Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/SD3OlCkXfr_9hS1MaTwGYxyG0Cs.roa
File: SD3OlCkXfr_9hS1MaTwGYxyG0Cs.roa (raw, json)
Hash identifier: dfIO3Vet/jHntGS20bTBxldS09bt1rGS1ZdTAIPqdfU=
Subject key identifier: 48:3D:CE:94:29:17:7E:BF:FD:85:2D:4C:69:3C:06:63:1C:86:D0:2B
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0198BBC28AC687F450603C9608540DE330EB
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/SD3OlCkXfr_9hS1MaTwGYxyG0Cs.roa
Signing time: Mon 18 Aug 2025 05:59:05 +0000
ROA not before: Mon 18 Aug 2025 05:59:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212238
IP address blocks: 151.240.45.0/24 maxlen: 24
151.240.163.0/24 maxlen: 24
151.240.173.0/24 maxlen: 24
151.241.30.0/24 maxlen: 24
151.241.50.0/24 maxlen: 24
151.241.64.0/24 maxlen: 24
151.241.67.0/24 maxlen: 24
151.241.70.0/24 maxlen: 24
151.241.71.0/24 maxlen: 24
151.241.73.0/24 maxlen: 24
151.241.77.0/24 maxlen: 24
151.241.95.0/24 maxlen: 24
151.241.115.0/24 maxlen: 24
151.241.160.0/24 maxlen: 24
151.241.204.0/24 maxlen: 24
151.242.45.0/24 maxlen: 24
151.242.57.0/24 maxlen: 24
151.242.158.0/24 maxlen: 24
151.243.2.0/24 maxlen: 24
151.243.105.0/24 maxlen: 24
151.243.159.0/24 maxlen: 24
151.244.5.0/24 maxlen: 24
151.244.57.0/24 maxlen: 24
151.244.111.0/24 maxlen: 24
151.244.115.0/24 maxlen: 24
151.244.131.0/24 maxlen: 24
151.244.132.0/24 maxlen: 24
151.244.133.0/24 maxlen: 24
151.244.191.0/24 maxlen: 24
151.244.193.0/24 maxlen: 24
151.244.198.0/24 maxlen: 24
151.244.201.0/24 maxlen: 24
151.244.212.0/24 maxlen: 24
151.245.28.0/24 maxlen: 24
151.245.70.0/24 maxlen: 24
151.245.78.0/24 maxlen: 24
151.245.201.0/24 maxlen: 24
151.245.212.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 09:25:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:bb:c2:8a:c6:87:f4:50:60:3c:96:08:54:0d:e3:30:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Aug 18 05:59:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=483dce9429177ebffd852d4c693c06631c86d02b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:3b:05:5c:13:6b:4d:ea:2a:02:fe:ca:74:26:
60:95:93:8d:f8:61:21:02:68:81:2c:78:5e:68:cf:
84:34:fe:aa:35:a1:31:35:03:cc:c2:5a:77:51:1c:
6c:1a:6e:06:5f:5f:80:b2:8b:c6:38:79:94:1a:07:
73:aa:06:36:24:a6:4d:cf:9a:60:11:f5:85:01:39:
9d:f2:7b:af:2d:a2:71:5e:47:96:b8:28:c2:0a:f8:
c1:84:68:47:4a:7f:37:2f:11:23:4c:4f:53:ed:51:
5e:27:27:c3:89:2c:bd:bb:7f:e4:2b:b1:b5:b1:6e:
c6:f9:6f:19:f1:31:0c:a8:6a:82:76:38:2a:0e:47:
65:0c:7c:81:de:6d:5c:02:b1:2a:78:51:6c:64:1b:
9f:77:3c:4c:a3:26:99:2a:ae:6b:be:ed:29:39:75:
45:76:89:d9:b9:98:1b:f7:be:47:f3:88:7b:d7:03:
fc:ab:eb:1f:19:77:44:89:ee:f4:1e:6c:79:f2:a3:
68:fa:b4:f8:ba:68:d4:66:fe:4c:73:57:80:02:ca:
f4:53:7d:2d:68:21:a7:46:47:f0:e2:3d:73:29:67:
e7:4a:28:7e:bf:70:39:00:8f:4c:41:00:71:61:b3:
e8:22:cd:f8:cf:2d:1e:7f:85:4a:c3:cb:8b:e7:3f:
ce:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:3D:CE:94:29:17:7E:BF:FD:85:2D:4C:69:3C:06:63:1C:86:D0:2B
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/SD3OlCkXfr_9hS1MaTwGYxyG0Cs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.240.45.0/24
151.240.163.0/24
151.240.173.0/24
151.241.30.0/24
151.241.50.0/24
151.241.64.0/24
151.241.67.0/24
151.241.70.0/23
151.241.73.0/24
151.241.77.0/24
151.241.95.0/24
151.241.115.0/24
151.241.160.0/24
151.241.204.0/24
151.242.45.0/24
151.242.57.0/24
151.242.158.0/24
151.243.2.0/24
151.243.105.0/24
151.243.159.0/24
151.244.5.0/24
151.244.57.0/24
151.244.111.0/24
151.244.115.0/24
151.244.131.0-151.244.133.255
151.244.191.0/24
151.244.193.0/24
151.244.198.0/24
151.244.201.0/24
151.244.212.0/24
151.245.28.0/24
151.245.70.0/24
151.245.78.0/24
151.245.201.0/24
151.245.212.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:5c:8e:8f:0e:9c:b3:c4:19:a1:4f:1e:fb:cb:9f:0e:60:af:
26:ad:20:32:64:f9:88:36:23:78:0b:72:29:5b:7b:c9:25:dc:
c4:6a:b1:89:13:51:ae:c5:06:89:bb:bd:4f:0b:f9:21:9a:68:
31:8d:8a:86:4c:65:95:4a:f2:c8:f9:2f:f9:3e:9c:77:09:34:
f0:d3:ad:bb:d8:83:a9:2d:9d:d4:7e:7c:2b:50:d2:68:8e:19:
9f:71:09:39:bc:ee:6d:d4:7d:e0:a8:2d:f8:30:13:9b:b8:2f:
97:62:ab:f0:05:a8:6c:6a:4a:fe:15:fd:8b:60:9f:a5:f4:1b:
96:1d:c8:49:55:d4:52:50:0c:8f:04:93:e1:f9:15:48:a8:5b:
c0:b7:d8:a9:ef:d4:92:69:d7:f7:4c:b7:16:66:6c:4e:c5:33:
14:4b:09:0f:7a:59:83:c7:dc:42:a0:4c:db:34:7d:bf:b5:6a:
9e:22:f5:7f:7b:d9:1e:29:37:98:ef:01:da:30:0a:ca:f0:62:
ec:52:4d:f4:11:a5:97:15:87:cf:db:3d:07:b9:91:9c:2c:ba:
e0:c9:9f:ca:fe:32:ae:22:9c:e2:18:af:a9:57:dd:c1:82:0d:
6f:8d:71:48:a8:34:bc:60:8f:dd:4b:c8:8f:26:ac:8e:85:53:
89:45:1d:1f
-----BEGIN CERTIFICATE-----
MIIF1jCCBL6gAwIBAgISAZi7worGh/RQYDyWCFQN4zDrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwODE4MDU1OTA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODNkY2U5NDI5MTc3ZWJmZmQ4NTJkNGM2OTNjMDY2MzFjODZkMDJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvTsFXBNrTeoqAv7KdCZglZON+GEh
AmiBLHheaM+ENP6qNaExNQPMwlp3URxsGm4GX1+AsovGOHmUGgdzqgY2JKZNz5pg
EfWFATmd8nuvLaJxXkeWuCjCCvjBhGhHSn83LxEjTE9T7VFeJyfDiSy9u3/kK7G1
sW7G+W8Z8TEMqGqCdjgqDkdlDHyB3m1cArEqeFFsZBufdzxMoyaZKq5rvu0pOXVF
donZuZgb975H84h71wP8q+sfGXdEie70Hmx58qNo+rT4umjUZv5Mc1eAAsr0U30t
aCGnRkfw4j1zKWfnSih+v3A5AI9MQQBxYbPoIs34zy0ef4VKw8uL5z/ONQIDAQAB
o4IC4jCCAt4wHQYDVR0OBBYEFEg9zpQpF36//YUtTGk8BmMchtArMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvU0QzT2xDa1hmcl85aFMxTWFUd0dZeHlHMENzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH3BggrBgEFBQcBBwEB/wSB5zCB5DCB4QQCAAEwgdoDBACX
8C0DBACX8KMDBACX8K0DBACX8R4DBACX8TIDBACX8UADBACX8UMDBAGX8UYDBACX
8UkDBACX8U0DBACX8V8DBACX8XMDBACX8aADBACX8cwDBACX8i0DBACX8jkDBACX
8p4DBACX8wIDBACX82kDBACX858DBACX9AUDBACX9DkDBACX9G8DBACX9HMwDAME
AJf0gwMEAZf0hAMEAJf0vwMEAJf0wQMEAJf0xgMEAJf0yQMEAJf01AMEAJf1HAME
AJf1RgMEAJf1TgMEAJf1yQMEAJf11DANBgkqhkiG9w0BAQsFAAOCAQEAL1yOjw6c
s8QZoU8e+8ufDmCvJq0gMmT5iDYjeAtyKVt7ySXcxGqxiRNRrsUGibu9Twv5IZpo
MY2KhkxllUryyPkv+T6cdwk08NOtu9iDqS2d1H58K1DSaI4Zn3EJObzubdR94Kgt
+DATm7gvl2Kr8AWobGpK/hX9i2CfpfQblh3ISVXUUlAMjwST4fkVSKhbwLfYqe/U
kmnX90y3FmZsTsUzFEsJD3pZg8fcQqBM2zR9v7VqniL1f3vZHik3mO8B2jAKyvBi
7FJN9BGllxWHz9s9B7mRnCy64Mmfyv4yriKc4hivqVfdwYINb41xSKg0vGCP3UvI
jyasjoVTiUUdHw==
-----END CERTIFICATE-----
Generated at Sat Aug 23 19:09:36 2025 by rpki-client