Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/Mer5K_wPIvUfYsPBj37ta3BrHTQ.roa
File: Mer5K_wPIvUfYsPBj37ta3BrHTQ.roa (raw, json)
Hash identifier: xwQ5HIdWFwVx/ZPpx82vzxoMJOCwY46opF4oh1zLAg0=
Subject key identifier: 31:EA:F9:2B:FC:0F:22:F5:1F:62:C3:C1:8F:7E:ED:6B:70:6B:1D:34
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0197B1486D727B6AE609DAF768B0884F9D5D
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/Mer5K_wPIvUfYsPBj37ta3BrHTQ.roa
Signing time: Fri 27 Jun 2025 12:06:43 +0000
ROA not before: Fri 27 Jun 2025 12:06:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 151407
IP address blocks: 151.242.172.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 02 Jul 2025 08:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b1:48:6d:72:7b:6a:e6:09:da:f7:68:b0:88:4f:9d:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Jun 27 12:06:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=31eaf92bfc0f22f51f62c3c18f7eed6b706b1d34
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:e6:aa:be:af:19:fd:09:31:b8:d7:8e:fc:44:
58:c1:d3:01:ae:d0:e2:50:4d:a5:8d:88:2f:c6:8d:
09:12:fa:64:b2:2f:d1:c2:82:7f:c1:07:e6:44:b4:
42:dc:be:fd:05:2c:06:26:d7:58:9c:8b:f2:1f:d8:
b5:2d:f5:71:50:d8:c0:2f:45:cb:75:8b:bf:48:34:
9b:63:8d:58:1b:24:78:a1:44:70:40:56:44:73:92:
2b:b7:5e:34:2f:68:b1:21:6e:e6:18:73:ed:92:40:
18:45:3f:3d:b7:93:31:3f:15:72:07:39:77:3b:8f:
0d:fe:3b:3c:39:72:0d:78:16:4f:1e:88:1f:13:62:
69:6d:0e:9f:a1:cb:cc:4f:11:ec:a3:88:5e:74:38:
a3:ae:2e:93:43:e8:62:23:f8:03:e2:90:40:26:25:
9e:84:39:a0:81:7a:6b:b7:6a:df:3b:b5:33:1d:c2:
9d:27:84:39:c6:df:d8:69:d8:82:4b:3c:f3:da:a0:
68:fa:c2:8b:e3:f3:bc:1c:a1:33:29:16:49:33:1d:
54:e4:6d:12:93:4a:50:e5:ec:56:16:ba:ef:26:be:
8c:c4:90:78:f8:0c:fb:98:67:ed:e9:0a:0d:07:cc:
18:3e:1c:51:59:1b:fd:4a:d8:0d:50:fa:d9:7b:ae:
cd:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:EA:F9:2B:FC:0F:22:F5:1F:62:C3:C1:8F:7E:ED:6B:70:6B:1D:34
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/Mer5K_wPIvUfYsPBj37ta3BrHTQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.242.172.0/24
Signature Algorithm: sha256WithRSAEncryption
69:18:59:1b:3a:4d:0f:28:ed:02:22:db:5c:7f:43:27:ec:f6:
2a:07:04:3f:57:d7:2e:c1:93:df:74:9c:5a:92:18:5c:cc:71:
94:4a:52:2b:d9:4e:3c:4b:37:ee:b3:1d:d0:28:1f:cc:75:ca:
b3:66:94:8e:cd:53:fe:1d:b7:15:4d:9d:67:26:b2:5b:87:13:
06:84:93:4f:4c:00:42:7a:05:f4:2c:c0:90:62:9b:51:ad:d4:
c9:fb:77:d3:b6:3a:bd:ba:d4:69:a4:01:83:b1:5c:20:dd:82:
95:f0:ff:a9:25:21:47:ec:13:a7:a4:a6:9c:46:73:e1:59:11:
41:dd:4a:3f:d9:d0:35:28:42:66:88:fd:76:1a:4b:ac:0a:0e:
77:24:7b:2a:17:42:d9:6f:cf:6e:13:6a:c6:6a:47:bd:eb:df:
d3:97:0f:c8:2a:4d:89:41:6d:96:6f:5c:31:d9:00:5f:3c:9d:
a7:15:74:a8:41:96:99:75:27:1d:e3:f4:93:7b:84:c1:1f:a7:
4c:9b:ba:9d:62:07:f3:88:32:d2:01:6c:14:ae:ee:8b:58:0b:
56:0a:21:4d:ad:ca:00:e0:7a:60:ea:91:13:0f:10:c2:9b:b0:
50:5a:e4:c7:74:fa:4c:8b:60:81:d0:6f:a4:c0:df:0a:6e:60:
c9:d4:81:0f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZexSG1ye2rmCdr3aLCIT51dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNjI3MTIwNjQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMWVhZjkyYmZjMGYyMmY1MWY2MmMzYzE4ZjdlZWQ2YjcwNmIxZDM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4Oaqvq8Z/QkxuNeO/ERYwdMBrtDi
UE2ljYgvxo0JEvpksi/RwoJ/wQfmRLRC3L79BSwGJtdYnIvyH9i1LfVxUNjAL0XL
dYu/SDSbY41YGyR4oURwQFZEc5Irt140L2ixIW7mGHPtkkAYRT89t5MxPxVyBzl3
O48N/js8OXINeBZPHogfE2JpbQ6focvMTxHso4hedDijri6TQ+hiI/gD4pBAJiWe
hDmggXprt2rfO7UzHcKdJ4Q5xt/YadiCSzzz2qBo+sKL4/O8HKEzKRZJMx1U5G0S
k0pQ5exWFrrvJr6MxJB4+Az7mGft6QoNB8wYPhxRWRv9StgNUPrZe67NTQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDHq+Sv8DyL1H2LDwY9+7Wtwax00MB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvTWVyNUtfd1BJdlVmWXNQQmozN3RhM0JySFRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAl/KsMA0G
CSqGSIb3DQEBCwUAA4IBAQBpGFkbOk0PKO0CIttcf0Mn7PYqBwQ/V9cuwZPfdJxa
khhczHGUSlIr2U48Szfusx3QKB/MdcqzZpSOzVP+HbcVTZ1nJrJbhxMGhJNPTABC
egX0LMCQYptRrdTJ+3fTtjq9utRppAGDsVwg3YKV8P+pJSFH7BOnpKacRnPhWRFB
3Uo/2dA1KEJmiP12GkusCg53JHsqF0LZb89uE2rGake969/Tlw/IKk2JQW2Wb1wx
2QBfPJ2nFXSoQZaZdScd4/STe4TBH6dMm7qdYgfziDLSAWwUru6LWAtWCiFNrcoA
4Hpg6pETDxDCm7BQWuTHdPpMi2CB0G+kwN8KbmDJ1IEP
-----END CERTIFICATE-----
Generated at Tue Jul 1 16:03:15 2025 by rpki-client