Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/G8NK7edf6FvlHVQg_ViAEqJcpmk.roa
File: G8NK7edf6FvlHVQg_ViAEqJcpmk.roa (raw, json)
Hash identifier: L0usN5Xa3xMGAQN2EZponb7N01ODf5tnNccmAe/SRGQ=
Subject key identifier: 1B:C3:4A:ED:E7:5F:E8:5B:E5:1D:54:20:FD:58:80:12:A2:5C:A6:69
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0198D177CA9D989EB6E2BDC5E460F7CB2A7F
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/G8NK7edf6FvlHVQg_ViAEqJcpmk.roa
Signing time: Fri 22 Aug 2025 11:09:05 +0000
ROA not before: Fri 22 Aug 2025 11:09:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 151.240.128.0/21 maxlen: 24
151.240.136.0/21 maxlen: 24
151.240.171.0/24 maxlen: 24
151.241.132.0/22 maxlen: 22
151.242.56.0/24 maxlen: 24
151.242.119.0/24 maxlen: 24
151.243.8.0/23 maxlen: 23
151.243.146.0/24 maxlen: 24
151.243.204.0/23 maxlen: 23
151.244.56.0/24 maxlen: 24
151.245.56.0/22 maxlen: 22
151.245.185.0/24 maxlen: 24
151.245.187.0/24 maxlen: 24
151.245.188.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d1:77:ca:9d:98:9e:b6:e2:bd:c5:e4:60:f7:cb:2a:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Aug 22 11:09:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1bc34aede75fe85be51d5420fd588012a25ca669
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:ce:e0:12:e2:64:bb:41:5f:8d:26:6c:9b:da:
66:9b:18:a0:ae:84:eb:fe:31:40:4d:ae:4c:ac:cc:
92:38:31:47:e5:94:3e:1d:be:5d:f0:3c:67:4b:44:
c2:16:c5:7a:77:9d:93:ef:4c:7d:e0:70:ed:a6:06:
13:04:26:44:08:dc:cb:12:03:60:fd:ce:de:b0:38:
95:0a:4b:8f:7a:d6:f4:eb:5b:d8:40:6a:02:a1:41:
7f:5e:88:c8:e8:41:02:9f:71:84:e1:7b:a3:90:bd:
5b:00:ab:ec:be:cf:08:e0:22:05:9f:33:97:3d:ae:
6c:5c:c5:3d:d0:65:cc:81:92:5d:eb:4a:df:4b:f6:
69:78:45:7c:65:77:5b:c0:6e:bc:88:b4:20:63:cc:
0c:94:a8:84:59:33:d8:6b:15:0b:33:68:64:28:bc:
87:52:39:c9:aa:b2:24:4d:e6:de:c4:23:12:81:7a:
10:46:db:bb:11:cc:e7:35:a0:c8:60:99:2e:51:26:
71:0f:95:d7:9b:b6:d4:19:87:f7:ec:02:78:f1:fc:
24:98:63:6d:8b:d8:c6:38:ca:42:a3:04:3e:bf:f8:
de:38:4a:fa:21:6b:be:e8:31:b3:e6:7f:36:7f:52:
7e:62:69:4a:47:94:31:42:c8:cb:04:84:2a:5d:e6:
01:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:C3:4A:ED:E7:5F:E8:5B:E5:1D:54:20:FD:58:80:12:A2:5C:A6:69
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/G8NK7edf6FvlHVQg_ViAEqJcpmk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.240.128.0/20
151.240.171.0/24
151.241.132.0/22
151.242.56.0/24
151.242.119.0/24
151.243.8.0/23
151.243.146.0/24
151.243.204.0/23
151.244.56.0/24
151.245.56.0/22
151.245.185.0/24
151.245.187.0-151.245.188.255
Signature Algorithm: sha256WithRSAEncryption
31:b1:5d:bb:22:77:4b:fb:e7:9a:88:b6:2e:07:e1:8a:f9:16:
02:96:57:da:23:e3:62:25:bc:f8:18:4d:8c:68:f0:39:2a:04:
6d:85:78:f3:95:7c:4e:be:ca:19:12:76:e7:cb:d0:e0:48:a7:
de:e4:de:9a:60:e6:4d:30:d2:9e:fd:c5:1c:d0:99:09:37:8a:
ea:87:a5:ba:bb:09:15:07:aa:a4:5d:ba:2d:05:83:fd:ea:a5:
87:13:a4:f1:5c:28:71:4e:5f:d9:c5:aa:c6:98:e0:ee:14:3a:
32:2a:d2:62:31:ca:8d:2f:1b:b5:fa:d0:9f:22:f4:98:45:d7:
a2:18:73:35:27:bb:8d:6c:67:37:cc:c0:44:59:06:cd:0c:0e:
9f:8b:86:97:0f:50:f0:4a:15:52:0a:bd:45:fa:38:d6:99:d9:
9f:00:cf:0d:e3:da:e2:b7:47:86:59:b0:8e:24:e2:32:c3:5d:
fd:df:27:a1:77:82:42:6c:96:17:19:df:77:7e:61:97:80:06:
d1:25:94:cc:f2:a9:63:d1:07:f2:f0:2b:9a:10:f3:8e:00:7f:
ed:56:26:78:0b:16:76:f5:52:9f:26:fd:9c:f2:98:8b:bc:8c:
44:83:ec:e3:46:e5:7e:07:7d:9a:13:04:07:57:f8:f0:61:07:
d9:c9:be:1c
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgISAZjRd8qdmJ624r3F5GD3yyp/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwODIyMTEwOTA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYmMzNGFlZGU3NWZlODViZTUxZDU0MjBmZDU4ODAxMmEyNWNhNjY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx87gEuJku0FfjSZsm9pmmxigroTr
/jFATa5MrMySODFH5ZQ+Hb5d8DxnS0TCFsV6d52T70x94HDtpgYTBCZECNzLEgNg
/c7esDiVCkuPetb061vYQGoCoUF/XojI6EECn3GE4XujkL1bAKvsvs8I4CIFnzOX
Pa5sXMU90GXMgZJd60rfS/ZpeEV8ZXdbwG68iLQgY8wMlKiEWTPYaxULM2hkKLyH
UjnJqrIkTebexCMSgXoQRtu7EcznNaDIYJkuUSZxD5XXm7bUGYf37AJ48fwkmGNt
i9jGOMpCowQ+v/jeOEr6IWu+6DGz5n82f1J+YmlKR5QxQsjLBIQqXeYBtQIDAQAB
o4ICUzCCAk8wHQYDVR0OBBYEFBvDSu3nX+hb5R1UIP1YgBKiXKZpMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvRzhOSzdlZGY2RnZsSFZRZ19WaUFFcUpjcG1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGkGCCsGAQUFBwEHAQH/BFowWDBWBAIAATBQAwQEl/CAAwQA
l/CrAwQCl/GEAwQAl/I4AwQAl/J3AwQBl/MIAwQAl/OSAwQBl/PMAwQAl/Q4AwQC
l/U4AwQAl/W5MAwDBACX9bsDBACX9bwwDQYJKoZIhvcNAQELBQADggEBADGxXbsi
d0v755qIti4H4Yr5FgKWV9oj42IlvPgYTYxo8DkqBG2FePOVfE6+yhkSdufL0OBI
p97k3ppg5k0w0p79xRzQmQk3iuqHpbq7CRUHqqRdui0Fg/3qpYcTpPFcKHFOX9nF
qsaY4O4UOjIq0mIxyo0vG7X60J8i9JhF16IYczUnu41sZzfMwERZBs0MDp+LhpcP
UPBKFVIKvUX6ONaZ2Z8Azw3j2uK3R4ZZsI4k4jLDXf3fJ6F3gkJslhcZ33d+YZeA
BtEllMzyqWPRB/LwK5oQ844Af+1WJngLFnb1Up8m/ZzymIu8jESD7ONG5X4HfZoT
BAdX+PBhB9nJvhw=
-----END CERTIFICATE-----
Generated at Sat Aug 23 06:51:03 2025 by rpki-client