Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/svkVMz_x3dMpwPp85GL92QCwpAg.roa
File: svkVMz_x3dMpwPp85GL92QCwpAg.roa (raw, json)
Hash identifier: cvZNTlmeY8vnN1LjPvDwolv+Zu95gxgEbMTIBQQzvdA=
Subject key identifier: B2:F9:15:33:3F:F1:DD:D3:29:C0:FA:7C:E4:62:FD:D9:00:B0:A4:08
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0196422127298311413323D2B3DE5396808C
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/svkVMz_x3dMpwPp85GL92QCwpAg.roa
Signing time: Thu 17 Apr 2025 05:03:11 +0000
ROA not before: Thu 17 Apr 2025 05:03:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209854
IP address blocks: 151.240.11.0/24 maxlen: 24
151.240.32.0/24 maxlen: 24
151.240.33.0/24 maxlen: 24
151.240.34.0/24 maxlen: 24
151.240.35.0/24 maxlen: 24
151.240.36.0/24 maxlen: 24
151.240.37.0/24 maxlen: 24
151.240.38.0/24 maxlen: 24
151.240.39.0/24 maxlen: 24
151.240.40.0/24 maxlen: 24
151.240.41.0/24 maxlen: 24
151.240.42.0/24 maxlen: 24
151.240.88.0/24 maxlen: 24
151.240.89.0/24 maxlen: 24
151.240.90.0/24 maxlen: 24
151.240.204.0/24 maxlen: 24
151.240.254.0/24 maxlen: 24
151.241.6.0/24 maxlen: 24
151.244.36.0/24 maxlen: 24
151.244.55.0/24 maxlen: 24
151.244.60.0/24 maxlen: 24
151.244.107.0/24 maxlen: 24
151.244.127.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 17:20:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:42:21:27:29:83:11:41:33:23:d2:b3:de:53:96:80:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Apr 17 05:03:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b2f915333ff1ddd329c0fa7ce462fdd900b0a408
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:4d:3c:98:8c:93:3d:78:4c:84:28:e2:1a:3c:
7b:17:d8:2f:d7:56:b1:85:a0:71:5a:cc:9e:32:4e:
14:00:86:af:bc:f9:45:4c:4d:23:ee:c0:7a:de:e1:
3a:43:32:5a:f2:b6:62:03:a1:d7:09:3f:06:d8:24:
e0:8c:29:ac:8e:ad:65:66:fd:cd:7d:9d:8c:e6:1b:
f0:92:79:60:c9:15:c4:47:9b:31:d9:d1:b8:af:6e:
98:16:92:e5:98:de:19:67:59:5c:72:4f:2b:65:f8:
b6:94:23:01:db:33:42:f5:e9:32:bc:97:58:93:34:
d3:df:bf:ef:e5:c3:1b:f8:c9:73:78:44:9b:09:70:
bd:d0:20:49:4b:04:13:53:2e:b1:e1:8b:55:5c:02:
2f:ef:61:24:bd:19:31:e1:1d:1a:66:b9:ae:4f:b4:
dc:20:a9:dc:18:4e:92:8b:07:fb:dd:50:b1:26:45:
32:35:5c:fb:b9:06:28:91:cf:8e:bc:c3:bf:a7:f4:
a0:e7:a2:ec:81:a3:e7:9c:f4:c0:1b:c4:70:4c:b8:
17:08:43:cc:d8:7a:31:81:b2:a0:b1:47:6c:ff:b2:
6b:a3:30:bb:eb:89:85:cc:ee:6f:a6:86:ea:34:bf:
a9:54:47:d1:79:8d:b3:c4:fb:d3:0f:0d:12:e2:00:
c0:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:F9:15:33:3F:F1:DD:D3:29:C0:FA:7C:E4:62:FD:D9:00:B0:A4:08
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/svkVMz_x3dMpwPp85GL92QCwpAg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.240.11.0/24
151.240.32.0-151.240.42.255
151.240.88.0-151.240.90.255
151.240.204.0/24
151.240.254.0/24
151.241.6.0/24
151.244.36.0/24
151.244.55.0/24
151.244.60.0/24
151.244.107.0/24
151.244.127.0/24
Signature Algorithm: sha256WithRSAEncryption
6d:0a:5a:e4:6b:16:f9:a0:b8:75:27:e2:08:9a:08:f3:74:2e:
e7:20:8a:00:e2:2b:61:b6:a3:4e:b6:09:db:fc:1d:2c:ff:06:
ab:7e:8d:31:74:eb:0d:e8:ec:27:7f:b1:d0:63:c6:b9:08:d5:
c0:4a:9d:19:33:31:f6:63:6f:61:9b:89:c2:66:2c:08:88:47:
9d:34:6a:d4:3c:32:a3:53:09:00:a8:a1:76:fe:00:da:13:50:
0a:94:e2:5c:3f:26:fd:21:ce:cc:34:7f:92:c2:bd:eb:18:43:
97:e1:9e:3d:ff:f7:ae:05:ec:bb:7e:51:a1:2e:01:ec:26:1b:
ac:84:7f:1e:1e:7d:86:40:c9:de:7f:d1:0d:0f:9f:b5:f1:7b:
4b:35:51:1f:39:11:bd:15:e2:a1:ed:0b:e9:d6:06:2c:20:0c:
79:16:c0:1f:6a:97:d8:11:be:ff:66:c8:15:a7:d9:56:69:2b:
db:59:4b:53:fd:8f:e5:bf:91:d2:81:9c:f4:ec:d8:dd:71:f9:
23:94:d5:07:eb:bc:a7:1a:f7:17:3f:d1:93:a8:1d:c4:65:ae:
ee:fd:d1:c7:ec:ab:14:60:8c:65:49:cc:d4:ea:63:03:bc:9c:
7c:4d:f0:3d:76:06:96:db:75:12:5c:c4:cd:26:50:cb:83:ab:
9f:d6:67:fd
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgISAZZCIScpgxFBMyPSs95TloCMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNDE3MDUwMzExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMmY5MTUzMzNmZjFkZGQzMjljMGZhN2NlNDYyZmRkOTAwYjBhNDA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApE08mIyTPXhMhCjiGjx7F9gv11ax
haBxWsyeMk4UAIavvPlFTE0j7sB63uE6QzJa8rZiA6HXCT8G2CTgjCmsjq1lZv3N
fZ2M5hvwknlgyRXER5sx2dG4r26YFpLlmN4ZZ1lcck8rZfi2lCMB2zNC9ekyvJdY
kzTT37/v5cMb+MlzeESbCXC90CBJSwQTUy6x4YtVXAIv72EkvRkx4R0aZrmuT7Tc
IKncGE6Siwf73VCxJkUyNVz7uQYokc+OvMO/p/Sg56LsgaPnnPTAG8RwTLgXCEPM
2HoxgbKgsUds/7JrozC764mFzO5vpobqNL+pVEfReY2zxPvTDw0S4gDAIQIDAQAB
o4ICVTCCAlEwHQYDVR0OBBYEFLL5FTM/8d3TKcD6fORi/dkAsKQIMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvc3ZrVk16X3gzZE1wd1BwODVHTDkyUUN3cEFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGsGCCsGAQUFBwEHAQH/BFwwWjBYBAIAATBSAwQAl/ALMAwD
BAWX8CADBACX8CowDAMEA5fwWAMEAJfwWgMEAJfwzAMEAJfw/gMEAJfxBgMEAJf0
JAMEAJf0NwMEAJf0PAMEAJf0awMEAJf0fzANBgkqhkiG9w0BAQsFAAOCAQEAbQpa
5GsW+aC4dSfiCJoI83Qu5yCKAOIrYbajTrYJ2/wdLP8Gq36NMXTrDejsJ3+x0GPG
uQjVwEqdGTMx9mNvYZuJwmYsCIhHnTRq1Dwyo1MJAKihdv4A2hNQCpTiXD8m/SHO
zDR/ksK96xhDl+GePf/3rgXsu35RoS4B7CYbrIR/Hh59hkDJ3n/RDQ+ftfF7SzVR
HzkRvRXioe0L6dYGLCAMeRbAH2qX2BG+/2bIFafZVmkr21lLU/2P5b+R0oGc9OzY
3XH5I5TVB+u8pxr3Fz/Rk6gdxGWu7v3Rx+yrFGCMZUnM1OpjA7ycfE3wPXYGltt1
ElzEzSZQy4Orn9Zn/Q==
-----END CERTIFICATE-----
Generated at Sun Apr 27 03:10:35 2025 by rpki-client