Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/QGvwamxpvRuCqtVRaN2HpPseGtA.roa
File: QGvwamxpvRuCqtVRaN2HpPseGtA.roa (raw, json)
Hash identifier: ZN/Ip+s9l7DfIVpS1o8G7l6OnLPAD81XKCsycgHtdOI=
Subject key identifier: 40:6B:F0:6A:6C:69:BD:1B:82:AA:D5:51:68:DD:87:A4:FB:1E:1A:D0
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0198B15049A3A752FCFE741A57439E93055F
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/QGvwamxpvRuCqtVRaN2HpPseGtA.roa
Signing time: Sat 16 Aug 2025 05:18:05 +0000
ROA not before: Sat 16 Aug 2025 05:18:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 137557
IP address blocks: 151.242.54.0/24 maxlen: 24
151.242.96.0/24 maxlen: 24
151.243.107.0/24 maxlen: 24
151.243.108.0/24 maxlen: 24
151.244.16.0/21 maxlen: 24
151.244.168.0/23 maxlen: 24
151.244.216.0/23 maxlen: 24
151.244.218.0/24 maxlen: 24
151.244.236.0/24 maxlen: 24
151.244.248.0/23 maxlen: 24
151.246.48.0/21 maxlen: 24
151.246.56.0/21 maxlen: 24
151.246.80.0/21 maxlen: 24
151.246.88.0/21 maxlen: 24
151.246.96.0/21 maxlen: 24
151.246.104.0/21 maxlen: 24
151.246.112.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:b1:50:49:a3:a7:52:fc:fe:74:1a:57:43:9e:93:05:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Aug 16 05:18:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=406bf06a6c69bd1b82aad55168dd87a4fb1e1ad0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:5f:42:97:49:97:76:e1:37:87:ce:f2:d5:79:
59:87:ef:a7:75:09:7f:e6:ae:89:b6:5e:ee:1a:eb:
07:ae:26:e7:c5:9b:68:6d:ce:af:fc:4e:13:ee:ba:
57:14:f2:e3:71:2d:36:86:0b:9c:32:96:2c:65:14:
6b:82:a6:c6:c4:18:40:69:82:80:58:e7:5a:ea:25:
a9:82:42:ae:73:18:de:99:e0:e4:fd:ae:20:18:12:
79:64:cc:6e:38:ba:fe:c9:e3:5b:56:83:44:63:d9:
76:2a:4d:85:42:4c:66:90:ee:c8:5a:56:7b:da:8a:
d2:ed:33:20:a1:f6:3e:ed:46:c7:22:c2:3d:8f:b6:
28:f9:87:36:8b:40:0e:1c:4e:07:25:ce:83:53:15:
bf:99:d3:11:1a:21:62:9e:c8:13:cb:1f:26:3f:3a:
c2:80:89:da:90:c0:a4:3e:17:b9:f8:ae:b9:5b:c2:
c9:a8:26:5e:c1:e3:a5:f0:04:34:4c:57:36:ae:6b:
a2:94:29:b9:86:e2:23:59:23:00:0f:a6:4f:cc:db:
07:a9:4a:4b:47:d2:1f:e9:4c:c6:04:13:94:1a:98:
86:43:8a:6b:81:a9:e2:7a:5b:d3:ac:d6:bf:f4:44:
b9:87:10:f1:86:2a:51:b8:2e:d1:0b:4a:ad:6a:95:
11:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:6B:F0:6A:6C:69:BD:1B:82:AA:D5:51:68:DD:87:A4:FB:1E:1A:D0
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/QGvwamxpvRuCqtVRaN2HpPseGtA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.242.54.0/24
151.242.96.0/24
151.243.107.0-151.243.108.255
151.244.16.0/21
151.244.168.0/23
151.244.216.0-151.244.218.255
151.244.236.0/24
151.244.248.0/23
151.246.48.0/20
151.246.80.0-151.246.119.255
Signature Algorithm: sha256WithRSAEncryption
4a:1e:7b:34:3c:d7:1b:aa:bf:97:da:40:31:b3:27:6f:95:98:
46:f9:c9:b7:1c:8f:72:9e:95:6e:ce:01:74:63:6d:89:1d:99:
1c:b1:63:35:44:d8:dd:55:cb:97:8d:e0:22:13:db:a4:94:5f:
47:4b:f6:f7:2b:52:68:31:3f:fb:95:82:e3:46:f3:90:f2:32:
20:e0:3e:c6:a0:6b:21:b9:f9:f0:4f:14:77:22:8c:4f:76:86:
d3:95:69:38:fa:1c:50:7b:1f:a6:2f:93:62:a5:f2:69:34:46:
e9:f7:66:37:9d:f9:f9:5d:56:2e:93:72:8d:d8:ac:1e:82:65:
a9:26:7f:28:3c:f9:93:12:41:f2:60:0e:9e:17:79:a2:f8:62:
1f:bf:fb:db:8a:7b:7c:df:e3:2a:97:d7:f5:db:12:9a:73:4c:
eb:c2:b1:5d:d2:a2:71:af:3a:94:b5:cd:37:54:c1:6e:dc:1d:
17:13:d8:59:ae:43:6b:0e:90:ca:0c:02:ba:35:08:24:ee:8e:
9c:41:c4:f2:0d:51:92:e5:35:1b:68:01:62:42:f8:3c:9f:51:
19:f0:48:cd:8a:4a:14:78:e4:11:18:39:f0:40:89:eb:9c:ec:
32:8e:52:d9:46:38:5a:ea:e9:3e:70:6d:81:13:f2:8b:c7:9d:
5a:6a:74:e4
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAZixUEmjp1L8/nQaV0OekwVfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwODE2MDUxODA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MDZiZjA2YTZjNjliZDFiODJhYWQ1NTE2OGRkODdhNGZiMWUxYWQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnF9Cl0mXduE3h87y1XlZh++ndQl/
5q6Jtl7uGusHribnxZtobc6v/E4T7rpXFPLjcS02hgucMpYsZRRrgqbGxBhAaYKA
WOda6iWpgkKucxjemeDk/a4gGBJ5ZMxuOLr+yeNbVoNEY9l2Kk2FQkxmkO7IWlZ7
2orS7TMgofY+7UbHIsI9j7Yo+Yc2i0AOHE4HJc6DUxW/mdMRGiFinsgTyx8mPzrC
gInakMCkPhe5+K65W8LJqCZeweOl8AQ0TFc2rmuilCm5huIjWSMAD6ZPzNsHqUpL
R9If6UzGBBOUGpiGQ4prganielvTrNa/9ES5hxDxhipRuC7RC0qtapURSQIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFEBr8Gpsab0bgqrVUWjdh6T7HhrQMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvUUd2d2FteHB2UnVDcXRWUmFOMkhwUHNlR3RBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBaBAIAATBUAwQAl/I2AwQA
l/JgMAwDBACX82sDBACX82wDBAOX9BADBAGX9KgwDAMEA5f02AMEAJf02gMEAJf0
7AMEAZf0+AMEBJf2MDAMAwQEl/ZQAwQDl/ZwMA0GCSqGSIb3DQEBCwUAA4IBAQBK
Hns0PNcbqr+X2kAxsydvlZhG+cm3HI9ynpVuzgF0Y22JHZkcsWM1RNjdVcuXjeAi
E9uklF9HS/b3K1JoMT/7lYLjRvOQ8jIg4D7GoGshufnwTxR3IoxPdobTlWk4+hxQ
ex+mL5NipfJpNEbp92Y3nfn5XVYuk3KN2KwegmWpJn8oPPmTEkHyYA6eF3mi+GIf
v/vbint83+Mql9f12xKac0zrwrFd0qJxrzqUtc03VMFu3B0XE9hZrkNrDpDKDAK6
NQgk7o6cQcTyDVGS5TUbaAFiQvg8n1EZ8EjNikoUeOQRGDnwQInrnOwyjlLZRjha
6uk+cG2BE/KLx51aanTk
-----END CERTIFICATE-----
Generated at Sat Aug 23 22:39:49 2025 by rpki-client