Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/jat47o_KUamzwAaOn-Ova54VyQc.roa
File: jat47o_KUamzwAaOn-Ova54VyQc.roa (raw, json)
Hash identifier: BFC6mbs1BstKiL1AEJUuk6dyl75vi9vsQc7ID03Ku2o=
Subject key identifier: 8D:AB:78:EE:8F:CA:51:A9:B3:C0:06:8E:9F:E3:AF:6B:9E:15:C9:07
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019A52BD8730DBF933DD742758271C3E461B
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/jat47o_KUamzwAaOn-Ova54VyQc.roa
Signing time: Wed 05 Nov 2025 06:39:03 +0000
ROA not before: Wed 05 Nov 2025 06:39:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9304
IP address blocks: 37.202.220.0/24 maxlen: 24
151.240.28.0/24 maxlen: 24
151.240.72.0/24 maxlen: 24
151.240.80.0/23 maxlen: 24
151.240.118.0/23 maxlen: 24
151.240.148.0/23 maxlen: 24
151.240.165.0/24 maxlen: 24
151.240.226.0/23 maxlen: 24
151.240.247.0/24 maxlen: 24
151.240.249.0/24 maxlen: 24
151.240.250.0/24 maxlen: 24
151.240.251.0/24 maxlen: 24
151.241.26.0/24 maxlen: 24
151.241.174.0/24 maxlen: 24
151.242.76.0/23 maxlen: 24
151.242.143.0/24 maxlen: 24
151.242.156.0/23 maxlen: 24
151.242.236.0/22 maxlen: 24
151.243.138.0/23 maxlen: 24
151.243.144.0/23 maxlen: 24
151.243.148.0/23 maxlen: 24
151.243.158.0/24 maxlen: 24
151.243.170.0/24 maxlen: 24
151.243.172.0/24 maxlen: 24
151.243.224.0/24 maxlen: 24
151.243.247.0/24 maxlen: 24
151.244.48.0/24 maxlen: 24
151.244.64.0/24 maxlen: 24
151.244.102.0/24 maxlen: 24
151.244.196.0/24 maxlen: 24
151.244.226.0/23 maxlen: 24
151.245.42.0/24 maxlen: 24
151.245.44.0/24 maxlen: 24
151.245.48.0/24 maxlen: 24
151.245.60.0/24 maxlen: 24
151.245.61.0/24 maxlen: 24
151.245.63.0/24 maxlen: 24
151.245.64.0/22 maxlen: 24
151.245.88.0/24 maxlen: 24
151.245.91.0/24 maxlen: 24
151.245.224.0/23 maxlen: 24
151.245.226.0/23 maxlen: 24
151.246.164.0/23 maxlen: 24
151.246.176.0/24 maxlen: 24
151.246.180.0/24 maxlen: 24
151.246.181.0/24 maxlen: 24
151.246.184.0/24 maxlen: 24
151.246.185.0/24 maxlen: 24
151.246.186.0/24 maxlen: 24
151.246.187.0/24 maxlen: 24
151.246.189.0/24 maxlen: 24
151.246.246.0/23 maxlen: 24
151.246.249.0/24 maxlen: 24
151.246.250.0/23 maxlen: 24
151.246.255.0/24 maxlen: 24
151.247.137.0/24 maxlen: 24
151.247.161.0/24 maxlen: 24
151.247.162.0/24 maxlen: 24
151.247.163.0/24 maxlen: 24
151.247.164.0/24 maxlen: 24
151.247.165.0/24 maxlen: 24
151.247.167.0/24 maxlen: 24
151.247.169.0/24 maxlen: 24
151.247.170.0/24 maxlen: 24
151.247.177.0/24 maxlen: 24
151.247.248.0/24 maxlen: 24
151.247.249.0/24 maxlen: 24
151.247.250.0/24 maxlen: 24
151.247.253.0/24 maxlen: 24
151.247.254.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 10:39:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:52:bd:87:30:db:f9:33:dd:74:27:58:27:1c:3e:46:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Nov 5 06:39:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8dab78ee8fca51a9b3c0068e9fe3af6b9e15c907
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:1c:14:92:32:b5:c7:77:2d:3a:74:53:25:5a:
8c:1f:df:26:1e:2c:f9:4a:69:87:9a:4e:84:78:e3:
7f:57:41:ad:d1:21:22:94:ce:b6:79:f9:47:41:b5:
de:62:2c:be:a3:1a:cc:7b:8f:e9:68:da:ac:21:89:
c1:17:07:65:f0:7d:16:d2:98:a8:3d:63:f8:c1:ea:
d6:6e:0c:02:d0:7e:c0:02:26:e1:59:fa:da:b7:0c:
64:9a:cb:a4:b0:17:60:2e:94:e7:68:49:fc:33:39:
96:05:c8:23:4d:44:b2:ca:dc:70:b8:2a:cf:e5:13:
ac:e1:01:8d:6d:63:5b:2c:1d:fa:3a:a2:e8:3d:52:
e1:29:ab:59:82:c9:c1:8d:14:18:5a:45:d0:bf:5d:
d6:6c:05:53:01:84:9c:ee:a9:79:88:4a:69:ad:bf:
c7:37:15:c6:79:24:53:a0:ac:82:df:77:90:54:85:
97:b2:99:bf:12:42:1c:01:10:90:68:f9:e9:78:82:
69:74:80:b2:80:08:15:65:57:4f:f3:2f:67:0e:34:
7d:81:80:0f:61:e5:54:84:04:e0:02:62:55:9c:65:
14:d1:32:ce:67:bd:1e:17:92:b6:a2:25:f1:20:28:
fa:38:35:d7:c5:70:28:30:64:08:da:5d:f2:f9:3e:
c0:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:AB:78:EE:8F:CA:51:A9:B3:C0:06:8E:9F:E3:AF:6B:9E:15:C9:07
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/jat47o_KUamzwAaOn-Ova54VyQc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.202.220.0/24
151.240.28.0/24
151.240.72.0/24
151.240.80.0/23
151.240.118.0/23
151.240.148.0/23
151.240.165.0/24
151.240.226.0/23
151.240.247.0/24
151.240.249.0-151.240.251.255
151.241.26.0/24
151.241.174.0/24
151.242.76.0/23
151.242.143.0/24
151.242.156.0/23
151.242.236.0/22
151.243.138.0/23
151.243.144.0/23
151.243.148.0/23
151.243.158.0/24
151.243.170.0/24
151.243.172.0/24
151.243.224.0/24
151.243.247.0/24
151.244.48.0/24
151.244.64.0/24
151.244.102.0/24
151.244.196.0/24
151.244.226.0/23
151.245.42.0/24
151.245.44.0/24
151.245.48.0/24
151.245.60.0/23
151.245.63.0-151.245.67.255
151.245.88.0/24
151.245.91.0/24
151.245.224.0/22
151.246.164.0/23
151.246.176.0/24
151.246.180.0/23
151.246.184.0/22
151.246.189.0/24
151.246.246.0/23
151.246.249.0-151.246.251.255
151.246.255.0/24
151.247.137.0/24
151.247.161.0-151.247.165.255
151.247.167.0/24
151.247.169.0-151.247.170.255
151.247.177.0/24
151.247.248.0-151.247.250.255
151.247.253.0-151.247.254.255
Signature Algorithm: sha256WithRSAEncryption
8a:09:0e:34:ab:ac:70:ad:24:72:d7:cd:ab:ee:bf:84:0c:cc:
3c:36:54:de:b0:2a:a1:76:95:e4:62:11:1f:e3:5c:5a:b6:d8:
30:de:53:4d:9c:d7:19:b5:0a:3d:b0:0f:2b:ba:54:c4:79:f6:
8b:1b:7e:02:74:33:01:07:fd:82:95:b4:28:4d:40:ad:20:a3:
54:28:4f:be:61:22:12:92:43:f1:99:0a:db:91:cc:37:1a:2f:
4e:79:cb:49:e9:b0:3f:75:0b:b1:cb:eb:ac:cf:fb:4d:8f:74:
a0:bc:95:35:a1:1c:da:cc:fb:11:ca:cf:a3:6e:77:ec:f0:78:
d8:3e:f3:1d:66:6b:cc:58:a0:ac:79:9a:dd:8f:f4:10:50:46:
cc:84:b3:5e:58:ad:e6:be:80:be:5f:b4:ba:1a:76:a7:bc:bf:
77:21:6a:3c:5d:a7:7d:c3:73:f6:d4:b4:96:3a:af:38:a8:98:
66:0a:72:4d:7d:9f:9f:c7:a0:8d:a4:80:ee:6d:67:c1:23:64:
7d:a2:5f:8c:18:67:81:76:42:e2:2a:21:22:bb:e4:e9:b3:42:
fc:6b:a8:b6:f3:16:ec:e6:b9:41:6d:6d:04:d7:bd:75:6e:0a:
9e:13:49:74:f6:0f:bf:30:b1:08:94:b0:35:2c:c3:85:86:58:
96:2d:dd:dc
-----BEGIN CERTIFICATE-----
MIIGcTCCBVmgAwIBAgISAZpSvYcw2/kz3XQnWCccPkYbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUxMTA1MDYzOTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZGFiNzhlZThmY2E1MWE5YjNjMDA2OGU5ZmUzYWY2YjllMTVjOTA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5hwUkjK1x3ctOnRTJVqMH98mHiz5
SmmHmk6EeON/V0Gt0SEilM62eflHQbXeYiy+oxrMe4/paNqsIYnBFwdl8H0W0pio
PWP4werWbgwC0H7AAibhWfratwxkmsuksBdgLpTnaEn8MzmWBcgjTUSyytxwuCrP
5ROs4QGNbWNbLB36OqLoPVLhKatZgsnBjRQYWkXQv13WbAVTAYSc7ql5iEpprb/H
NxXGeSRToKyC33eQVIWXspm/EkIcARCQaPnpeIJpdICygAgVZVdP8y9nDjR9gYAP
YeVUhATgAmJVnGUU0TLOZ70eF5K2oiXxICj6ODXXxXAoMGQI2l3y+T7AxwIDAQAB
o4IDfTCCA3kwHQYDVR0OBBYEFI2reO6PylGps8AGjp/jr2ueFckHMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvamF0NDdvX0tVYW16d0FhT24tT3ZhNTRWeVFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBkQYIKwYBBQUHAQcBAf8EggGAMIIBfDCCAXgEAgABMIIB
cAMEACXK3AMEAJfwHAMEAJfwSAMEAZfwUAMEAZfwdgMEAZfwlAMEAJfwpQMEAZfw
4gMEAJfw9zAMAwQAl/D5AwQCl/D4AwQAl/EaAwQAl/GuAwQBl/JMAwQAl/KPAwQB
l/KcAwQCl/LsAwQBl/OKAwQBl/OQAwQBl/OUAwQAl/OeAwQAl/OqAwQAl/OsAwQA
l/PgAwQAl/P3AwQAl/QwAwQAl/RAAwQAl/RmAwQAl/TEAwQBl/TiAwQAl/UqAwQA
l/UsAwQAl/UwAwQBl/U8MAwDBACX9T8DBAKX9UADBACX9VgDBACX9VsDBAKX9eAD
BAGX9qQDBACX9rADBAGX9rQDBAKX9rgDBACX9r0DBAGX9vYwDAMEAJf2+QMEApf2
+AMEAJf2/wMEAJf3iTAMAwQAl/ehAwQBl/ekAwQAl/enMAwDBACX96kDBACX96oD
BACX97EwDAMEA5f3+AMEAJf3+jAMAwQAl/f9AwQAl/f+MA0GCSqGSIb3DQEBCwUA
A4IBAQCKCQ40q6xwrSRy182r7r+EDMw8NlTesCqhdpXkYhEf41xattgw3lNNnNcZ
tQo9sA8rulTEefaLG34CdDMBB/2ClbQoTUCtIKNUKE++YSISkkPxmQrbkcw3Gi9O
ectJ6bA/dQuxy+usz/tNj3SgvJU1oRzazPsRys+jbnfs8HjYPvMdZmvMWKCseZrd
j/QQUEbMhLNeWK3mvoC+X7S6GnanvL93IWo8Xad9w3P21LSWOq84qJhmCnJNfZ+f
x6CNpIDubWfBI2R9ol+MGGeBdkLiKiEiu+Tps0L8a6i28xbs5rlBbW0E1711bgqe
E0l09g+/MLEIlLA1LMOFhliWLd3c
-----END CERTIFICATE-----
Generated at Wed Nov 5 16:02:48 2025 by rpki-client