Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/KB0JnrDL6vlC6R0_SehGbz3fmrU.roa
File: KB0JnrDL6vlC6R0_SehGbz3fmrU.roa (raw, json)
Hash identifier: E212vuqb0Q3kAExNKRswsEKOx7jQ8TgY6pU577hS7cM=
Subject key identifier: 28:1D:09:9E:B0:CB:EA:F9:42:E9:1D:3F:49:E8:46:6F:3D:DF:9A:B5
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019854CC814D145ED03D1C08DE546A3A750E
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/KB0JnrDL6vlC6R0_SehGbz3fmrU.roa
Signing time: Tue 29 Jul 2025 06:09:05 +0000
ROA not before: Tue 29 Jul 2025 06:09:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209604
IP address blocks: 151.242.129.0/24 maxlen: 24
151.243.240.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 10 Aug 2025 05:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:54:cc:81:4d:14:5e:d0:3d:1c:08:de:54:6a:3a:75:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Jul 29 06:09:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=281d099eb0cbeaf942e91d3f49e8466f3ddf9ab5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:ac:6b:5c:fb:01:9d:57:2d:9e:39:46:af:91:
f5:fd:01:7a:37:43:fd:70:b5:aa:1a:03:d3:46:59:
df:a7:21:41:41:1d:eb:e2:e0:65:ef:27:49:b1:3a:
cd:50:5a:8b:87:38:ca:1f:64:d9:aa:1f:fc:db:f8:
05:ca:8f:a7:39:bc:2e:50:71:78:10:6a:3c:a5:55:
e9:28:9d:d9:94:a7:1f:0b:7c:64:65:e1:5d:bd:75:
88:60:01:74:bb:2a:78:c7:98:5f:ed:17:b2:fe:1d:
fa:27:7d:93:9f:3b:4d:a6:35:e5:a5:4f:f4:50:0a:
fc:46:c9:0b:a0:73:4d:b3:fc:62:08:a1:0a:65:bd:
ce:2a:76:b3:8e:84:61:b8:7e:cd:1e:cd:13:1d:42:
b0:a0:fd:f0:11:a9:dc:9d:05:f7:f6:83:50:17:c2:
9c:18:ab:69:9e:31:18:81:c1:3e:6c:e4:4f:33:3c:
69:b4:e4:cc:cb:fb:06:1e:42:96:d4:d6:82:dd:16:
cd:52:fb:1b:41:5d:90:55:47:c1:49:26:fa:44:9f:
68:0d:d6:83:63:a6:c6:01:4b:be:a5:fe:e6:fe:cf:
65:39:04:ae:46:6a:ac:1c:8b:29:66:d8:11:76:17:
7f:e1:68:15:6c:25:cd:47:3e:60:27:9a:81:5e:1f:
12:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:1D:09:9E:B0:CB:EA:F9:42:E9:1D:3F:49:E8:46:6F:3D:DF:9A:B5
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/KB0JnrDL6vlC6R0_SehGbz3fmrU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.242.129.0/24
151.243.240.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:05:1d:2b:bd:3a:d8:90:d2:ff:8e:52:09:35:df:6c:86:73:
51:4c:5f:bc:1b:33:07:ae:f0:ee:ea:80:12:a4:9c:96:f2:fe:
c7:1b:08:e4:b1:c4:93:ef:4e:1c:61:0b:80:ad:07:bf:4e:28:
ac:0c:29:f7:58:c9:88:c1:c9:06:a1:f0:85:0e:ea:08:96:1b:
b1:55:e9:ee:97:78:ff:c7:0a:04:ca:b4:db:3d:14:a5:59:ca:
4f:09:95:9a:fc:db:32:ab:48:74:96:d0:ea:57:20:fc:31:00:
0b:c3:52:37:d0:54:1d:f4:2f:5f:ff:b2:6d:6f:55:e1:02:21:
b2:0a:89:1b:0e:2f:22:23:af:eb:e8:2c:4a:3b:8c:6c:fd:46:
ba:c7:85:66:6c:3f:f9:68:f8:50:f5:9a:6e:ae:63:d4:28:92:
60:36:46:a7:08:48:35:c0:31:bb:8b:72:42:c5:15:15:09:0d:
61:cd:68:9a:12:90:3b:06:7c:2d:7a:5b:b3:ef:e5:7a:be:61:
34:6f:0d:a2:03:b6:a3:18:cd:5f:68:ee:dd:54:c7:c0:00:d3:
7f:1f:6c:71:4f:f9:dc:3e:a5:fe:e5:0f:1d:10:91:e4:af:db:
7c:7f:8b:af:3e:c5:c2:b8:37:02:6c:6b:ad:85:e7:6f:85:96:
04:37:9f:ee
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZhUzIFNFF7QPRwI3lRqOnUOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNzI5MDYwOTA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODFkMDk5ZWIwY2JlYWY5NDJlOTFkM2Y0OWU4NDY2ZjNkZGY5YWI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArKxrXPsBnVctnjlGr5H1/QF6N0P9
cLWqGgPTRlnfpyFBQR3r4uBl7ydJsTrNUFqLhzjKH2TZqh/82/gFyo+nObwuUHF4
EGo8pVXpKJ3ZlKcfC3xkZeFdvXWIYAF0uyp4x5hf7Rey/h36J32TnztNpjXlpU/0
UAr8RskLoHNNs/xiCKEKZb3OKnazjoRhuH7NHs0THUKwoP3wEancnQX39oNQF8Kc
GKtpnjEYgcE+bORPMzxptOTMy/sGHkKW1NaC3RbNUvsbQV2QVUfBSSb6RJ9oDdaD
Y6bGAUu+pf7m/s9lOQSuRmqsHIspZtgRdhd/4WgVbCXNRz5gJ5qBXh8SSwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCgdCZ6wy+r5QukdP0noRm8935q1MB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvS0IwSm5yREw2dmxDNlIwX1NlaEdiejNmbXJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAl/KBAwQA
l/PwMA0GCSqGSIb3DQEBCwUAA4IBAQA7BR0rvTrYkNL/jlIJNd9shnNRTF+8GzMH
rvDu6oASpJyW8v7HGwjkscST704cYQuArQe/TiisDCn3WMmIwckGofCFDuoIlhux
Venul3j/xwoEyrTbPRSlWcpPCZWa/Nsyq0h0ltDqVyD8MQALw1I30FQd9C9f/7Jt
b1XhAiGyCokbDi8iI6/r6CxKO4xs/Ua6x4VmbD/5aPhQ9ZpurmPUKJJgNkanCEg1
wDG7i3JCxRUVCQ1hzWiaEpA7Bnwteluz7+V6vmE0bw2iA7ajGM1faO7dVMfAANN/
H2xxT/ncPqX+5Q8dEJHkr9t8f4uvPsXCuDcCbGuthedvhZYEN5/u
-----END CERTIFICATE-----
Generated at Sat Aug 9 14:33:10 2025 by rpki-client