Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/C7JM5iuvfHyfeK4ksf2TR-KlKLw.roa
File: C7JM5iuvfHyfeK4ksf2TR-KlKLw.roa (raw, json)
Hash identifier: tyZRMlytfPqM4p4CIf14l0LrP05T0Fva9TKdmzUOl9U=
Subject key identifier: 0B:B2:4C:E6:2B:AF:7C:7C:9F:78:AE:24:B1:FD:93:47:E2:A5:28:BC
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0198D57EAC811856C3442ECC0FE18F60DD1B
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/C7JM5iuvfHyfeK4ksf2TR-KlKLw.roa
Signing time: Sat 23 Aug 2025 05:55:05 +0000
ROA not before: Sat 23 Aug 2025 05:55:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 19318
IP address blocks: 151.242.41.0/24 maxlen: 24
151.242.58.0/24 maxlen: 24
151.242.200.0/24 maxlen: 24
151.242.201.0/24 maxlen: 24
151.243.52.0/23 maxlen: 24
151.243.164.0/22 maxlen: 24
151.243.254.0/24 maxlen: 24
151.244.136.0/22 maxlen: 22
151.244.160.0/22 maxlen: 22
151.244.170.0/24 maxlen: 24
151.244.172.0/22 maxlen: 22
151.244.176.0/22 maxlen: 22
151.245.136.0/21 maxlen: 21
151.245.144.0/21 maxlen: 21
151.245.232.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 09:25:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d5:7e:ac:81:18:56:c3:44:2e:cc:0f:e1:8f:60:dd:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Aug 23 05:55:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0bb24ce62baf7c7c9f78ae24b1fd9347e2a528bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:12:98:45:25:ef:bf:ce:f5:95:a8:d4:2a:ec:
73:ed:cf:38:ea:ba:82:62:d6:59:78:7d:4e:fa:60:
0f:1a:d2:00:b7:ca:4f:1e:95:18:b9:74:4b:ca:76:
34:63:af:1c:5d:a2:42:db:25:23:ff:eb:2d:53:a2:
98:65:00:98:6a:37:0a:d7:c4:59:fd:4e:e5:7e:f7:
d0:b9:60:cb:e7:7c:09:50:a5:7a:c0:b8:a8:08:fe:
d5:8d:19:08:20:c4:10:40:f2:06:1f:eb:22:88:bc:
bd:6e:3c:8c:23:1d:e9:7e:ef:f2:01:0c:38:09:7b:
18:1d:2b:fe:1b:58:01:a1:81:c6:94:7a:a5:5a:81:
bb:0e:7b:75:d3:19:fd:0e:45:57:03:37:a1:0d:ae:
e1:df:86:cc:fb:3b:df:a6:bf:ae:cc:8b:a6:77:5b:
9b:74:3c:9a:87:19:63:b2:4c:e1:70:bd:63:03:b9:
1c:cd:8a:35:75:2d:88:d7:9e:cb:00:f0:e4:58:51:
46:06:ba:71:97:a5:b2:db:5c:64:c0:c4:07:4e:9f:
10:6a:40:6a:c2:77:17:c1:0d:c6:29:59:90:de:bf:
17:3c:e6:e3:a5:d2:42:1b:44:9b:7b:b3:22:67:a2:
63:d6:ed:18:e2:21:ae:38:83:06:c5:24:a4:b0:a0:
b5:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:B2:4C:E6:2B:AF:7C:7C:9F:78:AE:24:B1:FD:93:47:E2:A5:28:BC
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/C7JM5iuvfHyfeK4ksf2TR-KlKLw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.242.41.0/24
151.242.58.0/24
151.242.200.0/23
151.243.52.0/23
151.243.164.0/22
151.243.254.0/24
151.244.136.0/22
151.244.160.0/22
151.244.170.0/24
151.244.172.0-151.244.179.255
151.245.136.0-151.245.151.255
151.245.232.0/21
Signature Algorithm: sha256WithRSAEncryption
6d:1b:5c:52:68:75:59:3f:34:11:10:05:ab:77:7d:e0:00:59:
3c:4e:1d:61:f0:e4:34:40:56:ef:3c:6c:97:65:40:56:9d:00:
17:af:ed:ba:bb:4f:aa:16:75:79:99:56:3a:6f:3f:b3:8b:95:
8d:c5:b7:cc:7d:c5:17:a4:ae:a0:57:21:18:f9:67:91:21:e1:
7c:12:18:8b:43:b2:d8:45:07:61:67:0a:46:a4:06:15:7c:fb:
38:b2:6c:bf:d0:40:c7:5f:9e:d9:e1:0d:48:b7:68:11:eb:b6:
74:77:ce:7a:ba:82:6e:d0:11:35:05:3a:4d:01:dd:e4:60:8a:
60:19:2a:15:7c:c3:82:66:86:6a:d7:5a:88:de:3a:9d:60:91:
0f:4a:7a:6e:1c:2e:5b:cf:10:82:90:eb:45:a8:fb:16:c7:18:
99:90:a9:3c:90:28:c6:16:08:40:0c:3a:39:34:8d:ec:8c:22:
7d:b9:f6:be:b5:34:ce:e7:ae:f5:b4:95:36:fb:60:01:10:2f:
27:b3:3f:0d:f5:69:af:1c:f1:10:46:92:c9:ab:39:75:29:f8:
28:95:ce:b1:1a:79:89:85:3a:25:2e:e4:70:76:81:c3:95:d9:
3d:ed:2f:86:b9:43:75:f8:6b:7c:20:4d:21:55:90:ac:a9:e9:
f4:02:23:cb
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgISAZjVfqyBGFbDRC7MD+GPYN0bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwODIzMDU1NTA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYmIyNGNlNjJiYWY3YzdjOWY3OGFlMjRiMWZkOTM0N2UyYTUyOGJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8hKYRSXvv871lajUKuxz7c846rqC
YtZZeH1O+mAPGtIAt8pPHpUYuXRLynY0Y68cXaJC2yUj/+stU6KYZQCYajcK18RZ
/U7lfvfQuWDL53wJUKV6wLioCP7VjRkIIMQQQPIGH+siiLy9bjyMIx3pfu/yAQw4
CXsYHSv+G1gBoYHGlHqlWoG7Dnt10xn9DkVXAzehDa7h34bM+zvfpr+uzIumd1ub
dDyahxljskzhcL1jA7kczYo1dS2I157LAPDkWFFGBrpxl6Wy21xkwMQHTp8QakBq
wncXwQ3GKVmQ3r8XPObjpdJCG0Sbe7MiZ6Jj1u0Y4iGuOIMGxSSksKC18wIDAQAB
o4ICWzCCAlcwHQYDVR0OBBYEFAuyTOYrr3x8n3iuJLH9k0fipSi8MB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvQzdKTTVpdXZmSHlmZUs0a3NmMlRSLUtsS0x3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHEGCCsGAQUFBwEHAQH/BGIwYDBeBAIAATBYAwQAl/IpAwQA
l/I6AwQBl/LIAwQBl/M0AwQCl/OkAwQAl/P+AwQCl/SIAwQCl/SgAwQAl/SqMAwD
BAKX9KwDBAKX9LAwDAMEA5f1iAMEA5f1kAMEA5f16DANBgkqhkiG9w0BAQsFAAOC
AQEAbRtcUmh1WT80ERAFq3d94ABZPE4dYfDkNEBW7zxsl2VAVp0AF6/turtPqhZ1
eZlWOm8/s4uVjcW3zH3FF6SuoFchGPlnkSHhfBIYi0Oy2EUHYWcKRqQGFXz7OLJs
v9BAx1+e2eENSLdoEeu2dHfOerqCbtARNQU6TQHd5GCKYBkqFXzDgmaGatdaiN46
nWCRD0p6bhwuW88QgpDrRaj7FscYmZCpPJAoxhYIQAw6OTSN7Iwifbn2vrU0zueu
9bSVNvtgARAvJ7M/DfVprxzxEEaSyas5dSn4KJXOsRp5iYU6JS7kcHaBw5XZPe0v
hrlDdfhrfCBNIVWQrKnp9AIjyw==
-----END CERTIFICATE-----
Generated at Sat Aug 23 19:05:08 2025 by rpki-client