Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/L53tZR8mKsgBQiW89HpKt6P4-1U.roa
File: L53tZR8mKsgBQiW89HpKt6P4-1U.roa (raw, json)
Hash identifier: R5ewUoq/cesxlFireCmxlbNcUeOWQyggrnaTpnIwPiU=
Subject key identifier: 2F:9D:ED:65:1F:26:2A:C8:01:42:25:BC:F4:7A:4A:B7:A3:F8:FB:55
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0199B3ECC2509EB89DC674E7F6CBB2F8B90D
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/L53tZR8mKsgBQiW89HpKt6P4-1U.roa
Signing time: Sun 05 Oct 2025 10:31:01 +0000
ROA not before: Sun 05 Oct 2025 10:31:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214025
IP address blocks: 151.241.15.0/24 maxlen: 24
151.242.114.0/24 maxlen: 24
151.242.142.0/24 maxlen: 24
151.243.30.0/24 maxlen: 24
151.243.114.0/24 maxlen: 24
151.243.115.0/24 maxlen: 24
151.246.222.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 14:01:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:b3:ec:c2:50:9e:b8:9d:c6:74:e7:f6:cb:b2:f8:b9:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Oct 5 10:31:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2f9ded651f262ac8014225bcf47a4ab7a3f8fb55
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:e0:8f:ab:8d:77:39:13:68:5e:5b:43:fa:f3:
83:d1:d6:3d:08:34:ac:a7:b0:43:d7:e8:3d:81:da:
ec:a0:a9:97:69:d6:94:11:46:82:b8:57:5b:c5:df:
c9:cf:9d:1a:14:8a:32:e8:bc:dd:e9:b4:8e:0e:44:
28:ae:65:90:0e:e7:30:30:47:d2:a2:bb:5b:63:3c:
9a:38:a6:4c:eb:04:ee:a4:1e:c0:1c:98:86:68:fb:
b8:ee:0b:33:4d:7d:29:56:8a:e4:f8:f0:ce:fc:b5:
15:14:ce:84:f3:82:14:5c:11:3f:61:0f:64:1f:87:
4b:17:f6:f0:1e:8c:71:e7:f4:b9:72:ed:a5:19:9c:
9a:e3:16:93:b8:15:70:74:f4:df:c4:68:a2:55:58:
a8:c7:c9:88:c9:5a:b3:40:19:b6:f1:d4:c1:30:6e:
91:7f:ca:d4:e0:77:96:fd:05:7b:d9:07:07:d7:14:
d9:0b:3c:e8:b3:42:a0:4b:dc:a6:ea:06:39:57:9d:
15:c7:1d:4c:2b:e9:39:9d:79:e9:9f:f3:22:59:52:
20:ea:85:f4:17:f4:94:a2:ce:87:60:db:c9:fa:67:
35:31:58:0b:58:53:1f:a2:68:50:3f:2b:f8:b2:b5:
59:95:e8:57:c5:06:62:d7:9f:d0:2b:48:15:9b:1b:
eb:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:9D:ED:65:1F:26:2A:C8:01:42:25:BC:F4:7A:4A:B7:A3:F8:FB:55
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/L53tZR8mKsgBQiW89HpKt6P4-1U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.241.15.0/24
151.242.114.0/24
151.242.142.0/24
151.243.30.0/24
151.243.114.0/23
151.246.222.0/24
Signature Algorithm: sha256WithRSAEncryption
a6:87:73:bc:38:f0:84:66:a0:1b:6b:5e:3d:ac:5f:b7:b4:a3:
57:42:e4:f7:ef:45:3c:a1:c9:01:d2:fc:95:eb:65:62:c5:4d:
20:1f:41:68:6d:1e:ad:ee:03:50:5a:a5:28:8e:54:c5:43:50:
05:dc:22:52:85:f4:e3:ed:5c:b2:93:7e:4a:c5:e3:98:87:8d:
61:f8:3f:51:fa:45:1e:d5:3d:80:ec:7a:40:f7:43:bc:e8:14:
64:11:92:7d:1f:76:1a:85:31:ab:98:22:cd:a8:36:f2:e1:5f:
fc:4a:a3:5b:b2:2b:02:f3:27:a0:6d:53:4b:52:cd:a0:9c:94:
8f:a3:ae:47:6c:50:37:be:91:a8:ba:aa:16:e4:98:f1:7f:87:
9e:56:ec:75:bb:66:c5:32:93:aa:27:7e:a8:1f:5f:ce:d3:de:
cb:45:9d:42:9f:98:e5:95:c8:15:e4:3f:fb:22:bd:98:23:66:
fe:8f:5d:ce:40:37:ac:43:d6:2b:ca:2c:00:96:04:44:b7:97:
f9:45:db:85:35:5a:8a:95:45:bf:6c:c0:4c:0f:04:f6:9d:4a:
f4:7a:70:df:d4:82:d7:3a:f1:8c:b5:0f:57:31:e7:1f:f1:d6:
0a:48:82:6e:9d:20:49:6b:d3:4e:22:3a:74:0b:e1:f6:04:fc:
c4:97:dd:72
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZmz7MJQnridxnTn9suy+LkNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUxMDA1MTAzMTAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjlkZWQ2NTFmMjYyYWM4MDE0MjI1YmNmNDdhNGFiN2EzZjhmYjU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq+CPq413ORNoXltD+vOD0dY9CDSs
p7BD1+g9gdrsoKmXadaUEUaCuFdbxd/Jz50aFIoy6Lzd6bSODkQormWQDucwMEfS
ortbYzyaOKZM6wTupB7AHJiGaPu47gszTX0pVork+PDO/LUVFM6E84IUXBE/YQ9k
H4dLF/bwHoxx5/S5cu2lGZya4xaTuBVwdPTfxGiiVViox8mIyVqzQBm28dTBMG6R
f8rU4HeW/QV72QcH1xTZCzzos0KgS9ym6gY5V50Vxx1MK+k5nXnpn/MiWVIg6oX0
F/SUos6HYNvJ+mc1MVgLWFMfomhQPyv4srVZlehXxQZi15/QK0gVmxvrdwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFC+d7WUfJirIAUIlvPR6Srej+PtVMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvTDUzdFpSOG1Lc2dCUWlXODlIcEt0NlA0LTFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAl/EPAwQA
l/JyAwQAl/KOAwQAl/MeAwQBl/NyAwQAl/beMA0GCSqGSIb3DQEBCwUAA4IBAQCm
h3O8OPCEZqAba149rF+3tKNXQuT370U8ockB0vyV62VixU0gH0FobR6t7gNQWqUo
jlTFQ1AF3CJShfTj7Vyyk35KxeOYh41h+D9R+kUe1T2A7HpA90O86BRkEZJ9H3Ya
hTGrmCLNqDby4V/8SqNbsisC8yegbVNLUs2gnJSPo65HbFA3vpGouqoW5Jjxf4ee
Vux1u2bFMpOqJ36oH1/O097LRZ1Cn5jllcgV5D/7Ir2YI2b+j13OQDesQ9YryiwA
lgREt5f5RduFNVqKlUW/bMBMDwT2nUr0enDf1ILXOvGMtQ9XMecf8dYKSIJunSBJ
a9NOIjp0C+H2BPzEl91y
-----END CERTIFICATE-----
Generated at Sun Oct 19 22:25:38 2025 by rpki-client