
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/0yxaAVQq_HDFnrxig7tGUSA7yZk.roa
File: 0yxaAVQq_HDFnrxig7tGUSA7yZk.roa (raw, json)
Hash identifier: D6SnHsjDDLI1dhzmBicKQgsaqZQAsGamOLAwkw1XHeM=
Subject key identifier: D3:2C:5A:01:54:2A:FC:70:C5:9E:BC:62:83:BB:46:51:20:3B:C9:99
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 01994168EF2869376BD4539B8CB781C47317
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/0yxaAVQq_HDFnrxig7tGUSA7yZk.roa
Signing time: Sat 13 Sep 2025 04:50:19 +0000
ROA not before: Sat 13 Sep 2025 04:50:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209274
IP address blocks: 151.243.109.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:41:68:ef:28:69:37:6b:d4:53:9b:8c:b7:81:c4:73:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Sep 13 04:50:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d32c5a01542afc70c59ebc6283bb4651203bc999
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:e8:61:a1:e7:c5:14:33:ae:94:cf:ed:64:e5:
cb:fb:3a:17:20:d3:d9:1f:ae:db:f3:fd:2b:ec:48:
89:62:26:57:38:55:9d:36:61:5f:1e:b4:ff:33:50:
db:54:e3:b7:13:1e:59:11:53:6a:78:6b:1f:dc:65:
90:1c:e6:61:bf:89:db:83:d3:9a:37:ed:e4:3c:34:
8a:d2:d1:44:59:e1:a1:5a:eb:bf:2f:c0:0c:5f:eb:
55:cd:25:9e:24:8a:e4:ee:c2:c0:9e:c9:ff:c0:c1:
83:6a:48:f9:2a:d6:33:82:c2:5d:c1:01:46:83:58:
cd:c6:cb:ec:ad:03:e7:d2:62:76:0f:22:d8:19:c2:
07:49:6a:78:c9:15:eb:f0:70:e2:0c:33:75:ee:bb:
70:4f:44:a4:a0:e7:e7:3e:da:82:dc:e0:43:d9:a2:
d4:45:2c:f8:92:91:da:4b:2c:5e:c1:ea:4c:02:fb:
21:12:f3:2c:c3:ef:f7:c0:3c:d4:8a:41:99:4f:99:
43:82:f1:e5:83:fa:92:c2:97:70:78:cb:69:e7:76:
c1:86:cb:39:7e:9f:c5:5b:2d:01:25:2b:18:ec:17:
3d:e1:fc:43:40:8d:a2:00:7a:92:bc:1b:7f:ec:ba:
9a:b1:a2:21:4e:ac:ab:31:34:49:60:93:30:f0:32:
28:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:2C:5A:01:54:2A:FC:70:C5:9E:BC:62:83:BB:46:51:20:3B:C9:99
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/0yxaAVQq_HDFnrxig7tGUSA7yZk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.243.109.0/24
Signature Algorithm: sha256WithRSAEncryption
ac:32:e5:6d:3e:29:72:30:04:9f:ba:68:97:5e:eb:37:e3:79:
16:e0:05:be:f8:99:12:ec:79:78:6c:d1:46:f8:9d:fd:01:f8:
5a:5b:c1:29:9f:99:df:c3:aa:21:7a:b0:4f:10:da:f6:9e:d4:
f7:05:76:1f:a2:b1:53:7b:53:a6:8a:1a:6b:77:2c:d8:9a:33:
4a:4c:ac:69:06:ce:80:d1:0f:df:13:57:a1:6d:6f:7c:76:b5:
3e:1d:b8:c1:5b:4f:cf:e9:cd:03:46:0b:f2:7d:93:86:a8:96:
a3:1d:5d:ee:c9:13:f8:ee:a0:e8:23:eb:8d:44:3b:18:28:f0:
06:36:8a:48:a7:ef:a8:41:48:65:1a:d0:0e:30:08:d5:bb:fc:
4e:82:b2:0c:c5:3b:10:dd:c1:6c:6a:40:b9:33:df:cb:19:5b:
5d:aa:26:e0:2d:78:49:9c:80:4d:63:0a:1b:12:53:85:51:6f:
8b:75:f9:ab:38:7d:fc:87:60:2e:43:13:77:d8:28:39:85:d0:
4a:b3:04:04:ec:1e:98:63:90:01:27:4c:5e:e9:46:77:07:da:
27:e9:94:9a:5f:e9:7c:fd:fd:b9:0c:d9:6a:7e:1c:b7:1a:dc:
ad:2f:bc:00:03:13:f4:5e:fe:ed:6c:bd:0f:04:06:ed:59:19:
02:62:23:15
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZlBaO8oaTdr1FObjLeBxHMXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwOTEzMDQ1MDE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzJjNWEwMTU0MmFmYzcwYzU5ZWJjNjI4M2JiNDY1MTIwM2JjOTk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzuhhoefFFDOulM/tZOXL+zoXINPZ
H67b8/0r7EiJYiZXOFWdNmFfHrT/M1DbVOO3Ex5ZEVNqeGsf3GWQHOZhv4nbg9Oa
N+3kPDSK0tFEWeGhWuu/L8AMX+tVzSWeJIrk7sLAnsn/wMGDakj5KtYzgsJdwQFG
g1jNxsvsrQPn0mJ2DyLYGcIHSWp4yRXr8HDiDDN17rtwT0SkoOfnPtqC3OBD2aLU
RSz4kpHaSyxewepMAvshEvMsw+/3wDzUikGZT5lDgvHlg/qSwpdweMtp53bBhss5
fp/FWy0BJSsY7Bc94fxDQI2iAHqSvBt/7LqasaIhTqyrMTRJYJMw8DIoWQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNMsWgFUKvxwxZ68YoO7RlEgO8mZMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvMHl4YUFWUXFfSERGbnJ4aWc3dEdVU0E3eVprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAl/NtMA0G
CSqGSIb3DQEBCwUAA4IBAQCsMuVtPilyMASfumiXXus343kW4AW++JkS7Hl4bNFG
+J39AfhaW8Epn5nfw6oherBPENr2ntT3BXYforFTe1OmihprdyzYmjNKTKxpBs6A
0Q/fE1ehbW98drU+HbjBW0/P6c0DRgvyfZOGqJajHV3uyRP47qDoI+uNRDsYKPAG
NopIp++oQUhlGtAOMAjVu/xOgrIMxTsQ3cFsakC5M9/LGVtdqibgLXhJnIBNYwob
ElOFUW+LdfmrOH38h2AuQxN32Cg5hdBKswQE7B6YY5ABJ0xe6UZ3B9on6ZSaX+l8
/f25DNlqfhy3GtytL7wAAxP0Xv7tbL0PBAbtWRkCYiMV
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:11:19 2025 by rpki-client