Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/AQtsAwwkpqqFIERhPsHWd02Kslk.roa
File: AQtsAwwkpqqFIERhPsHWd02Kslk.roa (raw, json)
Hash identifier: W8LoF/CNs4Cw7GzEscxWa5JdJnc0wSJdrKi7ee/MB6c=
Subject key identifier: 01:0B:6C:03:0C:24:A6:AA:85:20:44:61:3E:C1:D6:77:4D:8A:B2:59
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 01988DB1056FDB5ED0F52F694F1D45C10220
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/AQtsAwwkpqqFIERhPsHWd02Kslk.roa
Signing time: Sat 09 Aug 2025 07:17:25 +0000
ROA not before: Sat 09 Aug 2025 07:17:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8075
IP address blocks: 151.243.110.0/24 maxlen: 24
151.243.184.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 09:25:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:8d:b1:05:6f:db:5e:d0:f5:2f:69:4f:1d:45:c1:02:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Aug 9 07:17:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=010b6c030c24a6aa852044613ec1d6774d8ab259
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:3a:e4:c4:76:ba:a0:40:7e:b0:70:48:5d:a6:
95:a4:ca:44:d9:15:06:c5:ac:8c:57:6b:11:9f:d3:
9f:71:66:d7:5e:5c:93:96:45:1e:24:b3:18:54:8c:
94:5f:07:5e:f5:d6:7c:b4:42:aa:83:d0:82:af:06:
f3:da:c6:18:e2:98:51:15:46:13:0f:a8:0d:9f:62:
7b:9c:fe:79:95:99:ee:5c:c6:a6:b9:57:11:b4:ee:
89:76:9c:d4:4c:d2:9c:60:d4:96:9a:6c:67:f3:bb:
90:89:00:4d:ab:24:0b:3c:40:38:89:4b:60:dc:b7:
d4:fb:01:cb:ae:b6:d2:36:8e:57:da:b3:4b:5d:c0:
9f:3d:15:0c:87:a2:2e:75:7f:9b:16:49:a4:bd:7f:
b4:5b:fd:fb:b4:3a:1f:db:1c:17:1e:3b:3b:cc:d3:
74:ec:11:f8:63:25:64:96:6d:f4:af:ab:86:52:ce:
c0:07:7d:5d:a2:c0:2b:67:7a:b7:89:f6:d3:7a:8a:
f5:d5:3e:11:9a:ed:ee:79:68:57:72:07:59:59:00:
6c:d9:1c:04:e7:ad:c3:e1:12:e7:ec:09:f0:ae:3d:
32:22:1a:25:9b:34:08:90:aa:0b:00:86:6c:83:79:
e6:6c:cd:cb:08:76:d8:f8:08:c1:c5:a4:e2:b3:e5:
7a:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:0B:6C:03:0C:24:A6:AA:85:20:44:61:3E:C1:D6:77:4D:8A:B2:59
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/AQtsAwwkpqqFIERhPsHWd02Kslk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.243.110.0/24
151.243.184.0/22
Signature Algorithm: sha256WithRSAEncryption
2c:88:22:4b:ea:be:fe:0c:24:c7:f5:92:fe:70:90:62:77:b3:
75:60:07:48:e0:7c:9f:fb:4a:9e:f0:ca:0e:5d:d9:b8:09:86:
b9:e0:40:f5:aa:a4:03:be:a0:f4:a1:b0:f7:aa:02:c8:82:b5:
21:64:43:88:c6:8e:8b:3c:2d:14:1b:ff:4f:eb:97:60:c6:f2:
e2:c1:7d:72:44:95:61:0a:b3:64:5b:29:f4:12:80:bc:69:cf:
e9:f6:3d:a5:f8:4f:02:5a:92:4d:3f:ef:44:b3:be:bc:09:2f:
9d:c3:89:69:dd:d5:02:ca:0e:5b:49:e2:6e:21:db:09:61:e1:
7e:b2:2b:2b:c1:f9:67:5c:d7:2f:95:62:22:35:7a:d0:56:8e:
66:71:c7:35:fd:8e:82:ce:e7:73:88:d7:cf:d6:5c:d6:72:00:
1a:f6:51:ac:26:de:da:4a:2d:33:2c:f9:32:3b:9a:5e:ea:0e:
9c:75:08:c9:81:fc:23:74:06:c4:1a:c9:ff:58:f0:3f:6a:8e:
88:78:12:36:1c:60:d3:f2:98:9c:42:d4:98:0c:e2:f2:03:42:
6d:06:dc:99:42:59:7d:2d:e3:d8:52:48:28:55:b4:cd:e2:c3:
73:20:02:b2:cd:16:1d:a5:d8:27:2c:3b:ef:d8:0c:7e:74:68:
a5:ca:54:60
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZiNsQVv217Q9S9pTx1FwQIgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwODA5MDcxNzI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTBiNmMwMzBjMjRhNmFhODUyMDQ0NjEzZWMxZDY3NzRkOGFiMjU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtTrkxHa6oEB+sHBIXaaVpMpE2RUG
xayMV2sRn9OfcWbXXlyTlkUeJLMYVIyUXwde9dZ8tEKqg9CCrwbz2sYY4phRFUYT
D6gNn2J7nP55lZnuXMamuVcRtO6JdpzUTNKcYNSWmmxn87uQiQBNqyQLPEA4iUtg
3LfU+wHLrrbSNo5X2rNLXcCfPRUMh6IudX+bFkmkvX+0W/37tDof2xwXHjs7zNN0
7BH4YyVklm30r6uGUs7AB31dosArZ3q3ifbTeor11T4Rmu3ueWhXcgdZWQBs2RwE
563D4RLn7Anwrj0yIholmzQIkKoLAIZsg3nmbM3LCHbY+AjBxaTis+V6IwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAELbAMMJKaqhSBEYT7B1ndNirJZMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvQVF0c0F3d2twcXFGSUVSaFBzSFdkMDJLc2xrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAl/NuAwQC
l/O4MA0GCSqGSIb3DQEBCwUAA4IBAQAsiCJL6r7+DCTH9ZL+cJBid7N1YAdI4Hyf
+0qe8MoOXdm4CYa54ED1qqQDvqD0obD3qgLIgrUhZEOIxo6LPC0UG/9P65dgxvLi
wX1yRJVhCrNkWyn0EoC8ac/p9j2l+E8CWpJNP+9Es768CS+dw4lp3dUCyg5bSeJu
IdsJYeF+sisrwflnXNcvlWIiNXrQVo5mccc1/Y6CzudziNfP1lzWcgAa9lGsJt7a
Si0zLPkyO5pe6g6cdQjJgfwjdAbEGsn/WPA/ao6IeBI2HGDT8picQtSYDOLyA0Jt
BtyZQll9LePYUkgoVbTN4sNzIAKyzRYdpdgnLDvv2Ax+dGilylRg
-----END CERTIFICATE-----
Generated at Sat Aug 23 19:03:42 2025 by rpki-client