Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/gDZlw8870GMojiCBJXv-vbLk1dM.roa
File: gDZlw8870GMojiCBJXv-vbLk1dM.roa (raw, json)
Hash identifier: AMWgAEDasEo2mf0fI5159/EkEykkU7shdCeNr+q6YVA=
Subject key identifier: 80:36:65:C3:CF:3B:D0:63:28:8E:20:81:25:7B:FE:BD:B2:E4:D5:D3
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019855ADDDA9B654595B9C420DDB3D1FD8C2
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/gDZlw8870GMojiCBJXv-vbLk1dM.roa
Signing time: Tue 29 Jul 2025 10:15:14 +0000
ROA not before: Tue 29 Jul 2025 10:15:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 63473
IP address blocks: 151.241.5.0/24 maxlen: 24
151.241.113.0/24 maxlen: 24
151.242.15.0/24 maxlen: 24
151.242.74.0/24 maxlen: 24
151.242.85.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 12 Aug 2025 00:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:55:ad:dd:a9:b6:54:59:5b:9c:42:0d:db:3d:1f:d8:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Jul 29 10:15:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=803665c3cf3bd063288e2081257bfebdb2e4d5d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:c1:ed:1b:80:2c:9f:b2:87:9d:24:09:9d:80:
e6:bb:40:5a:43:17:71:f1:26:df:84:8b:f7:a7:ea:
af:6b:f1:30:47:21:28:54:d6:41:bd:dd:91:2a:38:
d2:d4:14:47:87:55:58:c7:3e:f3:0b:61:06:74:f8:
d9:7f:0e:b6:f4:4a:05:5e:85:f6:90:70:b1:43:03:
25:4e:43:e0:32:c1:49:3b:e0:70:1a:bd:bf:d4:d4:
04:f5:e7:6c:88:1c:92:51:46:03:99:fd:67:8e:04:
e5:54:98:0a:9c:90:d7:20:ac:24:57:5f:c9:d3:bb:
ad:80:26:c2:7b:59:04:f4:75:46:25:35:25:b3:6e:
f0:bb:59:21:30:0d:98:f2:14:f0:3e:ba:d9:ed:fe:
03:37:9c:2a:fb:89:54:96:e2:92:07:6c:e4:cc:59:
1d:83:76:4e:2c:f1:a6:0e:e3:92:f8:ad:e0:d6:2d:
59:7d:47:a6:c1:a6:cd:55:f9:13:00:9f:a1:6c:99:
97:2c:0a:31:75:61:ac:da:59:fb:04:78:48:10:55:
3e:a0:e5:b6:2d:33:25:ab:2b:10:da:3b:63:30:ea:
cd:21:b8:48:cf:b0:ca:07:3f:de:73:91:9e:5f:8b:
49:a0:bb:bf:32:a6:e0:bc:5d:9d:82:ba:08:8c:64:
54:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:36:65:C3:CF:3B:D0:63:28:8E:20:81:25:7B:FE:BD:B2:E4:D5:D3
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/gDZlw8870GMojiCBJXv-vbLk1dM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.241.5.0/24
151.241.113.0/24
151.242.15.0/24
151.242.74.0/24
151.242.85.0/24
Signature Algorithm: sha256WithRSAEncryption
b7:43:4f:d7:8b:fc:06:ea:7c:ca:84:a1:c1:61:bc:30:88:c9:
cc:36:8b:bb:a6:47:3e:da:fe:16:81:66:29:05:18:05:a9:ee:
9f:74:c4:1d:cd:e3:db:27:56:a6:44:04:b5:31:c5:0c:fa:c3:
9f:a8:a9:98:be:79:98:0a:63:e8:ba:1f:0a:64:8f:bc:40:c1:
20:f9:f7:b2:18:fd:7d:fb:ab:7e:d7:cd:69:aa:99:cc:79:a4:
dd:36:f7:e2:fd:65:67:d2:27:a3:d0:7b:59:07:4c:03:84:d7:
70:83:54:de:46:5b:6d:30:1d:18:ce:4f:e7:35:ba:6b:4b:22:
ca:f6:a4:c6:ac:73:83:0a:9c:09:80:6b:18:50:91:bb:e7:37:
7c:1a:f3:e1:ae:e3:61:93:ae:17:76:4c:06:6d:2d:b1:d9:ba:
f8:01:76:cb:13:5f:95:4d:9b:cc:e3:4b:51:9d:cf:55:0f:ae:
ec:30:2f:10:ad:90:7e:66:80:8d:78:0d:8c:52:7d:10:eb:42:
d1:cf:23:21:38:e7:83:02:55:71:04:68:6a:15:09:0a:24:d2:
6d:74:dd:ef:f9:6a:30:71:60:30:8c:00:4c:ae:bc:3e:ba:38:
e0:87:0b:36:4f:18:10:d4:15:45:9d:26:ca:6f:29:6b:f7:3a:
38:6a:31:10
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZhVrd2ptlRZW5xCDds9H9jCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNzI5MTAxNTE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDM2NjVjM2NmM2JkMDYzMjg4ZTIwODEyNTdiZmViZGIyZTRkNWQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAusHtG4Asn7KHnSQJnYDmu0BaQxdx
8SbfhIv3p+qva/EwRyEoVNZBvd2RKjjS1BRHh1VYxz7zC2EGdPjZfw629EoFXoX2
kHCxQwMlTkPgMsFJO+BwGr2/1NQE9edsiBySUUYDmf1njgTlVJgKnJDXIKwkV1/J
07utgCbCe1kE9HVGJTUls27wu1khMA2Y8hTwPrrZ7f4DN5wq+4lUluKSB2zkzFkd
g3ZOLPGmDuOS+K3g1i1ZfUemwabNVfkTAJ+hbJmXLAoxdWGs2ln7BHhIEFU+oOW2
LTMlqysQ2jtjMOrNIbhIz7DKBz/ec5GeX4tJoLu/MqbgvF2dgroIjGRUMwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFIA2ZcPPO9BjKI4ggSV7/r2y5NXTMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvZ0RabHc4ODcwR01vamlDQkpYdi12YkxrMWRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAl/EFAwQA
l/FxAwQAl/IPAwQAl/JKAwQAl/JVMA0GCSqGSIb3DQEBCwUAA4IBAQC3Q0/Xi/wG
6nzKhKHBYbwwiMnMNou7pkc+2v4WgWYpBRgFqe6fdMQdzePbJ1amRAS1McUM+sOf
qKmYvnmYCmPouh8KZI+8QMEg+feyGP19+6t+181pqpnMeaTdNvfi/WVn0iej0HtZ
B0wDhNdwg1TeRlttMB0Yzk/nNbprSyLK9qTGrHODCpwJgGsYUJG75zd8GvPhruNh
k64XdkwGbS2x2br4AXbLE1+VTZvM40tRnc9VD67sMC8QrZB+ZoCNeA2MUn0Q60LR
zyMhOOeDAlVxBGhqFQkKJNJtdN3v+WowcWAwjABMrrw+ujjghws2TxgQ1BVFnSbK
bylr9zo4ajEQ
-----END CERTIFICATE-----
Generated at Mon Aug 11 04:22:25 2025 by rpki-client