Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/3OHTFAef8wDd60nHWRO9SFrVm9g.roa
File: 3OHTFAef8wDd60nHWRO9SFrVm9g.roa (raw, json)
Hash identifier: xz1vsLB3ru/sVoPHQpFoQp79agPORwRJHjCC5hY2Xg4=
Subject key identifier: DC:E1:D3:14:07:9F:F3:00:DD:EB:49:C7:59:13:BD:48:5A:D5:9B:D8
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0198B69EEDABCB6101729AD5062C9B8D6480
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/3OHTFAef8wDd60nHWRO9SFrVm9g.roa
Signing time: Sun 17 Aug 2025 06:02:05 +0000
ROA not before: Sun 17 Aug 2025 06:02:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214654
IP address blocks: 151.241.12.0/24 maxlen: 24
151.242.78.0/24 maxlen: 24
151.242.79.0/24 maxlen: 24
151.242.82.0/24 maxlen: 24
151.245.85.0/24 maxlen: 24
151.247.195.0/24 maxlen: 24
151.247.196.0/24 maxlen: 24
151.247.197.0/24 maxlen: 24
151.247.198.0/24 maxlen: 24
151.247.199.0/24 maxlen: 24
151.247.200.0/24 maxlen: 24
151.247.218.0/24 maxlen: 24
151.247.219.0/24 maxlen: 24
151.247.220.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:b6:9e:ed:ab:cb:61:01:72:9a:d5:06:2c:9b:8d:64:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Aug 17 06:02:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dce1d314079ff300ddeb49c75913bd485ad59bd8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:7c:76:67:6d:5d:e8:68:e0:36:24:e3:76:7e:
88:53:47:6c:e8:a9:e0:fb:83:f9:3a:8e:6c:2d:3b:
21:6e:de:20:ec:0b:d6:85:5e:a5:fa:19:fb:87:f2:
3e:86:98:19:e1:da:63:3d:9f:02:53:21:81:08:41:
1a:b6:2a:ea:e6:dd:7a:1f:3b:f6:b9:54:80:ff:6f:
d7:dc:6a:01:44:eb:74:a6:34:3f:43:35:fa:96:e3:
be:84:27:c4:50:17:3b:12:ea:99:55:36:ab:e3:a8:
8a:9f:4f:c6:b3:b6:51:c3:11:5e:b7:27:3a:27:23:
bd:57:36:14:cf:6a:1f:1f:5f:cb:4f:d1:0f:79:06:
79:e3:c2:5d:eb:59:e0:8f:1f:76:77:da:86:6e:57:
98:96:5f:70:21:eb:23:44:c4:f9:cc:65:11:58:5d:
2a:0e:ae:14:a5:7e:8a:24:d3:7e:9f:98:9a:1c:fc:
94:7e:0b:84:9b:4e:05:d5:ad:12:d7:70:b3:9c:0e:
bf:8b:e3:4e:b3:5a:44:05:93:e4:42:39:03:12:49:
8d:94:b1:3e:c8:96:0f:3c:43:bf:cd:19:7b:4a:88:
a9:64:f4:2a:04:bc:f1:33:66:fb:fa:97:b0:00:e3:
b9:3e:98:df:0b:64:a4:49:e4:95:8c:c6:02:cd:2f:
be:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:E1:D3:14:07:9F:F3:00:DD:EB:49:C7:59:13:BD:48:5A:D5:9B:D8
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/3OHTFAef8wDd60nHWRO9SFrVm9g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.241.12.0/24
151.242.78.0/23
151.242.82.0/24
151.245.85.0/24
151.247.195.0-151.247.200.255
151.247.218.0-151.247.220.255
Signature Algorithm: sha256WithRSAEncryption
2a:4e:34:6b:cd:0f:97:f7:0b:20:86:d8:6a:10:bc:7e:28:23:
5c:6b:e3:84:24:92:4d:4a:0f:86:84:f9:c1:be:d6:19:5a:e0:
25:5e:4a:9f:65:1c:15:2b:9f:97:54:68:4b:41:00:76:05:de:
87:02:4d:3c:98:5b:37:b3:18:32:b0:9b:68:2a:be:9d:86:51:
be:b4:91:0e:3d:6d:1a:1e:97:6e:6b:28:f7:71:a1:58:52:8a:
19:4c:b7:91:d0:f5:b4:b9:e5:bd:63:a7:53:1b:22:8f:86:ab:
35:48:04:ec:65:47:fb:42:4a:49:17:5c:28:31:ce:0b:61:5c:
5c:d6:b6:8b:89:d5:70:26:f4:ed:8f:c1:c8:89:18:2c:36:27:
b7:c5:45:0e:9e:9e:1b:78:9b:fc:7b:a3:45:f4:a9:4a:dd:d0:
db:57:a8:1f:dd:f5:42:0a:72:38:36:3b:1f:83:17:bb:d3:29:
9e:51:b6:7a:aa:90:ca:29:83:7f:32:74:f2:ba:5e:00:82:d9:
13:e4:73:25:55:9f:a2:5a:81:6d:48:a0:22:17:ea:d3:2e:42:
2e:03:5e:41:e8:27:e6:57:5b:bc:d2:56:7e:ab:28:af:b3:c7:
30:21:99:88:3d:ae:e0:25:87:4c:64:3f:73:91:80:5f:a6:d9:
3c:c1:76:fd
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAZi2nu2ry2EBcprVBiybjWSAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwODE3MDYwMjA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkY2UxZDMxNDA3OWZmMzAwZGRlYjQ5Yzc1OTEzYmQ0ODVhZDU5YmQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAonx2Z21d6GjgNiTjdn6IU0ds6Kng
+4P5Oo5sLTshbt4g7AvWhV6l+hn7h/I+hpgZ4dpjPZ8CUyGBCEEatirq5t16Hzv2
uVSA/2/X3GoBROt0pjQ/QzX6luO+hCfEUBc7EuqZVTar46iKn0/Gs7ZRwxFetyc6
JyO9VzYUz2ofH1/LT9EPeQZ548Jd61ngjx92d9qGbleYll9wIesjRMT5zGURWF0q
Dq4UpX6KJNN+n5iaHPyUfguEm04F1a0S13CznA6/i+NOs1pEBZPkQjkDEkmNlLE+
yJYPPEO/zRl7SoipZPQqBLzxM2b7+pewAOO5PpjfC2SkSeSVjMYCzS++twIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFNzh0xQHn/MA3etJx1kTvUha1ZvYMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvM09IVEZBZWY4d0RkNjBuSFdSTzlTRnJWbTlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDA6BAIAATA0AwQAl/EMAwQB
l/JOAwQAl/JSAwQAl/VVMAwDBACX98MDBACX98gwDAMEAZf32gMEAJf33DANBgkq
hkiG9w0BAQsFAAOCAQEAKk40a80Pl/cLIIbYahC8figjXGvjhCSSTUoPhoT5wb7W
GVrgJV5Kn2UcFSufl1RoS0EAdgXehwJNPJhbN7MYMrCbaCq+nYZRvrSRDj1tGh6X
bmso93GhWFKKGUy3kdD1tLnlvWOnUxsij4arNUgE7GVH+0JKSRdcKDHOC2FcXNa2
i4nVcCb07Y/ByIkYLDYnt8VFDp6eG3ib/HujRfSpSt3Q21eoH931QgpyODY7H4MX
u9MpnlG2eqqQyimDfzJ08rpeAILZE+RzJVWfolqBbUigIhfq0y5CLgNeQegn5ldb
vNJWfqsor7PHMCGZiD2u4CWHTGQ/c5GAX6bZPMF2/Q==
-----END CERTIFICATE-----
Generated at Sat Aug 23 14:16:48 2025 by rpki-client