Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/Z10hgHSiTUSOUKNW40oJxPap7oU.roa
File: Z10hgHSiTUSOUKNW40oJxPap7oU.roa (raw, json)
Hash identifier: btxaHA2fncPm1Qqo3zQfE9zE4BoUd0Hnhp+ua/h0o9Q=
Subject key identifier: 67:5D:21:80:74:A2:4D:44:8E:50:A3:56:E3:4A:09:C4:F6:A9:EE:85
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0198A3906488A240CC1D81DA2F1F1ED6E183
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/Z10hgHSiTUSOUKNW40oJxPap7oU.roa
Signing time: Wed 13 Aug 2025 13:13:25 +0000
ROA not before: Wed 13 Aug 2025 13:13:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58212
IP address blocks: 151.244.108.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 09:25:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:a3:90:64:88:a2:40:cc:1d:81:da:2f:1f:1e:d6:e1:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Aug 13 13:13:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=675d218074a24d448e50a356e34a09c4f6a9ee85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:b8:38:fc:c2:a2:73:27:dd:0d:53:73:da:cf:
6d:77:fb:35:ed:38:f7:88:e2:f8:f7:e9:3e:ac:57:
3f:49:b1:a1:da:40:38:2b:9e:f4:dc:64:3f:1f:1d:
3d:47:20:1e:26:4b:6b:60:4d:25:9e:9e:12:05:c8:
47:96:a5:eb:df:7c:08:45:e0:5f:0a:84:7b:1f:18:
de:eb:fb:b4:11:06:0f:77:01:e8:35:c3:5f:ec:20:
71:44:ff:e5:73:a4:d5:b4:0d:d4:2e:4e:0a:e4:0a:
61:65:6a:82:38:38:60:41:4f:2d:de:58:dd:d3:eb:
e1:7d:be:65:c8:f4:a8:da:44:2f:dd:9e:3e:99:2f:
49:cc:2d:77:2c:04:fa:e7:52:db:f3:20:4a:66:92:
9c:15:33:e0:11:0e:53:43:ef:d9:2d:a9:7f:6b:89:
45:2b:12:25:f8:ba:70:3b:77:f8:27:b2:d1:95:aa:
05:3d:53:b4:3b:f4:e8:41:16:aa:6e:da:1d:0a:71:
12:27:9a:e2:27:2c:42:b3:e8:dd:d0:bf:36:80:41:
d6:88:7b:bc:d4:35:04:6c:67:a3:1b:28:aa:9d:32:
50:44:5f:51:b5:80:e3:26:73:68:a9:df:24:e0:ce:
61:c4:02:3a:65:2f:cf:e3:72:7e:0a:62:88:8f:f6:
fa:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:5D:21:80:74:A2:4D:44:8E:50:A3:56:E3:4A:09:C4:F6:A9:EE:85
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/Z10hgHSiTUSOUKNW40oJxPap7oU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.244.108.0/24
Signature Algorithm: sha256WithRSAEncryption
61:ca:34:7b:43:95:b0:6e:5e:33:6a:a4:51:46:3d:94:8e:96:
f8:2e:7f:ce:55:65:8c:ce:27:43:67:11:41:bc:62:0e:fb:7c:
2d:5d:eb:b3:ae:f6:67:7f:08:e8:7e:49:c6:13:f7:15:f2:ee:
7f:2d:dd:18:24:b1:b6:c6:f2:e5:d4:ef:d8:42:1e:57:96:4d:
55:7c:96:26:2a:f2:09:26:07:d5:20:d6:c8:53:f0:42:05:bf:
d6:e1:c5:d1:5b:d7:70:25:62:dd:a9:bb:b8:5f:85:2a:90:98:
ea:8d:77:47:26:61:41:d6:06:56:cc:2c:ac:35:0a:56:fc:0b:
18:e6:79:ec:15:87:07:42:9e:4b:11:98:ff:f4:8d:35:20:f6:
85:68:a7:55:6b:c3:43:fe:35:e4:34:e1:f2:96:d5:23:df:02:
a6:2d:af:a1:af:4f:72:78:a2:9d:64:e8:e0:67:90:44:a7:b6:
82:e2:3e:6d:6b:5e:84:58:63:1f:18:a5:e6:c0:dd:bf:99:8b:
bd:53:6b:27:0f:17:51:a6:d4:90:28:55:23:03:c6:da:b4:d5:
91:e1:41:97:01:e4:bd:e8:92:31:3d:66:21:1e:ef:9f:83:9c:
5f:81:76:df:5e:e5:73:d7:2e:57:6d:ff:9b:82:66:8c:df:e7:
7b:d5:d7:4d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZijkGSIokDMHYHaLx8e1uGDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwODEzMTMxMzI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzVkMjE4MDc0YTI0ZDQ0OGU1MGEzNTZlMzRhMDljNGY2YTllZTg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzrg4/MKicyfdDVNz2s9td/s17Tj3
iOL49+k+rFc/SbGh2kA4K5703GQ/Hx09RyAeJktrYE0lnp4SBchHlqXr33wIReBf
CoR7Hxje6/u0EQYPdwHoNcNf7CBxRP/lc6TVtA3ULk4K5AphZWqCODhgQU8t3ljd
0+vhfb5lyPSo2kQv3Z4+mS9JzC13LAT651Lb8yBKZpKcFTPgEQ5TQ+/ZLal/a4lF
KxIl+LpwO3f4J7LRlaoFPVO0O/ToQRaqbtodCnESJ5riJyxCs+jd0L82gEHWiHu8
1DUEbGejGyiqnTJQRF9RtYDjJnNoqd8k4M5hxAI6ZS/P43J+CmKIj/b67wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGddIYB0ok1EjlCjVuNKCcT2qe6FMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvWjEwaGdIU2lUVVNPVUtOVzQwb0p4UGFwN29VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAl/RsMA0G
CSqGSIb3DQEBCwUAA4IBAQBhyjR7Q5Wwbl4zaqRRRj2Ujpb4Ln/OVWWMzidDZxFB
vGIO+3wtXeuzrvZnfwjofknGE/cV8u5/Ld0YJLG2xvLl1O/YQh5Xlk1VfJYmKvIJ
JgfVINbIU/BCBb/W4cXRW9dwJWLdqbu4X4UqkJjqjXdHJmFB1gZWzCysNQpW/AsY
5nnsFYcHQp5LEZj/9I01IPaFaKdVa8ND/jXkNOHyltUj3wKmLa+hr09yeKKdZOjg
Z5BEp7aC4j5ta16EWGMfGKXmwN2/mYu9U2snDxdRptSQKFUjA8batNWR4UGXAeS9
6JIxPWYhHu+fg5xfgXbfXuVz1y5Xbf+bgmaM3+d71ddN
-----END CERTIFICATE-----
Generated at Sat Aug 23 17:10:56 2025 by rpki-client