Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/Zqw5aNuTAquY-WNHReiKOLFzkyw.roa
File: Zqw5aNuTAquY-WNHReiKOLFzkyw.roa (raw, json)
Hash identifier: Kh7ZHNVnBHqvi9wVMHHSj9cPFj9HhyO2w9ud2Wq5Suc=
Subject key identifier: 66:AC:39:68:DB:93:02:AB:98:F9:63:47:45:E8:8A:38:B1:73:93:2C
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 01988A3B3227EB62F34587E32ED8748C8BAB
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/Zqw5aNuTAquY-WNHReiKOLFzkyw.roa
Signing time: Fri 08 Aug 2025 15:09:51 +0000
ROA not before: Fri 08 Aug 2025 15:09:51 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 397423
IP address blocks: 151.241.91.0/24 maxlen: 24
151.242.97.0/24 maxlen: 24
151.244.99.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:8a:3b:32:27:eb:62:f3:45:87:e3:2e:d8:74:8c:8b:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Aug 8 15:09:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=66ac3968db9302ab98f9634745e88a38b173932c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:c2:b3:62:3e:34:27:f3:a3:a3:d2:71:04:c4:
c4:87:e7:bb:ea:b2:6a:c4:bf:1e:6f:4b:46:47:0d:
02:5c:8b:c3:64:41:d0:33:02:54:65:81:9f:1b:29:
ad:79:75:3a:1b:72:d3:32:6a:fb:f3:2a:cf:74:9c:
6a:8c:89:c4:26:70:d1:fb:d5:96:a5:5e:61:f2:6c:
97:3c:43:3e:db:39:d8:20:5d:c4:a5:62:0c:6b:fd:
cb:b3:de:8e:6d:44:a3:ae:da:4b:80:82:23:16:2c:
c8:72:9d:58:e2:7b:17:62:cb:ba:a9:e0:ad:17:da:
0a:94:3c:ac:2a:91:7e:d8:e5:26:42:31:d6:86:b5:
94:fe:95:4b:d9:c7:c5:2b:6f:49:1c:2d:a3:49:27:
95:a9:73:70:38:dc:40:86:53:10:e4:b2:da:a4:67:
39:f9:a6:b1:1b:e3:03:ad:17:6b:f1:99:2b:21:c4:
b5:37:a6:ab:3d:08:8b:08:89:87:64:52:38:f0:a2:
17:b6:57:40:30:55:58:56:d5:9f:fc:94:7a:4b:89:
af:fe:bb:24:3b:6d:f0:e7:ab:dd:be:51:d6:0c:5f:
f6:20:d8:55:2c:3e:ed:bd:27:33:bb:5f:69:56:f4:
63:b1:ea:c0:f8:a6:e0:5d:3e:8c:d0:aa:96:04:55:
65:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:AC:39:68:DB:93:02:AB:98:F9:63:47:45:E8:8A:38:B1:73:93:2C
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/Zqw5aNuTAquY-WNHReiKOLFzkyw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.241.91.0/24
151.242.97.0/24
151.244.99.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:03:fb:48:f3:32:39:32:78:a4:2d:c1:60:1e:29:e1:56:f8:
a6:39:ec:86:b1:6c:35:de:99:d3:b7:bd:e9:07:27:15:92:2a:
ae:7b:2e:0f:5a:a6:d9:e7:d9:0d:40:46:81:80:88:b2:d3:8f:
57:bc:5c:3a:ba:2d:3b:0c:8e:91:e5:a5:c2:34:c6:55:8d:ea:
6c:36:d9:22:ad:43:a3:8e:41:36:1c:bc:e7:ec:8a:d8:d6:6a:
c6:af:7e:d2:18:fc:db:b0:75:b7:b7:21:ec:af:68:c2:0c:ea:
27:d9:92:2d:bb:fa:52:8c:dd:c3:09:63:ca:7e:68:02:f1:f8:
14:b9:d4:8a:b1:27:48:c6:aa:df:ce:e7:a4:bf:32:fd:1f:c1:
09:3f:5e:49:e8:2c:d4:61:f3:d6:35:4d:7b:12:2b:12:c4:c5:
31:39:d1:c9:13:d1:10:e0:92:a7:ec:38:1a:90:e9:0b:40:31:
e4:95:4b:68:f5:fc:3b:2a:81:f1:ba:6b:80:7f:fc:1d:d9:31:
ae:a7:04:20:c9:5e:60:6c:9f:9e:9a:12:d9:3c:e9:27:92:32:
cc:e4:60:7f:a2:44:74:a1:62:61:94:13:a6:ec:34:67:01:e2:
d5:d8:8f:a4:2b:c9:b1:15:0f:ff:10:9e:cb:f6:db:e0:a5:d6:
47:e7:a3:9f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZiKOzIn62LzRYfjLth0jIurMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwODA4MTUwOTUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NmFjMzk2OGRiOTMwMmFiOThmOTYzNDc0NWU4OGEzOGIxNzM5MzJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArsKzYj40J/Ojo9JxBMTEh+e76rJq
xL8eb0tGRw0CXIvDZEHQMwJUZYGfGymteXU6G3LTMmr78yrPdJxqjInEJnDR+9WW
pV5h8myXPEM+2znYIF3EpWIMa/3Ls96ObUSjrtpLgIIjFizIcp1Y4nsXYsu6qeCt
F9oKlDysKpF+2OUmQjHWhrWU/pVL2cfFK29JHC2jSSeVqXNwONxAhlMQ5LLapGc5
+aaxG+MDrRdr8ZkrIcS1N6arPQiLCImHZFI48KIXtldAMFVYVtWf/JR6S4mv/rsk
O23w56vdvlHWDF/2INhVLD7tvSczu19pVvRjserA+KbgXT6M0KqWBFVlLQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGasOWjbkwKrmPljR0Xoijixc5MsMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvWnF3NWFOdVRBcXVZLVdOSFJlaUtPTEZ6a3l3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAl/FbAwQA
l/JhAwQAl/RjMA0GCSqGSIb3DQEBCwUAA4IBAQA9A/tI8zI5MnikLcFgHinhVvim
OeyGsWw13pnTt73pBycVkiquey4PWqbZ59kNQEaBgIiy049XvFw6ui07DI6R5aXC
NMZVjepsNtkirUOjjkE2HLzn7IrY1mrGr37SGPzbsHW3tyHsr2jCDOon2ZItu/pS
jN3DCWPKfmgC8fgUudSKsSdIxqrfzuekvzL9H8EJP15J6CzUYfPWNU17EisSxMUx
OdHJE9EQ4JKn7DgakOkLQDHklUto9fw7KoHxumuAf/wd2TGupwQgyV5gbJ+emhLZ
POknkjLM5GB/okR0oWJhlBOm7DRnAeLV2I+kK8mxFQ//EJ7L9tvgpdZH56Of
-----END CERTIFICATE-----
Generated at Sat Aug 23 09:06:51 2025 by rpki-client