Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/Mmc6qKAVpkFqOlHsDDiWe_nrUg0.roa
File: Mmc6qKAVpkFqOlHsDDiWe_nrUg0.roa (raw, json)
Hash identifier: ysKOFBhFyz64JL/yfAV0tTx63NQO9ilviulAbsSotzY=
Subject key identifier: 32:67:3A:A8:A0:15:A6:41:6A:3A:51:EC:0C:38:96:7B:F9:EB:52:0D
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 01988A2EE5E01118473EB0C4F1C1360264BC
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/Mmc6qKAVpkFqOlHsDDiWe_nrUg0.roa
Signing time: Fri 08 Aug 2025 14:56:25 +0000
ROA not before: Fri 08 Aug 2025 14:56:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199432
IP address blocks: 151.244.105.0/24 maxlen: 24
151.244.118.0/24 maxlen: 24
151.244.124.0/24 maxlen: 24
151.244.131.0/24 maxlen: 24
151.244.132.0/24 maxlen: 24
151.244.133.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 09:25:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:8a:2e:e5:e0:11:18:47:3e:b0:c4:f1:c1:36:02:64:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Aug 8 14:56:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=32673aa8a015a6416a3a51ec0c38967bf9eb520d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:27:34:71:6c:82:09:e5:7a:ab:c5:b7:de:68:
d8:b1:bb:3b:e2:ab:fd:00:17:bd:71:dd:9d:df:26:
64:65:b8:cd:0b:a5:e9:64:3a:a6:67:06:6b:ca:59:
89:2d:05:20:e4:d3:f1:0d:a9:a0:a5:55:7a:c0:ce:
c1:b5:a6:e8:f7:c9:a0:c8:5b:fb:8e:f7:fc:38:c7:
02:6d:01:0b:ae:4a:32:7d:e7:be:b3:66:11:77:1c:
50:e2:cb:44:5e:5c:51:ce:b0:a9:c5:b8:b6:3b:85:
cb:58:32:3f:68:c7:1c:06:b4:48:4f:be:18:29:16:
82:d7:f0:d8:23:f6:f4:c1:6b:24:c0:a7:e6:47:9e:
1b:a7:d3:74:83:8c:e2:0f:90:6e:5c:a0:50:4c:72:
5e:4d:5f:48:b8:72:18:5f:5a:cc:c2:8f:49:7e:bc:
cc:49:c1:83:b2:e6:d6:a7:16:f3:fc:19:2d:b1:db:
74:da:96:f1:4e:f2:7a:4c:00:85:d3:34:c8:47:d8:
ce:27:b6:96:65:4e:22:81:29:09:1f:25:98:d3:b5:
a1:49:4c:00:16:5b:1f:1c:e9:dd:7a:90:d3:a0:0f:
8c:b3:39:e5:72:4c:7b:d3:c1:3a:ce:4b:2e:82:9b:
a9:4e:5a:28:28:37:a8:09:e5:3c:18:1e:99:62:e5:
b6:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:67:3A:A8:A0:15:A6:41:6A:3A:51:EC:0C:38:96:7B:F9:EB:52:0D
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/Mmc6qKAVpkFqOlHsDDiWe_nrUg0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.244.105.0/24
151.244.118.0/24
151.244.124.0/24
151.244.131.0-151.244.133.255
Signature Algorithm: sha256WithRSAEncryption
7a:40:96:c0:a2:33:6e:18:b2:9a:cb:40:bc:ef:67:72:5a:7b:
32:33:ca:c0:4b:64:e6:3c:ec:83:06:c4:32:48:8a:5b:48:e5:
b0:47:ac:fa:66:10:af:57:a8:4f:a1:10:32:76:ff:cc:18:d6:
3a:13:65:ca:b3:57:a5:63:9d:2e:f8:ef:14:68:38:4d:d4:ca:
ed:c7:b7:a6:57:4e:1c:2e:80:fe:2a:8e:a8:8c:f1:20:cb:3a:
c0:87:78:62:e9:e5:38:fe:f5:5c:36:3a:7b:b9:74:fa:e8:7e:
07:14:10:a5:13:11:00:e2:5f:b6:e4:f0:1d:9c:53:ff:a7:d0:
ea:6c:5a:16:b9:2f:55:8e:d2:df:6c:aa:2c:a6:38:60:3b:bb:
88:6d:61:e2:3c:b1:d7:88:3d:c1:a6:0d:9f:ae:5b:ba:f7:4b:
4c:24:57:2d:c5:5a:3a:16:c3:e3:76:0f:4b:5c:7f:20:a1:dd:
bb:1a:a4:db:cb:31:47:b6:d4:42:1f:74:6c:c5:0c:bf:f8:20:
f4:79:18:8c:82:6d:2e:5f:e8:c3:ca:a3:bf:fe:60:1e:a9:bf:
07:4a:15:25:d9:9f:34:ef:05:d6:2c:34:b4:d7:e3:3e:87:1d:
fe:9a:81:7f:1a:fa:33:43:22:32:10:a1:e3:11:8b:20:34:3a:
2a:ac:a3:ee
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZiKLuXgERhHPrDE8cE2AmS8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwODA4MTQ1NjI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjY3M2FhOGEwMTVhNjQxNmEzYTUxZWMwYzM4OTY3YmY5ZWI1MjBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoSc0cWyCCeV6q8W33mjYsbs74qv9
ABe9cd2d3yZkZbjNC6XpZDqmZwZrylmJLQUg5NPxDamgpVV6wM7Btabo98mgyFv7
jvf8OMcCbQELrkoyfee+s2YRdxxQ4stEXlxRzrCpxbi2O4XLWDI/aMccBrRIT74Y
KRaC1/DYI/b0wWskwKfmR54bp9N0g4ziD5BuXKBQTHJeTV9IuHIYX1rMwo9JfrzM
ScGDsubWpxbz/Bktsdt02pbxTvJ6TACF0zTIR9jOJ7aWZU4igSkJHyWY07WhSUwA
FlsfHOndepDToA+Msznlckx708E6zksugpupTlooKDeoCeU8GB6ZYuW2WQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFDJnOqigFaZBajpR7Aw4lnv561INMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvTW1jNnFLQVZwa0ZxT2xIc0REaVdlX25yVWcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAl/RpAwQA
l/R2AwQAl/R8MAwDBACX9IMDBAGX9IQwDQYJKoZIhvcNAQELBQADggEBAHpAlsCi
M24YsprLQLzvZ3JaezIzysBLZOY87IMGxDJIiltI5bBHrPpmEK9XqE+hEDJ2/8wY
1joTZcqzV6VjnS747xRoOE3Uyu3Ht6ZXThwugP4qjqiM8SDLOsCHeGLp5Tj+9Vw2
Onu5dProfgcUEKUTEQDiX7bk8B2cU/+n0OpsWha5L1WO0t9sqiymOGA7u4htYeI8
sdeIPcGmDZ+uW7r3S0wkVy3FWjoWw+N2D0tcfyCh3bsapNvLMUe21EIfdGzFDL/4
IPR5GIyCbS5f6MPKo7/+YB6pvwdKFSXZnzTvBdYsNLTX4z6HHf6agX8a+jNDIjIQ
oeMRiyA0Oiqso+4=
-----END CERTIFICATE-----
Generated at Sat Aug 23 18:52:29 2025 by rpki-client