Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/XFePqA4MEMU4VNDZCDQ-CmBIXSA.roa
File: XFePqA4MEMU4VNDZCDQ-CmBIXSA.roa (raw, json)
Hash identifier: +aue/mAtP+xAP5RWqPOJDCQ6wxMvVlnzrBeZB9PmB68=
Subject key identifier: 5C:57:8F:A8:0E:0C:10:C5:38:54:D0:D9:08:34:3E:0A:60:48:5D:20
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 01999E587DA5199F0C65D41E46B365BBDC46
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/XFePqA4MEMU4VNDZCDQ-CmBIXSA.roa
Signing time: Wed 01 Oct 2025 05:57:03 +0000
ROA not before: Wed 01 Oct 2025 05:57:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3320
IP address blocks: 151.242.93.0/24 maxlen: 24
151.242.94.0/24 maxlen: 24
151.242.95.0/24 maxlen: 24
151.242.98.0/24 maxlen: 24
151.242.100.0/24 maxlen: 24
151.242.101.0/24 maxlen: 24
151.242.105.0/24 maxlen: 24
151.242.107.0/24 maxlen: 24
151.242.109.0/24 maxlen: 24
151.242.113.0/24 maxlen: 24
151.242.115.0/24 maxlen: 24
151.242.184.0/22 maxlen: 22
151.242.196.0/22 maxlen: 22
151.245.128.0/24 maxlen: 24
151.245.129.0/24 maxlen: 24
151.245.130.0/24 maxlen: 24
151.245.131.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 20:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:9e:58:7d:a5:19:9f:0c:65:d4:1e:46:b3:65:bb:dc:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Oct 1 05:57:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5c578fa80e0c10c53854d0d908343e0a60485d20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:32:61:95:bb:23:32:1e:a1:30:cf:4f:be:e9:
4d:3d:d7:70:22:7e:70:9d:52:55:2e:bd:bc:bb:89:
5c:fe:39:b1:50:a9:f5:c0:39:1b:92:61:43:2f:64:
64:84:e6:70:5b:7f:b7:f1:06:6a:14:c7:8c:43:a2:
9f:05:eb:17:82:6e:b8:bf:5b:48:79:90:4e:f0:f1:
52:83:18:c9:17:97:64:2e:71:9d:57:07:34:a0:be:
04:a4:25:52:84:f4:97:86:f2:28:cb:c8:6f:de:84:
33:eb:b5:18:24:b1:53:fc:ba:a8:65:69:49:9a:e8:
34:30:3c:1e:a8:20:58:13:a6:20:95:f4:14:9e:e0:
55:3f:e7:f3:a3:9b:5b:f8:97:f9:08:b3:6d:4e:fe:
4d:81:df:ba:fb:18:d4:36:85:db:6c:19:6c:27:40:
9b:95:68:3b:97:ac:5a:a2:e9:02:eb:e7:5d:17:91:
7f:8b:27:67:ab:87:fe:f0:cb:85:dd:c0:78:3a:ab:
f9:14:81:b8:a1:2f:0e:d3:c0:78:98:0c:ed:d7:c5:
fd:bd:7c:45:6e:81:53:20:c1:36:42:93:ab:dc:9f:
09:69:f7:85:70:34:cb:3a:e2:01:29:82:83:45:93:
50:5a:d7:5b:54:45:0f:0b:07:cb:ec:ee:68:a3:29:
df:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:57:8F:A8:0E:0C:10:C5:38:54:D0:D9:08:34:3E:0A:60:48:5D:20
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/XFePqA4MEMU4VNDZCDQ-CmBIXSA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.242.93.0-151.242.95.255
151.242.98.0/24
151.242.100.0/23
151.242.105.0/24
151.242.107.0/24
151.242.109.0/24
151.242.113.0/24
151.242.115.0/24
151.242.184.0/22
151.242.196.0/22
151.245.128.0/22
Signature Algorithm: sha256WithRSAEncryption
a9:d0:b1:9b:17:1e:4e:48:4c:df:0b:64:26:be:16:c2:dd:f3:
b0:86:38:a3:7f:79:c7:cb:2f:b8:6a:bd:f5:d8:9f:4d:39:4e:
c3:28:50:ad:0b:61:d3:bb:1b:c5:6a:7d:6d:7a:46:92:83:21:
7e:d1:44:6f:7d:5a:e4:94:97:b4:06:40:96:cf:71:0f:52:59:
a6:8f:6d:f6:5e:01:2e:b3:28:29:61:d5:99:d0:45:a1:a8:39:
43:ff:96:68:57:2f:ce:4b:b2:f9:8c:39:eb:e1:e1:6b:6a:83:
b2:be:8a:a2:c8:e6:e6:cd:df:64:c2:cd:28:44:5d:b1:c9:8a:
bd:59:5a:f0:bc:2b:29:82:cd:01:ed:12:fc:5b:32:48:cd:86:
c1:55:8a:35:43:7c:9f:48:e6:5d:ca:38:96:91:eb:d8:78:34:
48:5c:0f:46:5b:94:67:6e:98:f2:3d:39:be:aa:89:e2:ba:2c:
fa:5d:b2:63:d7:28:b0:32:b2:9f:86:a0:1e:ce:cd:89:7c:2f:
19:81:78:87:8b:99:17:e2:ab:76:a9:5e:26:0e:3c:bf:5f:73:
c3:86:76:e2:c2:11:b2:76:44:86:12:21:01:f2:79:6a:06:1a:
04:f4:6a:72:a4:87:14:53:85:e5:ce:99:9d:a8:8a:74:3e:19:
90:cc:ff:47
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgISAZmeWH2lGZ8MZdQeRrNlu9xGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUxMDAxMDU1NzAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzU3OGZhODBlMGMxMGM1Mzg1NGQwZDkwODM0M2UwYTYwNDg1ZDIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkTJhlbsjMh6hMM9PvulNPddwIn5w
nVJVLr28u4lc/jmxUKn1wDkbkmFDL2RkhOZwW3+38QZqFMeMQ6KfBesXgm64v1tI
eZBO8PFSgxjJF5dkLnGdVwc0oL4EpCVShPSXhvIoy8hv3oQz67UYJLFT/LqoZWlJ
mug0MDweqCBYE6YglfQUnuBVP+fzo5tb+Jf5CLNtTv5Ngd+6+xjUNoXbbBlsJ0Cb
lWg7l6xaoukC6+ddF5F/iydnq4f+8MuF3cB4Oqv5FIG4oS8O08B4mAzt18X9vXxF
boFTIME2QpOr3J8JafeFcDTLOuIBKYKDRZNQWtdbVEUPCwfL7O5ooynfHQIDAQAB
o4ICTTCCAkkwHQYDVR0OBBYEFFxXj6gODBDFOFTQ2Qg0PgpgSF0gMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvWEZlUHFBNE1FTVU0Vk5EWkNEUS1DbUJJWFNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGMGCCsGAQUFBwEHAQH/BFQwUjBQBAIAATBKMAwDBACX8l0D
BAWX8kADBACX8mIDBAGX8mQDBACX8mkDBACX8msDBACX8m0DBACX8nEDBACX8nMD
BAKX8rgDBAKX8sQDBAKX9YAwDQYJKoZIhvcNAQELBQADggEBAKnQsZsXHk5ITN8L
ZCa+FsLd87CGOKN/ecfLL7hqvfXYn005TsMoUK0LYdO7G8VqfW16RpKDIX7RRG99
WuSUl7QGQJbPcQ9SWaaPbfZeAS6zKClh1ZnQRaGoOUP/lmhXL85LsvmMOevh4Wtq
g7K+iqLI5ubN32TCzShEXbHJir1ZWvC8KymCzQHtEvxbMkjNhsFVijVDfJ9I5l3K
OJaR69h4NEhcD0ZblGdumPI9Ob6qieK6LPpdsmPXKLAysp+GoB7OzYl8LxmBeIeL
mRfiq3apXiYOPL9fc8OGduLCEbJ2RIYSIQHyeWoGGgT0anKkhxRTheXOmZ2oinQ+
GZDM/0c=
-----END CERTIFICATE-----
Generated at Mon Oct 20 06:50:58 2025 by rpki-client