Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/8UBE7IZM9bUILcQVhy9naB_rtAU.roa
File: 8UBE7IZM9bUILcQVhy9naB_rtAU.roa (raw, json)
Hash identifier: VtCHlBtA2/RrufryhAAk7dj+Og+VAjgw2BtCZL7f1H8=
Subject key identifier: F1:40:44:EC:86:4C:F5:B5:08:2D:C4:15:87:2F:67:68:1F:EB:B4:05
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0197CC8B7E221B7948281B650CAF4D9F646C
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/8UBE7IZM9bUILcQVhy9naB_rtAU.roa
Signing time: Wed 02 Jul 2025 19:09:43 +0000
ROA not before: Wed 02 Jul 2025 19:09:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214024
IP address blocks: 151.241.128.0/22 maxlen: 24
151.242.4.0/24 maxlen: 24
151.242.14.0/24 maxlen: 24
151.242.17.0/24 maxlen: 24
151.242.32.0/24 maxlen: 24
151.242.78.0/24 maxlen: 24
151.242.79.0/24 maxlen: 24
151.242.82.0/24 maxlen: 24
151.242.139.0/24 maxlen: 24
151.243.44.0/24 maxlen: 24
151.244.128.0/24 maxlen: 24
151.244.129.0/24 maxlen: 24
151.244.130.0/24 maxlen: 24
151.245.120.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 04 Jul 2025 04:00:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:cc:8b:7e:22:1b:79:48:28:1b:65:0c:af:4d:9f:64:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Jul 2 19:09:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f14044ec864cf5b5082dc415872f67681febb405
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:f8:7e:3c:85:2d:dd:c4:fc:47:f8:92:99:cc:
f2:1d:7f:a9:1f:5c:44:42:9c:11:af:ee:78:ae:18:
e4:45:80:68:f0:32:10:dd:42:0f:97:c2:a3:d9:f2:
1f:ab:da:26:54:c8:58:31:5e:03:0b:76:80:1b:61:
ad:06:4f:d1:5b:2c:e4:33:35:b1:fc:44:e0:3e:95:
aa:6b:13:2a:fe:ff:90:a8:f7:59:05:5c:b2:3a:88:
e6:6e:7e:45:e2:dc:b5:91:f5:be:ed:80:2a:42:a1:
aa:ce:26:78:9c:70:7b:bd:8a:c6:a7:90:25:dc:2c:
8c:56:14:57:d8:99:f8:66:09:23:c0:d1:2b:b6:a4:
d5:60:2a:f2:0d:18:f0:66:b9:a9:d9:f7:6b:18:70:
57:6b:f6:b6:1c:22:7e:2a:70:e7:16:2e:c0:e9:b3:
09:50:60:fc:5e:99:88:32:c6:d5:54:bc:9e:8a:ad:
01:ff:0a:38:a2:ca:c6:db:69:8d:56:d0:f9:bf:bd:
e7:8e:92:b6:bf:0e:e0:8d:8f:12:75:20:68:97:1f:
b0:24:93:05:e3:8d:cf:d0:dd:67:d3:d7:87:27:ea:
72:eb:09:56:db:03:96:3e:e9:c5:1c:7c:61:fe:84:
20:87:d0:f8:41:59:86:81:c6:c6:90:79:dc:d8:e3:
35:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:40:44:EC:86:4C:F5:B5:08:2D:C4:15:87:2F:67:68:1F:EB:B4:05
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/8UBE7IZM9bUILcQVhy9naB_rtAU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.241.128.0/22
151.242.4.0/24
151.242.14.0/24
151.242.17.0/24
151.242.32.0/24
151.242.78.0/23
151.242.82.0/24
151.242.139.0/24
151.243.44.0/24
151.244.128.0-151.244.130.255
151.245.120.0/21
Signature Algorithm: sha256WithRSAEncryption
29:28:6f:91:1a:f6:26:1c:01:df:b4:3a:34:12:a0:e6:4b:bf:
e2:e2:a5:b6:fd:59:0d:01:11:f3:47:57:38:54:16:8f:41:86:
20:7a:c4:d1:b6:a3:4b:1b:8c:d0:04:bc:25:d4:c6:41:91:d0:
20:4c:fe:f4:fc:e6:01:a5:30:43:91:02:86:8b:7f:31:6b:19:
eb:67:66:7b:e0:30:b8:f8:98:08:fc:f6:b5:83:87:55:21:78:
e5:d1:cd:9b:22:5a:d4:c0:4b:94:72:e2:eb:fe:72:f5:9f:02:
37:82:98:da:6c:55:18:f9:77:27:24:81:2c:a4:1d:8b:5a:75:
05:61:56:2d:bd:fb:92:d9:4c:01:ab:81:ad:e0:b4:5e:c6:46:
09:95:23:16:05:19:51:7f:f0:0f:cc:c9:75:00:c0:7a:a0:91:
5b:de:4a:26:dc:6d:65:93:b0:25:f5:6a:06:90:75:e1:20:1b:
c9:62:85:f6:24:c4:a7:e9:e6:69:40:69:24:01:b1:48:4f:8e:
4c:ba:33:92:eb:2e:44:bb:91:14:fd:ba:8f:be:21:f8:1e:7f:
dd:01:25:23:37:4c:33:3c:c8:a9:c3:35:ac:46:00:88:f6:b2:
6c:02:c3:05:53:5e:29:81:f9:18:60:d2:2f:ac:ed:45:94:c0:
da:b2:bb:91
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgISAZfMi34iG3lIKBtlDK9Nn2RsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNzAyMTkwOTQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMTQwNDRlYzg2NGNmNWI1MDgyZGM0MTU4NzJmNjc2ODFmZWJiNDA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk/h+PIUt3cT8R/iSmczyHX+pH1xE
QpwRr+54rhjkRYBo8DIQ3UIPl8Kj2fIfq9omVMhYMV4DC3aAG2GtBk/RWyzkMzWx
/ETgPpWqaxMq/v+QqPdZBVyyOojmbn5F4ty1kfW+7YAqQqGqziZ4nHB7vYrGp5Al
3CyMVhRX2Jn4ZgkjwNErtqTVYCryDRjwZrmp2fdrGHBXa/a2HCJ+KnDnFi7A6bMJ
UGD8XpmIMsbVVLyeiq0B/wo4osrG22mNVtD5v73njpK2vw7gjY8SdSBolx+wJJMF
443P0N1n09eHJ+py6wlW2wOWPunFHHxh/oQgh9D4QVmGgcbGkHnc2OM1DwIDAQAB
o4ICTTCCAkkwHQYDVR0OBBYEFPFAROyGTPW1CC3EFYcvZ2gf67QFMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvOFVCRTdJWk05YlVJTGNRVmh5OW5hQl9ydEFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGMGCCsGAQUFBwEHAQH/BFQwUjBQBAIAATBKAwQCl/GAAwQA
l/IEAwQAl/IOAwQAl/IRAwQAl/IgAwQBl/JOAwQAl/JSAwQAl/KLAwQAl/MsMAwD
BAeX9IADBACX9IIDBAOX9XgwDQYJKoZIhvcNAQELBQADggEBACkob5Ea9iYcAd+0
OjQSoOZLv+Lipbb9WQ0BEfNHVzhUFo9BhiB6xNG2o0sbjNAEvCXUxkGR0CBM/vT8
5gGlMEORAoaLfzFrGetnZnvgMLj4mAj89rWDh1UheOXRzZsiWtTAS5Ry4uv+cvWf
AjeCmNpsVRj5dyckgSykHYtadQVhVi29+5LZTAGrga3gtF7GRgmVIxYFGVF/8A/M
yXUAwHqgkVveSibcbWWTsCX1agaQdeEgG8lihfYkxKfp5mlAaSQBsUhPjky6M5Lr
LkS7kRT9uo++Ifgef90BJSM3TDM8yKnDNaxGAIj2smwCwwVTXimB+Rhg0i+s7UWU
wNqyu5E=
-----END CERTIFICATE-----
Generated at Thu Jul 3 06:55:03 2025 by rpki-client