Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/5nOt9Vi-ln56gSNKWYWAj5V2Wbc.roa
File: 5nOt9Vi-ln56gSNKWYWAj5V2Wbc.roa (raw, json)
Hash identifier: EZgKCsWUD9h2RVaVHap7H+kBE9fLcjWyc++v2wuHryE=
Subject key identifier: E6:73:AD:F5:58:BE:96:7E:7A:81:23:4A:59:85:80:8F:95:76:59:B7
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0197CC8B7EB410325C53E55B17E0BA1268D2
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/5nOt9Vi-ln56gSNKWYWAj5V2Wbc.roa
Signing time: Wed 02 Jul 2025 19:09:43 +0000
ROA not before: Wed 02 Jul 2025 19:09:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215304
IP address blocks: 151.241.128.0/22 maxlen: 24
151.242.4.0/24 maxlen: 24
151.242.14.0/24 maxlen: 24
151.242.17.0/24 maxlen: 24
151.242.32.0/24 maxlen: 24
151.242.40.0/24 maxlen: 24
151.242.64.0/24 maxlen: 24
151.242.78.0/24 maxlen: 24
151.242.79.0/24 maxlen: 24
151.242.82.0/24 maxlen: 24
151.242.139.0/24 maxlen: 24
151.242.242.0/24 maxlen: 24
151.243.44.0/24 maxlen: 24
151.243.115.0/24 maxlen: 24
151.243.120.0/24 maxlen: 24
151.243.214.0/24 maxlen: 24
151.244.4.0/24 maxlen: 24
151.244.5.0/24 maxlen: 24
151.244.6.0/24 maxlen: 24
151.244.56.0/24 maxlen: 24
151.244.58.0/24 maxlen: 24
151.244.128.0/24 maxlen: 24
151.244.129.0/24 maxlen: 24
151.244.130.0/24 maxlen: 24
151.245.120.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 04 Jul 2025 05:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:cc:8b:7e:b4:10:32:5c:53:e5:5b:17:e0:ba:12:68:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Jul 2 19:09:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e673adf558be967e7a81234a5985808f957659b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:8f:69:bd:df:f9:66:fa:be:31:72:b6:c4:2e:
53:23:2c:4b:81:db:df:bc:52:88:45:2d:e8:f6:14:
20:90:40:4e:d3:6f:8b:2d:cd:9d:36:1c:4d:87:1a:
48:8d:86:db:52:7b:a6:16:3b:18:ce:c2:7c:d2:6b:
14:a3:e0:b8:38:14:a3:e7:95:f4:b7:c8:65:43:5d:
bd:90:2d:b3:75:76:3b:e7:3e:3e:8c:b7:83:43:ef:
b7:42:62:09:76:2e:c7:1a:0c:87:d4:70:9e:9d:77:
e8:5f:88:46:f3:7e:36:29:54:1c:1a:99:2f:72:5e:
34:72:85:5b:74:a8:6f:c6:07:7c:7b:a2:fd:e1:a3:
c6:a5:0c:45:fb:87:3c:3d:a7:8e:47:34:dd:43:df:
cc:16:4b:ca:71:70:03:61:2f:1f:5e:6b:78:e6:52:
90:21:89:fb:41:f9:dc:27:b1:db:74:ef:d6:8a:04:
b0:97:ec:0c:a3:55:69:78:ed:7c:5d:6f:48:e6:d2:
04:92:a8:53:11:49:ee:39:3f:10:38:37:5a:fe:33:
1b:3c:d4:e6:d1:c1:0b:67:11:cd:28:9f:7d:3a:bd:
9c:ab:9b:54:42:ba:e4:da:85:4b:8d:62:19:7b:eb:
d4:1f:23:2e:3f:70:ee:e4:c9:4d:53:4c:31:b6:58:
a6:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:73:AD:F5:58:BE:96:7E:7A:81:23:4A:59:85:80:8F:95:76:59:B7
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/5nOt9Vi-ln56gSNKWYWAj5V2Wbc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.241.128.0/22
151.242.4.0/24
151.242.14.0/24
151.242.17.0/24
151.242.32.0/24
151.242.40.0/24
151.242.64.0/24
151.242.78.0/23
151.242.82.0/24
151.242.139.0/24
151.242.242.0/24
151.243.44.0/24
151.243.115.0/24
151.243.120.0/24
151.243.214.0/24
151.244.4.0-151.244.6.255
151.244.56.0/24
151.244.58.0/24
151.244.128.0-151.244.130.255
151.245.120.0/21
Signature Algorithm: sha256WithRSAEncryption
73:0b:7f:4a:e5:af:b0:dd:ea:0a:b7:b1:5c:82:49:dc:87:5b:
5e:03:2f:e5:81:63:13:d4:5d:5b:92:ea:ca:fe:0b:ba:e1:34:
9f:7e:2d:dd:d0:f0:14:30:be:04:28:92:68:8f:ea:70:fc:d8:
2f:a5:02:bf:9d:3a:a3:8e:3e:9b:7f:32:29:06:7e:a4:c1:2b:
d4:cf:b4:26:d6:42:39:40:87:88:05:f6:c8:29:1d:75:0b:f3:
ee:15:db:c2:8e:ce:cd:f8:19:bd:2e:c3:6e:4c:90:e1:37:da:
14:4a:70:8f:1f:08:ef:1a:4a:fc:60:24:42:88:59:96:91:e1:
54:36:3c:32:4a:4b:ee:cb:13:58:f8:df:ec:79:a3:39:4e:6c:
45:fb:95:5b:1a:bd:0d:9d:a8:62:fe:72:36:70:cf:20:cd:1a:
7d:50:21:ba:b5:de:4e:29:37:9d:d6:85:71:9c:46:6a:b5:20:
17:3b:63:c5:53:ad:94:a5:54:1a:ae:11:dc:b0:5b:ee:d8:0d:
8b:7e:f1:2b:73:85:ba:63:37:02:00:f1:c4:46:c4:b9:07:04:
79:a8:b1:34:68:7f:6f:b0:22:b5:7a:ef:69:f3:ba:22:e1:39:
44:62:0f:27:1f:2c:72:c1:ed:df:ab:09:5a:3e:25:41:c9:ca:
85:9b:05:a8
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgISAZfMi360EDJcU+VbF+C6EmjSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNzAyMTkwOTQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjczYWRmNTU4YmU5NjdlN2E4MTIzNGE1OTg1ODA4Zjk1NzY1OWI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqI9pvd/5Zvq+MXK2xC5TIyxLgdvf
vFKIRS3o9hQgkEBO02+LLc2dNhxNhxpIjYbbUnumFjsYzsJ80msUo+C4OBSj55X0
t8hlQ129kC2zdXY75z4+jLeDQ++3QmIJdi7HGgyH1HCenXfoX4hG8342KVQcGpkv
cl40coVbdKhvxgd8e6L94aPGpQxF+4c8PaeORzTdQ9/MFkvKcXADYS8fXmt45lKQ
IYn7QfncJ7HbdO/WigSwl+wMo1VpeO18XW9I5tIEkqhTEUnuOT8QODda/jMbPNTm
0cELZxHNKJ99Or2cq5tUQrrk2oVLjWIZe+vUHyMuP3Du5MlNU0wxtlimUQIDAQAB
o4ICkDCCAowwHQYDVR0OBBYEFOZzrfVYvpZ+eoEjSlmFgI+Vdlm3MB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvNW5PdDlWaS1sbjU2Z1NOS1dZV0FqNVYyV2JjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGlBggrBgEFBQcBBwEB/wSBlTCBkjCBjwQCAAEwgYgDBAKX
8YADBACX8gQDBACX8g4DBACX8hEDBACX8iADBACX8igDBACX8kADBAGX8k4DBACX
8lIDBACX8osDBACX8vIDBACX8ywDBACX83MDBACX83gDBACX89YwDAMEApf0BAME
AJf0BgMEAJf0OAMEAJf0OjAMAwQHl/SAAwQAl/SCAwQDl/V4MA0GCSqGSIb3DQEB
CwUAA4IBAQBzC39K5a+w3eoKt7Fcgknch1teAy/lgWMT1F1bkurK/gu64TSffi3d
0PAUML4EKJJoj+pw/NgvpQK/nTqjjj6bfzIpBn6kwSvUz7Qm1kI5QIeIBfbIKR11
C/PuFdvCjs7N+Bm9LsNuTJDhN9oUSnCPHwjvGkr8YCRCiFmWkeFUNjwySkvuyxNY
+N/seaM5TmxF+5VbGr0Nnahi/nI2cM8gzRp9UCG6td5OKTed1oVxnEZqtSAXO2PF
U62UpVQarhHcsFvu2A2LfvErc4W6YzcCAPHERsS5BwR5qLE0aH9vsCK1eu9p87oi
4TlEYg8nHyxywe3fqwlaPiVBycqFmwWo
-----END CERTIFICATE-----
Generated at Thu Jul 3 10:22:15 2025 by rpki-client