Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/1uQFFQv36PF9v22yvLy36C7-_sM.roa
File: 1uQFFQv36PF9v22yvLy36C7-_sM.roa (raw, json)
Hash identifier: EGESPKMFjX67yIIn99pMmQ8JN7xgFYlxHrgQWGA3eF0=
Subject key identifier: D6:E4:05:15:0B:F7:E8:F1:7D:BF:6D:B2:BC:BC:B7:E8:2E:FE:FE:C3
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0197B4D67502DCFC28C2CC0E5CE28E85340B
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/1uQFFQv36PF9v22yvLy36C7-_sM.roa
Signing time: Sat 28 Jun 2025 04:40:42 +0000
ROA not before: Sat 28 Jun 2025 04:40:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14618
IP address blocks: 151.240.128.0/21 maxlen: 24
151.240.136.0/21 maxlen: 24
151.241.132.0/22 maxlen: 22
151.241.232.0/21 maxlen: 24
151.242.56.0/24 maxlen: 24
151.243.8.0/23 maxlen: 23
151.243.204.0/23 maxlen: 23
151.244.16.0/21 maxlen: 21
151.245.56.0/22 maxlen: 22
151.245.188.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 03 Jul 2025 19:11:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b4:d6:75:02:dc:fc:28:c2:cc:0e:5c:e2:8e:85:34:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Jun 28 04:40:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d6e405150bf7e8f17dbf6db2bcbcb7e82efefec3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:ea:14:05:ce:99:dd:6d:ff:12:7d:6d:c4:c9:
bd:df:db:83:22:5b:cc:20:b1:2f:93:d2:68:0d:bb:
11:fb:5c:d8:b8:90:32:c0:5c:8e:c6:7a:e0:7e:eb:
df:81:9a:c5:85:07:c2:08:58:84:a2:fd:db:3d:d7:
d9:bb:c8:82:52:e9:19:fe:ba:96:f3:cb:70:0a:c4:
87:84:4b:11:f8:96:b6:29:bf:48:ba:68:20:2c:73:
31:41:11:3e:c5:43:c1:5a:eb:dc:be:27:ff:81:a6:
55:6a:07:e7:84:43:eb:09:0d:95:2d:20:69:78:19:
40:7b:f3:ea:39:70:78:05:11:38:54:4f:35:ee:27:
34:84:c9:6a:2e:5c:ac:8f:e6:6a:2f:0c:e3:13:f5:
c5:fc:f5:4b:ed:3d:50:56:1b:c3:87:80:c7:80:88:
e9:0a:d8:78:98:6f:8c:aa:33:1e:7c:01:c0:39:2b:
b2:c8:eb:97:59:29:47:c0:a6:fe:ef:27:6e:d5:57:
83:d7:23:43:84:25:cc:28:94:7c:d5:90:07:52:b3:
c9:0c:39:1a:e0:6b:b1:cf:8e:88:2c:77:9d:8a:bc:
8b:4e:e0:0a:ce:f7:a4:11:ad:03:10:e1:0a:62:bf:
c4:3c:02:66:58:45:b6:66:2b:1e:e2:f6:65:fe:cc:
16:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:E4:05:15:0B:F7:E8:F1:7D:BF:6D:B2:BC:BC:B7:E8:2E:FE:FE:C3
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/1uQFFQv36PF9v22yvLy36C7-_sM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.240.128.0/20
151.241.132.0/22
151.241.232.0/21
151.242.56.0/24
151.243.8.0/23
151.243.204.0/23
151.244.16.0/21
151.245.56.0/22
151.245.188.0/24
Signature Algorithm: sha256WithRSAEncryption
26:a1:10:ea:74:d0:dd:14:78:9e:e4:2b:47:11:d1:0b:96:1a:
ca:e3:ad:5f:22:53:be:73:f0:ba:32:cf:5a:b1:a8:f0:d0:3c:
75:96:c9:a9:72:d1:20:c8:95:d9:cf:5b:2d:d5:91:9f:c1:42:
9e:dd:e6:f4:0c:39:d7:f1:78:22:a8:99:4b:fc:bf:78:a2:eb:
cb:47:fe:11:94:d1:ba:de:54:9a:2a:0b:93:b3:2e:b3:0d:cb:
91:e1:72:ad:78:80:13:72:20:f1:3e:f9:15:a9:d5:3b:17:8c:
b3:be:11:b2:c6:e9:02:80:b1:0d:ba:5d:a1:62:2f:ae:86:53:
21:60:b5:8f:45:3b:f0:20:e7:62:1d:66:b1:76:62:fa:7a:56:
0f:8a:31:25:ff:98:49:40:69:ee:6d:83:59:fd:f1:9f:8c:96:
39:4d:19:71:69:46:fc:69:5a:1d:f4:03:07:f1:e9:d4:33:af:
29:2c:a9:59:08:fc:9d:13:e0:b2:88:c0:d8:24:aa:e5:23:e4:
51:95:91:d2:9f:11:40:38:ed:3b:4d:84:bc:32:6b:82:78:4d:
4e:5e:75:b9:d6:e0:98:ed:41:13:3d:66:db:8b:39:06:71:ee:
b5:59:05:52:16:56:4f:4b:3b:70:22:b1:52:75:c2:6c:4d:12:
5c:7e:0e:a5
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZe01nUC3PwowswOXOKOhTQLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNjI4MDQ0MDQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNmU0MDUxNTBiZjdlOGYxN2RiZjZkYjJiY2JjYjdlODJlZmVmZWMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAreoUBc6Z3W3/En1txMm939uDIlvM
ILEvk9JoDbsR+1zYuJAywFyOxnrgfuvfgZrFhQfCCFiEov3bPdfZu8iCUukZ/rqW
88twCsSHhEsR+Ja2Kb9IumggLHMxQRE+xUPBWuvcvif/gaZVagfnhEPrCQ2VLSBp
eBlAe/PqOXB4BRE4VE817ic0hMlqLlysj+ZqLwzjE/XF/PVL7T1QVhvDh4DHgIjp
Cth4mG+MqjMefAHAOSuyyOuXWSlHwKb+7ydu1VeD1yNDhCXMKJR81ZAHUrPJDDka
4Guxz46ILHediryLTuAKzvekEa0DEOEKYr/EPAJmWEW2Zise4vZl/swWDwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFNbkBRUL9+jxfb9tsry8t+gu/v7DMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvMXVRRkZRdjM2UEY5djIyeXZMeTM2QzctX3NNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQEl/CAAwQC
l/GEAwQDl/HoAwQAl/I4AwQBl/MIAwQBl/PMAwQDl/QQAwQCl/U4AwQAl/W8MA0G
CSqGSIb3DQEBCwUAA4IBAQAmoRDqdNDdFHie5CtHEdELlhrK461fIlO+c/C6Ms9a
sajw0Dx1lsmpctEgyJXZz1st1ZGfwUKe3eb0DDnX8XgiqJlL/L94ouvLR/4RlNG6
3lSaKguTsy6zDcuR4XKteIATciDxPvkVqdU7F4yzvhGyxukCgLENul2hYi+uhlMh
YLWPRTvwIOdiHWaxdmL6elYPijEl/5hJQGnubYNZ/fGfjJY5TRlxaUb8aVod9AMH
8enUM68pLKlZCPydE+CyiMDYJKrlI+RRlZHSnxFAOO07TYS8MmuCeE1OXnW51uCY
7UETPWbbizkGce61WQVSFlZPSztwIrFSdcJsTRJcfg6l
-----END CERTIFICATE-----
Generated at Wed Jul 2 21:57:32 2025 by rpki-client