Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/JdY-iatUaK2-sZ_wiHNFaruPCNE.roa
File: JdY-iatUaK2-sZ_wiHNFaruPCNE.roa (raw, json)
Hash identifier: 0f4em0N2XjF5NUMiZZ5LzSEGee4708P/QBpATh3kq6U=
Subject key identifier: 25:D6:3E:89:AB:54:68:AD:BE:B1:9F:F0:88:73:45:6A:BB:8F:08:D1
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 01965D8B941A2655A561AF544774F98FE71A
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/JdY-iatUaK2-sZ_wiHNFaruPCNE.roa
Signing time: Tue 22 Apr 2025 12:49:10 +0000
ROA not before: Tue 22 Apr 2025 12:49:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 397630
IP address blocks: 151.240.25.0/24 maxlen: 24
151.240.169.0/24 maxlen: 24
151.240.179.0/24 maxlen: 24
151.241.32.0/24 maxlen: 24
151.241.36.0/24 maxlen: 24
151.241.40.0/24 maxlen: 24
151.241.43.0/24 maxlen: 24
151.241.48.0/24 maxlen: 24
151.245.199.0/24 maxlen: 24
151.245.203.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 20:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:5d:8b:94:1a:26:55:a5:61:af:54:47:74:f9:8f:e7:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Apr 22 12:49:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=25d63e89ab5468adbeb19ff08873456abb8f08d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:3c:e2:6c:5c:e9:11:86:17:b0:69:be:97:d8:
fc:ff:04:56:a7:ca:08:46:dc:23:5d:6b:f5:90:3b:
3e:99:17:34:02:a4:be:c7:35:3d:44:96:d7:eb:9d:
4c:15:18:de:39:c0:a9:1b:78:dd:99:0c:31:9d:76:
39:df:ab:37:a0:6b:26:7c:f5:51:e4:fd:2b:55:75:
42:28:ea:ce:db:cf:db:66:a5:c7:0a:9c:45:05:00:
79:1a:7c:4c:c0:39:9a:33:c2:12:bf:13:7f:c0:d7:
6a:99:b5:9b:94:e9:22:3d:b3:bf:e8:13:9c:35:7e:
6a:96:34:6d:3e:2a:3b:63:9a:5e:6c:75:e3:dd:48:
66:18:1f:54:b5:dc:c3:ac:d7:c8:25:10:41:20:c3:
3d:74:a1:9e:de:17:13:b5:5c:9d:0b:1b:a2:fb:24:
70:4c:96:3d:88:e1:7e:83:d1:fa:e5:4b:53:0b:a9:
55:f6:3e:33:8d:e3:d0:4d:90:ca:24:ac:35:71:97:
fd:58:67:5b:38:f0:a4:45:c5:93:90:a2:ca:ee:62:
8e:6b:36:6f:dd:18:95:f9:e7:b8:6c:56:aa:44:90:
35:6f:d3:f8:7a:08:4a:2e:8e:4e:4d:d2:37:58:3a:
41:d0:a3:80:04:05:16:a2:e4:05:76:23:00:7b:9a:
bf:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:D6:3E:89:AB:54:68:AD:BE:B1:9F:F0:88:73:45:6A:BB:8F:08:D1
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/JdY-iatUaK2-sZ_wiHNFaruPCNE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.240.25.0/24
151.240.169.0/24
151.240.179.0/24
151.241.32.0/24
151.241.36.0/24
151.241.40.0/24
151.241.43.0/24
151.241.48.0/24
151.245.199.0/24
151.245.203.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:cf:94:59:f2:a7:b4:6f:11:76:a3:af:c5:39:f9:8d:98:71:
4b:0d:1d:77:22:81:04:8f:74:32:fe:e5:4b:74:d6:92:6f:15:
ae:0c:90:1c:60:18:64:6b:87:9b:d3:38:04:80:fc:d5:ce:b5:
6f:ea:b8:cf:ad:a6:4f:3f:a9:1a:da:90:e5:6e:b7:08:18:b9:
07:02:c0:02:44:8e:80:31:bf:94:ac:a2:f6:77:f8:fa:92:87:
94:63:87:d5:3c:12:d5:05:1d:76:f6:26:c7:37:e8:fd:d7:c7:
64:3c:d7:d4:b2:3a:12:7c:68:e1:b1:6e:68:ac:ea:c2:7d:8c:
b1:67:fe:ef:7b:7a:f0:8e:7d:21:a9:35:f3:b8:11:7a:a0:21:
60:06:12:1d:aa:05:3d:af:87:17:fb:db:bb:c0:3f:02:3b:f4:
c3:a1:de:06:39:28:3a:20:a8:bf:8d:21:67:fe:08:a2:48:20:
70:08:5d:1b:8d:51:96:e8:eb:ec:3b:49:28:58:14:e7:e1:ff:
bb:cb:7a:7e:ca:6a:ae:ad:55:70:8e:98:04:51:dd:25:2f:7e:
d5:cb:ab:55:b2:2a:5a:a7:ed:d1:0a:e1:c3:89:28:f4:fe:1d:
58:09:a8:e4:4c:42:4c:e5:9f:40:47:8d:d0:01:ab:6e:a1:d6:
e7:25:57:95
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZZdi5QaJlWlYa9UR3T5j+caMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNDIyMTI0OTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNWQ2M2U4OWFiNTQ2OGFkYmViMTlmZjA4ODczNDU2YWJiOGYwOGQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0TzibFzpEYYXsGm+l9j8/wRWp8oI
RtwjXWv1kDs+mRc0AqS+xzU9RJbX651MFRjeOcCpG3jdmQwxnXY536s3oGsmfPVR
5P0rVXVCKOrO28/bZqXHCpxFBQB5GnxMwDmaM8ISvxN/wNdqmbWblOkiPbO/6BOc
NX5qljRtPio7Y5pebHXj3UhmGB9UtdzDrNfIJRBBIMM9dKGe3hcTtVydCxui+yRw
TJY9iOF+g9H65UtTC6lV9j4zjePQTZDKJKw1cZf9WGdbOPCkRcWTkKLK7mKOazZv
3RiV+ee4bFaqRJA1b9P4eghKLo5OTdI3WDpB0KOABAUWouQFdiMAe5q/vwIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFCXWPomrVGitvrGf8IhzRWq7jwjRMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvSmRZLWlhdFVhSzItc1pfd2lITkZhcnVQQ05FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQAl/AZAwQA
l/CpAwQAl/CzAwQAl/EgAwQAl/EkAwQAl/EoAwQAl/ErAwQAl/EwAwQAl/XHAwQA
l/XLMA0GCSqGSIb3DQEBCwUAA4IBAQCOz5RZ8qe0bxF2o6/FOfmNmHFLDR13IoEE
j3Qy/uVLdNaSbxWuDJAcYBhka4eb0zgEgPzVzrVv6rjPraZPP6ka2pDlbrcIGLkH
AsACRI6AMb+UrKL2d/j6koeUY4fVPBLVBR129ibHN+j918dkPNfUsjoSfGjhsW5o
rOrCfYyxZ/7ve3rwjn0hqTXzuBF6oCFgBhIdqgU9r4cX+9u7wD8CO/TDod4GOSg6
IKi/jSFn/giiSCBwCF0bjVGW6OvsO0koWBTn4f+7y3p+ymqurVVwjpgEUd0lL37V
y6tVsipap+3RCuHDiSj0/h1YCajkTEJM5Z9AR43QAatuodbnJVeV
-----END CERTIFICATE-----
Generated at Sun Apr 27 05:16:12 2025 by rpki-client