Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/1-8cL9sEllh2Kki7pWQSPw9QJEAM.roa
File: 1-8cL9sEllh2Kki7pWQSPw9QJEAM.roa (raw, json)
Hash identifier: dsbm5gjcflC4rcWi8z2yOLxwCNNDg5dNMinYhZzpZFY=
Subject key identifier: FB:C7:0B:F6:C1:25:96:1D:8A:92:2E:E9:59:04:8F:C3:D4:09:10:03
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0198B14D88DAAA40F94FA1CCA594CC0CAA38
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/1-8cL9sEllh2Kki7pWQSPw9QJEAM.roa
Signing time: Sat 16 Aug 2025 05:15:05 +0000
ROA not before: Sat 16 Aug 2025 05:15:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214432
IP address blocks: 151.240.73.0/24 maxlen: 24
151.240.78.0/24 maxlen: 24
151.240.144.0/24 maxlen: 24
151.240.150.0/24 maxlen: 24
151.240.151.0/24 maxlen: 24
151.241.177.0/24 maxlen: 24
151.244.62.0/24 maxlen: 24
151.244.75.0/24 maxlen: 24
151.244.87.0/24 maxlen: 24
151.245.102.0/24 maxlen: 24
151.245.189.0/24 maxlen: 24
151.245.191.0/24 maxlen: 24
151.245.192.0/24 maxlen: 24
151.245.241.0/24 maxlen: 24
151.245.247.0/24 maxlen: 24
151.246.248.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:b1:4d:88:da:aa:40:f9:4f:a1:cc:a5:94:cc:0c:aa:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Aug 16 05:15:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fbc70bf6c125961d8a922ee959048fc3d4091003
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:f2:fc:f7:ce:9a:ba:06:88:21:a9:5b:8c:4c:
91:04:2a:11:74:2f:93:b2:5e:e2:b2:65:52:ab:1e:
07:ae:dd:9f:9e:22:c8:32:9d:85:7d:14:ab:c5:c0:
af:25:d8:ef:1b:74:c4:b6:97:b7:52:6b:b0:6e:36:
09:ae:d5:d4:5d:52:d0:a3:52:cb:12:d8:d3:56:b6:
aa:bd:84:a4:9b:ba:fc:8d:d5:03:58:59:90:2d:06:
e0:69:88:e5:3e:7d:61:26:49:13:f6:2b:eb:a8:e8:
0d:45:19:2f:c2:59:37:0a:55:bc:20:92:b4:81:55:
62:e6:aa:b5:fa:a6:aa:4c:11:9f:02:d0:e3:7d:30:
12:e6:c9:89:10:cb:ff:62:01:25:76:24:2a:bb:0b:
b5:61:51:3a:6e:a5:16:72:55:af:e9:48:36:68:c9:
d0:ee:10:fe:91:3c:e2:c5:c6:be:f5:2b:d9:92:bb:
25:3c:1a:5c:49:3a:d5:29:71:a2:f8:47:c9:1a:d5:
ed:fc:b8:ce:29:31:21:f0:28:4d:82:37:ba:98:29:
67:11:63:65:80:25:18:9f:9f:0f:ac:eb:52:e1:9c:
80:4b:73:21:cf:4b:81:9b:c9:03:3a:37:23:24:ec:
89:e2:4d:29:99:a6:c0:d2:4f:d9:7f:29:0e:3f:c1:
34:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:C7:0B:F6:C1:25:96:1D:8A:92:2E:E9:59:04:8F:C3:D4:09:10:03
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/1-8cL9sEllh2Kki7pWQSPw9QJEAM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.240.73.0/24
151.240.78.0/24
151.240.144.0/24
151.240.150.0/23
151.241.177.0/24
151.244.62.0/24
151.244.75.0/24
151.244.87.0/24
151.245.102.0/24
151.245.189.0/24
151.245.191.0-151.245.192.255
151.245.241.0/24
151.245.247.0/24
151.246.248.0/24
Signature Algorithm: sha256WithRSAEncryption
93:bd:79:41:6b:ca:28:ad:88:3a:49:b8:44:70:5d:d8:01:3d:
bc:9a:5a:cb:49:83:54:0b:22:49:9e:4d:77:23:8a:74:57:1a:
9f:c7:27:c3:60:52:76:ea:0a:a4:c3:7d:d2:ad:90:f7:f4:56:
c4:88:af:43:02:70:66:8d:00:0e:df:fa:8e:8e:9d:1d:f7:c8:
c9:9e:a6:89:05:42:c0:0d:7b:26:5a:53:df:38:57:f9:e3:69:
82:09:57:b7:3e:8a:83:e3:0b:c4:40:15:e1:58:c8:9c:99:75:
bc:96:e4:25:1f:c6:c4:2c:4f:af:ec:d9:34:73:d5:9a:54:6a:
68:e4:64:77:b0:2c:20:50:83:f9:4e:fd:b4:21:66:7b:36:dd:
cf:12:8b:2f:d6:ae:cf:30:53:c7:7b:f6:61:73:4e:96:ba:38:
b2:e7:e2:84:a8:4b:55:5f:53:f9:1f:42:3d:ff:2b:b8:55:54:
9f:e9:7c:22:44:cb:c2:5d:75:7f:77:06:b2:eb:2f:c3:e4:13:
e3:6b:8d:1b:fd:7c:ac:e7:f4:a6:4d:35:26:ee:12:9b:5f:4d:
0e:fb:c8:97:ba:15:62:ee:91:72:03:68:cd:ba:2f:99:b7:68:
3f:cd:c6:f7:ac:75:f0:c3:57:5d:54:ac:11:81:36:94:8c:66:
4f:51:db:04
-----BEGIN CERTIFICATE-----
MIIFVDCCBDygAwIBAgISAZixTYjaqkD5T6HMpZTMDKo4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwODE2MDUxNTA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYmM3MGJmNmMxMjU5NjFkOGE5MjJlZTk1OTA0OGZjM2Q0MDkxMDAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuvL8986augaIIalbjEyRBCoRdC+T
sl7ismVSqx4Hrt2fniLIMp2FfRSrxcCvJdjvG3TEtpe3UmuwbjYJrtXUXVLQo1LL
EtjTVraqvYSkm7r8jdUDWFmQLQbgaYjlPn1hJkkT9ivrqOgNRRkvwlk3ClW8IJK0
gVVi5qq1+qaqTBGfAtDjfTAS5smJEMv/YgEldiQquwu1YVE6bqUWclWv6Ug2aMnQ
7hD+kTzixca+9SvZkrslPBpcSTrVKXGi+EfJGtXt/LjOKTEh8ChNgje6mClnEWNl
gCUYn58PrOtS4ZyAS3Mhz0uBm8kDOjcjJOyJ4k0pmabA0k/ZfykOP8E01QIDAQAB
o4ICYDCCAlwwHQYDVR0OBBYEFPvHC/bBJZYdipIu6VkEj8PUCRADMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvMS04Y0w5c0VsbGgyS2tpN3BXUVNQdzlRSkVBTS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOGUvZjQzYjFkLTllNTAtNDU1MS1hZTZhLTE3YjlkZTE0MTI1
Mi8xL3htSm05R2I3SkppamxGbXpOUzJpVVZHbHBNQS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjB1BggrBgEFBQcBBwEB/wRmMGQwYgQCAAEwXAMEAJfwSQME
AJfwTgMEAJfwkAMEAZfwlgMEAJfxsQMEAJf0PgMEAJf0SwMEAJf0VwMEAJf1ZgME
AJf1vTAMAwQAl/W/AwQAl/XAAwQAl/XxAwQAl/X3AwQAl/b4MA0GCSqGSIb3DQEB
CwUAA4IBAQCTvXlBa8oorYg6SbhEcF3YAT28mlrLSYNUCyJJnk13I4p0VxqfxyfD
YFJ26gqkw33SrZD39FbEiK9DAnBmjQAO3/qOjp0d98jJnqaJBULADXsmWlPfOFf5
42mCCVe3PoqD4wvEQBXhWMicmXW8luQlH8bELE+v7Nk0c9WaVGpo5GR3sCwgUIP5
Tv20IWZ7Nt3PEosv1q7PMFPHe/Zhc06Wujiy5+KEqEtVX1P5H0I9/yu4VVSf6Xwi
RMvCXXV/dway6y/D5BPja40b/Xys5/SmTTUm7hKbX00O+8iXuhVi7pFyA2jNui+Z
t2g/zcb3rHXww1ddVKwRgTaUjGZPUdsE
-----END CERTIFICATE-----
Generated at Sat Aug 23 14:31:05 2025 by rpki-client