Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/LkRi0ftrXYEeJhcGq17fcKE1su0.roa
File: LkRi0ftrXYEeJhcGq17fcKE1su0.roa (raw, json)
Hash identifier: O+FsyYQZnqvzzdWOpaETj/UyxBv27Bx1uioQEMu0x7A=
Subject key identifier: 2E:44:62:D1:FB:6B:5D:81:1E:26:17:06:AB:5E:DF:70:A1:35:B2:ED
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0198C74ECECCED756629118FF4ED902D298E
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/LkRi0ftrXYEeJhcGq17fcKE1su0.roa
Signing time: Wed 20 Aug 2025 11:48:07 +0000
ROA not before: Wed 20 Aug 2025 11:48:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 396982
IP address blocks: 151.247.194.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 09:25:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:c7:4e:ce:cc:ed:75:66:29:11:8f:f4:ed:90:2d:29:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Aug 20 11:48:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2e4462d1fb6b5d811e261706ab5edf70a135b2ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:c9:f7:14:f6:57:56:c5:2e:1d:63:c1:c8:18:
87:8f:d6:91:78:32:11:ee:33:b0:a4:24:fb:66:44:
f6:71:ca:22:8d:13:d4:7c:1e:cc:99:d7:40:14:18:
0f:74:6f:a7:99:fa:50:60:3f:df:00:79:19:af:31:
20:e5:14:0e:56:df:ab:b6:49:5e:df:5d:bd:f7:85:
bb:d0:4f:24:8f:f3:be:34:8d:25:ae:90:dd:26:cb:
d6:93:94:0e:08:8d:4c:df:22:ff:ff:c5:d6:83:d0:
18:6a:a3:64:86:04:c7:6a:25:fa:bd:7c:9a:01:b3:
d7:33:d3:36:3e:b0:8c:de:3f:3e:67:d5:df:cd:af:
c4:29:c2:11:98:36:45:6c:26:a1:61:09:34:a9:d4:
28:80:ba:d0:78:8f:e2:a1:6c:67:28:f2:c4:53:b2:
5a:ef:ac:4b:ea:d1:ff:b0:83:15:4a:fe:9c:9d:20:
77:c9:89:6e:88:d9:c5:b9:65:1d:c7:0f:fe:fa:f4:
ae:ea:25:66:05:d5:5a:8d:f0:aa:00:06:cd:6e:57:
0b:5e:1f:b1:43:d1:8a:c5:e4:cc:c5:99:b1:d1:bc:
79:4f:18:71:e5:fd:ba:01:4a:78:27:50:fa:d0:55:
e0:cb:2e:c0:d3:24:06:03:c7:db:71:c6:f8:4d:5b:
9b:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:44:62:D1:FB:6B:5D:81:1E:26:17:06:AB:5E:DF:70:A1:35:B2:ED
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/LkRi0ftrXYEeJhcGq17fcKE1su0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.247.194.0/24
Signature Algorithm: sha256WithRSAEncryption
13:24:05:73:92:86:ca:d1:fe:f8:db:d9:bd:72:e4:d6:68:0f:
ad:93:31:22:28:9e:78:cd:2d:cd:18:3c:4b:ff:fd:be:ea:37:
1f:da:c2:e9:0a:0d:d2:39:31:16:85:1d:3a:1d:bf:79:9e:70:
3c:1b:5f:05:6c:7b:ab:7f:90:5f:09:04:ba:5c:8f:e0:7c:29:
76:96:ff:bd:0d:d6:38:3f:0d:bc:5b:43:fd:56:2d:59:e8:aa:
b4:64:2d:bb:c4:93:dd:f4:6f:88:b5:6b:14:44:1c:32:60:e5:
a2:fa:ee:84:2b:cc:4e:65:4e:ed:89:58:93:84:09:26:82:18:
68:44:74:9c:db:99:0a:07:00:41:67:a6:41:b9:58:aa:3f:b9:
05:13:f2:50:1d:7f:03:6f:3e:8d:7e:22:93:21:c0:10:b1:e1:
fc:66:e2:fd:a0:1e:66:fa:b9:24:2b:68:23:d3:09:e9:49:ce:
7b:21:4a:d9:58:47:e7:aa:82:0e:a2:77:20:4a:52:28:3a:82:
b1:9b:1d:99:2b:30:22:c0:fc:d3:15:a2:d5:3f:df:71:ab:52:
0c:67:99:07:b7:95:0e:c2:b8:49:6f:37:8c:b3:8a:c2:61:f6:
69:f4:ef:39:9c:ab:68:4a:1c:5e:a8:40:bb:02:08:34:0a:64:
14:82:5c:58
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZjHTs7M7XVmKRGP9O2QLSmOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwODIwMTE0ODA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTQ0NjJkMWZiNmI1ZDgxMWUyNjE3MDZhYjVlZGY3MGExMzViMmVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAssn3FPZXVsUuHWPByBiHj9aReDIR
7jOwpCT7ZkT2ccoijRPUfB7MmddAFBgPdG+nmfpQYD/fAHkZrzEg5RQOVt+rtkle
312994W70E8kj/O+NI0lrpDdJsvWk5QOCI1M3yL//8XWg9AYaqNkhgTHaiX6vXya
AbPXM9M2PrCM3j8+Z9Xfza/EKcIRmDZFbCahYQk0qdQogLrQeI/ioWxnKPLEU7Ja
76xL6tH/sIMVSv6cnSB3yYluiNnFuWUdxw/++vSu6iVmBdVajfCqAAbNblcLXh+x
Q9GKxeTMxZmx0bx5Txhx5f26AUp4J1D60FXgyy7A0yQGA8fbccb4TVubmQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC5EYtH7a12BHiYXBqte33ChNbLtMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvTGtSaTBmdHJYWUVlSmhjR3ExN2ZjS0Uxc3UwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAl/fCMA0G
CSqGSIb3DQEBCwUAA4IBAQATJAVzkobK0f7429m9cuTWaA+tkzEiKJ54zS3NGDxL
//2+6jcf2sLpCg3SOTEWhR06Hb95nnA8G18FbHurf5BfCQS6XI/gfCl2lv+9DdY4
Pw28W0P9Vi1Z6Kq0ZC27xJPd9G+ItWsURBwyYOWi+u6EK8xOZU7tiViThAkmghho
RHSc25kKBwBBZ6ZBuViqP7kFE/JQHX8Dbz6NfiKTIcAQseH8ZuL9oB5m+rkkK2gj
0wnpSc57IUrZWEfnqoIOoncgSlIoOoKxmx2ZKzAiwPzTFaLVP99xq1IMZ5kHt5UO
wrhJbzeMs4rCYfZp9O85nKtoShxeqEC7Agg0CmQUglxY
-----END CERTIFICATE-----
Generated at Sat Aug 23 19:38:00 2025 by rpki-client