Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/1D4zJmJPwXJgb-uir5VFoC3UkUs.roa
File: 1D4zJmJPwXJgb-uir5VFoC3UkUs.roa (raw, json)
Hash identifier: 05EZxTqg6nQvXUH65lEhSFsIIBUhbpvx3/CvHlIqAPw=
Subject key identifier: D4:3E:33:26:62:4F:C1:72:60:6F:EB:A2:AF:95:45:A0:2D:D4:91:4B
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0198D5423F19BE976F6B7B0C318EAA35813D
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/1D4zJmJPwXJgb-uir5VFoC3UkUs.roa
Signing time: Sat 23 Aug 2025 04:49:05 +0000
ROA not before: Sat 23 Aug 2025 04:49:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 138160
IP address blocks: 151.242.54.0/24 maxlen: 24
151.242.96.0/24 maxlen: 24
151.243.107.0/24 maxlen: 24
151.243.108.0/24 maxlen: 24
151.244.16.0/21 maxlen: 24
151.244.168.0/23 maxlen: 24
151.244.216.0/23 maxlen: 24
151.244.218.0/24 maxlen: 24
151.244.236.0/24 maxlen: 24
151.244.248.0/23 maxlen: 24
151.246.48.0/21 maxlen: 24
151.246.56.0/21 maxlen: 24
151.246.80.0/21 maxlen: 24
151.246.88.0/21 maxlen: 24
151.246.96.0/21 maxlen: 24
151.246.104.0/21 maxlen: 24
151.246.112.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 09:25:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d5:42:3f:19:be:97:6f:6b:7b:0c:31:8e:aa:35:81:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Aug 23 04:49:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d43e3326624fc172606feba2af9545a02dd4914b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:b7:00:54:60:79:5b:ce:c6:e2:b6:b9:d1:59:
1a:de:bb:b2:db:8e:89:aa:ea:03:b5:d5:3a:a4:7b:
dd:5d:17:40:cc:59:f2:af:ca:86:4f:fc:a7:8c:94:
70:91:56:dc:09:55:2f:14:d9:49:4e:af:b9:e9:0a:
e4:2b:a1:a9:11:60:d4:31:14:e2:92:63:67:c8:43:
c7:24:b5:d0:7e:56:74:b3:25:ee:c3:6a:6e:0c:01:
c2:6f:ff:8f:aa:79:f0:b4:35:90:8f:6f:c4:27:08:
d7:87:78:94:03:e8:9b:3c:75:4d:75:eb:e4:1c:38:
ed:b6:ed:bb:dd:02:70:1e:11:64:eb:4d:4b:ba:d8:
6b:3d:fa:59:c8:58:45:87:df:c1:f8:cf:85:7f:af:
3d:4a:1a:7f:5e:77:02:fe:26:6c:b4:1f:3e:9a:dd:
49:58:db:bc:31:fe:a8:89:02:2c:66:d6:38:92:06:
90:93:3f:65:af:fb:a8:a3:ed:e6:49:40:24:0c:fa:
39:ab:31:88:9b:d9:0e:83:d3:93:be:01:05:ab:29:
81:fa:09:29:2f:85:34:04:1c:78:d2:4e:8f:c9:60:
b4:c7:58:5c:4b:57:ed:4a:59:69:43:39:f8:e1:0f:
da:6d:11:77:92:7d:06:4f:5d:4b:6d:f2:f0:1e:da:
3d:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:3E:33:26:62:4F:C1:72:60:6F:EB:A2:AF:95:45:A0:2D:D4:91:4B
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/1D4zJmJPwXJgb-uir5VFoC3UkUs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.242.54.0/24
151.242.96.0/24
151.243.107.0-151.243.108.255
151.244.16.0/21
151.244.168.0/23
151.244.216.0-151.244.218.255
151.244.236.0/24
151.244.248.0/23
151.246.48.0/20
151.246.80.0-151.246.119.255
Signature Algorithm: sha256WithRSAEncryption
94:54:9e:7a:be:4f:68:61:34:f6:9e:1d:71:e0:35:07:d5:1b:
b2:19:9d:c1:84:25:d1:16:6e:22:88:7b:7e:1b:7c:fb:03:72:
dd:e3:d7:0a:93:4e:ac:93:b0:08:33:17:72:f0:39:6f:28:a8:
8f:31:fa:f8:c4:3e:8e:c7:15:3a:f7:d3:a9:4d:f1:0c:80:97:
bd:45:17:b5:d2:9a:5c:24:a7:67:c4:0e:72:0a:90:f2:1f:f3:
02:e6:de:1e:c1:29:21:56:67:8d:81:3d:37:ea:d7:ca:56:ae:
aa:bd:3a:6e:7a:88:0e:57:d1:3c:67:6f:88:b3:94:19:95:17:
41:2e:89:18:b7:c8:d3:1c:dd:a4:4d:76:80:78:e9:a7:db:c2:
2a:64:82:f3:a7:51:9f:84:25:47:0a:a9:45:08:c4:98:a3:2f:
0b:66:a0:13:90:5b:89:2c:95:0c:88:15:7c:74:19:9b:7b:59:
93:4b:58:58:cd:cf:0a:cd:70:6d:9b:6b:4e:df:ad:3b:15:42:
a7:0b:2f:49:b0:52:0a:d7:1d:3a:26:a7:e9:ea:b0:e1:ee:a1:
06:13:23:32:03:85:41:cf:00:ce:91:48:a1:12:6a:90:31:e4:
98:84:0b:65:e4:2b:87:9a:eb:0a:3d:a1:1d:c5:d2:ec:f6:25:
ca:22:57:a3
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAZjVQj8Zvpdva3sMMY6qNYE9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwODIzMDQ0OTA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDNlMzMyNjYyNGZjMTcyNjA2ZmViYTJhZjk1NDVhMDJkZDQ5MTRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtLcAVGB5W87G4ra50Vka3ruy246J
quoDtdU6pHvdXRdAzFnyr8qGT/ynjJRwkVbcCVUvFNlJTq+56QrkK6GpEWDUMRTi
kmNnyEPHJLXQflZ0syXuw2puDAHCb/+PqnnwtDWQj2/EJwjXh3iUA+ibPHVNdevk
HDjttu273QJwHhFk601LuthrPfpZyFhFh9/B+M+Ff689Shp/XncC/iZstB8+mt1J
WNu8Mf6oiQIsZtY4kgaQkz9lr/uoo+3mSUAkDPo5qzGIm9kOg9OTvgEFqymB+gkp
L4U0BBx40k6PyWC0x1hcS1ftSllpQzn44Q/abRF3kn0GT11LbfLwHto97wIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFNQ+MyZiT8FyYG/roq+VRaAt1JFLMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvMUQ0ekptSlB3WEpnYi11aXI1VkZvQzNVa1VzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBaBAIAATBUAwQAl/I2AwQA
l/JgMAwDBACX82sDBACX82wDBAOX9BADBAGX9KgwDAMEA5f02AMEAJf02gMEAJf0
7AMEAZf0+AMEBJf2MDAMAwQEl/ZQAwQDl/ZwMA0GCSqGSIb3DQEBCwUAA4IBAQCU
VJ56vk9oYTT2nh1x4DUH1RuyGZ3BhCXRFm4iiHt+G3z7A3Ld49cKk06sk7AIMxdy
8DlvKKiPMfr4xD6OxxU699OpTfEMgJe9RRe10ppcJKdnxA5yCpDyH/MC5t4ewSkh
VmeNgT036tfKVq6qvTpueogOV9E8Z2+Is5QZlRdBLokYt8jTHN2kTXaAeOmn28Iq
ZILzp1GfhCVHCqlFCMSYoy8LZqATkFuJLJUMiBV8dBmbe1mTS1hYzc8KzXBtm2tO
3607FUKnCy9JsFIK1x06Jqfp6rDh7qEGEyMyA4VBzwDOkUihEmqQMeSYhAtl5CuH
musKPaEdxdLs9iXKIlej
-----END CERTIFICATE-----
Generated at Sat Aug 23 18:20:44 2025 by rpki-client