Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/BBvtlGDIbLc_kGrP2Nra5BLsVkM.roa
File: BBvtlGDIbLc_kGrP2Nra5BLsVkM.roa (raw, json)
Hash identifier: 1dtz3Ub3dirgNiWMvoq+KqI/FjNmEcvzDHBUTNCmue0=
Subject key identifier: 04:1B:ED:94:60:C8:6C:B7:3F:90:6A:CF:D8:DA:DA:E4:12:EC:56:43
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0197115693AD08F438BC863A566F9AE8E12C
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/BBvtlGDIbLc_kGrP2Nra5BLsVkM.roa
Signing time: Tue 27 May 2025 10:42:55 +0000
ROA not before: Tue 27 May 2025 10:42:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 395839
IP address blocks: 151.242.120.0/24 maxlen: 24
151.242.200.0/24 maxlen: 24
151.242.201.0/24 maxlen: 24
151.243.26.0/24 maxlen: 24
151.243.52.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 20 Jun 2025 06:47:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:11:56:93:ad:08:f4:38:bc:86:3a:56:6f:9a:e8:e1:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: May 27 10:42:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=041bed9460c86cb73f906acfd8dadae412ec5643
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:05:96:14:ca:de:de:17:09:1e:b4:bc:74:00:
ea:21:26:9a:1b:4f:5b:58:95:0c:db:52:5f:46:3c:
86:ad:ed:bb:ec:bb:a1:7f:d0:a9:2f:33:52:8e:dd:
0b:19:04:ff:c9:49:93:d4:f9:f8:22:e0:de:02:5d:
01:b5:eb:11:fc:b3:cc:60:8c:e3:b4:dd:84:61:12:
9f:7a:0a:82:2f:c9:84:db:b9:38:e8:65:80:14:df:
c1:85:4a:34:fc:71:95:6b:ad:a1:a3:f3:75:d9:d3:
14:e2:9d:ed:38:82:ae:9d:74:bd:17:87:79:31:a7:
07:ba:4b:41:cc:17:ba:f1:38:94:0a:f8:ac:ea:90:
c5:e6:48:da:87:42:70:03:75:d8:51:87:58:18:6e:
b0:52:1f:15:e7:a3:8c:44:de:7f:50:80:50:87:c1:
be:ad:29:02:35:5b:02:2a:10:4b:85:da:eb:d9:ee:
e2:8c:5e:1a:4a:64:83:c5:3b:f6:08:59:85:9e:be:
6b:a4:9a:f6:87:e4:01:9d:b4:20:18:85:de:b6:f9:
c7:25:af:f9:2f:cc:0a:ee:a6:98:68:36:b6:53:cf:
f6:cf:1d:28:4c:40:ad:eb:a9:bb:15:89:18:bd:56:
cb:3c:22:77:e6:f4:1e:e5:8a:5a:6d:6a:ad:30:97:
55:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:1B:ED:94:60:C8:6C:B7:3F:90:6A:CF:D8:DA:DA:E4:12:EC:56:43
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/BBvtlGDIbLc_kGrP2Nra5BLsVkM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.242.120.0/24
151.242.200.0/23
151.243.26.0/24
151.243.52.0/23
Signature Algorithm: sha256WithRSAEncryption
05:24:b2:ce:c0:f8:b3:ab:ac:87:dc:d7:c5:1c:62:3d:93:ba:
db:a0:a3:8e:ee:df:dc:94:c5:b7:f0:64:12:77:40:d8:f9:7b:
06:ae:2d:ff:5c:49:4a:7d:e0:41:2f:e0:9c:26:6c:13:a7:df:
be:43:bb:31:b9:f5:6b:6c:96:34:31:87:7e:54:2d:c2:16:0c:
77:b0:97:bf:1d:13:fd:97:6d:41:04:e0:a3:96:df:0e:4a:5c:
3c:9d:46:49:4a:76:ba:ee:93:7c:83:b0:65:ab:06:29:f9:b0:
42:63:c4:36:de:c9:45:ab:3b:1f:a9:95:de:ff:12:ec:f2:80:
14:f0:25:48:4b:aa:35:c3:73:b7:3a:59:f8:cb:38:55:18:ad:
f7:61:4f:3a:d6:cc:10:f8:f3:96:5e:10:49:92:33:1c:48:ca:
48:a4:41:19:82:bf:00:e0:c5:3b:1d:5a:60:84:99:4d:76:7a:
e7:d4:87:f0:0a:11:6c:4d:e6:07:74:17:8f:e2:1a:06:ac:e4:
29:b8:04:85:1b:4c:9f:c9:01:8f:be:ad:32:06:4e:4e:ff:24:
fd:b4:a9:7e:23:99:24:86:08:90:17:8f:6a:95:d8:ee:cf:db:
b7:49:5d:0c:e3:8c:48:00:b6:16:c0:37:5a:46:b4:9a:f9:c9:
5d:71:97:bb
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZcRVpOtCPQ4vIY6Vm+a6OEsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNTI3MTA0MjU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDFiZWQ5NDYwYzg2Y2I3M2Y5MDZhY2ZkOGRhZGFlNDEyZWM1NjQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAywWWFMre3hcJHrS8dADqISaaG09b
WJUM21JfRjyGre277Luhf9CpLzNSjt0LGQT/yUmT1Pn4IuDeAl0BtesR/LPMYIzj
tN2EYRKfegqCL8mE27k46GWAFN/BhUo0/HGVa62ho/N12dMU4p3tOIKunXS9F4d5
MacHuktBzBe68TiUCvis6pDF5kjah0JwA3XYUYdYGG6wUh8V56OMRN5/UIBQh8G+
rSkCNVsCKhBLhdrr2e7ijF4aSmSDxTv2CFmFnr5rpJr2h+QBnbQgGIXetvnHJa/5
L8wK7qaYaDa2U8/2zx0oTECt66m7FYkYvVbLPCJ35vQe5YpabWqtMJdVUwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFAQb7ZRgyGy3P5Bqz9ja2uQS7FZDMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvQkJ2dGxHREliTGNfa0dyUDJOcmE1QkxzVmtNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAl/J4AwQB
l/LIAwQAl/MaAwQBl/M0MA0GCSqGSIb3DQEBCwUAA4IBAQAFJLLOwPizq6yH3NfF
HGI9k7rboKOO7t/clMW38GQSd0DY+XsGri3/XElKfeBBL+CcJmwTp9++Q7sxufVr
bJY0MYd+VC3CFgx3sJe/HRP9l21BBOCjlt8OSlw8nUZJSna67pN8g7BlqwYp+bBC
Y8Q23slFqzsfqZXe/xLs8oAU8CVIS6o1w3O3Oln4yzhVGK33YU861swQ+POWXhBJ
kjMcSMpIpEEZgr8A4MU7HVpghJlNdnrn1IfwChFsTeYHdBeP4hoGrOQpuASFG0yf
yQGPvq0yBk5O/yT9tKl+I5kkhgiQF49qldjuz9u3SV0M44xIALYWwDdaRrSa+cld
cZe7
-----END CERTIFICATE-----
Generated at Thu Jun 19 14:26:12 2025 by rpki-client