Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/x_CL97x69NsR2s3qOVDk84nQnPc.roa
File: x_CL97x69NsR2s3qOVDk84nQnPc.roa (raw, json)
Hash identifier: xvoNeIGmdXOPwj5TV39G2M36wMQw+5rGJc1LtMAaQdU=
Subject key identifier: C7:F0:8B:F7:BC:7A:F4:DB:11:DA:CD:EA:39:50:E4:F3:89:D0:9C:F7
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 01963D10C3BDFEE5C6C6A37DF99A730D00D1
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/x_CL97x69NsR2s3qOVDk84nQnPc.roa
Signing time: Wed 16 Apr 2025 05:27:10 +0000
ROA not before: Wed 16 Apr 2025 05:27:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214025
IP address blocks: 151.242.40.0/24 maxlen: 24
151.242.170.0/24 maxlen: 24
151.242.171.0/24 maxlen: 24
151.242.172.0/24 maxlen: 24
151.242.173.0/24 maxlen: 24
151.242.242.0/24 maxlen: 24
151.243.60.0/24 maxlen: 24
151.243.61.0/24 maxlen: 24
151.243.62.0/24 maxlen: 24
151.243.63.0/24 maxlen: 24
151.243.88.0/24 maxlen: 24
151.243.89.0/24 maxlen: 24
151.243.115.0/24 maxlen: 24
151.243.120.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 30 Apr 2025 15:02:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:3d:10:c3:bd:fe:e5:c6:c6:a3:7d:f9:9a:73:0d:00:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Apr 16 05:27:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c7f08bf7bc7af4db11dacdea3950e4f389d09cf7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:0a:74:e8:f2:1a:7a:80:10:98:bd:bc:8f:3f:
91:f7:64:de:bb:ed:19:a3:b0:a8:0a:5a:55:08:f5:
78:f4:56:c2:ec:fd:25:c2:b4:50:fe:bd:08:ed:a2:
7b:d7:3c:14:8f:91:6c:f3:73:9c:0e:20:24:3e:a0:
c2:52:9e:5f:9b:7f:ed:3b:73:c3:f6:58:77:0e:06:
3d:63:a1:05:09:c0:39:1f:4f:77:53:e3:1b:71:69:
ac:9e:d7:e4:3e:07:57:40:12:f8:74:a2:d8:5e:b3:
0a:a9:ff:cf:2f:b5:d5:d8:b4:48:91:a2:71:7e:bb:
65:62:61:42:5b:01:30:a7:a0:39:c6:09:52:6f:08:
6d:53:08:0f:df:42:42:29:c5:68:ad:d1:b0:33:6c:
9c:1b:30:2d:4e:d2:5c:5d:56:9d:73:a6:ea:8f:39:
a5:b5:d3:be:df:c3:64:eb:0c:28:e9:b6:81:ef:67:
32:cc:a4:47:ef:c8:fd:89:5d:8c:63:e7:6d:b8:85:
84:27:08:7a:a5:f6:28:73:84:9e:bf:fa:e1:9a:9a:
7f:a3:78:61:62:ba:e9:55:4a:51:10:46:75:c4:b1:
84:f4:41:dd:1f:d9:42:fd:f7:ca:29:20:3f:92:e5:
d5:89:87:5a:f3:36:9e:19:f2:c3:ce:17:9f:b8:ad:
9d:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:F0:8B:F7:BC:7A:F4:DB:11:DA:CD:EA:39:50:E4:F3:89:D0:9C:F7
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/x_CL97x69NsR2s3qOVDk84nQnPc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.242.40.0/24
151.242.170.0-151.242.173.255
151.242.242.0/24
151.243.60.0/22
151.243.88.0/23
151.243.115.0/24
151.243.120.0/24
Signature Algorithm: sha256WithRSAEncryption
a2:dd:76:98:f7:8e:9d:f4:90:58:fa:43:7f:aa:7d:06:c1:a3:
9e:49:d5:a2:bb:b5:78:a1:da:3a:3c:77:d9:f6:21:d3:65:c8:
3e:01:87:87:47:ab:f8:94:31:fb:24:19:48:35:21:00:e6:9c:
75:d2:bb:13:36:51:7c:af:33:b3:ed:11:92:01:28:4a:7f:0f:
ee:59:6d:36:65:8e:97:06:f2:5b:89:94:4c:52:60:c1:38:7f:
a3:8e:0e:86:31:17:e5:a8:ec:e2:b3:38:3e:dd:1f:0f:50:d9:
1e:6c:fd:2e:da:32:18:d9:32:1d:c1:9d:df:ea:c5:ea:c3:f2:
8d:fb:4e:d4:f8:75:52:70:63:cd:a7:30:89:8c:82:16:1b:50:
c9:4e:38:d8:3f:ec:d7:26:b0:f2:49:9f:02:4f:8d:5b:59:8c:
83:23:dc:ed:76:a3:db:95:f8:77:05:7a:cb:fe:39:e6:31:33:
0d:aa:de:1b:c3:ee:52:4f:66:89:c6:f7:e8:fc:de:b7:b0:43:
31:81:4e:a3:d5:fe:44:1b:b9:21:d4:a8:66:98:e1:e1:98:1d:
bb:1d:97:d5:d7:7d:0f:bf:a3:ad:8a:70:73:9c:68:1c:b3:83:
81:20:96:60:dd:96:13:be:60:f3:89:7b:82:ed:b1:de:49:11:
83:08:4a:08
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAZY9EMO9/uXGxqN9+ZpzDQDRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNDE2MDUyNzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjN2YwOGJmN2JjN2FmNGRiMTFkYWNkZWEzOTUwZTRmMzg5ZDA5Y2Y3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0wp06PIaeoAQmL28jz+R92Teu+0Z
o7CoClpVCPV49FbC7P0lwrRQ/r0I7aJ71zwUj5Fs83OcDiAkPqDCUp5fm3/tO3PD
9lh3DgY9Y6EFCcA5H093U+MbcWmsntfkPgdXQBL4dKLYXrMKqf/PL7XV2LRIkaJx
frtlYmFCWwEwp6A5xglSbwhtUwgP30JCKcVordGwM2ycGzAtTtJcXVadc6bqjzml
tdO+38Nk6wwo6baB72cyzKRH78j9iV2MY+dtuIWEJwh6pfYoc4Sev/rhmpp/o3hh
YrrpVUpREEZ1xLGE9EHdH9lC/ffKKSA/kuXViYda8zaeGfLDzhefuK2daQIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFMfwi/e8evTbEdrN6jlQ5POJ0Jz3MB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEveF9DTDk3eDY5TnNSMnMzcU9WRGs4NG5RblBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQAl/IoMAwD
BAGX8qoDBAGX8qwDBACX8vIDBAKX8zwDBAGX81gDBACX83MDBACX83gwDQYJKoZI
hvcNAQELBQADggEBAKLddpj3jp30kFj6Q3+qfQbBo55J1aK7tXih2jo8d9n2IdNl
yD4Bh4dHq/iUMfskGUg1IQDmnHXSuxM2UXyvM7PtEZIBKEp/D+5ZbTZljpcG8luJ
lExSYME4f6OODoYxF+Wo7OKzOD7dHw9Q2R5s/S7aMhjZMh3Bnd/qxerD8o37TtT4
dVJwY82nMImMghYbUMlOONg/7NcmsPJJnwJPjVtZjIMj3O12o9uV+HcFesv+OeYx
Mw2q3hvD7lJPZonG9+j83rewQzGBTqPV/kQbuSHUqGaY4eGYHbsdl9XXfQ+/o62K
cHOcaByzg4EglmDdlhO+YPOJe4Ltsd5JEYMISgg=
-----END CERTIFICATE-----
Generated at Wed Apr 30 00:49:40 2025 by rpki-client