Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/rVbF4d9V4fCrsqeDZYhF2GXjitM.roa
File: rVbF4d9V4fCrsqeDZYhF2GXjitM.roa (raw, json)
Hash identifier: gA3oVbU3Dbe4fKdeio9VZ2J/1ZvIcPXKFPy7LBPXmck=
Subject key identifier: AD:56:C5:E1:DF:55:E1:F0:AB:B2:A7:83:65:88:45:D8:65:E3:8A:D3
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0198406E93F90AC32AFDE9C791F8F5A219E8
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/rVbF4d9V4fCrsqeDZYhF2GXjitM.roa
Signing time: Fri 25 Jul 2025 07:14:05 +0000
ROA not before: Fri 25 Jul 2025 07:14:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 36530
IP address blocks: 151.241.128.0/22 maxlen: 24
151.242.4.0/24 maxlen: 24
151.242.14.0/24 maxlen: 24
151.242.17.0/24 maxlen: 24
151.242.27.0/24 maxlen: 24
151.242.32.0/24 maxlen: 24
151.242.40.0/24 maxlen: 24
151.242.78.0/24 maxlen: 24
151.242.79.0/24 maxlen: 24
151.242.82.0/24 maxlen: 24
151.242.139.0/24 maxlen: 24
151.243.44.0/24 maxlen: 24
151.243.115.0/24 maxlen: 24
151.244.3.0/24 maxlen: 24
151.244.128.0/24 maxlen: 24
151.244.129.0/24 maxlen: 24
151.244.130.0/24 maxlen: 24
151.245.120.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 11 Aug 2025 06:50:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:40:6e:93:f9:0a:c3:2a:fd:e9:c7:91:f8:f5:a2:19:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Jul 25 07:14:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ad56c5e1df55e1f0abb2a783658845d865e38ad3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:ca:51:0f:0b:41:e8:14:e7:3c:40:41:76:4f:
73:41:26:78:e7:32:69:cc:89:f5:07:d0:bf:3d:f9:
e8:e4:f2:3d:4a:f2:ae:95:c4:cc:79:60:96:85:21:
0f:4f:a2:65:65:d9:7d:f1:16:81:be:eb:9f:8f:d8:
b6:9c:f2:4a:8a:c6:dc:1d:d2:4c:f4:20:85:72:d5:
c7:01:e4:31:4b:b7:03:c9:a1:ac:73:df:12:06:4e:
a7:33:7a:5e:6d:71:a1:f9:01:40:03:af:fd:16:ee:
ae:7e:a5:31:b8:b2:71:62:7d:48:91:a6:aa:a4:db:
e7:ba:3c:db:7d:39:85:05:65:42:e7:4a:ea:38:7e:
55:53:8a:b2:95:9e:23:49:78:46:a8:da:54:77:ab:
d6:60:35:bd:50:1e:65:05:35:69:cd:67:21:9c:05:
14:cf:20:6c:b4:21:62:51:e2:9a:18:eb:2c:12:76:
1d:58:f2:6b:25:de:46:f5:a1:4b:56:a4:c4:94:52:
3b:c9:3a:fe:d5:c3:19:83:23:02:8c:c7:33:5b:75:
92:57:2c:1b:b7:4e:c7:4e:51:f8:80:ac:00:77:dc:
a4:29:50:bf:a5:39:24:8c:ca:87:a0:33:ab:7e:fa:
5a:ea:d1:d2:24:de:16:95:83:b8:e6:d1:20:dc:73:
3a:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:56:C5:E1:DF:55:E1:F0:AB:B2:A7:83:65:88:45:D8:65:E3:8A:D3
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/rVbF4d9V4fCrsqeDZYhF2GXjitM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.241.128.0/22
151.242.4.0/24
151.242.14.0/24
151.242.17.0/24
151.242.27.0/24
151.242.32.0/24
151.242.40.0/24
151.242.78.0/23
151.242.82.0/24
151.242.139.0/24
151.243.44.0/24
151.243.115.0/24
151.244.3.0/24
151.244.128.0-151.244.130.255
151.245.120.0/21
Signature Algorithm: sha256WithRSAEncryption
05:b5:0b:a5:aa:d0:de:4e:f7:34:c0:1a:3f:fb:f7:e0:9a:64:
b2:14:4c:21:94:be:85:d7:3a:c9:70:95:92:f7:3d:43:89:ac:
5b:a7:b1:11:e4:05:ba:c3:af:d1:2f:f7:e4:bc:3b:84:54:d4:
1d:b2:3e:6c:53:96:66:7b:e9:d2:a4:5f:57:92:25:09:2c:80:
0b:f7:3a:6c:dc:85:9a:16:3f:25:5f:7d:36:b3:e1:4f:c5:69:
96:ab:e5:b1:45:32:2e:97:a3:1a:f8:ee:b6:8c:13:9d:ae:0a:
64:ba:eb:a2:70:fe:32:09:39:9f:0e:22:60:2f:d3:53:76:b4:
41:47:fc:ff:4d:d3:18:0f:8f:b7:c6:04:14:4c:03:7e:c2:b2:
a9:0b:23:07:d8:34:76:87:97:78:f3:8c:be:f0:45:91:46:8a:
e6:88:be:fc:6f:e1:2e:a2:6e:ae:24:d0:a5:2c:ed:75:ff:a6:
aa:96:14:42:3c:8c:b2:07:79:fc:9a:fa:7e:09:fe:03:3d:6c:
67:b6:54:45:f8:a0:ef:7a:6c:9c:a4:01:b1:b7:9d:ab:9f:6e:
62:2e:b7:6b:89:b8:0e:6c:45:1b:2c:9a:ea:11:aa:b9:49:ec:
83:f4:88:7d:45:12:2d:ae:cd:b2:4b:a7:07:5b:22:74:11:85:
37:97:f0:ce
-----BEGIN CERTIFICATE-----
MIIFWTCCBEGgAwIBAgISAZhAbpP5CsMq/enHkfj1ohnoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNzI1MDcxNDA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDU2YzVlMWRmNTVlMWYwYWJiMmE3ODM2NTg4NDVkODY1ZTM4YWQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr8pRDwtB6BTnPEBBdk9zQSZ45zJp
zIn1B9C/Pfno5PI9SvKulcTMeWCWhSEPT6JlZdl98RaBvuufj9i2nPJKisbcHdJM
9CCFctXHAeQxS7cDyaGsc98SBk6nM3pebXGh+QFAA6/9Fu6ufqUxuLJxYn1Ikaaq
pNvnujzbfTmFBWVC50rqOH5VU4qylZ4jSXhGqNpUd6vWYDW9UB5lBTVpzWchnAUU
zyBstCFiUeKaGOssEnYdWPJrJd5G9aFLVqTElFI7yTr+1cMZgyMCjMczW3WSVywb
t07HTlH4gKwAd9ykKVC/pTkkjMqHoDOrfvpa6tHSJN4WlYO45tEg3HM62QIDAQAB
o4ICZTCCAmEwHQYDVR0OBBYEFK1WxeHfVeHwq7Kng2WIRdhl44rTMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvclZiRjRkOVY0ZkNyc3FlRFpZaEYyR1hqaXRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHsGCCsGAQUFBwEHAQH/BGwwajBoBAIAATBiAwQCl/GAAwQA
l/IEAwQAl/IOAwQAl/IRAwQAl/IbAwQAl/IgAwQAl/IoAwQBl/JOAwQAl/JSAwQA
l/KLAwQAl/MsAwQAl/NzAwQAl/QDMAwDBAeX9IADBACX9IIDBAOX9XgwDQYJKoZI
hvcNAQELBQADggEBAAW1C6Wq0N5O9zTAGj/79+CaZLIUTCGUvoXXOslwlZL3PUOJ
rFunsRHkBbrDr9Ev9+S8O4RU1B2yPmxTlmZ76dKkX1eSJQksgAv3OmzchZoWPyVf
fTaz4U/FaZar5bFFMi6Xoxr47raME52uCmS666Jw/jIJOZ8OImAv01N2tEFH/P9N
0xgPj7fGBBRMA37CsqkLIwfYNHaHl3jzjL7wRZFGiuaIvvxv4S6ibq4k0KUs7XX/
pqqWFEI8jLIHefya+n4J/gM9bGe2VEX4oO96bJykAbG3naufbmIut2uJuA5sRRss
muoRqrlJ7IP0iH1FEi2uzbJLpwdbInQRhTeX8M4=
-----END CERTIFICATE-----
Generated at Sun Aug 10 13:53:23 2025 by rpki-client