Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/4NHhn7FGWbi0UfnogRsPIsh0JIA.roa
File: 4NHhn7FGWbi0UfnogRsPIsh0JIA.roa (raw, json)
Hash identifier: SebM18dwq/00r/LoIfcHOd3McqLQFtx+WsjPQ0pBsQg=
Subject key identifier: E0:D1:E1:9F:B1:46:59:B8:B4:51:F9:E8:81:1B:0F:22:C8:74:24:80
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 01988A3B31DBF79ACC2D4448B049758A72A9
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/4NHhn7FGWbi0UfnogRsPIsh0JIA.roa
Signing time: Fri 08 Aug 2025 15:09:51 +0000
ROA not before: Fri 08 Aug 2025 15:09:51 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207252
IP address blocks: 151.240.157.0/24 maxlen: 24
151.242.160.0/22 maxlen: 24
151.242.176.0/22 maxlen: 24
151.243.208.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 09:25:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:8a:3b:31:db:f7:9a:cc:2d:44:48:b0:49:75:8a:72:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Aug 8 15:09:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e0d1e19fb14659b8b451f9e8811b0f22c8742480
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:43:06:7a:3a:28:57:c7:60:7c:4c:7b:6a:25:
35:7b:23:0c:58:6a:a7:3f:76:7b:c6:e6:70:99:bb:
de:e1:7e:67:33:aa:38:38:b3:46:68:d6:03:c2:71:
3a:14:e9:21:dd:a5:3a:5c:97:5f:4c:8f:70:06:d7:
91:2c:f9:41:7b:11:c4:54:70:cf:a3:8e:7a:b0:80:
12:1a:50:63:34:2b:4e:b3:91:f6:7e:38:0b:0d:81:
dd:c1:ed:05:80:6f:97:85:5b:5f:09:56:f2:19:5c:
c0:bb:90:16:19:96:b8:2e:fe:10:ae:ba:20:5e:5a:
10:10:09:9d:77:01:36:99:cd:14:a1:cb:0f:61:5e:
bd:d3:0f:b6:ad:df:2e:bd:18:d7:b0:9a:07:8a:3f:
0d:57:77:da:fb:db:e7:b4:48:f5:f3:f4:c9:3c:ea:
d2:6f:9c:ab:d5:20:85:95:23:56:67:ed:09:17:66:
8b:3f:82:fe:9f:38:4b:f6:f2:89:56:0c:f4:76:b1:
9e:64:f6:cc:b2:12:3a:7e:64:8d:e2:96:1e:a4:d0:
85:e2:d3:3d:19:20:66:97:c7:99:12:c0:d6:1c:74:
eb:8b:66:3c:60:bc:ae:68:7b:2a:05:51:24:e6:a6:
09:e6:b1:f5:0a:37:20:ce:cd:6a:9b:a2:ef:3c:a8:
18:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:D1:E1:9F:B1:46:59:B8:B4:51:F9:E8:81:1B:0F:22:C8:74:24:80
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/4NHhn7FGWbi0UfnogRsPIsh0JIA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.240.157.0/24
151.242.160.0/22
151.242.176.0/22
151.243.208.0/22
Signature Algorithm: sha256WithRSAEncryption
b2:81:b7:81:65:32:30:62:e2:29:b5:b8:0d:4e:d6:5b:05:da:
79:3a:7b:f1:2f:cf:3f:33:35:31:89:ce:9c:35:62:64:b4:07:
8f:77:6d:70:6e:b3:8f:1f:f1:5a:be:6a:42:a9:53:a2:19:90:
95:55:af:53:1a:7f:cf:85:50:ca:68:9b:9a:0e:81:ab:e3:be:
ca:10:7d:d7:bf:56:79:65:38:3e:5a:f7:bf:43:12:5e:76:30:
7e:f9:46:6c:6f:80:9d:26:98:d7:25:ee:10:30:ce:57:8f:09:
ed:30:80:4d:16:0c:06:90:3c:41:41:8f:fa:c2:b3:b1:4d:f4:
70:5c:16:64:0e:7d:b5:7f:91:72:a5:be:f9:da:fd:78:a1:e5:
60:b7:b8:1e:9f:3a:c2:eb:b2:03:45:47:96:81:9a:ad:2e:b8:
bb:e9:91:fd:ef:49:4e:7b:1b:bf:4b:27:2d:ea:7c:e2:4d:e0:
83:cc:1b:ec:a1:95:03:ca:6e:40:d1:cd:b7:74:99:6b:68:a7:
4f:5d:e0:94:97:fa:09:bd:48:d9:48:c2:f3:53:26:90:f2:dd:
8b:6f:37:68:a9:b8:97:1f:54:d8:57:6f:de:68:43:51:a3:a4:
41:45:64:20:dc:9e:91:29:6e:20:ee:fc:6b:cc:e9:83:30:98:
00:50:3d:83
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZiKOzHb95rMLURIsEl1inKpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwODA4MTUwOTUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMGQxZTE5ZmIxNDY1OWI4YjQ1MWY5ZTg4MTFiMGYyMmM4NzQyNDgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmkMGejooV8dgfEx7aiU1eyMMWGqn
P3Z7xuZwmbve4X5nM6o4OLNGaNYDwnE6FOkh3aU6XJdfTI9wBteRLPlBexHEVHDP
o456sIASGlBjNCtOs5H2fjgLDYHdwe0FgG+XhVtfCVbyGVzAu5AWGZa4Lv4Qrrog
XloQEAmddwE2mc0UocsPYV690w+2rd8uvRjXsJoHij8NV3fa+9vntEj18/TJPOrS
b5yr1SCFlSNWZ+0JF2aLP4L+nzhL9vKJVgz0drGeZPbMshI6fmSN4pYepNCF4tM9
GSBml8eZEsDWHHTri2Y8YLyuaHsqBVEk5qYJ5rH1Cjcgzs1qm6LvPKgYWwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFODR4Z+xRlm4tFH56IEbDyLIdCSAMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvNE5IaG43RkdXYmkwVWZub2dSc1BJc2gwSklBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAl/CdAwQC
l/KgAwQCl/KwAwQCl/PQMA0GCSqGSIb3DQEBCwUAA4IBAQCygbeBZTIwYuIptbgN
TtZbBdp5OnvxL88/MzUxic6cNWJktAePd21wbrOPH/FavmpCqVOiGZCVVa9TGn/P
hVDKaJuaDoGr477KEH3Xv1Z5ZTg+Wve/QxJedjB++UZsb4CdJpjXJe4QMM5Xjwnt
MIBNFgwGkDxBQY/6wrOxTfRwXBZkDn21f5Fypb752v14oeVgt7genzrC67IDRUeW
gZqtLri76ZH970lOexu/Syct6nziTeCDzBvsoZUDym5A0c23dJlraKdPXeCUl/oJ
vUjZSMLzUyaQ8t2LbzdoqbiXH1TYV2/eaENRo6RBRWQg3J6RKW4g7vxrzOmDMJgA
UD2D
-----END CERTIFICATE-----
Generated at Sat Aug 23 19:37:32 2025 by rpki-client