Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/Zqn9d8MWiJ1VlD10_yZZ1S2m3NM.roa
File: Zqn9d8MWiJ1VlD10_yZZ1S2m3NM.roa (raw, json)
Hash identifier: abmcAAAYkmF+OXNnuzfhC6zER3yiGv0o1N4+TMOhopE=
Subject key identifier: 66:A9:FD:77:C3:16:88:9D:55:94:3D:74:FF:26:59:D5:2D:A6:DC:D3
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0198D1999FD420CE218661E9016EC94915BC
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/Zqn9d8MWiJ1VlD10_yZZ1S2m3NM.roa
Signing time: Fri 22 Aug 2025 11:46:02 +0000
ROA not before: Fri 22 Aug 2025 11:46:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21859
IP address blocks: 37.202.203.0/24 maxlen: 24
37.202.222.0/24 maxlen: 24
151.240.79.0/24 maxlen: 24
151.240.177.0/24 maxlen: 24
151.240.255.0/24 maxlen: 24
151.241.8.0/24 maxlen: 24
151.242.87.0/24 maxlen: 24
151.242.148.0/24 maxlen: 24
151.242.174.0/23 maxlen: 23
151.242.192.0/23 maxlen: 23
151.242.205.0/24 maxlen: 24
151.243.3.0/24 maxlen: 24
151.243.101.0/24 maxlen: 24
151.243.253.0/24 maxlen: 24
151.244.188.0/24 maxlen: 24
151.245.4.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 09:25:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d1:99:9f:d4:20:ce:21:86:61:e9:01:6e:c9:49:15:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Aug 22 11:46:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=66a9fd77c316889d55943d74ff2659d52da6dcd3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:46:e4:f3:7e:13:9b:32:6c:49:77:28:7f:0d:
d3:36:cb:57:5a:18:9b:a4:ae:20:52:2f:c0:e8:e5:
c4:b7:4a:ee:5a:98:7b:08:26:f9:d6:b0:8e:9d:e8:
c0:27:4d:ec:00:38:b0:9c:9c:f9:72:0a:3c:24:1d:
44:4f:bc:00:73:ad:89:b0:5d:18:17:cf:47:29:08:
8f:58:54:1b:64:5f:ff:0b:68:00:01:95:0e:5c:e4:
be:5b:22:24:b8:98:7d:83:2c:85:5c:17:fa:ec:f8:
1d:ad:8d:3e:71:3c:93:2a:0b:ea:e2:46:7f:be:12:
bc:12:fc:ce:52:c2:2b:45:38:8a:3c:b5:8d:64:86:
fa:57:a4:fe:0f:58:5f:45:4a:97:4f:fa:f8:9c:d2:
ba:de:fe:ba:4c:2b:74:b4:23:a9:da:a2:98:92:f6:
a5:92:43:af:36:fd:d4:cc:94:de:a9:f9:97:7d:5e:
da:3a:e3:0b:7d:a9:3f:b1:59:5d:0f:3e:fa:37:92:
3b:13:bc:d9:ab:78:74:e0:e4:48:a2:72:0d:6f:12:
28:3c:4d:88:fe:40:af:43:7c:63:cb:f2:ac:c6:71:
76:ac:f8:85:be:c9:f8:94:95:f9:e0:81:33:52:a5:
e1:80:a4:5f:66:fe:4a:31:c2:c4:6a:41:d9:8c:fb:
95:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:A9:FD:77:C3:16:88:9D:55:94:3D:74:FF:26:59:D5:2D:A6:DC:D3
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/Zqn9d8MWiJ1VlD10_yZZ1S2m3NM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.202.203.0/24
37.202.222.0/24
151.240.79.0/24
151.240.177.0/24
151.240.255.0/24
151.241.8.0/24
151.242.87.0/24
151.242.148.0/24
151.242.174.0/23
151.242.192.0/23
151.242.205.0/24
151.243.3.0/24
151.243.101.0/24
151.243.253.0/24
151.244.188.0/24
151.245.4.0/24
Signature Algorithm: sha256WithRSAEncryption
58:fc:5b:33:10:3d:54:c9:3d:33:0a:2a:cc:b3:c8:91:18:2c:
b4:e2:f5:b9:dd:e3:33:8d:56:4e:68:6c:2a:e3:65:08:ad:23:
15:6d:8d:b4:bb:bf:14:53:f2:1d:af:14:48:14:79:1f:93:a4:
19:ff:89:74:98:30:f2:a2:df:06:5c:db:ca:a1:b4:26:fa:13:
3e:bc:ec:6e:f3:49:14:16:a6:77:0a:30:0d:68:45:17:30:98:
81:98:db:d1:0b:b1:76:e8:75:a5:a2:8f:87:fa:aa:1c:d2:b6:
d9:13:54:81:2a:df:15:46:30:07:35:48:fe:4f:47:42:fd:68:
bd:bc:2a:60:e7:9d:e2:58:22:4a:62:e4:cb:a1:5d:3b:47:ac:
54:d5:ad:b2:61:79:ea:b4:34:78:cc:0a:b2:9d:c3:6b:ac:87:
8b:c0:25:9f:f4:e3:eb:1e:c6:f3:5b:c2:1d:43:d0:c8:6f:1e:
ee:24:66:dd:e4:43:ed:a6:5d:36:0f:93:7f:5b:c6:83:ee:7b:
05:9d:6c:36:27:c4:15:8d:36:05:41:31:bb:58:33:72:d2:77:
0c:01:0d:05:66:6e:d6:bc:a5:22:01:37:d6:66:6a:1b:a3:57:
0c:2a:18:be:4f:cb:07:de:8f:46:69:8a:c7:b8:7f:cb:1d:05:
92:18:a7:f2
-----BEGIN CERTIFICATE-----
MIIFVzCCBD+gAwIBAgISAZjRmZ/UIM4hhmHpAW7JSRW8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwODIyMTE0NjAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NmE5ZmQ3N2MzMTY4ODlkNTU5NDNkNzRmZjI2NTlkNTJkYTZkY2QzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr0bk834TmzJsSXcofw3TNstXWhib
pK4gUi/A6OXEt0ruWph7CCb51rCOnejAJ03sADiwnJz5cgo8JB1ET7wAc62JsF0Y
F89HKQiPWFQbZF//C2gAAZUOXOS+WyIkuJh9gyyFXBf67PgdrY0+cTyTKgvq4kZ/
vhK8EvzOUsIrRTiKPLWNZIb6V6T+D1hfRUqXT/r4nNK63v66TCt0tCOp2qKYkval
kkOvNv3UzJTeqfmXfV7aOuMLfak/sVldDz76N5I7E7zZq3h04ORIonINbxIoPE2I
/kCvQ3xjy/KsxnF2rPiFvsn4lJX54IEzUqXhgKRfZv5KMcLEakHZjPuV/wIDAQAB
o4ICYzCCAl8wHQYDVR0OBBYEFGap/XfDFoidVZQ9dP8mWdUtptzTMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvWnFuOWQ4TVdpSjFWbEQxMF95WloxUzJtM05NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHkGCCsGAQUFBwEHAQH/BGowaDBmBAIAATBgAwQAJcrLAwQA
JcreAwQAl/BPAwQAl/CxAwQAl/D/AwQAl/EIAwQAl/JXAwQAl/KUAwQBl/KuAwQB
l/LAAwQAl/LNAwQAl/MDAwQAl/NlAwQAl/P9AwQAl/S8AwQAl/UEMA0GCSqGSIb3
DQEBCwUAA4IBAQBY/FszED1UyT0zCirMs8iRGCy04vW53eMzjVZOaGwq42UIrSMV
bY20u78UU/IdrxRIFHkfk6QZ/4l0mDDyot8GXNvKobQm+hM+vOxu80kUFqZ3CjAN
aEUXMJiBmNvRC7F26HWloo+H+qoc0rbZE1SBKt8VRjAHNUj+T0dC/Wi9vCpg553i
WCJKYuTLoV07R6xU1a2yYXnqtDR4zAqyncNrrIeLwCWf9OPrHsbzW8IdQ9DIbx7u
JGbd5EPtpl02D5N/W8aD7nsFnWw2J8QVjTYFQTG7WDNy0ncMAQ0FZm7WvKUiATfW
Zmobo1cMKhi+T8sH3o9GaYrHuH/LHQWSGKfy
-----END CERTIFICATE-----
Generated at Sat Aug 23 19:41:17 2025 by rpki-client