Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/SxPPNx5cIVEuk-WAr5MaSQikDYI.roa
File: SxPPNx5cIVEuk-WAr5MaSQikDYI.roa (raw, json)
Hash identifier: gVG3BbFVyu1XpFSFxWfGIu1zBz0zf53lQSF70sDptpw=
Subject key identifier: 4B:13:CF:37:1E:5C:21:51:2E:93:E5:80:AF:93:1A:49:08:A4:0D:82
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0199752A82CBF500C20310FB4455CCB81FB6
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/SxPPNx5cIVEuk-WAr5MaSQikDYI.roa
Signing time: Tue 23 Sep 2025 06:02:24 +0000
ROA not before: Tue 23 Sep 2025 06:02:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 36530
IP address blocks: 151.241.128.0/22 maxlen: 24
151.242.4.0/24 maxlen: 24
151.242.14.0/24 maxlen: 24
151.242.17.0/24 maxlen: 24
151.242.27.0/24 maxlen: 24
151.242.32.0/24 maxlen: 24
151.242.139.0/24 maxlen: 24
151.243.44.0/24 maxlen: 24
151.243.115.0/24 maxlen: 24
151.244.3.0/24 maxlen: 24
151.244.128.0/24 maxlen: 24
151.244.129.0/24 maxlen: 24
151.244.130.0/24 maxlen: 24
151.244.236.0/24 maxlen: 24
151.245.120.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 14:01:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:75:2a:82:cb:f5:00:c2:03:10:fb:44:55:cc:b8:1f:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Sep 23 06:02:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4b13cf371e5c21512e93e580af931a4908a40d82
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:3d:7e:96:6b:84:92:82:4f:b9:a7:0f:66:81:
a2:2f:80:b0:f9:1f:76:43:bd:2f:fa:2d:a3:97:b2:
28:4a:9d:5f:a6:01:d4:52:11:39:62:ea:d9:f5:d9:
3d:cb:00:4c:51:cd:2c:b5:54:01:9a:d7:73:99:60:
bb:de:d1:1a:ed:2c:2b:37:6d:7a:0a:f9:aa:1f:c3:
a0:6f:17:ee:d8:76:ad:2a:a5:4c:45:04:26:d2:1d:
43:09:6a:69:f2:30:8d:e9:91:37:86:07:1e:eb:14:
fa:7e:b9:46:19:8c:02:d5:5b:d1:c3:d2:99:df:bc:
c8:cc:0e:90:e3:d3:ba:de:95:57:21:ce:72:b3:f6:
c9:0f:04:b2:9c:b6:12:c4:a5:23:1a:b9:6c:58:4d:
d6:32:dd:ca:8a:ba:af:68:13:fe:9b:a8:0e:46:f7:
7c:eb:bb:df:d6:e1:4f:5a:5b:d1:65:af:27:03:b3:
a1:8d:11:19:b3:5c:87:a0:ee:38:aa:8f:33:fa:3c:
38:e0:ad:89:ba:1d:7e:64:4e:7d:c5:56:d5:44:33:
ce:69:f1:1a:11:a7:d8:52:16:e8:bf:d8:d2:05:85:
c2:33:13:66:6a:82:df:c1:a5:79:8f:21:dc:81:46:
f9:de:bb:97:8e:04:86:ff:39:b9:76:68:db:40:f5:
69:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:13:CF:37:1E:5C:21:51:2E:93:E5:80:AF:93:1A:49:08:A4:0D:82
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/SxPPNx5cIVEuk-WAr5MaSQikDYI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.241.128.0/22
151.242.4.0/24
151.242.14.0/24
151.242.17.0/24
151.242.27.0/24
151.242.32.0/24
151.242.139.0/24
151.243.44.0/24
151.243.115.0/24
151.244.3.0/24
151.244.128.0-151.244.130.255
151.244.236.0/24
151.245.120.0/21
Signature Algorithm: sha256WithRSAEncryption
9a:9e:c6:fe:e1:83:4e:0e:8f:67:7b:c3:6f:f5:af:ae:d8:17:
3f:8e:43:cc:c7:53:08:7e:c1:aa:e3:65:4e:9a:3b:c3:b4:52:
fb:73:b9:b6:5c:1c:89:dd:9a:2c:66:79:25:77:50:08:88:fc:
f4:b9:c9:83:39:5e:12:02:5d:4e:9b:4a:97:28:81:96:c3:73:
a8:46:66:7a:a3:eb:5d:4f:7e:69:4f:f2:33:dc:39:a0:5e:99:
dc:b1:d4:77:07:34:46:c5:4b:e3:72:4d:cb:73:fa:62:e5:b9:
2f:84:ec:cd:cd:a4:6a:6a:52:cd:bc:fb:5e:45:94:aa:45:e6:
f4:4c:a2:12:b3:a2:c1:ce:67:4e:38:dd:de:68:fd:b0:33:35:
30:c1:85:72:3d:e9:78:c3:a1:d2:aa:19:85:c2:88:ea:15:d9:
32:0b:6d:55:6a:ab:a6:64:25:47:65:62:8d:d7:6e:ad:39:bd:
cc:ef:78:95:b6:d3:90:8a:5a:e5:cb:ad:8b:23:c5:fe:b2:11:
cf:c9:a6:6f:e6:9c:13:87:7d:03:97:6c:fd:80:93:35:40:06:
c1:61:ef:ae:0c:07:90:86:3d:9e:58:f9:cf:24:bf:47:a4:41:
33:60:d5:7c:a2:f4:41:37:5b:f6:67:98:59:bd:9b:e7:71:d5:
24:6c:56:e9
-----BEGIN CERTIFICATE-----
MIIFTTCCBDWgAwIBAgISAZl1KoLL9QDCAxD7RFXMuB+2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwOTIzMDYwMjI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjEzY2YzNzFlNWMyMTUxMmU5M2U1ODBhZjkzMWE0OTA4YTQwZDgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2T1+lmuEkoJPuacPZoGiL4Cw+R92
Q70v+i2jl7IoSp1fpgHUUhE5YurZ9dk9ywBMUc0stVQBmtdzmWC73tEa7SwrN216
CvmqH8Ogbxfu2HatKqVMRQQm0h1DCWpp8jCN6ZE3hgce6xT6frlGGYwC1VvRw9KZ
37zIzA6Q49O63pVXIc5ys/bJDwSynLYSxKUjGrlsWE3WMt3KirqvaBP+m6gORvd8
67vf1uFPWlvRZa8nA7OhjREZs1yHoO44qo8z+jw44K2Juh1+ZE59xVbVRDPOafEa
EafYUhbov9jSBYXCMxNmaoLfwaV5jyHcgUb53ruXjgSG/zm5dmjbQPVp2QIDAQAB
o4ICWTCCAlUwHQYDVR0OBBYEFEsTzzceXCFRLpPlgK+TGkkIpA2CMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvU3hQUE54NWNJVkV1ay1XQXI1TWFTUWlrRFlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG8GCCsGAQUFBwEHAQH/BGAwXjBcBAIAATBWAwQCl/GAAwQA
l/IEAwQAl/IOAwQAl/IRAwQAl/IbAwQAl/IgAwQAl/KLAwQAl/MsAwQAl/NzAwQA
l/QDMAwDBAeX9IADBACX9IIDBACX9OwDBAOX9XgwDQYJKoZIhvcNAQELBQADggEB
AJqexv7hg04Oj2d7w2/1r67YFz+OQ8zHUwh+warjZU6aO8O0UvtzubZcHIndmixm
eSV3UAiI/PS5yYM5XhICXU6bSpcogZbDc6hGZnqj611PfmlP8jPcOaBemdyx1HcH
NEbFS+NyTctz+mLluS+E7M3NpGpqUs28+15FlKpF5vRMohKzosHOZ0443d5o/bAz
NTDBhXI96XjDodKqGYXCiOoV2TILbVVqq6ZkJUdlYo3Xbq05vczveJW205CKWuXL
rYsjxf6yEc/Jpm/mnBOHfQOXbP2AkzVABsFh764MB5CGPZ5Y+c8kv0ekQTNg1Xyi
9EE3W/ZnmFm9m+dx1SRsVuk=
-----END CERTIFICATE-----
Generated at Sun Oct 19 22:25:15 2025 by rpki-client