Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/Xt-YjOvYCU1AUrCQ0irPotityo8.roa
File: Xt-YjOvYCU1AUrCQ0irPotityo8.roa (raw, json)
Hash identifier: Pep3DH1tfLk3ZrpCoszGMrFs1iPGnh4DM8d4bZvWjR4=
Subject key identifier: 5E:DF:98:8C:EB:D8:09:4D:40:52:B0:90:D2:2A:CF:A2:D8:AD:CA:8F
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019752DFF69F829B3745DF6E2DAF45C2872C
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/Xt-YjOvYCU1AUrCQ0irPotityo8.roa
Signing time: Mon 09 Jun 2025 04:08:18 +0000
ROA not before: Mon 09 Jun 2025 04:08:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20473
IP address blocks: 151.240.2.0/24 maxlen: 24
151.240.3.0/24 maxlen: 24
151.240.4.0/24 maxlen: 24
151.240.5.0/24 maxlen: 24
151.240.6.0/24 maxlen: 24
151.240.7.0/24 maxlen: 24
151.240.11.0/24 maxlen: 24
151.240.12.0/24 maxlen: 24
151.240.13.0/24 maxlen: 24
151.240.14.0/24 maxlen: 24
151.240.15.0/24 maxlen: 24
151.240.16.0/24 maxlen: 24
151.240.17.0/24 maxlen: 24
151.240.18.0/24 maxlen: 24
151.240.19.0/24 maxlen: 24
151.240.20.0/24 maxlen: 24
151.240.21.0/24 maxlen: 24
151.240.22.0/24 maxlen: 24
151.240.23.0/24 maxlen: 24
151.240.24.0/24 maxlen: 24
151.240.25.0/24 maxlen: 24
151.240.26.0/24 maxlen: 24
151.240.27.0/24 maxlen: 24
151.240.30.0/24 maxlen: 24
151.240.31.0/24 maxlen: 24
151.240.32.0/24 maxlen: 24
151.240.33.0/24 maxlen: 24
151.240.34.0/24 maxlen: 24
151.240.35.0/24 maxlen: 24
151.240.36.0/24 maxlen: 24
151.240.37.0/24 maxlen: 24
151.240.38.0/24 maxlen: 24
151.240.39.0/24 maxlen: 24
151.240.40.0/24 maxlen: 24
151.240.41.0/24 maxlen: 24
151.240.42.0/24 maxlen: 24
151.240.60.0/24 maxlen: 24
151.240.61.0/24 maxlen: 24
151.240.68.0/24 maxlen: 24
151.240.69.0/24 maxlen: 24
151.240.70.0/24 maxlen: 24
151.240.71.0/24 maxlen: 24
151.240.72.0/24 maxlen: 24
151.240.73.0/24 maxlen: 24
151.240.74.0/24 maxlen: 24
151.240.75.0/24 maxlen: 24
151.240.76.0/24 maxlen: 24
151.240.77.0/24 maxlen: 24
151.240.78.0/24 maxlen: 24
151.240.79.0/24 maxlen: 24
151.240.80.0/24 maxlen: 24
151.240.81.0/24 maxlen: 24
151.240.82.0/24 maxlen: 24
151.240.83.0/24 maxlen: 24
151.240.84.0/24 maxlen: 24
151.240.85.0/24 maxlen: 24
151.240.86.0/24 maxlen: 24
151.240.87.0/24 maxlen: 24
151.240.88.0/24 maxlen: 24
151.240.89.0/24 maxlen: 24
151.240.90.0/24 maxlen: 24
151.240.96.0/24 maxlen: 24
151.240.97.0/24 maxlen: 24
151.240.98.0/24 maxlen: 24
151.240.99.0/24 maxlen: 24
151.240.100.0/24 maxlen: 24
151.240.110.0/24 maxlen: 24
151.240.116.0/24 maxlen: 24
151.240.117.0/24 maxlen: 24
151.240.126.0/24 maxlen: 24
151.240.127.0/24 maxlen: 24
151.240.128.0/24 maxlen: 24
151.240.129.0/24 maxlen: 24
151.240.130.0/24 maxlen: 24
151.240.131.0/24 maxlen: 24
151.240.132.0/24 maxlen: 24
151.240.133.0/24 maxlen: 24
151.240.134.0/24 maxlen: 24
151.240.135.0/24 maxlen: 24
151.240.136.0/24 maxlen: 24
151.240.137.0/24 maxlen: 24
151.240.138.0/24 maxlen: 24
151.240.139.0/24 maxlen: 24
151.240.140.0/24 maxlen: 24
151.240.141.0/24 maxlen: 24
151.240.142.0/24 maxlen: 24
151.240.143.0/24 maxlen: 24
151.240.144.0/24 maxlen: 24
151.240.145.0/24 maxlen: 24
151.240.146.0/24 maxlen: 24
151.240.147.0/24 maxlen: 24
151.240.148.0/24 maxlen: 24
151.240.149.0/24 maxlen: 24
151.240.150.0/24 maxlen: 24
151.240.151.0/24 maxlen: 24
151.240.152.0/24 maxlen: 24
151.240.153.0/24 maxlen: 24
151.240.154.0/24 maxlen: 24
151.240.156.0/24 maxlen: 24
151.240.157.0/24 maxlen: 24
151.240.158.0/24 maxlen: 24
151.240.159.0/24 maxlen: 24
151.240.160.0/24 maxlen: 24
151.240.161.0/24 maxlen: 24
151.240.162.0/24 maxlen: 24
151.240.163.0/24 maxlen: 24
151.240.164.0/24 maxlen: 24
151.240.165.0/24 maxlen: 24
151.240.166.0/24 maxlen: 24
151.240.167.0/24 maxlen: 24
151.240.168.0/24 maxlen: 24
151.240.169.0/24 maxlen: 24
151.240.170.0/24 maxlen: 24
151.240.171.0/24 maxlen: 24
151.240.172.0/24 maxlen: 24
151.240.173.0/24 maxlen: 24
151.240.174.0/24 maxlen: 24
151.240.175.0/24 maxlen: 24
151.240.176.0/24 maxlen: 24
151.240.177.0/24 maxlen: 24
151.240.178.0/24 maxlen: 24
151.240.179.0/24 maxlen: 24
151.240.180.0/24 maxlen: 24
151.240.181.0/24 maxlen: 24
151.240.182.0/24 maxlen: 24
151.240.183.0/24 maxlen: 24
151.240.184.0/24 maxlen: 24
151.240.185.0/24 maxlen: 24
151.240.186.0/24 maxlen: 24
151.240.187.0/24 maxlen: 24
151.240.188.0/24 maxlen: 24
151.240.189.0/24 maxlen: 24
151.240.190.0/24 maxlen: 24
151.240.191.0/24 maxlen: 24
151.240.192.0/24 maxlen: 24
151.240.193.0/24 maxlen: 24
151.240.194.0/24 maxlen: 24
151.240.195.0/24 maxlen: 24
151.240.196.0/24 maxlen: 24
151.240.197.0/24 maxlen: 24
151.240.198.0/24 maxlen: 24
151.240.199.0/24 maxlen: 24
151.240.200.0/24 maxlen: 24
151.240.201.0/24 maxlen: 24
151.240.202.0/24 maxlen: 24
151.240.203.0/24 maxlen: 24
151.240.204.0/24 maxlen: 24
151.240.205.0/24 maxlen: 24
151.240.206.0/24 maxlen: 24
151.240.207.0/24 maxlen: 24
151.240.208.0/24 maxlen: 24
151.240.209.0/24 maxlen: 24
151.240.210.0/24 maxlen: 24
151.240.211.0/24 maxlen: 24
151.240.212.0/24 maxlen: 24
151.240.213.0/24 maxlen: 24
151.240.214.0/24 maxlen: 24
151.240.215.0/24 maxlen: 24
151.240.216.0/24 maxlen: 24
151.240.217.0/24 maxlen: 24
151.240.218.0/24 maxlen: 24
151.240.219.0/24 maxlen: 24
151.240.220.0/24 maxlen: 24
151.240.221.0/24 maxlen: 24
151.240.222.0/24 maxlen: 24
151.240.223.0/24 maxlen: 24
151.240.224.0/24 maxlen: 24
151.240.225.0/24 maxlen: 24
151.240.229.0/24 maxlen: 24
151.240.233.0/24 maxlen: 24
151.240.234.0/24 maxlen: 24
151.240.235.0/24 maxlen: 24
151.240.236.0/24 maxlen: 24
151.240.237.0/24 maxlen: 24
151.240.238.0/24 maxlen: 24
151.240.240.0/24 maxlen: 24
151.240.248.0/24 maxlen: 24
151.240.254.0/24 maxlen: 24
151.240.255.0/24 maxlen: 24
151.241.18.0/24 maxlen: 24
151.242.88.0/24 maxlen: 24
151.242.91.0/24 maxlen: 24
151.243.20.0/24 maxlen: 24
151.243.45.0/24 maxlen: 24
151.243.88.0/24 maxlen: 24
151.243.89.0/24 maxlen: 24
151.244.2.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 03:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:52:df:f6:9f:82:9b:37:45:df:6e:2d:af:45:c2:87:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Jun 9 04:08:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5edf988cebd8094d4052b090d22acfa2d8adca8f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:cf:b9:f7:06:83:78:4e:58:2a:77:cc:71:09:
f7:a7:40:2f:ef:4f:be:bb:2b:36:3c:cd:90:b1:23:
28:30:0c:81:6d:62:69:71:40:50:64:75:c2:f9:5e:
02:fe:33:8d:54:35:15:91:1e:f1:78:7f:83:bb:60:
92:ab:bf:c5:e5:f7:fe:58:a8:78:af:f6:c3:ff:aa:
73:bf:98:6e:25:d3:90:f1:72:85:e6:69:bd:0b:79:
37:5f:7d:52:c8:da:a2:24:35:5e:f7:7a:d6:35:37:
28:f7:11:f3:48:92:71:2b:1d:1a:f6:d3:56:dd:ec:
c3:1f:18:95:53:80:c9:31:b9:6d:2a:79:d5:d7:74:
4c:81:9c:5e:55:b1:f8:09:51:e0:e1:3e:83:b8:74:
e3:b7:28:3a:35:ce:d1:76:8b:2c:b7:1c:aa:ed:58:
42:ca:be:b5:77:b3:fb:52:11:35:62:db:37:0e:f8:
b6:b6:22:a9:2c:77:18:37:f4:cd:24:65:37:02:ba:
5e:1f:e1:4a:e6:cf:39:0d:29:be:6b:9a:c5:49:1e:
31:2b:a5:00:a7:b2:d2:30:47:01:55:eb:63:e0:8f:
a2:d5:1f:e6:cc:28:44:1d:4b:c0:ec:00:db:e1:10:
a6:12:60:84:5a:f9:2e:d6:a8:82:ff:49:62:ca:b0:
ea:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:DF:98:8C:EB:D8:09:4D:40:52:B0:90:D2:2A:CF:A2:D8:AD:CA:8F
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/Xt-YjOvYCU1AUrCQ0irPotityo8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.240.2.0-151.240.7.255
151.240.11.0-151.240.27.255
151.240.30.0-151.240.42.255
151.240.60.0/23
151.240.68.0-151.240.90.255
151.240.96.0-151.240.100.255
151.240.110.0/24
151.240.116.0/23
151.240.126.0-151.240.154.255
151.240.156.0-151.240.225.255
151.240.229.0/24
151.240.233.0-151.240.238.255
151.240.240.0/24
151.240.248.0/24
151.240.254.0/23
151.241.18.0/24
151.242.88.0/24
151.242.91.0/24
151.243.20.0/24
151.243.45.0/24
151.243.88.0/23
151.244.2.0/24
Signature Algorithm: sha256WithRSAEncryption
97:01:6a:3d:56:ba:51:f7:3f:f7:60:ec:60:24:6d:4c:cc:4e:
a1:44:6e:ae:11:57:f3:ec:c5:ee:dc:e6:1a:fb:02:64:05:d0:
d5:94:17:27:97:8b:14:03:73:82:90:41:b6:ba:ee:d7:a8:a2:
54:4a:b1:27:75:11:58:a1:67:b5:ca:9a:e1:91:e7:c0:fd:60:
8c:e3:bc:3a:2d:dc:e1:37:7c:88:98:6c:cf:4a:df:c6:c9:0e:
b2:70:34:89:27:19:38:fb:1a:c3:b6:8e:a0:a5:a7:6d:ae:43:
13:9e:7d:3c:e8:5b:7a:1c:57:88:07:8f:5e:7f:2d:54:f6:33:
f4:ad:52:e1:ec:e0:46:7e:9a:46:cc:d2:67:6c:38:10:03:80:
bc:c9:53:ce:d9:94:a8:b3:57:11:de:2d:1c:ad:06:74:1d:93:
d7:9c:6e:f3:15:0e:6a:ce:22:d6:fd:44:cb:09:3d:73:92:9f:
5e:54:25:75:59:d9:9d:12:eb:26:bf:f1:ea:e1:1f:f1:49:66:
e1:90:8a:d4:61:7d:41:66:1e:cb:0a:33:8f:c7:9c:f1:79:64:
16:33:69:85:06:0f:bb:8b:e7:b3:a1:96:fc:a3:15:9d:7b:1a:
62:46:4f:f3:51:ab:6e:11:01:b7:1e:ae:4d:7c:2f:18:a4:91:
88:b2:e7:32
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgISAZdS3/afgps3Rd9uLa9FwocsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNjA5MDQwODE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZWRmOTg4Y2ViZDgwOTRkNDA1MmIwOTBkMjJhY2ZhMmQ4YWRjYThmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApM+59waDeE5YKnfMcQn3p0Av70++
uys2PM2QsSMoMAyBbWJpcUBQZHXC+V4C/jONVDUVkR7xeH+Du2CSq7/F5ff+WKh4
r/bD/6pzv5huJdOQ8XKF5mm9C3k3X31SyNqiJDVe93rWNTco9xHzSJJxKx0a9tNW
3ezDHxiVU4DJMbltKnnV13RMgZxeVbH4CVHg4T6DuHTjtyg6Nc7Rdosstxyq7VhC
yr61d7P7UhE1Yts3Dvi2tiKpLHcYN/TNJGU3ArpeH+FK5s85DSm+a5rFSR4xK6UA
p7LSMEcBVetj4I+i1R/mzChEHUvA7ADb4RCmEmCEWvku1qiC/0liyrDqnwIDAQAB
o4ICzDCCAsgwHQYDVR0OBBYEFF7fmIzr2AlNQFKwkNIqz6LYrcqPMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvWHQtWWpPdllDVTFBVXJDUTBpclBvdGl0eW84LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHhBggrBgEFBQcBBwEB/wSB0TCBzjCBywQCAAEwgcQwDAME
AZfwAgMEA5fwADAMAwQAl/ALAwQCl/AYMAwDBAGX8B4DBACX8CoDBAGX8DwwDAME
ApfwRAMEAJfwWjAMAwQFl/BgAwQAl/BkAwQAl/BuAwQBl/B0MAwDBAGX8H4DBACX
8JowDAMEApfwnAMEAZfw4AMEAJfw5TAMAwQAl/DpAwQAl/DuAwQAl/DwAwQAl/D4
AwQBl/D+AwQAl/ESAwQAl/JYAwQAl/JbAwQAl/MUAwQAl/MtAwQBl/NYAwQAl/QC
MA0GCSqGSIb3DQEBCwUAA4IBAQCXAWo9VrpR9z/3YOxgJG1MzE6hRG6uEVfz7MXu
3OYa+wJkBdDVlBcnl4sUA3OCkEG2uu7XqKJUSrEndRFYoWe1yprhkefA/WCM47w6
LdzhN3yImGzPSt/GyQ6ycDSJJxk4+xrDto6gpadtrkMTnn086Ft6HFeIB49efy1U
9jP0rVLh7OBGfppGzNJnbDgQA4C8yVPO2ZSos1cR3i0crQZ0HZPXnG7zFQ5qziLW
/UTLCT1zkp9eVCV1WdmdEusmv/Hq4R/xSWbhkIrUYX1BZh7LCjOPx5zxeWQWM2mF
Bg+7i+ezoZb8oxWdexpiRk/zUatuEQG3Hq5NfC8YpJGIsucy
-----END CERTIFICATE-----
Generated at Sat Jun 14 13:36:45 2025 by rpki-client