Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/Y66gzoR2uqZTp26PFQTN9PbSQYQ.roa
File: Y66gzoR2uqZTp26PFQTN9PbSQYQ.roa (raw, json)
Hash identifier: 0cXZAVoFqtlXsogSqBPOuo9HEDHJ9p5gYxozM+Z2AMM=
Subject key identifier: 63:AE:A0:CE:84:76:BA:A6:53:A7:6E:8F:15:04:CD:F4:F6:D2:41:84
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0199CE25FB50C5872AC98F98DA7BA281B440
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/Y66gzoR2uqZTp26PFQTN9PbSQYQ.roa
Signing time: Fri 10 Oct 2025 12:43:39 +0000
ROA not before: Fri 10 Oct 2025 12:43:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214432
IP address blocks: 151.240.73.0/24 maxlen: 24
151.240.78.0/24 maxlen: 24
151.241.177.0/24 maxlen: 24
151.244.38.0/24 maxlen: 24
151.244.52.0/24 maxlen: 24
151.244.62.0/24 maxlen: 24
151.244.75.0/24 maxlen: 24
151.244.87.0/24 maxlen: 24
151.245.102.0/24 maxlen: 24
151.245.189.0/24 maxlen: 24
151.245.191.0/24 maxlen: 24
151.245.192.0/24 maxlen: 24
151.245.241.0/24 maxlen: 24
151.245.247.0/24 maxlen: 24
151.246.248.0/24 maxlen: 24
151.247.175.0/24 maxlen: 24
151.247.181.0/24 maxlen: 24
151.247.182.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:ce:25:fb:50:c5:87:2a:c9:8f:98:da:7b:a2:81:b4:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Oct 10 12:43:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=63aea0ce8476baa653a76e8f1504cdf4f6d24184
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:79:a6:7b:92:78:52:19:17:9f:04:5f:9f:14:
92:df:03:27:74:74:e7:42:28:f9:62:ef:0a:aa:f6:
ec:ea:e3:00:f7:52:2d:42:53:11:ae:15:12:f2:6b:
66:10:c1:2a:7c:14:7c:22:7a:2e:a6:2e:f6:ac:e1:
a8:56:bf:a3:46:9d:88:c8:91:bc:11:8f:96:23:ae:
28:7a:3a:2b:cb:55:9a:b1:67:a7:e5:bc:91:cd:8d:
1b:42:03:65:17:83:aa:a3:91:13:15:54:7a:9e:d4:
b2:e4:5f:39:b5:31:e2:c7:e7:33:44:3a:14:0d:01:
b6:d1:b1:67:1c:4f:98:d0:24:d7:bc:b4:53:89:cb:
91:4d:97:5a:61:7d:ad:3c:ab:2c:d7:8c:00:5a:bc:
95:a1:6c:8d:66:7d:e1:c1:b3:58:72:37:52:23:24:
b6:d0:85:ac:59:23:70:f6:77:85:85:e0:50:cc:6c:
d7:f7:77:32:a6:d6:db:b3:ad:f6:ff:bc:86:3e:95:
79:26:29:51:3f:53:5e:94:86:66:4c:bf:ca:bc:eb:
bd:90:24:14:23:49:a8:b1:c6:44:18:c8:82:b5:6a:
d3:1f:52:47:14:9c:b6:d4:a1:53:ab:55:e4:53:54:
3e:4d:aa:60:a2:88:8d:7d:44:d2:64:2c:e9:5a:d8:
35:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:AE:A0:CE:84:76:BA:A6:53:A7:6E:8F:15:04:CD:F4:F6:D2:41:84
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/Y66gzoR2uqZTp26PFQTN9PbSQYQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.240.73.0/24
151.240.78.0/24
151.241.177.0/24
151.244.38.0/24
151.244.52.0/24
151.244.62.0/24
151.244.75.0/24
151.244.87.0/24
151.245.102.0/24
151.245.189.0/24
151.245.191.0-151.245.192.255
151.245.241.0/24
151.245.247.0/24
151.246.248.0/24
151.247.175.0/24
151.247.181.0-151.247.182.255
Signature Algorithm: sha256WithRSAEncryption
29:c7:83:08:16:b3:a7:57:6d:ed:64:b3:35:92:f3:0b:0e:3f:
b5:23:e1:a6:63:c4:89:1f:ec:34:c5:f3:dc:c1:e0:54:b7:af:
85:63:12:d0:46:d5:d1:53:49:53:b5:f8:d3:12:07:57:a0:1c:
b3:75:c4:8b:80:1d:85:43:1d:11:9d:b8:79:8a:86:ae:da:f4:
70:be:50:a1:ed:c8:d6:bb:85:39:f2:81:fc:69:d0:48:85:3b:
0e:41:ad:66:59:a5:28:ef:0e:b9:63:fb:fe:48:06:eb:e2:47:
bf:37:1a:98:1e:74:77:be:2f:1b:93:9a:2c:3a:d0:87:b7:b6:
e2:a5:8f:25:a7:b8:ad:10:14:b1:9c:fc:07:2f:1a:d6:a4:a3:
58:23:2e:38:ba:c5:89:6d:66:17:79:c9:9a:d3:e6:6f:7e:24:
2a:b2:d4:dc:9e:89:3d:99:d9:9c:a4:77:12:5d:df:2f:e2:c8:
93:df:89:bd:06:93:28:98:f9:2f:78:9b:8d:b0:1b:52:5b:97:
b0:9f:74:0c:b1:bb:5a:9e:ae:88:13:d2:59:b2:03:54:f0:6f:
d7:2a:ed:9f:02:de:39:19:67:60:ad:1c:67:8e:56:38:31:03:
23:02:5e:f8:38:84:55:ae:2c:2c:98:ff:be:35:7e:db:52:d3:
86:9a:58:3c
-----BEGIN CERTIFICATE-----
MIIFaDCCBFCgAwIBAgISAZnOJftQxYcqyY+Y2nuigbRAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUxMDEwMTI0MzM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2M2FlYTBjZTg0NzZiYWE2NTNhNzZlOGYxNTA0Y2RmNGY2ZDI0MTg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt3mme5J4UhkXnwRfnxSS3wMndHTn
Qij5Yu8Kqvbs6uMA91ItQlMRrhUS8mtmEMEqfBR8Inoupi72rOGoVr+jRp2IyJG8
EY+WI64oejory1WasWen5byRzY0bQgNlF4Oqo5ETFVR6ntSy5F85tTHix+czRDoU
DQG20bFnHE+Y0CTXvLRTicuRTZdaYX2tPKss14wAWryVoWyNZn3hwbNYcjdSIyS2
0IWsWSNw9neFheBQzGzX93cyptbbs632/7yGPpV5JilRP1NelIZmTL/KvOu9kCQU
I0moscZEGMiCtWrTH1JHFJy21KFTq1XkU1Q+TapgooiNfUTSZCzpWtg1NQIDAQAB
o4ICdDCCAnAwHQYDVR0OBBYEFGOuoM6EdrqmU6dujxUEzfT20kGEMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvWTY2Z3pvUjJ1cVpUcDI2UEZRVE45UGJTUVlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGJBggrBgEFBQcBBwEB/wR6MHgwdgQCAAEwcAMEAJfwSQME
AJfwTgMEAJfxsQMEAJf0JgMEAJf0NAMEAJf0PgMEAJf0SwMEAJf0VwMEAJf1ZgME
AJf1vTAMAwQAl/W/AwQAl/XAAwQAl/XxAwQAl/X3AwQAl/b4AwQAl/evMAwDBACX
97UDBACX97YwDQYJKoZIhvcNAQELBQADggEBACnHgwgWs6dXbe1kszWS8wsOP7Uj
4aZjxIkf7DTF89zB4FS3r4VjEtBG1dFTSVO1+NMSB1egHLN1xIuAHYVDHRGduHmK
hq7a9HC+UKHtyNa7hTnygfxp0EiFOw5BrWZZpSjvDrlj+/5IBuviR783GpgedHe+
LxuTmiw60Ie3tuKljyWnuK0QFLGc/AcvGtako1gjLji6xYltZhd5yZrT5m9+JCqy
1NyeiT2Z2ZykdxJd3y/iyJPfib0GkyiY+S94m42wG1Jbl7CfdAyxu1qerogT0lmy
A1Twb9cq7Z8C3jkZZ2CtHGeOVjgxAyMCXvg4hFWuLCyY/741fttS04aaWDw=
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:05:38 2025 by rpki-client