Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/Txy9Hi13Lv1n5L7hy9ygg5g8pCk.roa
File: Txy9Hi13Lv1n5L7hy9ygg5g8pCk.roa (raw, json)
Hash identifier: eVm0sPoXI2HyHmDXyc2XXsqVd+QobXHz9PUAVIHT/PY=
Subject key identifier: 4F:1C:BD:1E:2D:77:2E:FD:67:E4:BE:E1:CB:DC:A0:83:98:3C:A4:29
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0198D19E3D23EC676B91A0C83F6CC3B3701C
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/Txy9Hi13Lv1n5L7hy9ygg5g8pCk.roa
Signing time: Fri 22 Aug 2025 11:51:05 +0000
ROA not before: Fri 22 Aug 2025 11:51:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9304
IP address blocks: 37.202.220.0/24 maxlen: 24
151.240.8.0/24 maxlen: 24
151.240.28.0/24 maxlen: 24
151.240.60.0/23 maxlen: 24
151.240.72.0/24 maxlen: 24
151.240.74.0/24 maxlen: 24
151.240.80.0/23 maxlen: 24
151.240.110.0/24 maxlen: 24
151.240.118.0/23 maxlen: 24
151.240.148.0/23 maxlen: 24
151.240.226.0/23 maxlen: 24
151.240.243.0/24 maxlen: 24
151.240.244.0/24 maxlen: 24
151.240.245.0/24 maxlen: 24
151.240.246.0/24 maxlen: 24
151.240.247.0/24 maxlen: 24
151.240.249.0/24 maxlen: 24
151.240.250.0/24 maxlen: 24
151.240.251.0/24 maxlen: 24
151.240.252.0/24 maxlen: 24
151.240.253.0/24 maxlen: 24
151.241.78.0/24 maxlen: 24
151.241.79.0/24 maxlen: 24
151.241.89.0/24 maxlen: 24
151.241.90.0/24 maxlen: 24
151.241.127.0/24 maxlen: 24
151.242.76.0/23 maxlen: 24
151.242.134.0/24 maxlen: 24
151.242.135.0/24 maxlen: 24
151.242.156.0/23 maxlen: 24
151.242.202.0/23 maxlen: 24
151.242.236.0/22 maxlen: 24
151.243.25.0/24 maxlen: 24
151.243.148.0/23 maxlen: 24
151.243.170.0/24 maxlen: 24
151.243.172.0/24 maxlen: 24
151.244.48.0/24 maxlen: 24
151.244.102.0/24 maxlen: 24
151.244.196.0/24 maxlen: 24
151.244.226.0/23 maxlen: 24
151.245.64.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d1:9e:3d:23:ec:67:6b:91:a0:c8:3f:6c:c3:b3:70:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Aug 22 11:51:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4f1cbd1e2d772efd67e4bee1cbdca083983ca429
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:63:4e:47:0d:56:6a:fc:74:e0:df:9a:e1:6c:
33:96:ff:f2:0d:9a:37:88:9e:88:83:bd:8e:8b:1d:
34:f4:85:60:b4:b9:40:2d:50:71:cd:5c:ef:3a:c0:
40:77:bb:00:8f:28:bd:bd:c3:f7:47:8d:d8:3b:d8:
eb:af:a4:f2:de:c0:52:5d:bb:9b:36:2b:04:26:bb:
3c:e6:04:4e:1d:26:c8:ad:d3:1a:48:30:29:54:4c:
c9:bf:6e:14:65:88:a0:2c:91:8e:95:43:3a:1e:ce:
d3:e1:5d:38:89:1d:7b:c8:2c:15:91:b4:e6:f8:1e:
83:3b:e4:83:09:aa:0b:bd:46:44:43:98:d8:ea:c6:
95:25:ac:f3:89:8d:83:9d:c8:1e:11:80:3e:18:ac:
2f:2f:a6:f5:94:a3:b4:a7:ea:18:9f:16:45:ff:25:
a1:6b:bf:76:f0:76:96:f7:fc:b5:37:31:03:61:8c:
ef:d6:df:3f:88:af:4b:03:b0:3f:cb:1d:1b:62:57:
93:95:7f:6a:68:af:04:09:b9:a9:f1:25:ec:4b:36:
b6:65:e6:a6:55:f7:84:01:72:b3:03:fc:46:6c:c0:
28:e5:e4:c2:ed:88:cb:7c:8d:22:0a:ef:d0:8a:f7:
af:4a:a3:a8:42:7a:ab:07:2d:8e:0f:dc:bb:84:ce:
db:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:1C:BD:1E:2D:77:2E:FD:67:E4:BE:E1:CB:DC:A0:83:98:3C:A4:29
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/Txy9Hi13Lv1n5L7hy9ygg5g8pCk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.202.220.0/24
151.240.8.0/24
151.240.28.0/24
151.240.60.0/23
151.240.72.0/24
151.240.74.0/24
151.240.80.0/23
151.240.110.0/24
151.240.118.0/23
151.240.148.0/23
151.240.226.0/23
151.240.243.0-151.240.247.255
151.240.249.0-151.240.253.255
151.241.78.0/23
151.241.89.0-151.241.90.255
151.241.127.0/24
151.242.76.0/23
151.242.134.0/23
151.242.156.0/23
151.242.202.0/23
151.242.236.0/22
151.243.25.0/24
151.243.148.0/23
151.243.170.0/24
151.243.172.0/24
151.244.48.0/24
151.244.102.0/24
151.244.196.0/24
151.244.226.0/23
151.245.64.0/22
Signature Algorithm: sha256WithRSAEncryption
72:42:ec:a4:0d:0e:58:53:f5:46:53:f2:52:69:9d:67:db:53:
2b:98:aa:c4:b8:b5:e5:b1:f3:bb:2f:10:8c:5d:3c:e5:4b:18:
dd:8f:83:f4:4b:10:a1:c9:6b:16:26:83:36:db:9f:58:e0:57:
63:3f:84:9a:19:a6:dd:91:e4:07:35:02:7c:11:1d:8e:62:17:
88:24:05:ab:62:c3:c2:3c:55:2e:fe:d6:71:da:41:d5:2b:7f:
e4:d9:5c:3f:f9:96:b0:41:68:8f:ff:db:b7:d5:46:17:cb:9c:
0a:2e:cb:a2:0c:28:92:48:2f:65:bf:cb:47:53:3d:3b:cf:61:
5f:bc:ce:41:4f:57:3d:ab:f4:b2:dc:fe:b0:00:ac:be:8c:5e:
3c:f3:30:0f:46:00:34:bb:ae:24:93:d2:33:fe:4f:e4:19:60:
56:25:9c:84:50:31:a6:ad:63:c2:f5:f2:64:49:7d:7a:6c:a2:
09:6d:0b:5d:b5:ff:6e:96:23:95:c3:0b:b7:71:6c:26:ff:68:
a4:be:f0:20:6d:17:75:a6:25:46:08:be:33:fd:05:3d:d0:64:
28:62:57:12:4b:04:97:7d:ed:6f:73:48:d6:d0:3b:e9:26:8e:
83:6f:f1:55:0d:79:d8:8c:e0:ba:89:ca:a4:a0:cd:10:d9:c2:
ca:b8:22:72
-----BEGIN CERTIFICATE-----
MIIFyDCCBLCgAwIBAgISAZjRnj0j7GdrkaDIP2zDs3AcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwODIyMTE1MTA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjFjYmQxZTJkNzcyZWZkNjdlNGJlZTFjYmRjYTA4Mzk4M2NhNDI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxGNORw1Wavx04N+a4Wwzlv/yDZo3
iJ6Ig72Oix009IVgtLlALVBxzVzvOsBAd7sAjyi9vcP3R43YO9jrr6Ty3sBSXbub
NisEJrs85gROHSbIrdMaSDApVEzJv24UZYigLJGOlUM6Hs7T4V04iR17yCwVkbTm
+B6DO+SDCaoLvUZEQ5jY6saVJazziY2DncgeEYA+GKwvL6b1lKO0p+oYnxZF/yWh
a7928HaW9/y1NzEDYYzv1t8/iK9LA7A/yx0bYleTlX9qaK8ECbmp8SXsSza2Zeam
VfeEAXKzA/xGbMAo5eTC7YjLfI0iCu/QivevSqOoQnqrBy2OD9y7hM7bqwIDAQAB
o4IC1DCCAtAwHQYDVR0OBBYEFE8cvR4tdy79Z+S+4cvcoIOYPKQpMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvVHh5OUhpMTNMdjFuNUw3aHk5eWdnNWc4cENrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHpBggrBgEFBQcBBwEB/wSB2TCB1jCB0wQCAAEwgcwDBAAl
ytwDBACX8AgDBACX8BwDBAGX8DwDBACX8EgDBACX8EoDBAGX8FADBACX8G4DBAGX
8HYDBAGX8JQDBAGX8OIwDAMEAJfw8wMEA5fw8DAMAwQAl/D5AwQBl/D8AwQBl/FO
MAwDBACX8VkDBACX8VoDBACX8X8DBAGX8kwDBAGX8oYDBAGX8pwDBAGX8soDBAKX
8uwDBACX8xkDBAGX85QDBACX86oDBACX86wDBACX9DADBACX9GYDBACX9MQDBAGX
9OIDBAKX9UAwDQYJKoZIhvcNAQELBQADggEBAHJC7KQNDlhT9UZT8lJpnWfbUyuY
qsS4teWx87svEIxdPOVLGN2Pg/RLEKHJaxYmgzbbn1jgV2M/hJoZpt2R5Ac1AnwR
HY5iF4gkBatiw8I8VS7+1nHaQdUrf+TZXD/5lrBBaI//27fVRhfLnAouy6IMKJJI
L2W/y0dTPTvPYV+8zkFPVz2r9LLc/rAArL6MXjzzMA9GADS7riST0jP+T+QZYFYl
nIRQMaatY8L18mRJfXpsogltC121/26WI5XDC7dxbCb/aKS+8CBtF3WmJUYIvjP9
BT3QZChiVxJLBJd97W9zSNbQO+kmjoNv8VUNediM4LqJyqSgzRDZwsq4InI=
-----END CERTIFICATE-----
Generated at Sat Aug 23 20:29:49 2025 by rpki-client