Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/AoSocNsL-Eeirhx4Yl5CSPsGYEs.roa
File: AoSocNsL-Eeirhx4Yl5CSPsGYEs.roa (raw, json)
Hash identifier: XkYniWpN6pAIGpiinqNfYvFAf5bI5SS/y3XEzFf8HLs=
Subject key identifier: 02:84:A8:70:DB:0B:F8:47:A2:AE:1C:78:62:5E:42:48:FB:06:60:4B
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0198664C8FF581FE5948D137E82545AF3FB2
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/AoSocNsL-Eeirhx4Yl5CSPsGYEs.roa
Signing time: Fri 01 Aug 2025 15:42:30 +0000
ROA not before: Fri 01 Aug 2025 15:42:30 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 53356
IP address blocks: 151.240.16.0/24 maxlen: 24
151.242.123.0/24 maxlen: 24
151.243.104.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 11 Aug 2025 06:50:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:66:4c:8f:f5:81:fe:59:48:d1:37:e8:25:45:af:3f:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Aug 1 15:42:30 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0284a870db0bf847a2ae1c78625e4248fb06604b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:6e:21:92:b0:f7:f6:94:49:1e:b2:b1:6c:39:
77:79:33:e3:54:3d:02:5d:47:4f:59:bc:06:d8:a8:
e1:18:d2:8d:c7:b2:d8:ba:04:ff:70:e9:69:aa:ec:
a3:d6:f1:22:6e:a6:a8:27:42:36:b3:a8:27:fe:ff:
29:5f:f8:10:b2:28:2d:e4:aa:0c:21:1e:38:93:82:
05:e2:18:88:46:16:42:4c:00:ef:13:3f:50:46:ea:
db:a0:1b:1b:e1:b2:57:1a:f4:d0:f3:50:2f:8a:84:
01:41:35:98:d2:7f:f2:2a:c3:d6:21:f9:25:f9:72:
78:c1:5c:29:01:90:de:9c:61:87:7f:06:cd:2e:19:
2b:5f:ae:ec:af:16:2d:65:93:8e:ef:47:bf:eb:e0:
ec:95:3c:b7:a8:63:27:95:9a:60:dd:dc:49:e2:db:
0c:83:27:66:43:48:63:e5:cf:40:19:28:1b:95:42:
d9:85:a6:a1:9a:46:d9:d1:fd:d8:3f:65:d3:81:56:
d2:68:80:1f:a4:a5:2c:31:07:86:91:80:43:01:1b:
da:78:d5:01:94:ff:4f:71:10:8a:eb:6a:26:78:9f:
6c:ed:4a:0a:f9:da:53:67:1b:e9:9d:d3:1d:50:44:
ec:88:5d:c3:de:cd:6a:b9:8d:38:74:04:eb:f4:f4:
ef:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:84:A8:70:DB:0B:F8:47:A2:AE:1C:78:62:5E:42:48:FB:06:60:4B
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/AoSocNsL-Eeirhx4Yl5CSPsGYEs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.240.16.0/24
151.242.123.0/24
151.243.104.0/24
Signature Algorithm: sha256WithRSAEncryption
60:d4:1a:2a:b7:25:43:2b:5b:33:f9:60:8d:87:91:15:fe:fe:
58:2d:24:0f:59:ba:c4:54:87:79:ea:6f:ba:e6:5d:cb:d7:6a:
ae:47:9f:62:71:a2:6c:81:f2:88:22:6e:38:e9:d3:d7:7d:79:
ba:85:f7:5f:8d:ba:41:ab:26:69:06:ae:41:19:70:62:41:6f:
12:c1:e4:89:19:be:79:a5:8b:a8:7a:8c:ca:22:b1:84:94:f9:
a5:f9:3f:63:c1:4e:88:86:4a:ad:06:98:8f:98:4c:a6:32:19:
9e:45:5e:2c:ac:37:bc:96:60:ee:73:19:82:cd:61:65:34:7a:
45:a4:df:bb:dc:b9:ec:b8:98:98:c6:41:5f:01:2c:f7:57:9b:
54:76:ed:99:b0:07:5f:70:9e:31:c5:a7:b0:ea:bc:71:77:8f:
78:0a:a5:1e:0f:e1:71:0b:72:31:b9:91:76:ef:05:32:bd:21:
d2:07:42:ff:cd:a2:f8:fb:ea:40:f2:53:0e:e8:43:96:51:a9:
f1:03:62:ea:0a:f5:e0:2a:80:ce:13:69:65:b6:e1:6e:2f:96:
cd:f5:1b:8c:99:87:20:88:66:2d:c5:db:a2:91:b2:a8:62:e3:
73:30:e4:e3:4e:63:b7:c0:f7:93:7e:c1:9a:c7:b2:a7:a8:26:
4f:66:63:ae
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZhmTI/1gf5ZSNE36CVFrz+yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwODAxMTU0MjMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjg0YTg3MGRiMGJmODQ3YTJhZTFjNzg2MjVlNDI0OGZiMDY2MDRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6G4hkrD39pRJHrKxbDl3eTPjVD0C
XUdPWbwG2KjhGNKNx7LYugT/cOlpquyj1vEibqaoJ0I2s6gn/v8pX/gQsigt5KoM
IR44k4IF4hiIRhZCTADvEz9QRurboBsb4bJXGvTQ81AvioQBQTWY0n/yKsPWIfkl
+XJ4wVwpAZDenGGHfwbNLhkrX67srxYtZZOO70e/6+DslTy3qGMnlZpg3dxJ4tsM
gydmQ0hj5c9AGSgblULZhaahmkbZ0f3YP2XTgVbSaIAfpKUsMQeGkYBDARvaeNUB
lP9PcRCK62omeJ9s7UoK+dpTZxvpndMdUETsiF3D3s1quY04dATr9PTv7wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAKEqHDbC/hHoq4ceGJeQkj7BmBLMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvQW9Tb2NOc0wtRWVpcmh4NFlsNUNTUHNHWUVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAl/AQAwQA
l/J7AwQAl/NoMA0GCSqGSIb3DQEBCwUAA4IBAQBg1BoqtyVDK1sz+WCNh5EV/v5Y
LSQPWbrEVId56m+65l3L12quR59icaJsgfKIIm446dPXfXm6hfdfjbpBqyZpBq5B
GXBiQW8SweSJGb55pYuoeozKIrGElPml+T9jwU6IhkqtBpiPmEymMhmeRV4srDe8
lmDucxmCzWFlNHpFpN+73LnsuJiYxkFfASz3V5tUdu2ZsAdfcJ4xxaew6rxxd494
CqUeD+FxC3IxuZF27wUyvSHSB0L/zaL4++pA8lMO6EOWUanxA2LqCvXgKoDOE2ll
tuFuL5bN9RuMmYcgiGYtxduikbKoYuNzMOTjTmO3wPeTfsGax7KnqCZPZmOu
-----END CERTIFICATE-----
Generated at Sun Aug 10 16:00:59 2025 by rpki-client