Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/gRsntt5PtDCR7gF05bHPs7b_84M.roa
File: gRsntt5PtDCR7gF05bHPs7b_84M.roa (raw, json)
Hash identifier: LIMM/PGwQVbU7T8UipV40FVgjzEKI8IB8ZnL8RWDkc0=
Subject key identifier: 81:1B:27:B6:DE:4F:B4:30:91:EE:01:74:E5:B1:CF:B3:B6:FF:F3:83
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019657C4191A77111598A82F531449F5ACDA
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/gRsntt5PtDCR7gF05bHPs7b_84M.roa
Signing time: Mon 21 Apr 2025 09:53:11 +0000
ROA not before: Mon 21 Apr 2025 09:53:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213736
IP address blocks: 151.242.248.0/24 maxlen: 24
151.242.249.0/24 maxlen: 24
151.242.250.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 20:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:57:c4:19:1a:77:11:15:98:a8:2f:53:14:49:f5:ac:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Apr 21 09:53:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=811b27b6de4fb43091ee0174e5b1cfb3b6fff383
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:d4:41:be:3c:92:e5:b8:b8:a2:59:68:04:8d:
e2:fa:85:ac:1c:39:e4:0e:83:95:b9:0c:95:fe:04:
15:52:89:4d:22:41:32:26:b3:7e:5e:06:9a:3d:2e:
c0:e0:13:21:f6:d5:1f:be:6d:e5:c2:31:45:2e:cd:
7b:1e:e4:92:f5:3d:6d:8c:a7:94:61:08:23:ac:73:
55:30:bc:52:d7:45:eb:67:10:55:36:72:b9:4d:86:
e2:2a:78:c5:21:9f:3d:7d:a1:8a:16:40:7c:59:56:
bc:7a:30:9d:08:d9:01:f4:88:88:39:31:13:30:1b:
f9:91:1f:3e:f7:4f:e1:54:9a:ba:25:62:e1:59:df:
c6:23:7a:44:05:9f:8e:70:eb:92:88:3f:30:ad:cf:
68:d4:3d:95:71:25:b3:fb:12:c7:6f:eb:53:9b:48:
07:8a:9e:05:bb:c6:75:96:34:55:da:48:a1:71:b1:
21:e9:ca:6e:d6:69:5e:a3:ca:f3:cb:36:ac:1b:b8:
39:dd:e5:69:96:be:61:fc:08:67:29:39:10:04:9a:
2e:db:63:5b:60:4d:cd:51:4b:2d:59:29:61:3c:7a:
05:e0:31:67:37:d3:43:9c:d2:50:7e:de:4a:25:11:
a9:78:fb:70:c5:78:67:96:91:9c:34:7c:3c:15:95:
df:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:1B:27:B6:DE:4F:B4:30:91:EE:01:74:E5:B1:CF:B3:B6:FF:F3:83
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/gRsntt5PtDCR7gF05bHPs7b_84M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.242.248.0-151.242.250.255
Signature Algorithm: sha256WithRSAEncryption
6e:b3:66:77:02:fc:3f:7a:3d:e7:44:75:07:1f:a2:5c:f1:23:
53:0b:f4:c9:aa:02:60:a3:c0:3a:ce:36:d7:bf:69:a5:5c:c8:
c2:55:d9:e0:66:4d:c5:5f:6c:b2:6e:ed:d6:6d:07:1e:28:ec:
60:6c:97:db:97:05:59:21:f9:ff:f6:cb:43:89:c2:ac:84:0b:
5e:83:e6:ff:cc:7c:e4:49:c5:6f:7c:a9:88:43:fc:80:67:73:
3d:8d:d0:e5:0c:96:ee:54:f6:db:02:85:fb:3a:18:1c:5b:3f:
38:2d:5d:6e:cc:2f:12:29:e5:12:d4:d7:71:0d:be:c6:ac:dc:
f2:97:cf:0b:19:b6:2a:13:4c:4d:8f:cd:f7:1d:11:1e:51:ed:
8e:71:ae:99:5b:d7:39:c9:2b:0e:29:6d:b1:c5:c0:62:57:8f:
c8:9b:bf:a5:dd:44:5f:75:de:b9:2c:f5:87:c0:2b:cf:ab:47:
cd:d2:68:58:bc:b3:8c:65:39:35:e6:37:e4:85:9c:8c:0f:3d:
cb:ad:a7:06:2d:31:11:56:cc:56:15:1f:9c:ba:1a:8e:9a:90:
ea:76:45:78:10:c6:ea:81:42:ba:4e:d3:21:76:97:e7:d0:6d:
83:bc:71:3d:c9:9c:75:0e:34:1a:a8:8d:fa:f9:37:5a:14:de:
4b:61:7b:a3
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZZXxBkadxEVmKgvUxRJ9azaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNDIxMDk1MzExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MTFiMjdiNmRlNGZiNDMwOTFlZTAxNzRlNWIxY2ZiM2I2ZmZmMzgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAutRBvjyS5bi4olloBI3i+oWsHDnk
DoOVuQyV/gQVUolNIkEyJrN+XgaaPS7A4BMh9tUfvm3lwjFFLs17HuSS9T1tjKeU
YQgjrHNVMLxS10XrZxBVNnK5TYbiKnjFIZ89faGKFkB8WVa8ejCdCNkB9IiIOTET
MBv5kR8+90/hVJq6JWLhWd/GI3pEBZ+OcOuSiD8wrc9o1D2VcSWz+xLHb+tTm0gH
ip4Fu8Z1ljRV2kihcbEh6cpu1mleo8rzyzasG7g53eVplr5h/AhnKTkQBJou22Nb
YE3NUUstWSlhPHoF4DFnN9NDnNJQft5KJRGpePtwxXhnlpGcNHw8FZXf4QIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFIEbJ7beT7Qwke4BdOWxz7O2//ODMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvZ1JzbnR0NVB0RENSN2dGMDViSFBzN2JfODRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAOX8vgD
BACX8vowDQYJKoZIhvcNAQELBQADggEBAG6zZncC/D96PedEdQcfolzxI1ML9Mmq
AmCjwDrONte/aaVcyMJV2eBmTcVfbLJu7dZtBx4o7GBsl9uXBVkh+f/2y0OJwqyE
C16D5v/MfORJxW98qYhD/IBncz2N0OUMlu5U9tsChfs6GBxbPzgtXW7MLxIp5RLU
13ENvsas3PKXzwsZtioTTE2PzfcdER5R7Y5xrplb1znJKw4pbbHFwGJXj8ibv6Xd
RF913rks9YfAK8+rR83SaFi8s4xlOTXmN+SFnIwPPcutpwYtMRFWzFYVH5y6Go6a
kOp2RXgQxuqBQrpO0yF2l+fQbYO8cT3JnHUONBqojfr5N1oU3kthe6M=
-----END CERTIFICATE-----
Generated at Sun Apr 27 04:15:21 2025 by rpki-client