Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/WqSv5maRGUeUv4vozpTY4-olS04.roa
File: WqSv5maRGUeUv4vozpTY4-olS04.roa (raw, json)
Hash identifier: rreqXOmwRQl/xJm7bTUoDnZJ5VcEhLaHy9qdcAq+Cu4=
Subject key identifier: 5A:A4:AF:E6:66:91:19:47:94:BF:8B:E8:CE:94:D8:E3:EA:25:4B:4E
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019772AAFE873535BB59635D0FD1D9B51AEE
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/WqSv5maRGUeUv4vozpTY4-olS04.roa
Signing time: Sun 15 Jun 2025 08:18:18 +0000
ROA not before: Sun 15 Jun 2025 08:18:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 397423
IP address blocks: 151.242.97.0/24 maxlen: 24
151.244.99.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 17 Jun 2025 15:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:72:aa:fe:87:35:35:bb:59:63:5d:0f:d1:d9:b5:1a:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Jun 15 08:18:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5aa4afe66691194794bf8be8ce94d8e3ea254b4e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:a3:17:46:e8:5a:2c:d4:0b:dc:ab:ef:86:03:
df:f7:52:ee:5e:3e:09:4a:7c:33:1b:48:c5:2e:1d:
e1:e9:22:69:b9:39:e4:ca:f2:64:ef:62:2d:88:b1:
d1:44:41:93:1e:ce:01:a5:a5:42:ed:7a:ab:cd:40:
ca:20:08:5f:93:ba:fc:65:4c:9b:c9:13:03:df:97:
db:67:4f:83:50:13:3e:25:69:d2:5e:dc:31:84:61:
97:b5:b7:9a:cc:06:b2:cf:ab:28:37:16:b9:11:b9:
2b:21:69:5b:02:da:52:23:08:18:4b:2c:04:3e:83:
01:6a:3a:df:a4:e1:92:2a:72:74:fa:8e:4d:04:6c:
d3:3b:5d:21:cf:de:20:33:31:ea:45:e8:3c:9f:e7:
f3:56:45:51:a0:88:e2:d1:11:87:8d:ef:6c:cb:e7:
42:8f:27:d1:fe:8f:9c:9b:96:d5:e3:74:fa:ef:84:
2c:ad:b4:a7:bb:85:7d:8f:b8:3f:1f:a2:2e:13:91:
37:f5:16:81:f6:7a:43:5e:9c:48:34:1e:32:20:ee:
af:7c:2c:e6:6e:91:0f:b0:e5:7e:48:4d:3d:da:fe:
d3:1c:4a:f4:fb:1e:4e:34:4e:dd:89:db:b3:41:bb:
8d:f8:13:8b:50:2e:2b:af:59:b6:69:87:9d:12:0e:
9e:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:A4:AF:E6:66:91:19:47:94:BF:8B:E8:CE:94:D8:E3:EA:25:4B:4E
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/WqSv5maRGUeUv4vozpTY4-olS04.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.242.97.0/24
151.244.99.0/24
Signature Algorithm: sha256WithRSAEncryption
b0:9f:0f:87:8f:44:f0:7e:4c:8a:a4:e8:1f:6c:b6:01:c9:bb:
86:fb:1f:ab:c0:57:70:c2:2b:d5:d4:bc:15:b3:51:c5:e5:8a:
35:bc:52:43:b5:9e:9c:60:a5:3b:1e:c8:65:04:ba:fe:7d:87:
e9:77:48:d2:b5:a3:b7:c2:df:57:ed:99:19:39:61:06:45:f5:
82:4b:3c:87:ae:42:82:28:da:85:c5:17:b2:de:e9:3b:4d:ab:
b3:2f:21:1c:82:66:6b:bc:7b:f5:eb:3b:dd:25:4c:2e:b1:75:
20:b2:86:90:38:6f:e6:bf:7b:e2:ed:68:bf:24:eb:03:a3:65:
b3:12:76:c8:d3:a7:13:b0:d4:c1:7b:96:de:8e:6c:32:d3:df:
c4:d9:f3:f2:0b:2c:47:2a:9c:47:d3:a8:59:c7:88:9c:c2:6c:
55:55:23:c4:ee:29:1d:ce:6e:0e:03:99:f0:20:08:d9:b4:f6:
f7:98:6c:1c:98:b7:46:bd:34:91:eb:42:6b:0a:b4:13:bd:ac:
03:32:6f:3b:96:aa:c3:0c:57:a7:33:24:43:e8:f5:30:46:05:
2f:7c:8c:e2:1a:38:19:2d:88:1c:0a:ac:7e:d4:fd:0d:72:40:
e9:0e:f6:cb:47:d7:6a:af:87:34:a3:0f:07:ac:8d:13:9e:97:
b8:ab:4c:b2
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZdyqv6HNTW7WWNdD9HZtRruMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNjE1MDgxODE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YWE0YWZlNjY2OTExOTQ3OTRiZjhiZThjZTk0ZDhlM2VhMjU0YjRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlqMXRuhaLNQL3KvvhgPf91LuXj4J
SnwzG0jFLh3h6SJpuTnkyvJk72ItiLHRREGTHs4BpaVC7XqrzUDKIAhfk7r8ZUyb
yRMD35fbZ0+DUBM+JWnSXtwxhGGXtbeazAayz6soNxa5EbkrIWlbAtpSIwgYSywE
PoMBajrfpOGSKnJ0+o5NBGzTO10hz94gMzHqReg8n+fzVkVRoIji0RGHje9sy+dC
jyfR/o+cm5bV43T674QsrbSnu4V9j7g/H6IuE5E39RaB9npDXpxINB4yIO6vfCzm
bpEPsOV+SE092v7THEr0+x5ONE7diduzQbuN+BOLUC4rr1m2aYedEg6ePQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFqkr+ZmkRlHlL+L6M6U2OPqJUtOMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvV3FTdjVtYVJHVWVVdjR2b3pwVFk0LW9sUzA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAl/JhAwQA
l/RjMA0GCSqGSIb3DQEBCwUAA4IBAQCwnw+Hj0TwfkyKpOgfbLYBybuG+x+rwFdw
wivV1LwVs1HF5Yo1vFJDtZ6cYKU7HshlBLr+fYfpd0jStaO3wt9X7ZkZOWEGRfWC
SzyHrkKCKNqFxRey3uk7TauzLyEcgmZrvHv16zvdJUwusXUgsoaQOG/mv3vi7Wi/
JOsDo2WzEnbI06cTsNTBe5bejmwy09/E2fPyCyxHKpxH06hZx4icwmxVVSPE7ikd
zm4OA5nwIAjZtPb3mGwcmLdGvTSR60JrCrQTvawDMm87lqrDDFenMyRD6PUwRgUv
fIziGjgZLYgcCqx+1P0NckDpDvbLR9dqr4c0ow8HrI0Tnpe4q0yy
-----END CERTIFICATE-----
Generated at Tue Jun 17 01:12:38 2025 by rpki-client