
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/8jZqM1yDuzP7DQ0pSoGvwP_FbHI.roa
File: 8jZqM1yDuzP7DQ0pSoGvwP_FbHI.roa (raw, json)
Hash identifier: zeAyFPGbZTZy3bfenbFTCd4QKUXUK9/zNBmhn0zRmwc=
Subject key identifier: F2:36:6A:33:5C:83:BB:33:FB:0D:0D:29:4A:81:AF:C0:FF:C5:6C:72
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0199F16EE057FD0709BFC0A20E960B54BAF2
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/8jZqM1yDuzP7DQ0pSoGvwP_FbHI.roa
Signing time: Fri 17 Oct 2025 09:09:59 +0000
ROA not before: Fri 17 Oct 2025 09:09:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39351
IP address blocks: 151.241.163.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:f1:6e:e0:57:fd:07:09:bf:c0:a2:0e:96:0b:54:ba:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Oct 17 09:09:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f2366a335c83bb33fb0d0d294a81afc0ffc56c72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:3f:cd:4c:75:c9:b4:10:46:66:8e:fe:05:6e:
b6:7f:78:be:ca:bf:77:5b:95:94:4b:f2:e9:0e:51:
39:4d:5e:d2:3d:c1:b7:62:56:f7:31:0c:54:81:61:
23:2f:fa:60:44:f4:a9:c1:da:51:d6:79:e6:6f:52:
3a:9f:ef:65:91:9f:79:7a:53:4a:f9:01:d5:3c:88:
ea:e0:e9:15:e9:70:d7:87:21:b1:32:e5:b5:4f:a9:
87:af:68:2b:4b:af:25:c8:05:9a:cd:ac:e8:1d:1e:
4f:57:01:56:94:26:20:02:7a:e1:44:8b:82:7f:20:
3c:04:9f:fb:c1:4c:64:0e:b5:98:67:3a:6b:08:8a:
8d:8c:38:d8:69:54:9f:bf:d6:e4:88:1a:3e:50:ca:
d4:5d:14:9c:20:b9:7f:a5:e4:50:cb:7f:69:3a:c1:
03:10:36:ff:ab:6b:a9:f0:1b:cc:cd:15:50:6c:9d:
37:e5:99:da:9b:d3:71:93:c8:3d:46:03:22:7b:bd:
5c:8e:8b:3b:07:4b:89:ca:ef:6a:18:47:8a:a3:7c:
40:a9:cc:35:2b:fd:6e:be:13:a2:7a:6d:b6:b0:9e:
83:92:82:ce:1d:09:b7:28:c2:4e:30:7b:bb:17:c2:
a9:6e:27:92:1a:a2:f6:d9:b4:de:eb:ab:e0:0d:a5:
36:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:36:6A:33:5C:83:BB:33:FB:0D:0D:29:4A:81:AF:C0:FF:C5:6C:72
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/8jZqM1yDuzP7DQ0pSoGvwP_FbHI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.241.163.0/24
Signature Algorithm: sha256WithRSAEncryption
37:53:26:ab:24:8b:df:9c:a7:5c:ad:38:62:af:e2:56:a1:15:
89:28:ee:53:e9:7b:d6:5b:92:42:72:19:d6:43:19:04:ac:d2:
b0:11:6e:a0:c5:db:15:3d:7f:67:7e:91:78:f8:ff:bc:22:4b:
65:01:23:09:b0:b7:97:ba:37:28:e3:c1:ea:d5:17:f5:89:80:
76:10:a9:2b:e8:52:d4:d7:e4:47:a0:58:b9:d1:9a:7d:64:74:
a3:35:ff:c0:fa:85:45:ce:a4:bc:26:5b:a4:08:09:2a:a1:c9:
c6:a2:e6:8b:49:18:c7:d6:3f:08:76:9c:54:f1:81:bd:98:0f:
8e:d2:6e:f6:69:3d:d8:e8:af:09:3f:60:33:ad:71:e1:cf:60:
d1:61:f7:a6:44:21:15:4f:69:b0:7a:da:f5:3e:a0:e0:dc:5d:
a8:17:8b:3a:87:dd:a0:4d:87:40:a6:0b:25:ba:71:91:a8:e9:
34:db:97:73:7f:8e:45:7c:7c:e7:39:33:18:2c:d4:2f:e5:3a:
63:0e:ed:44:bb:4a:ba:9b:ba:51:f1:98:be:f5:34:32:30:03:
fb:8e:ce:92:4b:27:66:56:c1:bb:46:62:34:d4:e1:da:7e:6a:
91:e2:67:e0:b3:ec:db:56:5c:98:6f:7e:af:c9:84:47:ab:14:
61:b3:a4:3e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZnxbuBX/QcJv8CiDpYLVLryMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUxMDE3MDkwOTU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjM2NmEzMzVjODNiYjMzZmIwZDBkMjk0YTgxYWZjMGZmYzU2YzcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsj/NTHXJtBBGZo7+BW62f3i+yr93
W5WUS/LpDlE5TV7SPcG3Ylb3MQxUgWEjL/pgRPSpwdpR1nnmb1I6n+9lkZ95elNK
+QHVPIjq4OkV6XDXhyGxMuW1T6mHr2grS68lyAWazazoHR5PVwFWlCYgAnrhRIuC
fyA8BJ/7wUxkDrWYZzprCIqNjDjYaVSfv9bkiBo+UMrUXRScILl/peRQy39pOsED
EDb/q2up8BvMzRVQbJ035Znam9Nxk8g9RgMie71cjos7B0uJyu9qGEeKo3xAqcw1
K/1uvhOiem22sJ6DkoLOHQm3KMJOMHu7F8KpbieSGqL22bTe66vgDaU29QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPI2ajNcg7sz+w0NKUqBr8D/xWxyMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvOGpacU0xeUR1elA3RFEwcFNvR3Z3UF9GYkhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAl/GjMA0G
CSqGSIb3DQEBCwUAA4IBAQA3UyarJIvfnKdcrThir+JWoRWJKO5T6XvWW5JCchnW
QxkErNKwEW6gxdsVPX9nfpF4+P+8IktlASMJsLeXujco48Hq1Rf1iYB2EKkr6FLU
1+RHoFi50Zp9ZHSjNf/A+oVFzqS8JlukCAkqocnGouaLSRjH1j8IdpxU8YG9mA+O
0m72aT3Y6K8JP2AzrXHhz2DRYfemRCEVT2mwetr1PqDg3F2oF4s6h92gTYdApgsl
unGRqOk025dzf45FfHznOTMYLNQv5TpjDu1Eu0q6m7pR8Zi+9TQyMAP7js6SSydm
VsG7RmI01OHafmqR4mfgs+zbVlyYb36vyYRHqxRhs6Q+
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:11:09 2025 by rpki-client