:56:99:9c:9e:b4:de:fa:c7:cd:f4:95:0d:b9:
11:d3:ab:ca:f7:f6:a4:2a:40:d9:27:2f:0a:4e:ae:
e6:86:11:13:d4:52:c8:38:c2:59:71:a9:ff:03:c5:
ce:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:4C:6B:FB:17:56:BC:7B:C2:9E:0E:C2:F9:D5:F1:94:F9:85:B7:3F
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/7Exr-xdWvHvCng7C-dXxlPmFtz8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.242.210.0-151.242.223.255
151.242.228.0-151.242.235.255
151.242.240.0/23
151.242.243.0-151.242.247.255
Signature Algorithm: sha256WithRSAEncryption
9d:2f:c6:5c:07:96:cb:14:bf:cb:d8:6e:85:a5:88:cf:5d:03:
d2:33:e9:3c:61:13:5c:c7:87:db:80:0d:cc:8a:0d:49:6e:5a:
bb:3a:56:ac:e7:0c:79:59:b1:ec:78:58:a4:98:67:6a:22:f1:
17:09:9f:21:a6:78:4d:5c:a8:bb:1a:e1:3b:b2:59:6d:65:89:
73:df:44:48:1c:e1:4f:df:f5:74:c4:b7:e3:12:43:a0:a9:e0:
cd:c3:e8:3f:d5:d2:40:47:65:13:74:bb:1a:0c:6c:d9:34:6a:
71:c4:d2:e8:7a:2c:52:24:93:cb:8f:c9:4a:81:36:35:70:69:
fc:d7:b5:04:54:fa:0f:7b:d2:1e:66:56:7e:b2:98:b6:1c:d0:
1f:82:73:75:8d:45:d0:d8:3f:a5:34:b8:64:62:56:0b:3d:37:
95:2c:f1:05:52:1d:0a:23:19:89:e2:e3:69:91:68:cf:18:2c:
a3:15:f0:49:1e:89:cc:a2:36:19:15:19:cd:f0:66:b1:5b:2e:
4e:a0:ae:93:8d:37:b6:3f:41:a7:91:e6:ad:8c:1d:2d:ed:41:
03:24:88:10:2b:40:06:bb:97:4a:b7:be:d5:ac:82:98:75:3c:
1d:16:bf:77:26:8d:f8:b3:70:06:40:65:1c:7e:43:94:e7:59:
3f:57:8e:01
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZZXxBhc62MDsgFmc3JN9qs9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNDIxMDk1MzExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYzRjNmJmYjE3NTZiYzdiYzI5ZTBlYzJmOWQ1ZjE5NGY5ODViNzNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApd1j1cJgNY1/KofaXVla1FzkwsRy
hPRWNrZtc9fPIiP0bsnwmNVCPPyFoi1sr6HVm9codCy9vU0T9MkQGdg2PfKyKr4T
Uw/c2gRQWVOsYUdNyvNmlSdgXw0J1FdavdTqOctbMKNLltMw2hC89273f2zTb6H0
zVAISmqUYVUKYmtoZ/BV5jlVbwp37pRhndnle9UiKS6+GwYPDsr8ay+/RNaqelIy
nuQluCSvzjtzkGS3QSnzINhXzzCBjR7xfueXDyYfyODTpAzVhqC9t8kguy7IQVaZ
nJ603vrHzfSVDbkR06vK9/akKkDZJy8KTq7mhhET1FLIOMJZcan/A8XOiwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFOxMa/sXVrx7wp4OwvnV8ZT5hbc/MB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvN0V4ci14ZFd2SHZDbmc3Qy1kWHhsUG1GdHo4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwMAwDBAGX8tID
BAWX8sAwDAMEApfy5AMEApfy6AMEAZfy8DAMAwQAl/LzAwQDl/LwMA0GCSqGSIb3
DQEBCwUAA4IBAQCdL8ZcB5bLFL/L2G6FpYjPXQPSM+k8YRNcx4fbgA3Mig1Jblq7
Olas5wx5WbHseFikmGdqIvEXCZ8hpnhNXKi7GuE7slltZYlz30RIHOFP3/V0xLfj
EkOgqeDNw+g/1dJAR2UTdLsaDGzZNGpxxNLoeixSJJPLj8lKgTY1cGn817UEVPoP
e9IeZlZ+spi2HNAfgnN1jUXQ2D+lNLhkYlYLPTeVLPEFUh0KIxmJ4uNpkWjPGCyj
FfBJHonMojYZFRnN8GaxWy5OoK6TjTe2P0GnkeatjB0t7UEDJIgQK0AGu5dKt77V
rIKYdTwdFr93Jo34s3AGQGUcfkOU51k/V44B
-----END CERTIFICATE-----
Generated at Sun Apr 27 04:10:13 2025 by rpki-client