Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/UnAp8kbjpvvYn4kXX_JfO0WeJ3k.roa
File: UnAp8kbjpvvYn4kXX_JfO0WeJ3k.roa (raw, json)
Hash identifier: oeuWHHsGUKBolm5xLCaPQlRvQvhgdj8i4FiVoowEw4w=
Subject key identifier: 52:70:29:F2:46:E3:A6:FB:D8:9F:89:17:5F:F2:5F:3B:45:9E:27:79
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 01986940C83AA884F35B18B1E5D99CF0C5CE
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/UnAp8kbjpvvYn4kXX_JfO0WeJ3k.roa
Signing time: Sat 02 Aug 2025 05:28:29 +0000
ROA not before: Sat 02 Aug 2025 05:28:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16276
IP address blocks: 37.202.202.0/24 maxlen: 24
151.240.1.0/24 maxlen: 24
151.240.9.0/24 maxlen: 24
151.240.14.0/24 maxlen: 24
151.240.17.0/24 maxlen: 24
151.241.69.0/24 maxlen: 24
151.242.5.0/24 maxlen: 24
151.242.39.0/24 maxlen: 24
151.242.67.0/24 maxlen: 24
151.242.96.0/24 maxlen: 24
151.242.117.0/24 maxlen: 24
151.242.159.0/24 maxlen: 24
151.243.6.0/24 maxlen: 24
151.243.19.0/24 maxlen: 24
151.243.120.0/24 maxlen: 24
151.243.160.0/22 maxlen: 22
151.243.174.0/24 maxlen: 24
151.244.78.0/24 maxlen: 24
151.245.112.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 02:01:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:69:40:c8:3a:a8:84:f3:5b:18:b1:e5:d9:9c:f0:c5:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Aug 2 05:28:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=527029f246e3a6fbd89f89175ff25f3b459e2779
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:65:43:45:0f:55:2e:3e:23:63:6e:25:a1:31:
fa:f7:d8:e9:30:37:aa:a4:ce:17:1e:ca:6b:c5:e2:
e2:17:81:49:67:39:e7:df:88:cc:ab:c2:b0:49:d2:
66:90:d2:50:54:70:6f:5c:f6:c1:b9:7f:7c:38:90:
bd:26:1a:6e:0a:75:bd:00:3d:5e:48:0f:0f:c5:ab:
a9:12:2b:3c:f1:a9:17:e3:60:c5:72:71:5d:1a:3f:
19:fc:f3:1d:64:0f:8f:31:a9:92:a6:b9:1d:af:59:
bc:af:47:55:8f:22:27:9f:36:fc:fa:5e:60:af:a7:
90:b0:3a:56:81:b4:ba:f2:41:e0:f6:8e:48:48:f4:
a8:4a:b5:8e:08:24:31:c4:86:48:8e:b7:bd:e0:67:
e6:9b:25:33:74:07:16:e9:c7:a3:94:dc:ca:46:bb:
aa:98:e6:ba:54:03:bd:44:87:8f:11:76:ba:ed:08:
1c:d7:8c:56:51:53:61:7f:47:de:1a:68:97:f6:78:
47:4d:81:a8:8a:43:cb:89:aa:5e:2d:3f:49:09:fb:
55:3d:27:ee:fc:46:94:e7:72:2a:84:5b:43:4b:6c:
72:de:f4:25:60:2e:02:8d:c6:53:9c:9c:0a:87:85:
1f:ce:74:d1:ac:44:a6:e5:d8:37:d1:31:48:fc:0d:
d9:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:70:29:F2:46:E3:A6:FB:D8:9F:89:17:5F:F2:5F:3B:45:9E:27:79
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/UnAp8kbjpvvYn4kXX_JfO0WeJ3k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.202.202.0/24
151.240.1.0/24
151.240.9.0/24
151.240.14.0/24
151.240.17.0/24
151.241.69.0/24
151.242.5.0/24
151.242.39.0/24
151.242.67.0/24
151.242.96.0/24
151.242.117.0/24
151.242.159.0/24
151.243.6.0/24
151.243.19.0/24
151.243.120.0/24
151.243.160.0/22
151.243.174.0/24
151.244.78.0/24
151.245.112.0/24
Signature Algorithm: sha256WithRSAEncryption
89:49:64:0a:5d:a4:f1:4b:3c:a1:5c:37:c4:f6:e3:01:cd:3d:
6c:b0:7e:30:0f:3a:92:e7:e0:09:a1:2a:e5:a4:89:a0:f8:5e:
ff:66:4c:36:9c:94:f8:f8:c7:fb:60:c9:12:f7:97:e7:6b:46:
57:22:e2:8b:05:f2:0b:a1:b1:2a:81:68:44:75:a6:23:f5:58:
74:d4:4c:41:c2:3a:e8:d4:af:76:a5:c6:1b:3d:4e:c0:de:29:
a1:6b:9b:78:ca:44:01:2c:6f:b2:d2:32:8a:2c:e5:3e:7c:00:
8f:58:23:7f:20:cb:86:a1:1c:01:62:db:ec:80:6a:6b:06:ab:
3c:19:9c:4f:71:d1:78:f8:9f:4c:ee:b7:71:61:84:39:56:07:
49:e7:cb:07:43:26:1c:58:c0:06:ae:de:5e:9d:91:d1:74:df:
a2:11:c4:eb:5c:54:0f:ba:1b:05:0f:62:50:b9:e8:6b:42:92:
31:26:a1:8b:34:3f:4a:a0:5f:01:07:f2:2b:1a:0f:c7:6a:4d:
1c:e6:07:25:58:9a:d4:5c:55:13:8e:4a:99:60:cb:61:6d:6e:
eb:58:c4:53:7c:19:2b:0a:cf:e8:36:4b:dc:63:1f:56:b0:8a:
d6:8d:10:77:fa:c0:02:6c:b5:44:b8:d8:01:4d:5a:03:a8:5b:
38:ac:50:90
-----BEGIN CERTIFICATE-----
MIIFajCCBFKgAwIBAgISAZhpQMg6qITzWxix5dmc8MXOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwODAyMDUyODI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjcwMjlmMjQ2ZTNhNmZiZDg5Zjg5MTc1ZmYyNWYzYjQ1OWUyNzc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvWVDRQ9VLj4jY24loTH699jpMDeq
pM4XHsprxeLiF4FJZznn34jMq8KwSdJmkNJQVHBvXPbBuX98OJC9JhpuCnW9AD1e
SA8PxaupEis88akX42DFcnFdGj8Z/PMdZA+PMamSprkdr1m8r0dVjyInnzb8+l5g
r6eQsDpWgbS68kHg9o5ISPSoSrWOCCQxxIZIjre94GfmmyUzdAcW6cejlNzKRruq
mOa6VAO9RIePEXa67Qgc14xWUVNhf0feGmiX9nhHTYGoikPLiapeLT9JCftVPSfu
/EaU53IqhFtDS2xy3vQlYC4CjcZTnJwKh4UfznTRrESm5dg30TFI/A3Z0QIDAQAB
o4ICdjCCAnIwHQYDVR0OBBYEFFJwKfJG46b72J+JF1/yXztFnid5MB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvVW5BcDhrYmpwdnZZbjRrWFhfSmZPMFdlSjNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGLBggrBgEFBQcBBwEB/wR8MHoweAQCAAEwcgMEACXKygME
AJfwAQMEAJfwCQMEAJfwDgMEAJfwEQMEAJfxRQMEAJfyBQMEAJfyJwMEAJfyQwME
AJfyYAMEAJfydQMEAJfynwMEAJfzBgMEAJfzEwMEAJfzeAMEApfzoAMEAJfzrgME
AJf0TgMEAJf1cDANBgkqhkiG9w0BAQsFAAOCAQEAiUlkCl2k8Us8oVw3xPbjAc09
bLB+MA86kufgCaEq5aSJoPhe/2ZMNpyU+PjH+2DJEveX52tGVyLiiwXyC6GxKoFo
RHWmI/VYdNRMQcI66NSvdqXGGz1OwN4poWubeMpEASxvstIyiizlPnwAj1gjfyDL
hqEcAWLb7IBqawarPBmcT3HRePifTO63cWGEOVYHSefLB0MmHFjABq7eXp2R0XTf
ohHE61xUD7obBQ9iULnoa0KSMSahizQ/SqBfAQfyKxoPx2pNHOYHJVia1FxVE45K
mWDLYW1u61jEU3wZKwrP6DZL3GMfVrCK1o0Qd/rAAmy1RLjYAU1aA6hbOKxQkA==
-----END CERTIFICATE-----
Generated at Mon Aug 4 08:27:04 2025 by rpki-client