Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/x8ppxMCdbDKPBG9ZpWE7mn1IaUg.roa
File: x8ppxMCdbDKPBG9ZpWE7mn1IaUg.roa (raw, json)
Hash identifier: UgU3AYiWbzfis+YaptyKG0DT7U2FMYiXWga2w1Nbhlk=
Subject key identifier: C7:CA:69:C4:C0:9D:6C:32:8F:04:6F:59:A5:61:3B:9A:7D:48:69:48
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019648A714E17DFF61AE62E6D19145A8E21A
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/x8ppxMCdbDKPBG9ZpWE7mn1IaUg.roa
Signing time: Fri 18 Apr 2025 11:27:11 +0000
ROA not before: Fri 18 Apr 2025 11:27:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47526
IP address blocks: 151.243.114.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 20:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:48:a7:14:e1:7d:ff:61:ae:62:e6:d1:91:45:a8:e2:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Apr 18 11:27:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c7ca69c4c09d6c328f046f59a5613b9a7d486948
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:f7:e0:70:49:24:ef:87:bd:e0:03:e2:f9:97:
24:11:4c:f5:46:d4:30:47:fe:69:f6:27:03:f8:a4:
ae:4b:87:74:0a:7f:fe:47:f2:d9:08:0b:77:64:5f:
ca:21:77:80:65:04:f3:9d:8e:ce:75:82:5d:43:20:
75:09:96:78:07:86:ba:d3:13:a8:2d:44:0a:bd:5d:
6c:59:45:e0:b4:e4:8b:23:4b:c3:76:26:5d:19:b7:
aa:ea:2e:2b:81:26:1a:3c:dd:1f:30:b9:4a:17:98:
4a:bb:03:4a:59:b1:ee:4c:d0:80:95:a9:2b:05:d0:
0e:c3:9b:05:67:ed:30:02:14:9f:4a:c4:4b:82:6b:
4e:4d:fd:79:f8:3c:56:ef:7a:6b:94:d9:ce:43:ed:
05:d1:b5:53:5a:28:18:e0:5c:bc:f6:6c:fc:01:17:
fe:4a:f6:c4:1c:ad:c7:e9:ab:a3:3e:5b:79:89:76:
e7:f6:47:be:a4:96:f2:51:53:06:bf:2c:c2:fb:bc:
41:80:54:ee:90:ac:d6:6a:ad:94:7c:ad:d8:81:b3:
d3:70:11:0b:7d:41:11:ee:24:26:0c:36:db:db:3e:
c6:d8:38:e6:f5:66:84:cb:78:9d:8a:52:fc:9f:ce:
eb:58:31:b6:b2:b5:c4:ee:6a:69:b7:c4:32:05:05:
63:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:CA:69:C4:C0:9D:6C:32:8F:04:6F:59:A5:61:3B:9A:7D:48:69:48
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/x8ppxMCdbDKPBG9ZpWE7mn1IaUg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.243.114.0/24
Signature Algorithm: sha256WithRSAEncryption
04:c2:b1:9d:a9:da:56:7a:94:2e:62:6f:1f:ee:ff:34:fa:8a:
3e:f9:8c:3f:9f:68:d6:41:ae:b8:a1:02:77:90:b7:67:18:2f:
fd:ad:b2:0c:17:73:7d:a2:c6:94:d6:b8:13:11:f8:95:33:66:
87:5a:a7:96:ed:50:58:08:2a:7b:77:b7:13:24:05:db:8e:a1:
4a:3e:0e:ef:fb:d1:af:6e:ac:82:16:ab:89:af:ee:3b:95:57:
4b:7d:35:f4:50:6c:d0:3b:20:bf:6c:73:6f:7d:b1:4b:a9:5d:
81:bc:15:57:b2:48:b2:fd:53:69:85:dc:db:8e:6d:74:82:fd:
f8:f5:e8:a6:bb:7c:cd:a4:1f:13:83:f7:d2:52:cb:ed:b3:6c:
fd:21:0f:82:e1:27:c0:bc:d8:c1:5d:fe:98:22:63:4c:1a:bc:
53:50:65:c8:3d:7a:fb:1a:86:16:00:2d:aa:78:ff:e8:d3:9d:
dc:d7:75:06:70:be:a3:0f:79:a6:34:ec:e2:d8:47:fc:09:b5:
61:3f:7b:20:d4:03:af:32:50:65:78:cd:80:c6:84:b7:f6:8c:
21:a7:de:51:ae:9a:e0:28:13:72:35:29:ed:ab:96:05:6e:b5:
14:a9:d8:f7:20:df:0b:4e:d5:4e:7e:a2:61:6a:d3:1b:3c:06:
7d:02:af:24
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZZIpxThff9hrmLm0ZFFqOIaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNDE4MTEyNzExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjN2NhNjljNGMwOWQ2YzMyOGYwNDZmNTlhNTYxM2I5YTdkNDg2OTQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh/fgcEkk74e94APi+ZckEUz1RtQw
R/5p9icD+KSuS4d0Cn/+R/LZCAt3ZF/KIXeAZQTznY7OdYJdQyB1CZZ4B4a60xOo
LUQKvV1sWUXgtOSLI0vDdiZdGbeq6i4rgSYaPN0fMLlKF5hKuwNKWbHuTNCAlakr
BdAOw5sFZ+0wAhSfSsRLgmtOTf15+DxW73prlNnOQ+0F0bVTWigY4Fy89mz8ARf+
SvbEHK3H6aujPlt5iXbn9ke+pJbyUVMGvyzC+7xBgFTukKzWaq2UfK3YgbPTcBEL
fUER7iQmDDbb2z7G2Djm9WaEy3idilL8n87rWDG2srXE7mppt8QyBQVj9QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMfKacTAnWwyjwRvWaVhO5p9SGlIMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEveDhwcHhNQ2RiREtQQkc5WnBXRTdtbjFJYVVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAl/NyMA0G
CSqGSIb3DQEBCwUAA4IBAQAEwrGdqdpWepQuYm8f7v80+oo++Yw/n2jWQa64oQJ3
kLdnGC/9rbIMF3N9osaU1rgTEfiVM2aHWqeW7VBYCCp7d7cTJAXbjqFKPg7v+9Gv
bqyCFquJr+47lVdLfTX0UGzQOyC/bHNvfbFLqV2BvBVXskiy/VNphdzbjm10gv34
9eimu3zNpB8Tg/fSUsvts2z9IQ+C4SfAvNjBXf6YImNMGrxTUGXIPXr7GoYWAC2q
eP/o053c13UGcL6jD3mmNOzi2Ef8CbVhP3sg1AOvMlBleM2AxoS39owhp95Rrprg
KBNyNSntq5YFbrUUqdj3IN8LTtVOfqJhatMbPAZ9Aq8k
-----END CERTIFICATE-----
Generated at Sun Apr 27 04:31:05 2025 by rpki-client