Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/6THa-s7Jxcl6eYhJrprpvp6qNBs.roa
File: 6THa-s7Jxcl6eYhJrprpvp6qNBs.roa (raw, json)
Hash identifier: InnJbuULt/BaA8FQw82lJjEqKqOE5VMsv46sk1A0twM=
Subject key identifier: E9:31:DA:FA:CE:C9:C5:C9:7A:79:88:49:AE:9A:E9:BE:9E:AA:34:1B
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0197B1C05E8245F75C423AD0E53A362CFD03
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/6THa-s7Jxcl6eYhJrprpvp6qNBs.roa
Signing time: Fri 27 Jun 2025 14:17:43 +0000
ROA not before: Fri 27 Jun 2025 14:17:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 135402
IP address blocks: 151.242.86.0/24 maxlen: 24
151.243.4.0/24 maxlen: 24
151.243.221.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 03 Jul 2025 19:11:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b1:c0:5e:82:45:f7:5c:42:3a:d0:e5:3a:36:2c:fd:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Jun 27 14:17:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e931dafacec9c5c97a798849ae9ae9be9eaa341b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:ab:74:c7:ff:76:9e:51:9c:d4:4e:d7:05:49:
8c:e3:ef:37:2f:3e:8e:d0:b6:f4:25:5a:08:2e:00:
a6:07:e1:91:6a:2f:86:be:16:97:78:eb:ca:4a:72:
09:b2:0d:97:b6:69:64:9c:58:c0:59:9b:fe:d7:f1:
fb:95:aa:ee:6a:2c:0a:50:72:f9:31:c3:d3:ef:58:
4c:76:38:17:e6:d0:9a:42:28:0d:90:f5:ca:a3:f7:
e9:d8:cd:dc:e9:fa:3a:b3:73:60:f7:08:df:2b:79:
f5:25:85:4c:d8:27:69:83:8f:2c:34:65:ce:58:fa:
df:0d:4d:b3:f5:9f:48:f2:2b:7b:81:59:15:13:7b:
e9:34:7b:ef:cb:63:29:a2:ab:e4:96:75:01:84:b7:
bc:65:9d:39:a5:7a:66:f7:cb:bc:b0:ea:78:82:d9:
87:d8:b7:fe:34:4d:6d:86:b5:03:14:ec:89:26:3d:
f2:1c:0d:10:8b:a9:5e:4d:49:1d:cf:68:f8:0c:f0:
77:85:a1:1c:d7:59:c1:3b:e4:e0:cc:60:92:b3:4c:
1e:13:8d:4e:e8:0d:b9:fe:05:71:cf:35:ab:8a:bb:
af:ee:6e:4a:91:1a:a3:e6:cf:35:fb:92:34:14:5d:
f6:22:81:4e:8b:97:ed:6c:74:74:9b:3e:81:d0:1e:
9c:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:31:DA:FA:CE:C9:C5:C9:7A:79:88:49:AE:9A:E9:BE:9E:AA:34:1B
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/6THa-s7Jxcl6eYhJrprpvp6qNBs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.242.86.0/24
151.243.4.0/24
151.243.221.0/24
Signature Algorithm: sha256WithRSAEncryption
08:1f:ff:eb:c5:43:16:c8:8d:7f:27:48:8f:4c:7e:f3:5e:ac:
cc:1c:d1:28:b0:51:6f:ea:f8:ba:9b:b4:5e:b6:97:b3:c1:3f:
50:47:cf:3c:8c:e7:c2:4a:01:a0:95:ef:4e:5b:af:57:91:bd:
f7:5b:8d:75:e7:d5:9e:5f:40:39:43:1b:bb:87:57:ee:08:44:
cd:e0:b1:d2:b6:9b:a7:6a:c5:e4:eb:e4:60:2e:35:24:07:6e:
71:64:93:0a:30:b9:ad:1d:15:34:a4:70:4f:b3:03:2a:b6:b4:
9e:20:11:e8:a0:b6:91:77:25:bb:25:1f:64:ba:9c:bc:10:93:
96:f9:17:49:04:34:c3:93:3b:79:2b:e1:05:d4:fd:d0:2d:3a:
18:d7:b8:e5:ff:aa:fe:04:70:6a:ff:c2:1b:6b:a9:c1:1c:0d:
26:73:2a:91:27:95:3c:28:90:e3:54:51:7c:a5:19:f8:23:47:
13:40:7e:10:be:ca:86:1d:36:4a:c8:c6:fb:1b:7e:fe:5b:d8:
5e:95:06:58:33:76:51:a0:28:a1:a0:dd:9a:3c:56:59:b6:8d:
29:eb:7e:68:ed:78:44:84:0e:84:8c:31:df:73:90:e3:ed:d8:
86:d2:66:34:ec:b9:0a:8d:be:17:cf:39:37:86:e4:f9:f6:41:
8c:8f:4f:f2
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZexwF6CRfdcQjrQ5To2LP0DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNjI3MTQxNzQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOTMxZGFmYWNlYzljNWM5N2E3OTg4NDlhZTlhZTliZTllYWEzNDFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmqt0x/92nlGc1E7XBUmM4+83Lz6O
0Lb0JVoILgCmB+GRai+GvhaXeOvKSnIJsg2XtmlknFjAWZv+1/H7laruaiwKUHL5
McPT71hMdjgX5tCaQigNkPXKo/fp2M3c6fo6s3Ng9wjfK3n1JYVM2Cdpg48sNGXO
WPrfDU2z9Z9I8it7gVkVE3vpNHvvy2MpoqvklnUBhLe8ZZ05pXpm98u8sOp4gtmH
2Lf+NE1thrUDFOyJJj3yHA0Qi6leTUkdz2j4DPB3haEc11nBO+TgzGCSs0weE41O
6A25/gVxzzWriruv7m5KkRqj5s81+5I0FF32IoFOi5ftbHR0mz6B0B6cEwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFOkx2vrOycXJenmISa6a6b6eqjQbMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvNlRIYS1zN0p4Y2w2ZVloSnJwcnB2cDZxTkJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAl/JWAwQA
l/MEAwQAl/PdMA0GCSqGSIb3DQEBCwUAA4IBAQAIH//rxUMWyI1/J0iPTH7zXqzM
HNEosFFv6vi6m7RetpezwT9QR888jOfCSgGgle9OW69Xkb33W41159WeX0A5Qxu7
h1fuCETN4LHStpunasXk6+RgLjUkB25xZJMKMLmtHRU0pHBPswMqtrSeIBHooLaR
dyW7JR9kupy8EJOW+RdJBDTDkzt5K+EF1P3QLToY17jl/6r+BHBq/8Iba6nBHA0m
cyqRJ5U8KJDjVFF8pRn4I0cTQH4QvsqGHTZKyMb7G37+W9helQZYM3ZRoCihoN2a
PFZZto0p635o7XhEhA6EjDHfc5Dj7diG0mY07LkKjb4Xzzk3huT59kGMj0/y
-----END CERTIFICATE-----
Generated at Wed Jul 2 23:26:19 2025 by rpki-client