Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/asYIlMX-FKUaG4u0ORWgBRUUooI.roa
File: asYIlMX-FKUaG4u0ORWgBRUUooI.roa (raw, json)
Hash identifier: /Jz8WN4fRtXCglv5xpBfZSDF13GCNDS5Rd7KnMuzZBg=
Subject key identifier: 6A:C6:08:94:C5:FE:14:A5:1A:1B:8B:B4:39:15:A0:05:15:14:A2:82
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019879ABFA685023276C54B0A9E9477943FA
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/asYIlMX-FKUaG4u0ORWgBRUUooI.roa
Signing time: Tue 05 Aug 2025 09:59:30 +0000
ROA not before: Tue 05 Aug 2025 09:59:30 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 135402
IP address blocks: 151.240.96.0/24 maxlen: 24
151.241.92.0/24 maxlen: 24
151.242.86.0/24 maxlen: 24
151.242.132.0/24 maxlen: 24
151.242.133.0/24 maxlen: 24
151.243.4.0/24 maxlen: 24
151.243.113.0/24 maxlen: 24
151.243.206.0/24 maxlen: 24
151.243.221.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 07 Aug 2025 20:46:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:79:ab:fa:68:50:23:27:6c:54:b0:a9:e9:47:79:43:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Aug 5 09:59:30 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6ac60894c5fe14a51a1b8bb43915a0051514a282
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:1b:76:01:a1:35:c5:1a:87:12:a5:83:88:0c:
b8:d8:53:3a:da:08:c1:b9:d1:c0:61:bd:09:bc:55:
27:e6:0d:e3:8b:c4:a2:f6:1b:53:8f:f3:26:82:f8:
95:46:b3:cc:47:a7:59:85:9f:fb:27:3f:66:66:dd:
46:e3:14:77:9e:a7:5f:4e:d7:dd:f2:fd:b4:2a:ba:
c6:ef:e8:5c:49:e8:9b:c8:3c:43:2a:8a:c4:cf:dd:
4e:b6:5f:15:67:1b:3b:30:19:f0:9c:c5:8f:80:4b:
c3:01:61:41:66:94:d4:2e:44:8d:7e:0a:63:ff:f6:
18:56:bf:19:2e:99:94:98:23:9e:24:4b:85:5b:3c:
2f:c6:7f:c6:2e:74:87:18:ef:d9:ee:9f:ae:6b:fb:
f8:9c:aa:54:9a:5f:16:75:f0:b4:c3:c5:0e:dc:d5:
5f:5e:3d:56:d4:b9:6b:f8:11:1d:da:6d:d8:29:65:
b2:31:a3:89:18:4d:5a:3a:4b:96:bf:8d:15:a2:1e:
6c:86:f6:79:1f:f8:d0:e1:54:df:8f:0a:7a:dd:f1:
5c:4d:8d:7b:4f:d6:90:d2:6b:37:3e:48:87:e0:68:
c3:fb:76:b6:e4:10:0c:e3:16:9a:db:dc:61:31:70:
e4:39:ee:5e:7a:4c:15:21:35:48:c0:b8:61:0a:27:
40:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:C6:08:94:C5:FE:14:A5:1A:1B:8B:B4:39:15:A0:05:15:14:A2:82
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/asYIlMX-FKUaG4u0ORWgBRUUooI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.240.96.0/24
151.241.92.0/24
151.242.86.0/24
151.242.132.0/23
151.243.4.0/24
151.243.113.0/24
151.243.206.0/24
151.243.221.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:3b:07:09:f4:78:08:7a:48:99:fb:f8:50:51:f6:fc:6b:b0:
5c:0b:55:77:41:e1:76:20:a1:c7:cb:97:6d:6c:78:04:c0:41:
36:d4:3f:1b:12:84:66:13:c0:9c:38:9f:cb:e2:2d:91:7e:22:
52:04:e3:b4:13:60:83:b0:0a:5a:d1:ff:f8:2a:83:79:e0:6a:
63:b3:e5:63:b3:d8:b8:b5:99:76:30:08:e2:e9:38:b4:bc:04:
8d:27:f8:4c:45:52:3e:68:31:cf:72:45:f9:1a:9d:b9:7b:5b:
46:05:6d:37:65:3a:15:21:3e:b7:de:27:8b:67:b2:6e:bf:47:
9c:f2:02:63:e9:57:69:39:66:16:94:f4:68:d4:66:8f:7f:0c:
e0:89:2c:84:a3:31:ac:05:47:89:b4:af:d6:ab:33:6c:6f:48:
6b:3a:c7:25:cf:3c:76:5e:5c:ca:2a:72:66:19:81:16:e8:a5:
5e:62:27:4a:ac:02:3f:54:d8:4d:f4:ab:4d:09:ab:67:ae:b9:
e4:8d:46:fa:ed:19:dc:a3:34:47:51:8e:78:71:23:db:4a:6b:
51:c5:c7:30:fd:73:7a:ee:10:28:32:b3:c3:84:24:c2:cc:28:
39:19:16:a6:c2:29:6c:a0:9a:db:32:f3:41:26:39:61:6a:4d:
94:99:96:8a
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZh5q/poUCMnbFSwqelHeUP6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwODA1MDk1OTMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YWM2MDg5NGM1ZmUxNGE1MWExYjhiYjQzOTE1YTAwNTE1MTRhMjgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmRt2AaE1xRqHEqWDiAy42FM62gjB
udHAYb0JvFUn5g3ji8Si9htTj/MmgviVRrPMR6dZhZ/7Jz9mZt1G4xR3nqdfTtfd
8v20KrrG7+hcSeibyDxDKorEz91Otl8VZxs7MBnwnMWPgEvDAWFBZpTULkSNfgpj
//YYVr8ZLpmUmCOeJEuFWzwvxn/GLnSHGO/Z7p+ua/v4nKpUml8WdfC0w8UO3NVf
Xj1W1Llr+BEd2m3YKWWyMaOJGE1aOkuWv40Voh5shvZ5H/jQ4VTfjwp63fFcTY17
T9aQ0ms3PkiH4GjD+3a25BAM4xaa29xhMXDkOe5eekwVITVIwLhhCidA/QIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFGrGCJTF/hSlGhuLtDkVoAUVFKKCMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvYXNZSWxNWC1GS1VhRzR1ME9SV2dCUlVVb29JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAl/BgAwQA
l/FcAwQAl/JWAwQBl/KEAwQAl/MEAwQAl/NxAwQAl/POAwQAl/PdMA0GCSqGSIb3
DQEBCwUAA4IBAQCaOwcJ9HgIekiZ+/hQUfb8a7BcC1V3QeF2IKHHy5dtbHgEwEE2
1D8bEoRmE8CcOJ/L4i2RfiJSBOO0E2CDsApa0f/4KoN54Gpjs+Vjs9i4tZl2MAji
6Ti0vASNJ/hMRVI+aDHPckX5Gp25e1tGBW03ZToVIT633ieLZ7Juv0ec8gJj6Vdp
OWYWlPRo1GaPfwzgiSyEozGsBUeJtK/WqzNsb0hrOsclzzx2XlzKKnJmGYEW6KVe
YidKrAI/VNhN9KtNCatnrrnkjUb67RncozRHUY54cSPbSmtRxccw/XN67hAoMrPD
hCTCzCg5GRamwilsoJrbMvNBJjlhak2UmZaK
-----END CERTIFICATE-----
Generated at Thu Aug 7 04:41:38 2025 by rpki-client