Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/5funbvbxY0oP3Kr89ietV3AwkEs.roa
File: 5funbvbxY0oP3Kr89ietV3AwkEs.roa (raw, json)
Hash identifier: 64NrMh5rXi2khjzlazglxWv5iH4Lz7mt/NCm8Zddrxo=
Subject key identifier: E5:FB:A7:6E:F6:F1:63:4A:0F:DC:AA:FC:F6:27:AD:57:70:30:90:4B
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0198D57B030D806691B363607B4C2967306E
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/5funbvbxY0oP3Kr89ietV3AwkEs.roa
Signing time: Sat 23 Aug 2025 05:51:05 +0000
ROA not before: Sat 23 Aug 2025 05:51:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57043
IP address blocks: 151.240.2.0/24 maxlen: 24
151.241.68.0/24 maxlen: 24
151.242.147.0/24 maxlen: 24
151.242.252.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 23:01:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d5:7b:03:0d:80:66:91:b3:63:60:7b:4c:29:67:30:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Aug 23 05:51:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e5fba76ef6f1634a0fdcaafcf627ad577030904b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:aa:f0:b8:c9:19:c5:e2:7c:9c:6d:e5:00:60:
4e:fd:f7:2c:ce:74:e7:87:e6:a0:0c:58:21:aa:26:
a7:a9:25:b7:42:40:2e:0c:68:5a:0a:44:58:f4:ec:
d3:47:be:fb:b0:df:a8:f1:9c:9c:ee:b9:b8:22:1c:
81:12:05:3d:5e:5b:db:ba:7f:50:09:47:21:dc:b6:
19:6f:aa:9f:88:fc:a4:75:55:af:7e:87:ed:0d:9d:
4e:ca:94:d0:cf:c4:fc:70:be:6b:32:29:96:38:a0:
48:e9:c5:0a:fa:fd:f1:f6:bc:74:31:c8:26:ab:22:
39:29:37:cd:30:bb:66:42:b5:d6:68:d3:d7:5c:f6:
07:e3:ad:f1:b9:ea:ed:64:b2:aa:5a:3f:70:f4:a3:
95:74:f1:0a:e9:e4:1d:55:c9:54:30:70:6c:77:5c:
1a:37:58:41:e8:c6:1e:a9:f2:1d:28:27:e5:7e:cc:
f8:31:fa:fe:42:0f:bd:d9:5b:b9:92:e7:46:38:31:
d5:a5:6e:2d:78:9b:ae:a0:45:fa:b3:e6:fa:91:c9:
1c:cc:b0:e2:75:f8:3e:58:e0:46:e1:3a:0f:55:98:
6f:35:c7:c6:08:51:87:be:41:2f:50:8a:20:19:56:
54:2c:eb:bb:ca:88:5f:7b:c1:33:3f:d4:39:27:06:
04:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:FB:A7:6E:F6:F1:63:4A:0F:DC:AA:FC:F6:27:AD:57:70:30:90:4B
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/5funbvbxY0oP3Kr89ietV3AwkEs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.240.2.0/24
151.241.68.0/24
151.242.147.0/24
151.242.252.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:92:38:70:c8:0d:54:0f:89:b6:08:5c:13:73:59:6a:06:b5:
48:20:d8:70:a7:a5:dc:27:3c:f4:20:1f:f2:4e:ee:97:50:88:
96:77:da:15:cd:03:6f:77:53:f4:52:6f:20:73:b9:fc:f7:7c:
b6:25:33:32:27:a8:87:ff:1c:8b:4e:dd:9f:2c:9f:10:65:ee:
7b:b4:73:d0:47:1d:5e:f1:91:a8:b5:21:92:46:af:59:bb:f7:
58:ac:12:2f:e7:5f:b9:11:35:dd:ba:e2:94:02:cd:55:9c:c4:
29:10:23:46:e0:ca:9c:09:29:29:07:6f:6c:83:50:b9:48:10:
af:f4:d1:49:03:4e:7c:51:d5:83:3f:3f:ea:b5:55:7c:fb:55:
43:cc:14:b3:3f:3c:44:f4:ee:8f:69:99:1b:dc:6a:55:6e:c0:
87:c2:57:d1:01:5f:f8:ee:eb:a8:d8:7f:db:08:81:60:db:8c:
88:d5:3e:68:d0:e1:f7:67:06:a9:e6:70:35:0e:26:4e:82:fb:
9c:bb:ea:8e:4c:2b:da:fa:a8:2f:35:db:d1:27:69:aa:a3:6c:
c2:38:04:11:24:f2:04:26:76:75:5a:1b:3c:9f:51:e4:5d:29:
e6:7b:b9:8b:b1:bb:64:61:6c:3b:fa:25:05:ed:a0:91:41:ce:
8f:ba:7e:8b
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZjVewMNgGaRs2Nge0wpZzBuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwODIzMDU1MTA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNWZiYTc2ZWY2ZjE2MzRhMGZkY2FhZmNmNjI3YWQ1NzcwMzA5MDRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvqrwuMkZxeJ8nG3lAGBO/fcsznTn
h+agDFghqianqSW3QkAuDGhaCkRY9OzTR777sN+o8Zyc7rm4IhyBEgU9Xlvbun9Q
CUch3LYZb6qfiPykdVWvfoftDZ1OypTQz8T8cL5rMimWOKBI6cUK+v3x9rx0Mcgm
qyI5KTfNMLtmQrXWaNPXXPYH463xuertZLKqWj9w9KOVdPEK6eQdVclUMHBsd1wa
N1hB6MYeqfIdKCflfsz4Mfr+Qg+92Vu5kudGODHVpW4teJuuoEX6s+b6kckczLDi
dfg+WOBG4ToPVZhvNcfGCFGHvkEvUIogGVZULOu7yohfe8EzP9Q5JwYEMQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFOX7p2728WNKD9yq/PYnrVdwMJBLMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvNWZ1bmJ2YnhZMG9QM0tyODlpZXRWM0F3a0VzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAl/ACAwQA
l/FEAwQAl/KTAwQAl/L8MA0GCSqGSIb3DQEBCwUAA4IBAQBekjhwyA1UD4m2CFwT
c1lqBrVIINhwp6XcJzz0IB/yTu6XUIiWd9oVzQNvd1P0Um8gc7n893y2JTMyJ6iH
/xyLTt2fLJ8QZe57tHPQRx1e8ZGotSGSRq9Zu/dYrBIv51+5ETXduuKUAs1VnMQp
ECNG4MqcCSkpB29sg1C5SBCv9NFJA058UdWDPz/qtVV8+1VDzBSzPzxE9O6PaZkb
3GpVbsCHwlfRAV/47uuo2H/bCIFg24yI1T5o0OH3Zwap5nA1DiZOgvucu+qOTCva
+qgvNdvRJ2mqo2zCOAQRJPIEJnZ1Whs8n1HkXSnme7mLsbtkYWw7+iUF7aCRQc6P
un6L
-----END CERTIFICATE-----
Generated at Sun Aug 24 05:15:54 2025 by rpki-client