Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/Pf2KHeGO2TvSchz8UtDX5wj_jXA.roa
File: Pf2KHeGO2TvSchz8UtDX5wj_jXA.roa (raw, json)
Hash identifier: gbvYodJnpMjDRtFfuiQZmyWTSaRucfM2IatELZ8WmVI=
Subject key identifier: 3D:FD:8A:1D:E1:8E:D9:3B:D2:72:1C:FC:52:D0:D7:E7:08:FF:8D:70
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0198D19259ABEE8F0E2C2341D8CC87FA8355
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/Pf2KHeGO2TvSchz8UtDX5wj_jXA.roa
Signing time: Fri 22 Aug 2025 11:38:05 +0000
ROA not before: Fri 22 Aug 2025 11:38:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 397630
IP address blocks: 151.240.169.0/24 maxlen: 24
151.241.43.0/24 maxlen: 24
151.241.48.0/24 maxlen: 24
151.245.199.0/24 maxlen: 24
151.245.203.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d1:92:59:ab:ee:8f:0e:2c:23:41:d8:cc:87:fa:83:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Aug 22 11:38:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3dfd8a1de18ed93bd2721cfc52d0d7e708ff8d70
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:85:d9:31:a3:f5:db:c4:89:b1:46:4d:a3:f0:
d2:f5:1d:0f:d2:42:33:27:e1:64:03:8f:37:ec:50:
99:fa:b0:ec:39:0d:98:ca:4b:7a:41:53:d5:48:e7:
fa:64:fa:13:7d:64:99:d8:25:36:ea:eb:f5:40:53:
70:21:67:37:d0:60:8b:4a:08:47:82:99:ad:a3:e1:
7c:2d:e3:a9:d0:27:41:d7:f0:2d:b1:be:bd:20:4f:
b8:16:0a:a2:dd:1f:a0:4e:37:3d:e9:d9:38:ec:cd:
15:d4:7a:b0:f0:3c:1a:fc:3a:fd:f6:79:4b:a3:83:
ba:44:64:92:44:d9:23:0c:82:34:68:e9:6b:30:10:
a7:5b:2f:13:8b:f5:c2:cc:96:59:8f:1c:21:39:33:
08:f7:28:b1:b8:cc:5b:d0:4e:08:93:e1:39:02:dd:
be:70:29:d4:af:91:a9:b5:ed:dc:9c:bf:6c:cc:82:
82:8a:13:06:1e:b4:21:a1:82:81:65:bc:cf:ba:a9:
84:36:13:03:9a:e1:f7:9f:5a:ff:d8:3b:05:e3:64:
29:70:18:78:87:91:27:97:12:a0:21:83:c2:e4:4a:
81:fa:37:8e:a9:6e:de:c8:cd:64:2c:ed:42:0b:eb:
34:93:10:46:2e:20:11:71:df:0a:46:63:d3:10:fa:
3d:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:FD:8A:1D:E1:8E:D9:3B:D2:72:1C:FC:52:D0:D7:E7:08:FF:8D:70
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/Pf2KHeGO2TvSchz8UtDX5wj_jXA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.240.169.0/24
151.241.43.0/24
151.241.48.0/24
151.245.199.0/24
151.245.203.0/24
Signature Algorithm: sha256WithRSAEncryption
69:27:9f:81:6f:bf:d4:c7:37:fc:dd:b1:07:8e:b4:70:fb:92:
b4:73:a3:af:cf:36:ca:9f:3e:72:33:65:60:3d:82:69:98:e6:
a9:36:48:46:63:ae:cc:23:ee:09:37:3f:f5:57:61:2d:15:d8:
aa:57:ef:e4:7b:c6:ce:01:f6:bb:d4:2a:ef:30:bf:23:21:57:
ce:89:84:e3:78:db:84:23:20:8d:67:d4:61:f6:ca:67:e9:41:
80:d4:fc:c8:b9:dd:ea:49:73:35:48:ea:09:eb:68:04:50:a8:
03:a6:7a:10:41:5c:18:f0:60:2d:92:39:8f:e6:92:c0:d6:61:
10:75:ec:8a:15:43:17:dc:03:0b:f6:e0:24:dd:8b:b6:34:dc:
31:4b:a9:55:3b:5e:be:99:47:a4:24:c4:b8:b9:10:34:f6:57:
7d:e3:89:ea:4a:f1:c0:69:50:ed:de:42:2f:2a:d1:80:59:8c:
f3:71:fa:3e:d6:89:ee:22:a4:34:d1:af:e9:33:bf:a6:77:a7:
7d:d7:2c:01:87:14:f7:23:03:5c:ce:0f:29:d2:3e:ae:70:ca:
3e:ba:ea:f4:3f:b8:d5:d4:d9:0d:82:44:05:15:d3:3b:bb:78:
25:b8:d6:63:a8:6b:5a:70:d2:c3:27:44:74:3a:fb:48:d1:18:
f4:8a:da:d1
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZjRklmr7o8OLCNB2MyH+oNVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwODIyMTEzODA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZGZkOGExZGUxOGVkOTNiZDI3MjFjZmM1MmQwZDdlNzA4ZmY4ZDcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh4XZMaP128SJsUZNo/DS9R0P0kIz
J+FkA4837FCZ+rDsOQ2Yykt6QVPVSOf6ZPoTfWSZ2CU26uv1QFNwIWc30GCLSghH
gpmto+F8LeOp0CdB1/Atsb69IE+4Fgqi3R+gTjc96dk47M0V1Hqw8Dwa/Dr99nlL
o4O6RGSSRNkjDII0aOlrMBCnWy8Ti/XCzJZZjxwhOTMI9yixuMxb0E4Ik+E5At2+
cCnUr5Gpte3cnL9szIKCihMGHrQhoYKBZbzPuqmENhMDmuH3n1r/2DsF42QpcBh4
h5EnlxKgIYPC5EqB+jeOqW7eyM1kLO1CC+s0kxBGLiARcd8KRmPTEPo9ewIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFD39ih3hjtk70nIc/FLQ1+cI/41wMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvUGYyS0hlR08yVHZTY2h6OFV0RFg1d2pfalhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAl/CpAwQA
l/ErAwQAl/EwAwQAl/XHAwQAl/XLMA0GCSqGSIb3DQEBCwUAA4IBAQBpJ5+Bb7/U
xzf83bEHjrRw+5K0c6OvzzbKnz5yM2VgPYJpmOapNkhGY67MI+4JNz/1V2EtFdiq
V+/ke8bOAfa71CrvML8jIVfOiYTjeNuEIyCNZ9Rh9spn6UGA1PzIud3qSXM1SOoJ
62gEUKgDpnoQQVwY8GAtkjmP5pLA1mEQdeyKFUMX3AML9uAk3Yu2NNwxS6lVO16+
mUekJMS4uRA09ld944nqSvHAaVDt3kIvKtGAWYzzcfo+1onuIqQ00a/pM7+md6d9
1ywBhxT3IwNczg8p0j6ucMo+uur0P7jV1NkNgkQFFdM7u3gluNZjqGtacNLDJ0R0
OvtI0Rj0itrR
-----END CERTIFICATE-----
Generated at Sun Aug 24 00:11:09 2025 by rpki-client