Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/FFuYY5DTr2lPI18WBUR2d8mcbxY.roa
File: FFuYY5DTr2lPI18WBUR2d8mcbxY.roa (raw, json)
Hash identifier: AG6cnl3jZWhPof8OEdm7ACpd8/Sj0/LWAClYVYPZhL8=
Subject key identifier: 14:5B:98:63:90:D3:AF:69:4F:23:5F:16:05:44:76:77:C9:9C:6F:16
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 01963D0307984100C3E560191145B87643B6
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/FFuYY5DTr2lPI18WBUR2d8mcbxY.roa
Signing time: Wed 16 Apr 2025 05:12:10 +0000
ROA not before: Wed 16 Apr 2025 05:12:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9304
IP address blocks: 151.240.60.0/23 maxlen: 24
151.242.65.0/24 maxlen: 24
151.242.224.0/22 maxlen: 24
151.242.236.0/22 maxlen: 24
151.243.214.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:3d:03:07:98:41:00:c3:e5:60:19:11:45:b8:76:43:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Apr 16 05:12:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=145b986390d3af694f235f1605447677c99c6f16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:08:80:aa:6d:bd:d7:21:36:10:c1:df:a3:2d:
91:81:29:f7:40:5b:9a:8d:8a:78:a0:e7:87:d3:24:
06:45:8f:e0:c1:e4:d7:a1:dd:8a:4a:2f:be:43:35:
c2:67:a4:e5:2d:42:84:c8:d6:d9:23:f8:7a:2a:66:
97:be:d6:ab:a3:93:58:40:20:da:d8:15:71:1b:fb:
7a:38:2f:13:4a:f6:fd:27:8a:c4:f4:76:95:ba:a0:
1e:e0:4d:21:27:03:88:22:8c:5c:64:58:2b:04:3a:
9f:ce:9e:aa:fa:0e:38:b5:c2:81:49:40:4a:73:39:
3e:04:32:94:a7:d2:0c:a8:09:3e:3d:8e:7b:f3:47:
c7:52:c2:ce:2c:9a:ad:b6:36:9f:39:07:04:59:ba:
e6:93:0a:b9:49:73:98:d8:ba:7f:b5:7d:b4:84:b1:
38:0b:7e:b7:1b:bc:ff:1e:b1:49:03:62:e3:7d:ea:
a1:db:6e:ee:8c:22:d2:b8:04:63:87:72:f5:c0:48:
56:4c:ec:70:7a:09:f6:2f:11:4b:93:3a:b6:77:8b:
07:30:7f:9f:83:8c:a3:78:c9:e1:a7:91:5a:4b:f5:
38:5c:ee:ed:ab:b4:f1:60:15:12:2f:81:08:40:2b:
ce:0d:07:0c:27:fa:63:e9:04:7e:8d:55:cd:93:fb:
8b:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:5B:98:63:90:D3:AF:69:4F:23:5F:16:05:44:76:77:C9:9C:6F:16
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/FFuYY5DTr2lPI18WBUR2d8mcbxY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.240.60.0/23
151.242.65.0/24
151.242.224.0/22
151.242.236.0/22
151.243.214.0/24
Signature Algorithm: sha256WithRSAEncryption
45:88:a1:01:bf:5e:ed:57:bb:be:44:0c:a5:01:aa:38:bc:12:
10:84:3a:63:78:93:52:5c:44:f4:03:da:dd:0c:b8:94:12:7b:
bf:89:f9:a9:d2:f6:4f:99:0a:23:20:9e:25:96:dd:ad:cb:f7:
fd:d8:a3:88:f8:0f:6a:e5:56:f4:2d:30:ab:1b:a9:88:87:69:
ed:19:0c:51:2c:b4:c4:23:37:56:e5:8f:17:bc:b7:92:5b:0d:
40:d4:b3:c7:e7:47:34:df:04:c3:de:ce:61:4c:1b:d8:4f:75:
55:12:e5:46:d7:af:13:94:72:01:10:c2:3d:0f:83:0f:3d:e5:
05:f3:fb:2f:4f:25:08:14:a2:63:f0:28:10:00:55:94:7a:4c:
7d:9d:81:54:34:20:f3:2e:c7:28:b5:1c:fa:98:a1:6e:1b:d5:
54:18:f8:70:ea:a9:7c:d0:4c:10:ef:6a:a5:0e:51:32:a5:88:
61:7f:1c:77:50:b6:d7:08:b9:13:15:eb:f0:b3:f2:58:80:83:
d6:cc:ed:16:e8:44:84:c0:18:9b:a1:3a:bc:a0:9b:60:9f:a9:
b5:a3:de:67:c7:fe:44:91:d6:6d:40:1b:a8:45:4a:cd:29:8f:
6d:89:d1:6b:8f:91:8e:1a:3b:2b:2e:99:ed:9a:ad:ed:89:6e:
49:04:57:6d
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZY9AweYQQDD5WAZEUW4dkO2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNDE2MDUxMjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNDViOTg2MzkwZDNhZjY5NGYyMzVmMTYwNTQ0NzY3N2M5OWM2ZjE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArwiAqm291yE2EMHfoy2RgSn3QFua
jYp4oOeH0yQGRY/gweTXod2KSi++QzXCZ6TlLUKEyNbZI/h6KmaXvtaro5NYQCDa
2BVxG/t6OC8TSvb9J4rE9HaVuqAe4E0hJwOIIoxcZFgrBDqfzp6q+g44tcKBSUBK
czk+BDKUp9IMqAk+PY5780fHUsLOLJqttjafOQcEWbrmkwq5SXOY2Lp/tX20hLE4
C363G7z/HrFJA2Ljfeqh227ujCLSuARjh3L1wEhWTOxwegn2LxFLkzq2d4sHMH+f
g4yjeMnhp5FaS/U4XO7tq7TxYBUSL4EIQCvODQcMJ/pj6QR+jVXNk/uLBwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFBRbmGOQ069pTyNfFgVEdnfJnG8WMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvRkZ1WVk1RFRyMmxQSTE4V0JVUjJkOG1jYnhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBl/A8AwQA
l/JBAwQCl/LgAwQCl/LsAwQAl/PWMA0GCSqGSIb3DQEBCwUAA4IBAQBFiKEBv17t
V7u+RAylAao4vBIQhDpjeJNSXET0A9rdDLiUEnu/ifmp0vZPmQojIJ4llt2ty/f9
2KOI+A9q5Vb0LTCrG6mIh2ntGQxRLLTEIzdW5Y8XvLeSWw1A1LPH50c03wTD3s5h
TBvYT3VVEuVG168TlHIBEMI9D4MPPeUF8/svTyUIFKJj8CgQAFWUekx9nYFUNCDz
LscotRz6mKFuG9VUGPhw6ql80EwQ72qlDlEypYhhfxx3ULbXCLkTFevws/JYgIPW
zO0W6ESEwBiboTq8oJtgn6m1o95nx/5EkdZtQBuoRUrNKY9tidFrj5GOGjsrLpnt
mq3tiW5JBFdt
-----END CERTIFICATE-----
Generated at Sat Apr 26 16:40:37 2025 by rpki-client