Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/OCBqXsJU8jiSh27Cm6tcrFe-iMo.roa
File: OCBqXsJU8jiSh27Cm6tcrFe-iMo.roa (raw, json)
Hash identifier: bmjZIcDPZ3V5yBfUvv6JAmszEzSksrdETmcBiA6SPY8=
Subject key identifier: 38:20:6A:5E:C2:54:F2:38:92:87:6E:C2:9B:AB:5C:AC:57:BE:88:CA
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 01997A1730F9367BEB7C16C59DC53301D3E1
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/OCBqXsJU8jiSh27Cm6tcrFe-iMo.roa
Signing time: Wed 24 Sep 2025 04:59:24 +0000
ROA not before: Wed 24 Sep 2025 04:59:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6079
IP address blocks: 37.202.206.0/24 maxlen: 24
151.242.49.0/24 maxlen: 24
151.243.64.0/20 maxlen: 24
151.243.97.0/24 maxlen: 24
151.243.106.0/24 maxlen: 24
151.244.181.0/24 maxlen: 24
151.244.221.0/24 maxlen: 24
151.244.223.0/24 maxlen: 24
151.244.229.0/24 maxlen: 24
151.244.230.0/24 maxlen: 24
151.245.18.0/24 maxlen: 24
151.246.24.0/21 maxlen: 24
151.247.226.0/24 maxlen: 24
151.247.232.0/24 maxlen: 24
151.247.239.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:7a:17:30:f9:36:7b:eb:7c:16:c5:9d:c5:33:01:d3:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Sep 24 04:59:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=38206a5ec254f23892876ec29bab5cac57be88ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:95:c5:10:c2:17:a3:07:46:f7:29:a4:a6:75:
8d:aa:c0:53:4a:55:01:f3:87:99:a5:21:68:a5:70:
b2:43:22:28:66:76:59:2f:35:07:a6:11:20:fe:30:
17:39:ff:a8:46:95:da:6b:0d:cf:57:7d:70:99:53:
f0:7c:39:b8:a6:73:60:f6:6c:de:2a:5d:d3:6f:33:
74:c0:a7:59:1b:a5:96:60:18:cf:46:13:eb:1f:a4:
22:48:05:2d:47:e9:cc:30:77:34:35:c3:ee:e6:3b:
a0:63:46:96:3e:1c:0d:d3:77:1a:ca:61:78:2a:c3:
4e:8b:74:83:13:a4:34:2f:df:65:14:48:9b:31:78:
60:01:ae:ac:3f:af:c5:d2:ab:5e:e0:37:37:64:cb:
76:b1:de:79:d0:ed:95:25:d0:1e:cf:44:0c:23:06:
67:2d:10:6f:b6:c6:4d:74:a3:8e:e3:c9:00:cb:49:
a5:6f:26:63:2c:1e:0a:29:ea:1d:8a:38:97:1d:40:
f4:d0:34:73:f7:36:ec:16:13:62:43:2b:c8:ae:db:
f4:24:39:da:5b:d9:a5:72:43:7c:51:c4:da:8b:e6:
d3:9b:3c:3f:43:3b:03:6d:4f:0f:eb:0f:1d:3b:cf:
26:6e:26:dd:1c:ee:7f:a2:61:51:9f:15:02:fb:de:
de:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:20:6A:5E:C2:54:F2:38:92:87:6E:C2:9B:AB:5C:AC:57:BE:88:CA
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/OCBqXsJU8jiSh27Cm6tcrFe-iMo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.202.206.0/24
151.242.49.0/24
151.243.64.0/20
151.243.97.0/24
151.243.106.0/24
151.244.181.0/24
151.244.221.0/24
151.244.223.0/24
151.244.229.0-151.244.230.255
151.245.18.0/24
151.246.24.0/21
151.247.226.0/24
151.247.232.0/24
151.247.239.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:5f:d4:d5:46:c7:bb:9b:a9:65:f0:8d:a9:ad:4d:a9:7b:84:
62:d5:84:ac:6a:de:65:74:be:1f:e3:03:b0:76:9f:10:7f:e8:
42:c4:c8:86:2a:67:84:73:77:b0:20:60:a1:d8:28:1c:9c:45:
d1:b0:a2:0a:06:60:ad:50:36:69:a3:bc:e7:1d:7d:ff:10:d3:
8a:9d:6d:11:be:54:fa:16:af:e7:e3:47:ad:cf:f6:b4:7d:20:
ce:e3:6a:37:7c:6f:77:d1:4a:3a:7c:43:0d:e2:5e:d3:48:28:
5f:cd:6b:da:70:dc:8b:fc:30:f3:7a:6d:db:bf:23:a0:13:5b:
d6:a3:58:ed:62:62:d2:c2:5c:1f:7d:c2:e8:05:e5:e7:a2:73:
c0:95:0a:dc:1b:19:b5:94:07:8e:ac:cf:43:89:db:95:7c:a9:
8d:42:49:e8:3c:05:59:93:c0:8d:08:d7:88:ab:cb:23:9f:c1:
a9:26:4e:f4:70:21:37:5c:65:b5:43:cf:e6:2d:31:4e:d7:13:
1d:fe:c5:85:c5:6d:94:df:c6:88:9d:de:04:3b:3f:3b:4c:dd:
ff:45:53:33:ae:b8:89:05:20:ba:70:7c:bb:19:5f:a4:a1:01:
11:98:09:66:d6:c2:ea:8b:df:54:1a:39:09:02:ac:b6:24:5a:
a9:b7:3e:7b
-----BEGIN CERTIFICATE-----
MIIFUzCCBDugAwIBAgISAZl6FzD5NnvrfBbFncUzAdPhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwOTI0MDQ1OTI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODIwNmE1ZWMyNTRmMjM4OTI4NzZlYzI5YmFiNWNhYzU3YmU4OGNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApJXFEMIXowdG9ymkpnWNqsBTSlUB
84eZpSFopXCyQyIoZnZZLzUHphEg/jAXOf+oRpXaaw3PV31wmVPwfDm4pnNg9mze
Kl3TbzN0wKdZG6WWYBjPRhPrH6QiSAUtR+nMMHc0NcPu5jugY0aWPhwN03caymF4
KsNOi3SDE6Q0L99lFEibMXhgAa6sP6/F0qte4Dc3ZMt2sd550O2VJdAez0QMIwZn
LRBvtsZNdKOO48kAy0mlbyZjLB4KKeodijiXHUD00DRz9zbsFhNiQyvIrtv0JDna
W9mlckN8UcTai+bTmzw/QzsDbU8P6w8dO88mbibdHO5/omFRnxUC+97epQIDAQAB
o4ICXzCCAlswHQYDVR0OBBYEFDggal7CVPI4koduwpurXKxXvojKMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvT0NCcVhzSlU4amlTaDI3Q202dGNyRmUtaU1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHUGCCsGAQUFBwEHAQH/BGYwZDBiBAIAATBcAwQAJcrOAwQA
l/IxAwQEl/NAAwQAl/NhAwQAl/NqAwQAl/S1AwQAl/TdAwQAl/TfMAwDBACX9OUD
BACX9OYDBACX9RIDBAOX9hgDBACX9+IDBACX9+gDBACX9+8wDQYJKoZIhvcNAQEL
BQADggEBAC1f1NVGx7ubqWXwjamtTal7hGLVhKxq3mV0vh/jA7B2nxB/6ELEyIYq
Z4Rzd7AgYKHYKBycRdGwogoGYK1QNmmjvOcdff8Q04qdbRG+VPoWr+fjR63P9rR9
IM7jajd8b3fRSjp8Qw3iXtNIKF/Na9pw3Iv8MPN6bdu/I6ATW9ajWO1iYtLCXB99
wugF5eeic8CVCtwbGbWUB46sz0OJ25V8qY1CSeg8BVmTwI0I14iryyOfwakmTvRw
ITdcZbVDz+YtMU7XEx3+xYXFbZTfxoid3gQ7PztM3f9FUzOuuIkFILpwfLsZX6Sh
ARGYCWbWwuqL31QaOQkCrLYkWqm3Pns=
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:03:29 2025 by rpki-client