Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/ODTjZVHPhw1gRn5jQuGm7-sROvM.roa
File: ODTjZVHPhw1gRn5jQuGm7-sROvM.roa (raw, json)
Hash identifier: d2DgzpXzkp7eeWae1+q7t8ssodHAXVhNL97mvCDPV34=
Subject key identifier: 38:34:E3:65:51:CF:87:0D:60:46:7E:63:42:E1:A6:EF:EB:11:3A:F3
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019859905DE8E4565246A1559E531E8B1FB7
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/ODTjZVHPhw1gRn5jQuGm7-sROvM.roa
Signing time: Wed 30 Jul 2025 04:21:30 +0000
ROA not before: Wed 30 Jul 2025 04:21:30 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20326
IP address blocks: 151.241.136.0/21 maxlen: 21
151.241.152.0/21 maxlen: 21
151.241.208.0/21 maxlen: 21
151.241.216.0/21 maxlen: 21
151.243.21.0/24 maxlen: 24
151.243.52.0/23 maxlen: 24
151.243.164.0/22 maxlen: 22
151.243.244.0/24 maxlen: 24
151.244.136.0/22 maxlen: 24
151.244.160.0/22 maxlen: 24
151.244.172.0/22 maxlen: 24
151.244.176.0/22 maxlen: 24
151.245.8.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 10 Aug 2025 05:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:59:90:5d:e8:e4:56:52:46:a1:55:9e:53:1e:8b:1f:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Jul 30 04:21:30 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3834e36551cf870d60467e6342e1a6efeb113af3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:09:a7:e2:bb:d5:eb:80:d3:2c:27:c0:c9:b4:
15:83:ff:1d:c8:69:37:21:da:80:80:8a:9a:2f:4b:
c1:3c:b3:66:59:0b:0e:67:51:a0:f9:71:4e:c5:a3:
8d:4a:0f:f8:8c:a1:e6:96:41:15:4b:ca:03:e4:92:
ca:1b:61:ff:de:1d:a7:56:1a:12:b7:d6:bd:db:c1:
62:17:fd:41:4d:41:55:81:9d:ea:02:8e:39:69:7e:
a0:88:1b:96:bb:fc:46:ad:23:48:f3:33:7d:c5:92:
61:7e:69:1d:e8:a8:b0:4c:d5:75:8c:0f:c2:a6:25:
cd:b6:07:c5:c1:6a:7e:d6:e1:e0:a6:a3:73:37:d6:
db:a9:8a:e9:93:e3:7f:a4:a8:38:4f:08:cd:49:e5:
e7:9e:da:63:ec:69:1f:36:6b:c6:c2:57:ae:ed:4d:
59:9e:85:ad:83:c3:f0:10:2c:ad:fa:d2:30:92:00:
bc:33:d7:0a:1f:66:a6:c0:10:73:d2:d1:bb:68:02:
b8:5a:02:fa:51:a9:c0:77:00:ed:ef:7a:e6:fe:59:
c9:81:61:b4:86:32:55:5d:af:9e:90:b9:ba:1e:29:
e9:31:e6:24:eb:2f:b5:44:fe:70:4b:56:a1:75:3e:
8e:4f:d2:9a:28:4e:0a:22:bf:17:2e:69:08:b1:8e:
69:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:34:E3:65:51:CF:87:0D:60:46:7E:63:42:E1:A6:EF:EB:11:3A:F3
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/ODTjZVHPhw1gRn5jQuGm7-sROvM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.241.136.0/21
151.241.152.0/21
151.241.208.0/20
151.243.21.0/24
151.243.52.0/23
151.243.164.0/22
151.243.244.0/24
151.244.136.0/22
151.244.160.0/22
151.244.172.0-151.244.179.255
151.245.8.0/21
Signature Algorithm: sha256WithRSAEncryption
28:27:09:59:a0:ba:fb:32:a9:cb:8f:7e:31:80:d3:f7:cf:8c:
4d:d5:e0:0a:15:c2:2f:40:73:f6:e5:85:f5:a3:c7:01:0a:ad:
54:d9:af:d6:26:67:1d:27:da:67:e7:54:bc:44:5d:13:7e:0f:
84:15:46:55:74:ae:44:2a:ad:bd:c7:4e:1c:55:94:87:39:fb:
88:0c:f4:30:6d:26:1e:71:3a:2b:9c:0b:ec:9b:7a:cf:57:16:
c3:1c:1e:6b:54:26:ec:03:e8:c8:ad:a8:95:e8:9a:f6:d5:23:
d9:91:b4:2f:f6:ac:77:95:66:c2:e3:50:42:26:59:4a:e8:7d:
ed:27:17:36:01:d8:94:5e:af:24:e6:ef:43:25:d6:8f:e5:05:
52:8c:32:45:40:f8:1b:09:7c:11:e8:74:1a:b4:69:30:fb:90:
c7:33:b3:36:65:f4:e9:0d:59:ed:33:3f:23:96:5d:64:91:41:
68:d0:99:95:34:ff:89:f8:a4:e1:39:f7:bb:4c:65:3d:28:26:
e5:c4:66:c8:49:33:86:26:52:e8:21:47:e7:b2:88:4e:ea:c5:
9c:41:04:3a:56:1f:57:1c:d2:45:69:62:30:04:b8:fa:83:4e:
7a:da:79:90:7e:4c:fd:f7:f4:3e:58:32:f8:1d:67:c3:ac:a2:
d8:82:b2:21
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgISAZhZkF3o5FZSRqFVnlMeix+3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNzMwMDQyMTMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODM0ZTM2NTUxY2Y4NzBkNjA0NjdlNjM0MmUxYTZlZmViMTEzYWYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsgmn4rvV64DTLCfAybQVg/8dyGk3
IdqAgIqaL0vBPLNmWQsOZ1Gg+XFOxaONSg/4jKHmlkEVS8oD5JLKG2H/3h2nVhoS
t9a928FiF/1BTUFVgZ3qAo45aX6giBuWu/xGrSNI8zN9xZJhfmkd6KiwTNV1jA/C
piXNtgfFwWp+1uHgpqNzN9bbqYrpk+N/pKg4TwjNSeXnntpj7GkfNmvGwleu7U1Z
noWtg8PwECyt+tIwkgC8M9cKH2amwBBz0tG7aAK4WgL6UanAdwDt73rm/lnJgWG0
hjJVXa+ekLm6HinpMeYk6y+1RP5wS1ahdT6OT9KaKE4KIr8XLmkIsY5pPQIDAQAB
o4ICTTCCAkkwHQYDVR0OBBYEFDg042VRz4cNYEZ+Y0Lhpu/rETrzMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvT0RUalpWSFBodzFnUm41alF1R203LXNST3ZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGMGCCsGAQUFBwEHAQH/BFQwUjBQBAIAATBKAwQDl/GIAwQD
l/GYAwQEl/HQAwQAl/MVAwQBl/M0AwQCl/OkAwQAl/P0AwQCl/SIAwQCl/SgMAwD
BAKX9KwDBAKX9LADBAOX9QgwDQYJKoZIhvcNAQELBQADggEBACgnCVmguvsyqcuP
fjGA0/fPjE3V4AoVwi9Ac/blhfWjxwEKrVTZr9YmZx0n2mfnVLxEXRN+D4QVRlV0
rkQqrb3HThxVlIc5+4gM9DBtJh5xOiucC+ybes9XFsMcHmtUJuwD6MitqJXomvbV
I9mRtC/2rHeVZsLjUEImWUrofe0nFzYB2JReryTm70Ml1o/lBVKMMkVA+BsJfBHo
dBq0aTD7kMczszZl9OkNWe0zPyOWXWSRQWjQmZU0/4n4pOE597tMZT0oJuXEZshJ
M4YmUughR+eyiE7qxZxBBDpWH1cc0kVpYjAEuPqDTnraeZB+TP339D5YMvgdZ8Os
otiCsiE=
-----END CERTIFICATE-----
Generated at Sat Aug 9 14:30:22 2025 by rpki-client