Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/7CJTy7WKiEcGfiTohypSRsYJjAM.roa
File: 7CJTy7WKiEcGfiTohypSRsYJjAM.roa (raw, json)
Hash identifier: 1jK+bzNEYaHVYpPefVbc4cyPDpqYZ1VfnpuGgFqUJKQ=
Subject key identifier: EC:22:53:CB:B5:8A:88:47:06:7E:24:E8:87:2A:52:46:C6:09:8C:03
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0197CB25AC8AF49A7F38F0CFFB1DCB643F84
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/7CJTy7WKiEcGfiTohypSRsYJjAM.roa
Signing time: Wed 02 Jul 2025 12:38:53 +0000
ROA not before: Wed 02 Jul 2025 12:38:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 64267
IP address blocks: 151.240.24.0/24 maxlen: 24
151.240.26.0/24 maxlen: 24
151.240.27.0/24 maxlen: 24
151.240.179.0/24 maxlen: 24
151.241.35.0/24 maxlen: 24
151.241.36.0/24 maxlen: 24
151.241.37.0/24 maxlen: 24
151.241.40.0/24 maxlen: 24
151.241.47.0/24 maxlen: 24
151.241.171.0/24 maxlen: 24
151.241.179.0/24 maxlen: 24
151.244.69.0/24 maxlen: 24
151.244.76.0/24 maxlen: 24
151.244.90.0/24 maxlen: 24
151.244.199.0/24 maxlen: 24
151.245.69.0/24 maxlen: 24
151.245.199.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 04 Jul 2025 04:00:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:cb:25:ac:8a:f4:9a:7f:38:f0:cf:fb:1d:cb:64:3f:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Jul 2 12:38:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ec2253cbb58a8847067e24e8872a5246c6098c03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:4f:5b:56:a2:4c:56:8e:94:88:d2:e1:ea:bc:
67:e0:44:4f:39:0a:12:1a:12:df:39:70:ae:e1:a3:
3c:b5:b9:e3:3b:82:e5:a7:7d:38:34:1a:49:86:e7:
bd:d0:5b:3a:d3:ae:2e:62:c3:da:bc:17:06:c5:98:
50:91:a5:21:63:19:7a:3d:e6:c4:3a:d8:ad:62:47:
e9:80:75:cb:72:da:30:1b:08:4f:f5:7f:81:55:76:
ce:6e:a1:ee:8c:f9:97:08:da:13:fe:8a:ec:43:99:
e5:25:94:af:20:11:47:39:bc:57:6b:f3:35:fd:e7:
3b:4d:25:53:bf:e8:be:fd:2d:a4:dc:01:53:c8:8a:
48:0a:45:23:b2:90:d9:5d:6b:b4:66:81:55:06:cb:
95:0a:57:57:0b:2b:78:d0:c6:db:ce:a8:f7:10:2b:
23:c9:2f:41:b6:ca:83:64:6f:f8:35:91:2b:af:91:
c9:c3:40:ed:92:e0:36:bc:a2:e5:14:16:9f:45:f8:
2e:6a:a6:6a:7c:ff:52:d9:17:6d:ef:65:4e:29:73:
da:2a:df:8f:86:93:a4:eb:45:aa:25:cd:44:97:e0:
25:30:77:f5:10:9b:a9:97:4c:23:9e:29:bf:b5:a8:
6f:5d:f7:91:6a:1d:7c:61:b2:e9:c1:51:ef:b9:1b:
9b:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:22:53:CB:B5:8A:88:47:06:7E:24:E8:87:2A:52:46:C6:09:8C:03
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/7CJTy7WKiEcGfiTohypSRsYJjAM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.240.24.0/24
151.240.26.0/23
151.240.179.0/24
151.241.35.0-151.241.37.255
151.241.40.0/24
151.241.47.0/24
151.241.171.0/24
151.241.179.0/24
151.244.69.0/24
151.244.76.0/24
151.244.90.0/24
151.244.199.0/24
151.245.69.0/24
151.245.199.0/24
Signature Algorithm: sha256WithRSAEncryption
ad:b3:02:2b:36:ba:ef:fe:5b:b3:a7:72:55:71:fc:bc:1a:e8:
b1:6e:38:7c:70:dc:ed:db:22:4c:c6:9a:2a:93:d2:f7:96:c6:
2e:af:c2:89:70:2d:f0:e0:62:cd:e0:a1:53:f5:08:b1:40:a9:
80:30:4f:37:d0:ca:eb:ab:46:f0:d1:b4:9c:83:f2:fb:50:6f:
fc:c2:93:bd:08:c6:9c:11:b1:2c:2f:94:30:c5:90:a3:08:87:
09:37:6d:6d:93:a2:b4:4c:99:fa:a9:35:3c:87:07:51:6e:6c:
c7:fa:87:ce:84:8f:3c:07:4e:43:20:5b:04:e6:39:fe:de:ad:
ad:5e:67:b4:fa:01:8a:b5:36:14:15:27:49:94:ec:0f:45:11:
ed:07:6f:42:54:e2:25:48:35:dc:4e:56:ac:eb:40:79:f3:9e:
8e:32:f2:5d:b1:3a:35:46:2a:df:81:46:fa:a8:50:ce:eb:e9:
f9:11:82:ac:d3:07:9a:b7:c7:7e:40:4d:6a:67:d6:d8:b3:0f:
7f:08:e5:b7:97:a7:8b:69:1e:2e:37:e7:28:47:de:74:62:a1:
b8:99:44:eb:fa:00:6e:e6:f8:91:5a:76:65:3d:b8:64:84:e3:
67:bf:b4:54:a1:cc:d3:de:f9:97:b7:0c:df:4c:ce:95:e7:bf:
8e:dc:19:2c
-----BEGIN CERTIFICATE-----
MIIFUzCCBDugAwIBAgISAZfLJayK9Jp/OPDP+x3LZD+EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNzAyMTIzODUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYzIyNTNjYmI1OGE4ODQ3MDY3ZTI0ZTg4NzJhNTI0NmM2MDk4YzAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtU9bVqJMVo6UiNLh6rxn4ERPOQoS
GhLfOXCu4aM8tbnjO4Llp304NBpJhue90Fs6064uYsPavBcGxZhQkaUhYxl6PebE
OtitYkfpgHXLctowGwhP9X+BVXbObqHujPmXCNoT/orsQ5nlJZSvIBFHObxXa/M1
/ec7TSVTv+i+/S2k3AFTyIpICkUjspDZXWu0ZoFVBsuVCldXCyt40Mbbzqj3ECsj
yS9BtsqDZG/4NZErr5HJw0DtkuA2vKLlFBafRfguaqZqfP9S2Rdt72VOKXPaKt+P
hpOk60WqJc1El+AlMHf1EJupl0wjnim/tahvXfeRah18YbLpwVHvuRublQIDAQAB
o4ICXzCCAlswHQYDVR0OBBYEFOwiU8u1iohHBn4k6IcqUkbGCYwDMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvN0NKVHk3V0tpRWNHZmlUb2h5cFNSc1lKakFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHUGCCsGAQUFBwEHAQH/BGYwZDBiBAIAATBcAwQAl/AYAwQB
l/AaAwQAl/CzMAwDBACX8SMDBAGX8SQDBACX8SgDBACX8S8DBACX8asDBACX8bMD
BACX9EUDBACX9EwDBACX9FoDBACX9McDBACX9UUDBACX9ccwDQYJKoZIhvcNAQEL
BQADggEBAK2zAis2uu/+W7OnclVx/Lwa6LFuOHxw3O3bIkzGmiqT0veWxi6vwolw
LfDgYs3goVP1CLFAqYAwTzfQyuurRvDRtJyD8vtQb/zCk70IxpwRsSwvlDDFkKMI
hwk3bW2TorRMmfqpNTyHB1FubMf6h86EjzwHTkMgWwTmOf7era1eZ7T6AYq1NhQV
J0mU7A9FEe0Hb0JU4iVINdxOVqzrQHnzno4y8l2xOjVGKt+BRvqoUM7r6fkRgqzT
B5q3x35ATWpn1tizD38I5beXp4tpHi435yhH3nRiobiZROv6AG7m+JFadmU9uGSE
42e/tFShzNPe+Ze3DN9MzpXnv47cGSw=
-----END CERTIFICATE-----
Generated at Thu Jul 3 06:54:08 2025 by rpki-client