Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/T7MGVuCC9soy9fSa-NL40cebMKU.roa
File: T7MGVuCC9soy9fSa-NL40cebMKU.roa (raw, json)
Hash identifier: k+/7xYaHHaaoQp96v93SJ5YQ0TjOQAfu8fNTiWAdwLo=
Subject key identifier: 4F:B3:06:56:E0:82:F6:CA:32:F5:F4:9A:F8:D2:F8:D1:C7:9B:30:A5
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0197C04AE505E03C865AF9AE64BB0687B150
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/T7MGVuCC9soy9fSa-NL40cebMKU.roa
Signing time: Mon 30 Jun 2025 10:03:43 +0000
ROA not before: Mon 30 Jun 2025 10:03:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 22427
IP address blocks: 151.242.154.0/24 maxlen: 24
151.243.246.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 04 Jul 2025 04:00:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:c0:4a:e5:05:e0:3c:86:5a:f9:ae:64:bb:06:87:b1:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Jun 30 10:03:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4fb30656e082f6ca32f5f49af8d2f8d1c79b30a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:3c:10:c0:b2:1e:6d:b6:5c:61:88:ad:12:58:
63:9f:58:c8:b0:35:3a:35:88:45:f8:87:d5:76:44:
8b:c2:8e:54:7a:f2:df:34:9e:54:7d:94:c9:d1:82:
c0:ee:26:3e:67:8c:73:2e:d9:42:4f:13:04:22:33:
54:c6:6d:72:b3:fe:96:3d:95:16:3b:0c:14:16:cd:
47:48:ab:1d:ea:61:0d:03:3b:a3:d9:dc:e7:93:dc:
1a:6e:eb:f8:b3:52:5e:91:53:f9:dc:85:ce:76:51:
2f:2d:a1:3d:1c:ce:0c:cc:28:6b:76:bf:55:0d:9d:
32:2a:e4:61:27:b4:b7:98:68:f1:5e:41:c8:d7:22:
53:13:af:6c:cc:3b:3f:4c:4b:6a:ec:ff:88:8e:5a:
04:e3:e3:19:6b:da:6c:fc:a3:46:ad:10:a3:77:46:
a7:fc:10:3b:f0:80:07:53:51:8e:ac:85:9e:20:07:
7f:f2:2a:c2:37:c6:cf:f7:37:84:15:ac:e2:d8:71:
9f:c6:55:a7:41:c6:34:31:06:87:e7:b3:0d:dd:e7:
ea:a2:4a:9d:29:f8:2a:39:6b:5e:f8:fa:f6:9c:78:
c6:b4:79:4a:57:c9:a2:1e:08:75:09:74:7d:2c:56:
27:da:b9:e1:c5:f1:72:d8:ef:5d:5a:a9:50:11:06:
2e:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:B3:06:56:E0:82:F6:CA:32:F5:F4:9A:F8:D2:F8:D1:C7:9B:30:A5
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/T7MGVuCC9soy9fSa-NL40cebMKU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.242.154.0/24
151.243.246.0/24
Signature Algorithm: sha256WithRSAEncryption
60:e7:81:44:ba:bf:b8:2b:59:fd:fc:11:f4:e4:17:96:cd:4c:
e1:cc:66:ad:79:2c:1f:db:16:a2:9f:ce:1a:f5:26:f2:21:8e:
b5:3a:e4:dd:60:d5:12:6f:bb:cb:5b:b1:b2:79:20:0f:85:da:
62:4e:e4:25:09:96:5a:da:bd:b1:bf:e3:dd:27:48:2a:e4:83:
12:77:8a:78:70:15:4d:c9:e2:58:f3:f9:18:52:16:c0:8b:9b:
72:dc:15:d0:d4:4a:e9:09:4f:23:48:81:73:87:92:c0:30:f9:
af:43:17:a3:19:8a:10:fa:08:31:2a:da:9a:0b:f0:97:07:e2:
0b:ed:65:51:7c:51:33:a8:d0:ef:8f:b3:ec:91:b3:ec:88:ee:
7b:ef:66:c3:5c:f9:f0:c6:b5:ed:23:bd:de:37:55:6f:2c:d4:
af:ff:26:c7:33:4f:e5:80:65:5f:47:ab:a1:ec:bc:4c:cd:ec:
01:eb:28:ba:d3:e9:2a:31:4d:25:f1:d9:16:59:1b:50:a1:98:
f5:0c:d4:ca:b0:41:e3:93:85:cc:28:ce:9e:26:f9:0b:a3:77:
aa:c6:32:7f:27:45:9c:57:18:07:29:a1:c3:14:9f:3a:1f:3b:
75:2c:6e:eb:d1:47:bc:6c:07:25:58:b4:ed:95:e8:3a:10:1e:
19:08:aa:81
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZfASuUF4DyGWvmuZLsGh7FQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNjMwMTAwMzQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZmIzMDY1NmUwODJmNmNhMzJmNWY0OWFmOGQyZjhkMWM3OWIzMGE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAozwQwLIebbZcYYitElhjn1jIsDU6
NYhF+IfVdkSLwo5UevLfNJ5UfZTJ0YLA7iY+Z4xzLtlCTxMEIjNUxm1ys/6WPZUW
OwwUFs1HSKsd6mENAzuj2dznk9wabuv4s1JekVP53IXOdlEvLaE9HM4MzChrdr9V
DZ0yKuRhJ7S3mGjxXkHI1yJTE69szDs/TEtq7P+IjloE4+MZa9ps/KNGrRCjd0an
/BA78IAHU1GOrIWeIAd/8irCN8bP9zeEFazi2HGfxlWnQcY0MQaH57MN3efqokqd
KfgqOWte+Pr2nHjGtHlKV8miHgh1CXR9LFYn2rnhxfFy2O9dWqlQEQYuvwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFE+zBlbggvbKMvX0mvjS+NHHmzClMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvVDdNR1Z1Q0M5c295OWZTYS1OTDQwY2ViTUtVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAl/KaAwQA
l/P2MA0GCSqGSIb3DQEBCwUAA4IBAQBg54FEur+4K1n9/BH05BeWzUzhzGateSwf
2xain84a9SbyIY61OuTdYNUSb7vLW7GyeSAPhdpiTuQlCZZa2r2xv+PdJ0gq5IMS
d4p4cBVNyeJY8/kYUhbAi5ty3BXQ1ErpCU8jSIFzh5LAMPmvQxejGYoQ+ggxKtqa
C/CXB+IL7WVRfFEzqNDvj7PskbPsiO5772bDXPnwxrXtI73eN1VvLNSv/ybHM0/l
gGVfR6uh7LxMzewB6yi60+kqMU0l8dkWWRtQoZj1DNTKsEHjk4XMKM6eJvkLo3eq
xjJ/J0WcVxgHKaHDFJ86Hzt1LG7r0Ue8bAclWLTtleg6EB4ZCKqB
-----END CERTIFICATE-----
Generated at Thu Jul 3 06:54:08 2025 by rpki-client