Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/Tqh_VmEENByiAsJC6htjnT6WeOg.roa
File: Tqh_VmEENByiAsJC6htjnT6WeOg.roa (raw, json)
Hash identifier: rwgEFiZAZRl3nv8G3rOgEQB86GbUyZKaJaV3Y66x8DM=
Subject key identifier: 4E:A8:7F:56:61:04:34:1C:A2:02:C2:42:EA:1B:63:9D:3E:96:78:E8
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0198D171CB938DAA9DD887BA8C733FDAE4D6
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/Tqh_VmEENByiAsJC6htjnT6WeOg.roa
Signing time: Fri 22 Aug 2025 11:02:32 +0000
ROA not before: Fri 22 Aug 2025 11:02:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 135402
IP address blocks: 151.240.96.0/24 maxlen: 24
151.241.92.0/24 maxlen: 24
151.242.86.0/24 maxlen: 24
151.243.4.0/24 maxlen: 24
151.243.206.0/24 maxlen: 24
151.243.221.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 09:25:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d1:71:cb:93:8d:aa:9d:d8:87:ba:8c:73:3f:da:e4:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Aug 22 11:02:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4ea87f566104341ca202c242ea1b639d3e9678e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:d6:b7:f5:94:c8:5f:22:0a:d4:03:7b:ce:b0:
c8:3b:78:c8:fe:d6:a1:f2:e7:c1:9b:0e:03:78:eb:
90:4a:f8:a3:87:28:97:32:8a:8a:0b:bc:6e:ae:ee:
16:2e:92:9c:52:69:4d:8b:78:d7:07:f9:24:83:ac:
50:e4:cb:b9:89:5d:eb:0b:95:59:89:b2:a9:85:1e:
c8:ae:00:1a:24:4f:56:13:ae:bf:3a:18:96:dd:10:
71:dc:75:c8:e1:ec:f7:54:b8:5f:b2:7b:bf:52:bc:
7d:94:ee:db:18:60:66:13:a4:19:09:25:06:f2:d6:
75:8e:6b:83:68:67:99:91:3d:e2:2e:70:68:2a:6c:
09:bb:f2:be:ab:68:c7:c2:fd:c2:00:16:e8:46:14:
9b:b8:36:30:33:54:b0:78:5f:8c:02:73:81:4b:60:
14:5f:0d:c6:3a:3a:35:23:fb:1f:62:2f:07:e2:d5:
a0:2c:50:30:b9:3e:76:e4:a8:5d:2a:02:53:9f:f5:
17:a8:b9:5e:a0:86:ff:e0:b3:a3:4d:d1:ca:3c:ab:
b4:6e:b9:89:a1:1f:2b:71:7f:04:82:f8:af:05:4f:
c6:dd:e1:57:fa:86:ac:3a:af:89:32:68:91:13:31:
cc:c6:2d:17:b9:dc:57:70:93:3b:41:d7:9b:b5:b4:
c7:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:A8:7F:56:61:04:34:1C:A2:02:C2:42:EA:1B:63:9D:3E:96:78:E8
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/Tqh_VmEENByiAsJC6htjnT6WeOg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.240.96.0/24
151.241.92.0/24
151.242.86.0/24
151.243.4.0/24
151.243.206.0/24
151.243.221.0/24
Signature Algorithm: sha256WithRSAEncryption
31:af:81:a5:a4:90:7a:43:ee:88:ce:2b:ea:7a:c6:93:90:11:
32:1a:de:b3:00:43:e3:8c:65:c3:02:f2:1f:8a:59:a6:09:44:
ae:e8:e0:7d:76:a4:04:27:2f:9d:a7:9c:6a:e2:06:07:29:c0:
5a:62:fa:00:d1:81:49:84:6f:5b:bd:e0:4a:f1:b5:60:4a:fc:
cd:32:40:59:d6:9b:b2:b8:59:e0:57:63:18:44:27:82:1c:89:
12:be:d3:5f:c6:ae:28:6f:b9:07:de:e2:e7:4c:0a:05:86:4c:
1e:5d:18:c4:6e:c1:07:12:21:2b:21:12:4b:55:2d:89:2e:30:
2c:06:eb:00:13:1e:9c:2d:72:09:51:34:a6:10:60:a6:4f:48:
8c:3e:43:21:5a:84:c9:96:6c:fd:11:8b:6a:21:a8:7a:0b:cb:
9a:a7:46:89:68:07:72:5d:24:fa:19:40:ec:5c:41:0a:88:ba:
18:d9:bb:39:f4:56:83:c1:29:07:e3:19:68:48:30:ce:da:c6:
78:1f:21:1f:b6:b6:fa:30:0c:3a:9d:2a:ab:6f:7e:45:37:29:
6d:a1:f0:21:ce:bb:c4:3a:9c:79:7c:bf:0c:61:0b:ae:e0:cb:
27:e2:17:71:1a:41:5d:16:dc:01:33:ea:b2:15:98:54:cb:b3:
1a:90:fc:5b
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZjRccuTjaqd2Ie6jHM/2uTWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwODIyMTEwMjMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZWE4N2Y1NjYxMDQzNDFjYTIwMmMyNDJlYTFiNjM5ZDNlOTY3OGU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArda39ZTIXyIK1AN7zrDIO3jI/tah
8ufBmw4DeOuQSvijhyiXMoqKC7xuru4WLpKcUmlNi3jXB/kkg6xQ5Mu5iV3rC5VZ
ibKphR7IrgAaJE9WE66/OhiW3RBx3HXI4ez3VLhfsnu/Urx9lO7bGGBmE6QZCSUG
8tZ1jmuDaGeZkT3iLnBoKmwJu/K+q2jHwv3CABboRhSbuDYwM1SweF+MAnOBS2AU
Xw3GOjo1I/sfYi8H4tWgLFAwuT525KhdKgJTn/UXqLleoIb/4LOjTdHKPKu0brmJ
oR8rcX8EgvivBU/G3eFX+oasOq+JMmiREzHMxi0XudxXcJM7QdebtbTHtQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFE6of1ZhBDQcogLCQuobY50+lnjoMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvVHFoX1ZtRUVOQnlpQXNKQzZodGpuVDZXZU9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAl/BgAwQA
l/FcAwQAl/JWAwQAl/MEAwQAl/POAwQAl/PdMA0GCSqGSIb3DQEBCwUAA4IBAQAx
r4GlpJB6Q+6IzivqesaTkBEyGt6zAEPjjGXDAvIfilmmCUSu6OB9dqQEJy+dp5xq
4gYHKcBaYvoA0YFJhG9bveBK8bVgSvzNMkBZ1puyuFngV2MYRCeCHIkSvtNfxq4o
b7kH3uLnTAoFhkweXRjEbsEHEiErIRJLVS2JLjAsBusAEx6cLXIJUTSmEGCmT0iM
PkMhWoTJlmz9EYtqIah6C8uap0aJaAdyXST6GUDsXEEKiLoY2bs59FaDwSkH4xlo
SDDO2sZ4HyEftrb6MAw6nSqrb35FNyltofAhzrvEOpx5fL8MYQuu4Msn4hdxGkFd
FtwBM+qyFZhUy7MakPxb
-----END CERTIFICATE-----
Generated at Sat Aug 23 19:39:09 2025 by rpki-client