Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/HtZAYPjunpmeQngm2pJ0c9gkgOI.roa
File: HtZAYPjunpmeQngm2pJ0c9gkgOI.roa (raw, json)
Hash identifier: +RxpE1o9Hup9GTz43yh95rsL9oy3XHj1fG5CJSmJ5ic=
Subject key identifier: 1E:D6:40:60:F8:EE:9E:99:9E:42:78:26:DA:92:74:73:D8:24:80:E2
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 01978C45078D4F402E6C7392718591CD3E48
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/HtZAYPjunpmeQngm2pJ0c9gkgOI.roa
Signing time: Fri 20 Jun 2025 07:37:03 +0000
ROA not before: Fri 20 Jun 2025 07:37:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200017
IP address blocks: 151.240.112.0/24 maxlen: 24
151.240.116.0/24 maxlen: 24
151.240.117.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 02 Jul 2025 13:29:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:8c:45:07:8d:4f:40:2e:6c:73:92:71:85:91:cd:3e:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Jun 20 07:37:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1ed64060f8ee9e999e427826da927473d82480e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:38:5f:c2:cc:6e:31:fc:af:18:4d:a0:0c:84:
15:a9:84:db:89:01:23:00:d2:f0:b1:a5:f2:91:a7:
e9:59:62:5e:7b:3c:b2:ce:8c:75:b0:cd:18:34:ff:
fb:c6:ba:0d:7b:7e:51:51:e1:4a:1f:0f:2b:74:e1:
b7:78:04:c4:47:38:95:64:f3:27:9c:12:75:55:5f:
0a:2a:1c:7b:21:58:7a:c0:4f:48:73:fa:91:86:d8:
97:8e:f0:d6:28:35:d8:2a:80:28:75:7d:12:3a:aa:
76:05:fd:15:e3:b3:e6:d2:56:2b:4b:30:40:9d:eb:
2b:2f:91:22:fe:4f:3f:7e:f4:42:6b:c1:1e:55:35:
54:67:84:cc:09:2f:17:0f:17:d3:35:3b:cf:e2:ba:
62:7e:4d:41:db:eb:57:9c:e6:98:00:55:7d:8d:61:
dc:d6:05:d8:7b:a9:55:ea:de:10:99:2d:24:63:48:
0a:ef:eb:bf:4f:f0:e3:75:a3:85:73:48:48:f9:dd:
9c:1e:bf:88:e6:ed:0c:6b:b0:1e:be:15:70:6c:9b:
6f:e3:e2:02:5b:95:88:79:00:57:97:d1:b7:f8:6f:
0b:1f:92:ab:04:5d:d7:68:25:f9:d0:9f:d6:89:1c:
8a:ab:5f:14:85:b3:51:e8:52:20:04:c0:54:b4:5d:
35:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:D6:40:60:F8:EE:9E:99:9E:42:78:26:DA:92:74:73:D8:24:80:E2
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/HtZAYPjunpmeQngm2pJ0c9gkgOI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.240.112.0/24
151.240.116.0/23
Signature Algorithm: sha256WithRSAEncryption
64:29:f0:a6:ee:a1:5d:c5:85:b1:59:2f:cf:7b:1a:19:53:36:
40:44:ef:59:a4:26:ba:58:38:48:73:eb:b5:69:43:e9:d1:4b:
14:4f:f7:53:4d:2f:22:e8:f8:46:77:3f:18:42:18:f8:02:2b:
c1:b1:ab:30:79:97:06:d7:17:4b:48:fb:12:fb:cf:c9:9d:f6:
53:7d:ee:18:99:ea:4c:f9:02:1d:01:2f:ab:d8:d0:3f:53:20:
86:ce:3b:38:56:65:1e:92:70:54:cf:94:4a:28:91:88:83:99:
a9:4c:6c:c4:af:d1:57:7a:51:3d:26:9d:60:59:2b:07:fe:a0:
0c:ba:e3:8f:1b:f9:77:77:e5:9b:bf:1f:ba:eb:3d:fb:24:e9:
e4:cc:6b:d7:68:40:49:95:ab:73:df:73:13:ac:f6:0e:7c:61:
d6:cc:92:f0:15:84:1f:31:c8:35:60:43:2a:6e:22:b8:4c:f9:
e4:5d:5c:68:ee:95:8e:15:48:07:7d:b9:fe:09:14:76:92:68:
f3:42:4c:b3:9e:d2:57:d0:bc:19:ee:e6:e0:dd:8d:86:13:a1:
ec:68:1c:d1:d9:d4:27:ec:5c:09:e6:64:40:21:c3:77:71:89:
df:90:66:3f:c8:ec:0d:fb:be:c0:7a:ab:eb:f4:04:65:b3:bd:
cb:44:b6:29
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZeMRQeNT0AubHOScYWRzT5IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNjIwMDczNzAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZWQ2NDA2MGY4ZWU5ZTk5OWU0Mjc4MjZkYTkyNzQ3M2Q4MjQ4MGUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyThfwsxuMfyvGE2gDIQVqYTbiQEj
ANLwsaXykafpWWJeezyyzox1sM0YNP/7xroNe35RUeFKHw8rdOG3eATERziVZPMn
nBJ1VV8KKhx7IVh6wE9Ic/qRhtiXjvDWKDXYKoAodX0SOqp2Bf0V47Pm0lYrSzBA
nesrL5Ei/k8/fvRCa8EeVTVUZ4TMCS8XDxfTNTvP4rpifk1B2+tXnOaYAFV9jWHc
1gXYe6lV6t4QmS0kY0gK7+u/T/DjdaOFc0hI+d2cHr+I5u0Ma7AevhVwbJtv4+IC
W5WIeQBXl9G3+G8LH5KrBF3XaCX50J/WiRyKq18UhbNR6FIgBMBUtF01swIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFB7WQGD47p6ZnkJ4JtqSdHPYJIDiMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvSHRaQVlQanVucG1lUW5nbTJwSjBjOWdrZ09JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAl/BwAwQB
l/B0MA0GCSqGSIb3DQEBCwUAA4IBAQBkKfCm7qFdxYWxWS/PexoZUzZARO9ZpCa6
WDhIc+u1aUPp0UsUT/dTTS8i6PhGdz8YQhj4AivBsasweZcG1xdLSPsS+8/JnfZT
fe4YmepM+QIdAS+r2NA/UyCGzjs4VmUeknBUz5RKKJGIg5mpTGzEr9FXelE9Jp1g
WSsH/qAMuuOPG/l3d+Wbvx+66z37JOnkzGvXaEBJlatz33MTrPYOfGHWzJLwFYQf
Mcg1YEMqbiK4TPnkXVxo7pWOFUgHfbn+CRR2kmjzQkyzntJX0LwZ7ubg3Y2GE6Hs
aBzR2dQn7FwJ5mRAIcN3cYnfkGY/yOwN+77Aeqvr9ARls73LRLYp
-----END CERTIFICATE-----
Generated at Tue Jul 1 21:59:55 2025 by rpki-client