Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/khjgEUv6Qc-9y1clcqxyZXeYtNY.roa
File: khjgEUv6Qc-9y1clcqxyZXeYtNY.roa (raw, json)
Hash identifier: 5nY7z0+OD2NwgQmaQMBQZSolKxQY3XshIxQwUrjp/Lw=
Subject key identifier: 92:18:E0:11:4B:FA:41:CF:BD:CB:57:25:72:AC:72:65:77:98:B4:D6
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019651943A8DC84FFE478A3130AB5A5F2584
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/khjgEUv6Qc-9y1clcqxyZXeYtNY.roa
Signing time: Sun 20 Apr 2025 05:03:10 +0000
ROA not before: Sun 20 Apr 2025 05:03:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6079
IP address blocks: 37.202.206.0/24 maxlen: 24
151.242.49.0/24 maxlen: 24
151.242.114.0/24 maxlen: 24
151.242.123.0/24 maxlen: 24
151.242.126.0/24 maxlen: 24
151.243.64.0/20 maxlen: 24
151.243.97.0/24 maxlen: 24
151.243.106.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:51:94:3a:8d:c8:4f:fe:47:8a:31:30:ab:5a:5f:25:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Apr 20 05:03:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9218e0114bfa41cfbdcb572572ac72657798b4d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:1d:55:a0:ae:d9:d3:5a:c2:48:cc:f4:51:0a:
fe:db:2a:9a:48:ab:22:d6:3e:59:8a:62:ac:bc:1b:
ee:b4:b4:2b:d7:73:8a:f6:0c:9c:81:dd:a5:d1:4d:
01:42:4b:77:4e:dc:e6:3e:07:34:35:93:8d:8a:d9:
a2:6f:fe:1a:50:eb:35:6a:65:59:f7:c4:c8:9c:00:
59:83:d9:98:b1:ce:ba:ba:77:dd:bb:45:91:d8:27:
6e:2d:a5:db:f1:04:57:74:80:f2:31:2d:b3:0d:81:
4b:5c:9b:f6:e6:2b:d8:a4:27:f6:45:4d:51:1c:b3:
e5:c9:f8:d5:15:0e:40:b6:82:0a:e8:6e:3d:67:a2:
81:12:e9:45:5b:13:b8:6d:bf:e5:67:b1:6d:b2:7c:
b1:07:c4:a6:dc:e5:15:15:f2:c3:4f:31:07:ad:47:
27:7e:f5:43:19:ac:be:d8:51:77:c8:62:3b:66:79:
a3:02:96:e4:9b:75:e4:6e:2b:d1:e9:50:62:8e:55:
d3:10:5f:e0:57:9c:7b:04:53:d6:22:03:97:e3:94:
4b:e0:50:c2:b3:bf:ee:34:de:e5:3d:e5:eb:7e:a5:
9b:da:45:e9:94:df:d1:57:f6:32:de:81:26:f5:65:
d7:5e:07:c3:51:a5:74:d8:bc:1d:ee:54:dc:c5:8c:
8e:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:18:E0:11:4B:FA:41:CF:BD:CB:57:25:72:AC:72:65:77:98:B4:D6
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/khjgEUv6Qc-9y1clcqxyZXeYtNY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.202.206.0/24
151.242.49.0/24
151.242.114.0/24
151.242.123.0/24
151.242.126.0/24
151.243.64.0/20
151.243.97.0/24
151.243.106.0/24
Signature Algorithm: sha256WithRSAEncryption
ac:50:c5:cd:cb:c4:99:b0:53:fa:26:6d:92:ff:32:d8:dc:9a:
da:e6:62:83:22:e6:3b:3c:aa:ee:21:ad:0b:53:2f:70:5c:e2:
de:bd:30:ba:4a:87:0b:35:89:93:43:61:e3:70:9e:c9:54:68:
7f:3e:fe:ba:d6:56:7a:17:48:08:82:ab:e9:50:3b:69:58:68:
15:56:8a:b5:cd:52:d7:62:14:ac:0b:1f:30:14:1d:87:c9:72:
34:e3:02:4a:6c:06:b1:c9:80:39:6f:b7:c2:1e:ae:08:45:e4:
b8:42:e7:72:d6:c4:5e:2a:66:e1:ef:a5:29:fb:ce:2e:de:13:
19:d3:40:45:b7:3a:11:7b:a7:2d:20:1b:0c:8a:49:97:d7:ed:
e2:76:56:75:01:e1:ee:57:72:1e:36:35:e4:50:01:cc:fb:eb:
b5:04:5a:17:f7:a5:5c:6e:39:7b:b2:10:21:9f:ce:23:1f:65:
e9:0f:8b:dd:e4:c2:b7:89:b7:f8:b5:74:b5:bd:e1:dd:2f:b9:
b4:61:7c:c8:ba:71:b7:d6:cc:a5:10:8b:36:7e:c5:70:a3:21:
ca:13:27:65:c4:f0:b8:e0:73:12:f0:a2:ba:bf:04:1b:33:d3:
3f:96:d8:30:2f:ba:69:db:4d:e0:d4:41:e5:8c:95:f0:d7:7a:
34:27:44:bd
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZZRlDqNyE/+R4oxMKtaXyWEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNDIwMDUwMzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjE4ZTAxMTRiZmE0MWNmYmRjYjU3MjU3MmFjNzI2NTc3OThiNGQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqx1VoK7Z01rCSMz0UQr+2yqaSKsi
1j5ZimKsvBvutLQr13OK9gycgd2l0U0BQkt3TtzmPgc0NZONitmib/4aUOs1amVZ
98TInABZg9mYsc66unfdu0WR2CduLaXb8QRXdIDyMS2zDYFLXJv25ivYpCf2RU1R
HLPlyfjVFQ5AtoIK6G49Z6KBEulFWxO4bb/lZ7FtsnyxB8Sm3OUVFfLDTzEHrUcn
fvVDGay+2FF3yGI7ZnmjApbkm3XkbivR6VBijlXTEF/gV5x7BFPWIgOX45RL4FDC
s7/uNN7lPeXrfqWb2kXplN/RV/Yy3oEm9WXXXgfDUaV02Lwd7lTcxYyOSwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFJIY4BFL+kHPvctXJXKscmV3mLTWMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEva2hqZ0VVdjZRYy05eTFjbGNxeHlaWGVZdE5ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAJcrOAwQA
l/IxAwQAl/JyAwQAl/J7AwQAl/J+AwQEl/NAAwQAl/NhAwQAl/NqMA0GCSqGSIb3
DQEBCwUAA4IBAQCsUMXNy8SZsFP6Jm2S/zLY3Jra5mKDIuY7PKruIa0LUy9wXOLe
vTC6SocLNYmTQ2HjcJ7JVGh/Pv661lZ6F0gIgqvpUDtpWGgVVoq1zVLXYhSsCx8w
FB2HyXI04wJKbAaxyYA5b7fCHq4IReS4Qudy1sReKmbh76Up+84u3hMZ00BFtzoR
e6ctIBsMikmX1+3idlZ1AeHuV3IeNjXkUAHM++u1BFoX96Vcbjl7shAhn84jH2Xp
D4vd5MK3ibf4tXS1veHdL7m0YXzIunG31sylEIs2fsVwoyHKEydlxPC44HMS8KK6
vwQbM9M/ltgwL7pp203g1EHljJXw13o0J0S9
-----END CERTIFICATE-----
Generated at Sat Apr 26 20:01:50 2025 by rpki-client