Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/golYutSZvAi5Lyz_AJST_v0MsZ8.roa
File: golYutSZvAi5Lyz_AJST_v0MsZ8.roa (raw, json)
Hash identifier: X+JADyW9u4L8bKEMHWMONxcxokOtjxzsyhofYyW3ZL4=
Subject key identifier: 82:89:58:BA:D4:99:BC:08:B9:2F:2C:FF:00:94:93:FE:FD:0C:B1:9F
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 01963D0308D7E878636DC149D32A0BBDE438
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/golYutSZvAi5Lyz_AJST_v0MsZ8.roa
Signing time: Wed 16 Apr 2025 05:12:11 +0000
ROA not before: Wed 16 Apr 2025 05:12:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56683
IP address blocks: 151.243.233.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:3d:03:08:d7:e8:78:63:6d:c1:49:d3:2a:0b:bd:e4:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Apr 16 05:12:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=828958bad499bc08b92f2cff009493fefd0cb19f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:e8:94:48:b6:c6:91:2e:0a:71:66:71:39:b0:
4f:05:02:3a:8d:0d:ea:84:8d:fd:a2:bb:2e:47:51:
75:e1:e7:a8:0f:56:00:07:e7:20:d4:cc:1a:42:36:
c5:fa:8d:25:ba:5f:74:1d:f3:8d:a3:60:c6:52:b9:
a9:d8:6b:1d:0f:37:d9:e9:db:62:32:6a:e6:d0:f9:
3c:7e:0d:ee:1d:3d:94:b2:ba:82:ce:93:ee:96:18:
c6:6e:1a:11:65:10:f6:3e:65:a6:e2:8d:69:dd:73:
f8:d6:51:ce:b1:7b:db:9d:44:d5:a1:d0:2b:2d:c5:
e2:d1:4d:b8:5b:b5:6e:64:c6:a6:3e:22:ca:2b:fa:
a9:27:57:7e:ee:3b:78:92:f6:b5:44:1f:9d:96:45:
1f:eb:bb:90:3f:0d:16:b6:80:22:d5:9b:b0:2d:d7:
d4:43:db:6d:15:fe:78:54:80:7f:1e:03:a4:69:7d:
c3:6c:cf:68:0d:0d:fd:2c:d9:1f:6b:e7:1f:fe:78:
3e:a1:5b:68:4e:7b:dc:c9:1e:23:c5:a8:b0:75:9a:
6b:8a:96:ef:7d:aa:0d:6c:aa:24:a5:48:97:e4:c9:
fe:cb:75:54:9c:5f:4c:5e:56:aa:36:3b:3b:4b:d1:
9b:6b:07:c7:5d:7f:7a:fd:3d:74:1c:3b:40:45:9a:
42:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:89:58:BA:D4:99:BC:08:B9:2F:2C:FF:00:94:93:FE:FD:0C:B1:9F
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/golYutSZvAi5Lyz_AJST_v0MsZ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.243.233.0/24
Signature Algorithm: sha256WithRSAEncryption
a2:dc:17:ff:07:24:02:ae:0c:d0:c0:a2:b5:25:e0:8f:9b:ee:
92:59:83:34:e6:cd:5d:cf:e5:e2:48:0f:7a:ce:05:67:06:63:
bc:8f:d6:08:52:0d:46:8c:05:1d:42:14:85:4e:9e:c6:1a:83:
cf:41:c6:13:50:ad:88:0e:ca:db:97:7a:6d:3a:6b:4b:40:b2:
a7:83:6b:99:5c:2f:4c:fc:da:72:dc:a1:f0:ec:e7:28:12:7f:
2c:7d:41:44:43:fb:85:97:d2:66:f2:b7:34:ac:a4:77:c8:52:
b5:bb:4e:76:d1:99:24:6c:70:f3:2e:b8:62:b8:9a:3d:e3:38:
29:30:f7:bd:08:1a:d6:0d:9b:6b:98:54:92:ac:74:fb:f6:e1:
dc:65:aa:a5:82:2f:6a:93:4a:e5:87:6b:53:2f:34:23:09:b1:
7c:32:24:23:9c:1c:f5:20:8e:4c:d9:38:9b:5c:de:85:8b:78:
c9:39:d7:bd:7d:6f:bd:68:58:a0:46:4f:b0:45:03:7c:5c:39:
73:22:76:d2:46:1e:52:0d:42:95:3c:3d:09:dd:da:f2:c2:b4:
2e:bc:74:26:ac:3c:7c:17:52:67:96:42:95:af:c3:0c:e0:51:
9e:e8:1b:b1:87:5c:57:0e:11:8a:51:58:01:03:20:b9:92:e2:
99:e7:ba:fd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZY9AwjX6HhjbcFJ0yoLveQ4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNDE2MDUxMjExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Mjg5NThiYWQ0OTliYzA4YjkyZjJjZmYwMDk0OTNmZWZkMGNiMTlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj+iUSLbGkS4KcWZxObBPBQI6jQ3q
hI39orsuR1F14eeoD1YAB+cg1MwaQjbF+o0lul90HfONo2DGUrmp2GsdDzfZ6dti
Mmrm0Pk8fg3uHT2UsrqCzpPulhjGbhoRZRD2PmWm4o1p3XP41lHOsXvbnUTVodAr
LcXi0U24W7VuZMamPiLKK/qpJ1d+7jt4kva1RB+dlkUf67uQPw0WtoAi1ZuwLdfU
Q9ttFf54VIB/HgOkaX3DbM9oDQ39LNkfa+cf/ng+oVtoTnvcyR4jxaiwdZpripbv
faoNbKokpUiX5Mn+y3VUnF9MXlaqNjs7S9GbawfHXX96/T10HDtARZpCjwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIKJWLrUmbwIuS8s/wCUk/79DLGfMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvZ29sWXV0U1p2QWk1THl6X0FKU1RfdjBNc1o4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAl/PpMA0G
CSqGSIb3DQEBCwUAA4IBAQCi3Bf/ByQCrgzQwKK1JeCPm+6SWYM05s1dz+XiSA96
zgVnBmO8j9YIUg1GjAUdQhSFTp7GGoPPQcYTUK2IDsrbl3ptOmtLQLKng2uZXC9M
/Npy3KHw7OcoEn8sfUFEQ/uFl9Jm8rc0rKR3yFK1u0520ZkkbHDzLrhiuJo94zgp
MPe9CBrWDZtrmFSSrHT79uHcZaqlgi9qk0rlh2tTLzQjCbF8MiQjnBz1II5M2Tib
XN6Fi3jJOde9fW+9aFigRk+wRQN8XDlzInbSRh5SDUKVPD0J3drywrQuvHQmrDx8
F1JnlkKVr8MM4FGe6Buxh1xXDhGKUVgBAyC5kuKZ57r9
-----END CERTIFICATE-----
Generated at Sat Apr 26 21:03:12 2025 by rpki-client