Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/_jM4sJcTCPOh30pjUv5fJPCaDTA.roa
File: _jM4sJcTCPOh30pjUv5fJPCaDTA.roa (raw, json)
Hash identifier: KURvt8l+PRGGNuEcop9KB5nxXxMHTPmOjdW54KcyftQ=
Subject key identifier: FE:33:38:B0:97:13:08:F3:A1:DF:4A:63:52:FE:5F:24:F0:9A:0D:30
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 01979CC58703A681D736DEA58E8B648CDE70
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/_jM4sJcTCPOh30pjUv5fJPCaDTA.roa
Signing time: Mon 23 Jun 2025 12:31:20 +0000
ROA not before: Mon 23 Jun 2025 12:31:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 36530
IP address blocks: 151.241.128.0/22 maxlen: 24
151.242.40.0/24 maxlen: 24
151.242.64.0/24 maxlen: 24
151.242.242.0/24 maxlen: 24
151.243.115.0/24 maxlen: 24
151.243.120.0/24 maxlen: 24
151.243.214.0/24 maxlen: 24
151.244.4.0/24 maxlen: 24
151.244.5.0/24 maxlen: 24
151.244.6.0/24 maxlen: 24
151.244.56.0/24 maxlen: 24
151.244.58.0/24 maxlen: 24
151.245.120.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Jun 2025 04:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:9c:c5:87:03:a6:81:d7:36:de:a5:8e:8b:64:8c:de:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Jun 23 12:31:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fe3338b0971308f3a1df4a6352fe5f24f09a0d30
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:f8:a3:78:94:9b:08:e4:49:fb:74:89:5e:d2:
12:09:7b:68:ac:cb:48:5a:cc:a8:cb:da:58:fd:70:
20:4c:1a:19:85:6c:ef:a8:72:7b:54:39:20:2f:97:
3d:ed:e7:2b:b8:96:f6:b1:23:b5:48:20:da:48:a5:
f3:ff:bf:77:b1:ee:e1:3a:f3:e8:05:3c:77:f9:0d:
fc:a2:8c:7e:67:2d:8e:54:de:6e:1f:8e:5b:3c:dc:
b1:77:19:aa:ef:cb:db:a0:af:07:d5:38:fa:13:40:
17:4f:c1:c5:f3:2b:fc:9f:ed:4e:28:ee:7e:4d:11:
64:56:42:ef:24:5c:f3:f1:e9:eb:1a:c8:f8:f4:cf:
43:ed:50:95:a6:9d:02:83:5c:9d:4a:47:28:e6:5a:
0b:92:66:7c:08:5f:68:96:9d:6f:17:cc:36:67:b4:
83:9c:4e:bc:3b:47:31:67:a0:63:83:1d:1f:ed:7a:
d0:bb:f5:50:22:1c:3f:83:fc:b5:46:19:d1:a0:69:
ad:3f:64:5a:d0:ca:51:0d:b9:cf:33:61:e7:65:34:
de:ec:ae:b1:e6:72:25:4c:7d:c2:d4:15:21:97:0b:
be:2e:5b:17:20:4d:d2:88:63:af:d9:47:08:6e:77:
a4:b8:fa:9c:81:62:f9:b9:6d:a1:7b:14:f1:20:18:
e2:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:33:38:B0:97:13:08:F3:A1:DF:4A:63:52:FE:5F:24:F0:9A:0D:30
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/_jM4sJcTCPOh30pjUv5fJPCaDTA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.241.128.0/22
151.242.40.0/24
151.242.64.0/24
151.242.242.0/24
151.243.115.0/24
151.243.120.0/24
151.243.214.0/24
151.244.4.0-151.244.6.255
151.244.56.0/24
151.244.58.0/24
151.245.120.0/21
Signature Algorithm: sha256WithRSAEncryption
1d:a8:92:5a:84:40:68:3a:87:64:04:82:8f:6e:b4:03:c9:2a:
71:75:df:bd:d0:19:18:4c:23:8e:09:36:d3:c3:3f:68:fd:6f:
ff:1f:9e:f2:72:36:86:ab:ae:b2:a7:f8:38:4c:a5:b9:f8:29:
86:e5:0c:c8:98:34:76:4e:10:bd:63:02:0e:2f:fa:69:94:86:
86:6a:87:05:44:9e:3d:25:4a:1f:15:b4:b5:31:83:a9:46:96:
68:9d:5c:cf:2e:9d:41:fc:34:f9:9a:86:50:66:40:32:94:3a:
df:76:2f:73:91:54:6c:2f:7d:02:c7:44:15:53:e9:0e:9e:2a:
60:c1:30:4a:26:8d:42:f6:2e:3d:fc:c2:73:7b:46:89:70:3a:
33:90:f9:7e:03:c9:28:7d:e9:e9:c3:8a:c7:97:f5:4b:3b:9b:
1c:f4:1f:9b:b5:88:51:8c:0d:12:e3:f0:4e:56:df:72:00:1f:
98:1d:63:a0:d9:6e:24:be:52:e0:ab:37:5b:5a:44:e6:bf:09:
7d:52:69:11:db:74:f0:05:93:9c:f0:58:8c:2f:58:e0:b2:5a:
da:7d:7f:52:69:c8:ea:ae:8c:b7:01:a5:15:10:64:d4:a2:c7:
f7:cf:3f:d0:a3:49:b9:cc:69:33:f7:de:36:5d:7f:80:66:a9:
a1:c6:f5:25
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgISAZecxYcDpoHXNt6ljotkjN5wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNjIzMTIzMTIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTMzMzhiMDk3MTMwOGYzYTFkZjRhNjM1MmZlNWYyNGYwOWEwZDMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjfijeJSbCORJ+3SJXtISCXtorMtI
Wsyoy9pY/XAgTBoZhWzvqHJ7VDkgL5c97ecruJb2sSO1SCDaSKXz/793se7hOvPo
BTx3+Q38oox+Zy2OVN5uH45bPNyxdxmq78vboK8H1Tj6E0AXT8HF8yv8n+1OKO5+
TRFkVkLvJFzz8enrGsj49M9D7VCVpp0Cg1ydSkco5loLkmZ8CF9olp1vF8w2Z7SD
nE68O0cxZ6Bjgx0f7XrQu/VQIhw/g/y1RhnRoGmtP2Ra0MpRDbnPM2HnZTTe7K6x
5nIlTH3C1BUhlwu+LlsXIE3SiGOv2UcIbnekuPqcgWL5uW2hexTxIBjiKwIDAQAB
o4ICTTCCAkkwHQYDVR0OBBYEFP4zOLCXEwjzod9KY1L+XyTwmg0wMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvX2pNNHNKY1RDUE9oMzBwalV2NWZKUENhRFRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGMGCCsGAQUFBwEHAQH/BFQwUjBQBAIAATBKAwQCl/GAAwQA
l/IoAwQAl/JAAwQAl/LyAwQAl/NzAwQAl/N4AwQAl/PWMAwDBAKX9AQDBACX9AYD
BACX9DgDBACX9DoDBAOX9XgwDQYJKoZIhvcNAQELBQADggEBAB2oklqEQGg6h2QE
go9utAPJKnF1373QGRhMI44JNtPDP2j9b/8fnvJyNoarrrKn+DhMpbn4KYblDMiY
NHZOEL1jAg4v+mmUhoZqhwVEnj0lSh8VtLUxg6lGlmidXM8unUH8NPmahlBmQDKU
Ot92L3ORVGwvfQLHRBVT6Q6eKmDBMEomjUL2Lj38wnN7RolwOjOQ+X4DySh96enD
iseX9Us7mxz0H5u1iFGMDRLj8E5W33IAH5gdY6DZbiS+UuCrN1taROa/CX1SaRHb
dPAFk5zwWIwvWOCyWtp9f1JpyOqujLcBpRUQZNSix/fPP9CjSbnMaTP33jZdf4Bm
qaHG9SU=
-----END CERTIFICATE-----
Generated at Sun Jun 29 09:36:41 2025 by rpki-client