Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/3KkUZBvIIuN5_14CnmPZRboj9RA.roa
File: 3KkUZBvIIuN5_14CnmPZRboj9RA.roa (raw, json)
Hash identifier: 9IZBjO+PM1oP5E5f/fcilgelQGq/JSScu+sUKelHsEQ=
Subject key identifier: DC:A9:14:64:1B:C8:22:E3:79:FF:5E:02:9E:63:D9:45:BA:23:F5:10
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0198AE2E6DF76AB9A6E6AA4ECF9C497008E2
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/3KkUZBvIIuN5_14CnmPZRboj9RA.roa
Signing time: Fri 15 Aug 2025 14:42:15 +0000
ROA not before: Fri 15 Aug 2025 14:42:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9232
IP address blocks: 37.202.213.0/24 maxlen: 24
37.202.221.0/24 maxlen: 24
151.240.147.0/24 maxlen: 24
151.240.154.0/24 maxlen: 24
151.241.11.0/24 maxlen: 24
151.241.15.0/24 maxlen: 24
151.241.21.0/24 maxlen: 24
151.241.26.0/24 maxlen: 24
151.241.31.0/24 maxlen: 24
151.241.74.0/24 maxlen: 24
151.242.18.0/24 maxlen: 24
151.242.68.0/24 maxlen: 24
151.242.70.0/24 maxlen: 24
151.242.71.0/24 maxlen: 24
151.244.8.0/24 maxlen: 24
151.244.12.0/24 maxlen: 24
151.244.24.0/24 maxlen: 24
151.244.30.0/24 maxlen: 24
151.244.40.0/24 maxlen: 24
151.244.65.0/24 maxlen: 24
151.244.73.0/24 maxlen: 24
151.244.86.0/24 maxlen: 24
151.244.93.0/24 maxlen: 24
151.244.110.0/24 maxlen: 24
151.244.114.0/24 maxlen: 24
151.245.0.0/24 maxlen: 24
151.245.32.0/24 maxlen: 24
151.245.54.0/24 maxlen: 24
151.245.68.0/24 maxlen: 24
151.245.72.0/24 maxlen: 24
151.245.86.0/24 maxlen: 24
151.245.92.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:ae:2e:6d:f7:6a:b9:a6:e6:aa:4e:cf:9c:49:70:08:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Aug 15 14:42:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dca914641bc822e379ff5e029e63d945ba23f510
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:d8:8a:1c:16:7e:83:e3:6a:f7:2b:1c:af:52:
1e:cd:15:f4:b7:09:fe:fe:17:e1:78:12:51:72:c7:
de:68:0c:1c:a7:0f:b0:d9:bd:a8:68:27:f3:db:6c:
e0:fe:a0:82:ea:09:54:c2:56:c9:fa:9d:23:3f:49:
f1:65:50:33:6d:88:36:dc:fd:76:de:ad:2a:c1:94:
94:88:01:e6:f6:db:c8:4e:bf:42:f3:c7:db:61:88:
01:97:79:07:9c:4d:f3:fc:1e:63:b7:fb:8f:2c:8a:
fd:fc:ec:ec:57:9a:42:19:e8:b2:3f:11:86:1a:eb:
d6:a7:57:c3:f4:9f:25:db:56:71:cf:20:77:09:1f:
b6:1c:a2:19:cb:51:77:ff:e9:aa:f2:dc:42:4a:a2:
92:84:34:ad:c3:71:22:ad:67:68:e8:63:da:fa:c8:
11:85:c3:cd:2d:63:c4:c9:4f:d6:c6:f3:0d:b8:b2:
35:16:50:33:78:83:ba:ba:87:0c:cf:12:72:76:b5:
44:30:8d:c1:e7:c5:48:b1:ed:47:e8:a9:44:21:92:
18:5c:ac:8d:17:ec:ac:4f:8e:23:e5:cb:44:ef:79:
df:80:ba:91:f7:a4:0a:0a:b9:81:7f:df:3a:d3:c6:
ae:99:95:49:c6:cf:cd:ba:9f:48:d6:59:82:f4:27:
5d:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:A9:14:64:1B:C8:22:E3:79:FF:5E:02:9E:63:D9:45:BA:23:F5:10
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/3KkUZBvIIuN5_14CnmPZRboj9RA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.202.213.0/24
37.202.221.0/24
151.240.147.0/24
151.240.154.0/24
151.241.11.0/24
151.241.15.0/24
151.241.21.0/24
151.241.26.0/24
151.241.31.0/24
151.241.74.0/24
151.242.18.0/24
151.242.68.0/24
151.242.70.0/23
151.244.8.0/24
151.244.12.0/24
151.244.24.0/24
151.244.30.0/24
151.244.40.0/24
151.244.65.0/24
151.244.73.0/24
151.244.86.0/24
151.244.93.0/24
151.244.110.0/24
151.244.114.0/24
151.245.0.0/24
151.245.32.0/24
151.245.54.0/24
151.245.68.0/24
151.245.72.0/24
151.245.86.0/24
151.245.92.0/24
Signature Algorithm: sha256WithRSAEncryption
21:e2:5c:f0:20:2a:cb:a6:48:7c:98:80:cc:3c:70:35:bc:10:
f5:07:5c:cb:ce:41:4c:87:c4:0c:7c:2f:ab:c0:2f:d1:51:ff:
59:f2:45:ac:43:bb:42:2a:d9:7e:65:48:88:42:9c:b8:64:6d:
e0:62:88:e0:1e:ec:1e:1a:b4:ae:5e:ea:11:70:c3:25:34:53:
a4:2f:8d:5c:ca:bb:22:99:9f:22:4c:1e:aa:11:c4:84:4b:8f:
0c:f8:f4:56:bc:50:18:4e:9c:f5:16:6b:5d:0d:7f:e6:07:cb:
b9:fc:82:63:6d:15:41:5c:3a:ef:90:45:21:5f:2a:d1:ec:20:
bf:3d:f0:02:86:ef:a2:56:20:2b:b4:64:a6:ae:b4:53:c4:76:
82:86:7d:24:be:40:ec:2b:32:14:bf:50:8c:a4:30:6e:3c:52:
8b:05:03:ad:a4:2a:28:01:3f:70:d2:99:51:23:d8:aa:86:0d:
b8:e4:a8:c2:f0:d3:10:f7:83:4e:34:b7:66:1c:08:80:c9:c9:
6a:90:33:f7:ce:04:20:21:23:6d:b6:5a:49:00:d2:4f:12:e5:
4b:0c:54:1a:3e:f4:bf:7c:46:b3:a1:1c:f8:c8:8b:0a:b6:7d:
33:6f:72:d5:5f:58:99:64:c4:eb:e0:6f:5e:56:b1:c8:93:a9:
8f:12:20:97
-----BEGIN CERTIFICATE-----
MIIFtjCCBJ6gAwIBAgISAZiuLm33armm5qpOz5xJcAjiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwODE1MTQ0MjE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkY2E5MTQ2NDFiYzgyMmUzNzlmZjVlMDI5ZTYzZDk0NWJhMjNmNTEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtdiKHBZ+g+Nq9yscr1IezRX0twn+
/hfheBJRcsfeaAwcpw+w2b2oaCfz22zg/qCC6glUwlbJ+p0jP0nxZVAzbYg23P12
3q0qwZSUiAHm9tvITr9C88fbYYgBl3kHnE3z/B5jt/uPLIr9/OzsV5pCGeiyPxGG
GuvWp1fD9J8l21ZxzyB3CR+2HKIZy1F3/+mq8txCSqKShDStw3EirWdo6GPa+sgR
hcPNLWPEyU/WxvMNuLI1FlAzeIO6uocMzxJydrVEMI3B58VIse1H6KlEIZIYXKyN
F+ysT44j5ctE73nfgLqR96QKCrmBf98608aumZVJxs/Nup9I1lmC9Cdd+QIDAQAB
o4ICwjCCAr4wHQYDVR0OBBYEFNypFGQbyCLjef9eAp5j2UW6I/UQMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvM0trVVpCdklJdU41XzE0Q25tUFpSYm9qOVJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHXBggrBgEFBQcBBwEB/wSBxzCBxDCBwQQCAAEwgboDBAAl
ytUDBAAlyt0DBACX8JMDBACX8JoDBACX8QsDBACX8Q8DBACX8RUDBACX8RoDBACX
8R8DBACX8UoDBACX8hIDBACX8kQDBAGX8kYDBACX9AgDBACX9AwDBACX9BgDBACX
9B4DBACX9CgDBACX9EEDBACX9EkDBACX9FYDBACX9F0DBACX9G4DBACX9HIDBACX
9QADBACX9SADBACX9TYDBACX9UQDBACX9UgDBACX9VYDBACX9VwwDQYJKoZIhvcN
AQELBQADggEBACHiXPAgKsumSHyYgMw8cDW8EPUHXMvOQUyHxAx8L6vAL9FR/1ny
RaxDu0Iq2X5lSIhCnLhkbeBiiOAe7B4atK5e6hFwwyU0U6QvjVzKuyKZnyJMHqoR
xIRLjwz49Fa8UBhOnPUWa10Nf+YHy7n8gmNtFUFcOu+QRSFfKtHsIL898AKG76JW
ICu0ZKautFPEdoKGfSS+QOwrMhS/UIykMG48UosFA62kKigBP3DSmVEj2KqGDbjk
qMLw0xD3g040t2YcCIDJyWqQM/fOBCAhI222WkkA0k8S5UsMVBo+9L98RrOhHPjI
iwq2fTNvctVfWJlkxOvgb15WsciTqY8SIJc=
-----END CERTIFICATE-----
Generated at Sun Aug 24 00:11:22 2025 by rpki-client