Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/FgEsgUOlTEO-jllPZNsCgvtkWbU.roa
File: FgEsgUOlTEO-jllPZNsCgvtkWbU.roa (raw, json)
Hash identifier: Ae/Bx0rpe9uO8PKhf0oAjYR7QwrCrvaFMqUSJh19UxA=
Subject key identifier: 16:01:2C:81:43:A5:4C:43:BE:8E:59:4F:64:DB:02:82:FB:64:59:B5
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019A2ABD597A029405530931B7AD8116F3B5
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/FgEsgUOlTEO-jllPZNsCgvtkWbU.roa
Signing time: Tue 28 Oct 2025 12:14:03 +0000
ROA not before: Tue 28 Oct 2025 12:14:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205896
IP address blocks: 151.245.36.0/24 maxlen: 24
151.247.153.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 18:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:2a:bd:59:7a:02:94:05:53:09:31:b7:ad:81:16:f3:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Oct 28 12:14:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=16012c8143a54c43be8e594f64db0282fb6459b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:56:a4:1a:89:5d:89:d5:b9:05:da:ad:bb:21:
12:47:78:66:b0:78:90:97:c9:47:65:c0:3d:56:55:
77:15:3a:1f:03:00:1c:36:cc:75:f3:5a:4d:87:48:
c2:af:43:ac:9b:6c:19:0c:54:25:ee:fd:9a:a8:8f:
14:9e:b8:72:dd:29:30:d0:67:a6:a1:3b:0d:00:1b:
62:45:9a:31:a9:fb:33:30:cb:d5:1e:b6:22:0d:a2:
94:95:5b:2d:36:b0:c2:8e:d5:51:32:f2:65:2f:58:
b3:53:61:fd:cf:29:24:f7:b8:e6:ab:af:87:48:2f:
9c:d8:a1:c4:9e:87:09:ff:a4:08:5a:dc:50:46:66:
21:98:0b:2d:c5:aa:44:be:a4:d5:88:d9:d2:07:f7:
73:40:5b:a8:1d:51:c0:32:16:15:ee:91:a1:fa:83:
da:58:1c:dc:a6:df:50:af:47:ff:3f:e7:9c:3c:64:
ce:ca:4d:47:2c:d3:86:d5:61:cf:e9:ed:88:0e:be:
c5:f8:a2:33:ca:6e:8e:52:98:26:9c:3a:02:09:85:
d3:69:48:31:4c:48:5c:06:d0:bf:0f:85:ad:d1:da:
35:bb:23:de:11:be:81:c5:e7:61:89:5f:dc:e8:65:
5a:64:e4:b9:93:c1:f8:09:76:f7:39:e4:b2:80:c3:
0f:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:01:2C:81:43:A5:4C:43:BE:8E:59:4F:64:DB:02:82:FB:64:59:B5
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/FgEsgUOlTEO-jllPZNsCgvtkWbU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.245.36.0/24
151.247.153.0/24
Signature Algorithm: sha256WithRSAEncryption
19:82:56:7b:32:3f:48:a8:d7:7d:58:62:00:d9:7f:5f:6e:fe:
1e:b7:07:5e:37:5b:36:07:ee:87:11:86:2f:58:47:81:ea:09:
66:f7:20:4b:cb:ba:68:8a:2f:8e:f3:9b:59:66:cc:58:14:23:
ad:aa:69:4a:ae:57:b8:15:5c:cb:58:4b:62:ca:12:ee:97:a4:
bc:23:78:fc:53:09:fb:3d:af:47:55:14:cd:2e:f1:3a:1f:16:
8c:be:3c:99:f5:e3:6b:4a:24:c6:e8:0f:3e:b4:f9:4f:46:58:
55:7e:93:79:f4:70:93:ba:18:b1:7f:c0:0d:5f:e1:3c:9f:68:
62:92:dc:6e:54:b9:1f:8c:46:2f:dd:04:47:31:a6:e1:e3:19:
74:03:6d:49:3e:1c:44:a4:4e:40:ae:1c:fb:fe:d3:b3:12:64:
1c:32:8c:1d:c7:13:71:ac:c2:3f:86:dd:28:b0:fe:92:70:6a:
0b:55:41:0f:91:0e:64:be:70:22:c1:3a:6b:82:1a:ed:cb:d0:
79:1e:5e:b0:c3:7b:04:55:0d:47:16:e3:aa:b6:90:99:f4:60:
a7:a4:a2:86:ea:7d:de:85:21:ad:d6:0a:40:05:0d:92:a4:73:
e9:e2:f3:9d:63:42:a0:c6:00:1e:8f:75:f7:d1:67:a1:a4:24:
e5:c6:4c:5d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZoqvVl6ApQFUwkxt62BFvO1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUxMDI4MTIxNDAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNjAxMmM4MTQzYTU0YzQzYmU4ZTU5NGY2NGRiMDI4MmZiNjQ1OWI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvVakGoldidW5BdqtuyESR3hmsHiQ
l8lHZcA9VlV3FTofAwAcNsx181pNh0jCr0Osm2wZDFQl7v2aqI8Unrhy3Skw0Gem
oTsNABtiRZoxqfszMMvVHrYiDaKUlVstNrDCjtVRMvJlL1izU2H9zykk97jmq6+H
SC+c2KHEnocJ/6QIWtxQRmYhmAstxapEvqTViNnSB/dzQFuoHVHAMhYV7pGh+oPa
WBzcpt9Qr0f/P+ecPGTOyk1HLNOG1WHP6e2IDr7F+KIzym6OUpgmnDoCCYXTaUgx
TEhcBtC/D4Wt0do1uyPeEb6BxedhiV/c6GVaZOS5k8H4CXb3OeSygMMPTQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBYBLIFDpUxDvo5ZT2TbAoL7ZFm1MB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvRmdFc2dVT2xURU8tamxsUFpOc0NndnRrV2JVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAl/UkAwQA
l/eZMA0GCSqGSIb3DQEBCwUAA4IBAQAZglZ7Mj9IqNd9WGIA2X9fbv4etwdeN1s2
B+6HEYYvWEeB6glm9yBLy7poii+O85tZZsxYFCOtqmlKrle4FVzLWEtiyhLul6S8
I3j8Uwn7Pa9HVRTNLvE6HxaMvjyZ9eNrSiTG6A8+tPlPRlhVfpN59HCTuhixf8AN
X+E8n2hiktxuVLkfjEYv3QRHMabh4xl0A21JPhxEpE5Arhz7/tOzEmQcMowdxxNx
rMI/ht0osP6ScGoLVUEPkQ5kvnAiwTprghrty9B5Hl6ww3sEVQ1HFuOqtpCZ9GCn
pKKG6n3ehSGt1gpABQ2SpHPp4vOdY0KgxgAej3X30WehpCTlxkxd
-----END CERTIFICATE-----
Generated at Wed Nov 5 03:37:30 2025 by rpki-client