Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/aLvG6od0enH4a8kEuzvT3TUOdnk.roa
File: aLvG6od0enH4a8kEuzvT3TUOdnk.roa (raw, json)
Hash identifier: 0KvERivZhSsTJ1Sz59EPlXi3riQ/Kh59GIVK6DhrE9o=
Subject key identifier: 68:BB:C6:EA:87:74:7A:71:F8:6B:C9:04:BB:3B:D3:DD:35:0E:76:79
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 01985078B862644A1D1AEE7EBC95CBF1F657
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/aLvG6od0enH4a8kEuzvT3TUOdnk.roa
Signing time: Mon 28 Jul 2025 09:59:05 +0000
ROA not before: Mon 28 Jul 2025 09:59:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214432
IP address blocks: 151.240.73.0/24 maxlen: 24
151.240.78.0/24 maxlen: 24
151.240.144.0/24 maxlen: 24
151.241.177.0/24 maxlen: 24
151.244.62.0/24 maxlen: 24
151.244.75.0/24 maxlen: 24
151.244.87.0/24 maxlen: 24
151.245.102.0/24 maxlen: 24
151.245.191.0/24 maxlen: 24
151.245.192.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Aug 2025 20:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:50:78:b8:62:64:4a:1d:1a:ee:7e:bc:95:cb:f1:f6:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Jul 28 09:59:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=68bbc6ea87747a71f86bc904bb3bd3dd350e7679
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:8b:01:de:d1:51:52:55:2c:ba:3f:6f:f7:3e:
14:a5:ef:bc:1f:8c:37:4e:3c:b1:f8:52:3c:18:6f:
57:a5:e6:28:aa:91:19:3b:e6:ed:91:64:16:7f:ef:
61:d7:ef:f2:c3:92:32:a3:6a:a5:ad:60:b4:11:ae:
ec:2d:d9:32:51:44:37:ee:78:32:a6:6d:09:65:90:
9f:ab:1d:62:87:e5:9e:b1:6c:a6:a3:0b:30:80:df:
1e:48:39:70:f8:f2:7e:32:59:b9:ac:1e:0a:28:4a:
36:81:19:cb:e1:ab:38:83:56:08:39:9d:cb:f5:cb:
7c:99:87:29:51:c5:ee:d1:ae:fe:00:f8:3d:6f:75:
3d:b1:2f:59:11:7d:cc:28:c9:16:fc:42:76:39:ea:
c2:cc:26:be:0f:3f:11:69:a9:33:f9:73:b9:d4:96:
32:cc:70:85:93:15:6e:87:86:ad:29:a4:b3:b2:fe:
e0:fc:79:71:ee:4e:6a:a8:29:c5:b3:72:57:06:c8:
c4:98:ca:16:51:93:b3:c1:5c:78:07:66:36:2e:26:
0c:83:e8:ce:52:90:93:41:00:f6:01:a8:f2:f9:53:
6d:b1:53:09:7c:42:04:f7:40:75:34:6b:2c:ef:b7:
bc:65:33:4f:07:88:58:84:5c:5f:58:3e:37:e4:ea:
56:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:BB:C6:EA:87:74:7A:71:F8:6B:C9:04:BB:3B:D3:DD:35:0E:76:79
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/aLvG6od0enH4a8kEuzvT3TUOdnk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.240.73.0/24
151.240.78.0/24
151.240.144.0/24
151.241.177.0/24
151.244.62.0/24
151.244.75.0/24
151.244.87.0/24
151.245.102.0/24
151.245.191.0-151.245.192.255
Signature Algorithm: sha256WithRSAEncryption
2c:a1:b1:61:b5:b4:01:78:d2:26:03:9c:d0:78:01:6a:38:20:
a8:a8:09:4c:b2:00:6a:00:9c:70:c4:a7:a8:24:cf:d0:ad:06:
99:9c:a0:a1:64:6b:c8:6e:16:5c:46:36:db:aa:15:ca:d5:81:
fc:ed:ce:f8:e0:71:00:ec:58:b3:28:0e:68:34:a6:98:84:c0:
1f:e0:61:1e:90:c3:bc:ae:2d:21:ea:17:39:b1:bd:6e:d5:9d:
6c:09:8d:6a:9e:98:64:fc:ba:63:d1:ff:e6:2b:7c:ea:e3:c6:
31:8e:79:85:2c:bf:88:13:bc:b4:9f:8a:68:61:c0:f0:55:8c:
46:18:e3:cc:41:8d:c0:da:3b:39:d6:0c:7b:01:7c:bb:25:b6:
b2:b1:b8:63:2a:d8:06:0c:5f:91:ad:0e:65:ab:3f:c0:37:c3:
7b:a9:2e:4a:e1:13:a1:49:0c:2a:21:d7:79:ef:38:cf:59:f1:
e0:1a:e0:bc:7b:cd:f1:6e:a4:29:da:95:77:f5:3f:67:b1:65:
7d:5b:f5:a1:e0:61:cb:b1:20:ec:51:57:54:16:5e:8d:78:ff:
7d:33:f1:a5:e5:6e:1e:05:54:81:07:5b:17:d7:3e:2b:0d:ee:
d4:8f:7c:56:39:52:8a:e4:1e:15:fd:0c:1e:08:3d:7d:94:5d:
2c:0a:18:ea
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAZhQeLhiZEodGu5+vJXL8fZXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNzI4MDk1OTA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OGJiYzZlYTg3NzQ3YTcxZjg2YmM5MDRiYjNiZDNkZDM1MGU3Njc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsIsB3tFRUlUsuj9v9z4Upe+8H4w3
Tjyx+FI8GG9XpeYoqpEZO+btkWQWf+9h1+/yw5Iyo2qlrWC0Ea7sLdkyUUQ37ngy
pm0JZZCfqx1ih+WesWymowswgN8eSDlw+PJ+Mlm5rB4KKEo2gRnL4as4g1YIOZ3L
9ct8mYcpUcXu0a7+APg9b3U9sS9ZEX3MKMkW/EJ2OerCzCa+Dz8Raakz+XO51JYy
zHCFkxVuh4atKaSzsv7g/Hlx7k5qqCnFs3JXBsjEmMoWUZOzwVx4B2Y2LiYMg+jO
UpCTQQD2Aajy+VNtsVMJfEIE90B1NGss77e8ZTNPB4hYhFxfWD435OpWEQIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFGi7xuqHdHpx+GvJBLs70901DnZ5MB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvYUx2RzZvZDBlbkg0YThrRXV6dlQzVFVPZG5rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+AwQAl/BJAwQA
l/BOAwQAl/CQAwQAl/GxAwQAl/Q+AwQAl/RLAwQAl/RXAwQAl/VmMAwDBACX9b8D
BACX9cAwDQYJKoZIhvcNAQELBQADggEBACyhsWG1tAF40iYDnNB4AWo4IKioCUyy
AGoAnHDEp6gkz9CtBpmcoKFka8huFlxGNtuqFcrVgfztzvjgcQDsWLMoDmg0ppiE
wB/gYR6Qw7yuLSHqFzmxvW7VnWwJjWqemGT8umPR/+YrfOrjxjGOeYUsv4gTvLSf
imhhwPBVjEYY48xBjcDaOznWDHsBfLsltrKxuGMq2AYMX5GtDmWrP8A3w3upLkrh
E6FJDCoh13nvOM9Z8eAa4Lx7zfFupCnalXf1P2exZX1b9aHgYcuxIOxRV1QWXo14
/30z8aXlbh4FVIEHWxfXPisN7tSPfFY5UorkHhX9DB4IPX2UXSwKGOo=
-----END CERTIFICATE-----
Generated at Sat Aug 9 05:46:39 2025 by rpki-client