Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/39yE_9pO-j0WeajQ2QIDJu5-NTw.roa
File: 39yE_9pO-j0WeajQ2QIDJu5-NTw.roa (raw, json)
Hash identifier: B6PZjCMHzSu4q0/u4U7BFL6vfj0M8uoV7h1CWSRVgYQ=
Subject key identifier: DF:DC:84:FF:DA:4E:FA:3D:16:79:A8:D0:D9:02:03:26:EE:7E:35:3C
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 01997AB85369968D5FEA1839C706883CFCC3
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/39yE_9pO-j0WeajQ2QIDJu5-NTw.roa
Signing time: Wed 24 Sep 2025 07:55:24 +0000
ROA not before: Wed 24 Sep 2025 07:55:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14061
IP address blocks: 151.240.160.0/24 maxlen: 24
151.241.19.0/24 maxlen: 24
151.241.45.0/24 maxlen: 24
151.241.93.0/24 maxlen: 24
151.241.224.0/24 maxlen: 24
151.241.230.0/24 maxlen: 24
151.241.231.0/24 maxlen: 24
151.244.89.0/24 maxlen: 24
151.245.74.0/24 maxlen: 24
151.245.87.0/24 maxlen: 24
151.245.198.0/24 maxlen: 24
151.245.213.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:7a:b8:53:69:96:8d:5f:ea:18:39:c7:06:88:3c:fc:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Sep 24 07:55:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dfdc84ffda4efa3d1679a8d0d9020326ee7e353c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:7f:a6:27:52:13:8b:2e:f1:63:a4:0e:27:71:
76:b9:c3:46:fb:fa:98:9d:d6:7d:6c:b5:17:3e:c6:
38:5d:23:54:95:9c:73:22:a7:87:e5:b6:f9:32:f4:
52:d7:76:84:81:f8:5f:73:4c:47:0f:d0:5b:cd:e2:
6f:b2:b0:8a:74:26:a4:1a:e5:6f:df:23:03:f2:0d:
d9:93:18:fc:5c:b1:a8:c9:80:be:6a:d6:c5:52:de:
7e:58:6f:15:f4:21:67:8a:9b:9a:7d:a3:95:60:c5:
f5:32:a8:fa:63:3f:63:e8:6b:45:e0:e0:f9:0c:c7:
9c:83:38:ed:6e:80:33:08:04:24:e4:3b:67:72:80:
d2:1e:cd:20:28:7e:8d:2f:bf:9c:fc:67:75:6f:0a:
d8:95:af:68:28:3a:bb:9a:2e:a1:c7:22:ce:f1:10:
44:eb:f2:fb:3b:15:de:a8:28:b7:76:cc:14:7f:29:
73:35:15:2f:87:d2:33:13:3d:2c:7c:9f:7f:44:57:
e3:27:34:12:13:74:97:b9:b9:ad:ec:b6:33:f1:79:
b3:ad:2d:0f:2e:25:6f:a3:bb:c6:46:73:a2:1f:07:
e0:b1:d1:5b:c1:eb:71:68:d5:04:e5:7d:23:a5:f5:
92:8b:35:91:eb:5c:9f:0b:19:e1:01:12:15:cf:a3:
6d:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:DC:84:FF:DA:4E:FA:3D:16:79:A8:D0:D9:02:03:26:EE:7E:35:3C
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/39yE_9pO-j0WeajQ2QIDJu5-NTw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.240.160.0/24
151.241.19.0/24
151.241.45.0/24
151.241.93.0/24
151.241.224.0/24
151.241.230.0/23
151.244.89.0/24
151.245.74.0/24
151.245.87.0/24
151.245.198.0/24
151.245.213.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:de:f5:ec:5b:27:55:1d:e3:4c:04:7d:c4:10:f9:14:bf:5a:
4f:9b:3d:64:a3:c6:8b:92:21:b6:f7:52:56:1e:e9:ab:e9:75:
e6:7f:4d:d2:6c:d2:2b:ec:2d:2f:ee:94:1b:c7:9c:ba:aa:fa:
a3:41:42:a6:c7:36:f2:00:d5:4a:81:84:a7:5f:0d:c4:12:d7:
e9:34:4b:15:fe:d3:d9:9a:d2:00:00:67:9e:c5:c3:3e:da:13:
33:91:71:77:3a:91:37:7e:03:2e:ee:09:e0:c8:5a:99:34:53:
c5:39:0e:85:fc:e9:7c:11:36:e0:b0:17:d0:72:e0:79:ea:49:
7c:6c:4c:97:60:f7:32:60:c9:d9:84:89:f9:db:df:46:f9:e2:
34:44:ea:ec:83:66:a8:ff:2c:fd:1b:cc:a3:9c:09:bc:20:64:
a1:21:38:c6:ed:f6:1c:9c:35:30:36:a9:4c:a4:d6:b3:6d:e9:
15:6f:ab:90:00:a3:cf:7c:2f:aa:f0:dd:36:fa:8d:8e:ef:85:
0d:7e:73:79:29:9f:a9:ea:e6:ff:a1:b6:f1:2b:73:1f:d3:3b:
0c:54:40:68:f1:c2:df:24:45:7a:4a:2a:c8:0a:a2:65:31:f6:
08:7a:6f:11:69:b3:63:6b:2d:b0:1c:be:73:31:22:09:d4:0f:
18:ca:fb:3d
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAZl6uFNplo1f6hg5xwaIPPzDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwOTI0MDc1NTI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZmRjODRmZmRhNGVmYTNkMTY3OWE4ZDBkOTAyMDMyNmVlN2UzNTNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA23+mJ1ITiy7xY6QOJ3F2ucNG+/qY
ndZ9bLUXPsY4XSNUlZxzIqeH5bb5MvRS13aEgfhfc0xHD9BbzeJvsrCKdCakGuVv
3yMD8g3Zkxj8XLGoyYC+atbFUt5+WG8V9CFnipuafaOVYMX1Mqj6Yz9j6GtF4OD5
DMecgzjtboAzCAQk5DtncoDSHs0gKH6NL7+c/Gd1bwrYla9oKDq7mi6hxyLO8RBE
6/L7OxXeqCi3dswUfylzNRUvh9IzEz0sfJ9/RFfjJzQSE3SXubmt7LYz8XmzrS0P
LiVvo7vGRnOiHwfgsdFbwetxaNUE5X0jpfWSizWR61yfCxnhARIVz6Nt2wIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFN/chP/aTvo9Fnmo0NkCAybufjU8MB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvMzl5RV85cE8tajBXZWFqUTJRSURKdTUtTlR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQAl/CgAwQA
l/ETAwQAl/EtAwQAl/FdAwQAl/HgAwQBl/HmAwQAl/RZAwQAl/VKAwQAl/VXAwQA
l/XGAwQAl/XVMA0GCSqGSIb3DQEBCwUAA4IBAQB+3vXsWydVHeNMBH3EEPkUv1pP
mz1ko8aLkiG291JWHumr6XXmf03SbNIr7C0v7pQbx5y6qvqjQUKmxzbyANVKgYSn
Xw3EEtfpNEsV/tPZmtIAAGeexcM+2hMzkXF3OpE3fgMu7gngyFqZNFPFOQ6F/Ol8
ETbgsBfQcuB56kl8bEyXYPcyYMnZhIn5299G+eI0ROrsg2ao/yz9G8yjnAm8IGSh
ITjG7fYcnDUwNqlMpNazbekVb6uQAKPPfC+q8N02+o2O74UNfnN5KZ+p6ub/obbx
K3Mf0zsMVEBo8cLfJEV6SirICqJlMfYIem8RabNjay2wHL5zMSIJ1A8Yyvs9
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:06:08 2025 by rpki-client