Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/UXO4Ctsqiu5dzWxOak0VGq5oLoo.roa
File: UXO4Ctsqiu5dzWxOak0VGq5oLoo.roa (raw, json)
Hash identifier: onzggx3cBB9c0895zun9z9oAjZnIPWjZlFP7blQ6uio=
Subject key identifier: 51:73:B8:0A:DB:2A:8A:EE:5D:CD:6C:4E:6A:4D:15:1A:AE:68:2E:8A
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019A2E8168804BCE09B95A846BDC1866DE66
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/UXO4Ctsqiu5dzWxOak0VGq5oLoo.roa
Signing time: Wed 29 Oct 2025 05:47:03 +0000
ROA not before: Wed 29 Oct 2025 05:47:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214432
IP address blocks: 151.240.73.0/24 maxlen: 24
151.240.78.0/24 maxlen: 24
151.241.177.0/24 maxlen: 24
151.244.38.0/24 maxlen: 24
151.244.52.0/24 maxlen: 24
151.244.62.0/24 maxlen: 24
151.244.75.0/24 maxlen: 24
151.244.87.0/24 maxlen: 24
151.245.189.0/24 maxlen: 24
151.245.191.0/24 maxlen: 24
151.245.192.0/24 maxlen: 24
151.245.241.0/24 maxlen: 24
151.245.247.0/24 maxlen: 24
151.246.194.0/24 maxlen: 24
151.246.242.0/24 maxlen: 24
151.246.248.0/24 maxlen: 24
151.247.148.0/24 maxlen: 24
151.247.150.0/24 maxlen: 24
151.247.175.0/24 maxlen: 24
151.247.181.0/24 maxlen: 24
151.247.182.0/24 maxlen: 24
151.247.235.0/24 maxlen: 24
151.247.244.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 22:37:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:2e:81:68:80:4b:ce:09:b9:5a:84:6b:dc:18:66:de:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Oct 29 05:47:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5173b80adb2a8aee5dcd6c4e6a4d151aae682e8a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:37:c2:9e:64:37:6d:38:72:46:2b:12:d5:ee:
25:20:f0:61:ab:67:c4:70:cf:16:27:5f:bc:cf:8b:
72:aa:1a:a5:ec:e9:5c:b6:d4:fd:10:1f:85:99:e5:
be:43:da:be:4b:ee:d5:e2:f3:57:a0:f4:f3:00:73:
e2:ed:7d:1e:b8:85:1b:d2:48:7b:44:cf:4f:b8:e5:
ed:c8:7a:72:2e:54:29:fa:58:72:61:fa:a4:40:cd:
9f:f6:ae:cd:fc:f6:47:c4:42:36:5a:7a:8c:14:d4:
80:b7:6c:2a:97:b7:af:07:a9:dd:4e:6e:dd:f3:86:
dc:da:f8:5b:8f:9b:69:38:8c:e6:32:db:84:73:fd:
42:7a:84:79:f6:c1:5c:f1:5e:0d:c4:bc:8d:ca:d3:
dd:46:8c:a0:fa:01:f1:6a:a6:00:7b:1a:86:ed:a8:
23:9d:25:99:8a:3f:d9:89:3b:72:64:22:1d:19:63:
03:52:f0:3e:0b:4b:85:59:b2:9c:bf:93:d1:3b:c7:
bf:d5:83:1b:be:c8:10:d2:da:20:f8:41:1c:7e:d4:
cb:d4:fb:55:64:09:ed:f9:21:0c:59:72:40:a3:6e:
ee:69:a4:74:b2:c7:4a:91:a1:72:6f:f1:d9:6f:74:
4c:d3:69:30:e1:1c:96:58:72:ab:e0:f8:e0:07:1d:
7b:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:73:B8:0A:DB:2A:8A:EE:5D:CD:6C:4E:6A:4D:15:1A:AE:68:2E:8A
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/UXO4Ctsqiu5dzWxOak0VGq5oLoo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.240.73.0/24
151.240.78.0/24
151.241.177.0/24
151.244.38.0/24
151.244.52.0/24
151.244.62.0/24
151.244.75.0/24
151.244.87.0/24
151.245.189.0/24
151.245.191.0-151.245.192.255
151.245.241.0/24
151.245.247.0/24
151.246.194.0/24
151.246.242.0/24
151.246.248.0/24
151.247.148.0/24
151.247.150.0/24
151.247.175.0/24
151.247.181.0-151.247.182.255
151.247.235.0/24
151.247.244.0/24
Signature Algorithm: sha256WithRSAEncryption
52:37:b9:16:03:f7:1e:0c:91:b2:1f:48:f0:b6:85:8e:6a:21:
39:63:2c:bf:a0:1a:c6:a9:1a:cd:e8:09:a4:b8:4e:c6:3c:9e:
a2:f0:79:7f:8b:b3:5e:e1:d2:e6:90:e5:42:35:c8:10:22:9d:
ae:2b:02:83:96:fa:16:ea:26:29:f1:bf:15:3a:69:31:80:71:
73:76:51:3d:51:0e:49:76:5a:c8:98:dd:09:a6:a3:9e:da:4f:
7a:32:42:25:15:c1:57:d6:6f:fc:1e:4a:c5:9c:f0:27:95:71:
83:1a:f3:17:e5:34:63:ba:ac:08:82:91:19:3d:48:52:17:c9:
6c:2a:f2:78:e7:0f:d7:b1:c8:4a:49:3f:88:3f:82:12:91:07:
58:70:0c:0e:da:69:a6:05:11:13:87:8b:d1:fc:07:12:90:a9:
bc:91:e7:37:1f:22:9b:5e:c9:90:e9:8c:6d:33:e9:b1:19:db:
a5:4e:ed:12:bc:9a:c7:64:04:9b:70:03:ef:78:3a:0c:90:20:
58:c1:3f:4f:2c:e5:ea:b2:92:4c:c7:e1:15:ef:12:65:2d:30:
59:b8:28:43:a8:fb:0a:28:41:1d:d8:ae:95:0a:a4:c8:4b:c3:
d9:41:a4:70:f1:4c:85:44:75:36:07:be:8d:33:da:3d:9a:62:
3f:99:63:ce
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgISAZougWiAS84JuVqEa9wYZt5mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUxMDI5MDU0NzAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTczYjgwYWRiMmE4YWVlNWRjZDZjNGU2YTRkMTUxYWFlNjgyZThhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzTfCnmQ3bThyRisS1e4lIPBhq2fE
cM8WJ1+8z4tyqhql7OlcttT9EB+FmeW+Q9q+S+7V4vNXoPTzAHPi7X0euIUb0kh7
RM9PuOXtyHpyLlQp+lhyYfqkQM2f9q7N/PZHxEI2WnqMFNSAt2wql7evB6ndTm7d
84bc2vhbj5tpOIzmMtuEc/1CeoR59sFc8V4NxLyNytPdRoyg+gHxaqYAexqG7agj
nSWZij/ZiTtyZCIdGWMDUvA+C0uFWbKcv5PRO8e/1YMbvsgQ0tog+EEcftTL1PtV
ZAnt+SEMWXJAo27uaaR0ssdKkaFyb/HZb3RM02kw4RyWWHKr4PjgBx17UwIDAQAB
o4ICljCCApIwHQYDVR0OBBYEFFFzuArbKoruXc1sTmpNFRquaC6KMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvVVhPNEN0c3FpdTVkeld4T2FrMFZHcTVvTG9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGrBggrBgEFBQcBBwEB/wSBmzCBmDCBlQQCAAEwgY4DBACX
8EkDBACX8E4DBACX8bEDBACX9CYDBACX9DQDBACX9D4DBACX9EsDBACX9FcDBACX
9b0wDAMEAJf1vwMEAJf1wAMEAJf18QMEAJf19wMEAJf2wgMEAJf28gMEAJf2+AME
AJf3lAMEAJf3lgMEAJf3rzAMAwQAl/e1AwQAl/e2AwQAl/frAwQAl/f0MA0GCSqG
SIb3DQEBCwUAA4IBAQBSN7kWA/ceDJGyH0jwtoWOaiE5Yyy/oBrGqRrN6AmkuE7G
PJ6i8Hl/i7Ne4dLmkOVCNcgQIp2uKwKDlvoW6iYp8b8VOmkxgHFzdlE9UQ5JdlrI
mN0JpqOe2k96MkIlFcFX1m/8HkrFnPAnlXGDGvMX5TRjuqwIgpEZPUhSF8lsKvJ4
5w/XschKST+IP4ISkQdYcAwO2mmmBRETh4vR/AcSkKm8kec3HyKbXsmQ6YxtM+mx
GdulTu0SvJrHZASbcAPveDoMkCBYwT9PLOXqspJMx+EV7xJlLTBZuChDqPsKKEEd
2K6VCqTIS8PZQaRw8UyFRHU2B76NM9o9mmI/mWPO
-----END CERTIFICATE-----
Generated at Wed Nov 5 07:42:27 2025 by rpki-client