Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/biWEBgC_zTO8L5efjpM6ChdOGLg.roa
File: biWEBgC_zTO8L5efjpM6ChdOGLg.roa (raw, json)
Hash identifier: h4xWzf3cGwcJ11X041Ol+tl1fNpBURNB/ToRwZ2hvCU=
Subject key identifier: 6E:25:84:06:00:BF:CD:33:BC:2F:97:9F:8E:93:3A:0A:17:4E:18:B8
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0197CB44A5421264936462B2DE18EA5B7347
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/biWEBgC_zTO8L5efjpM6ChdOGLg.roa
Signing time: Wed 02 Jul 2025 13:12:43 +0000
ROA not before: Wed 02 Jul 2025 13:12:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212238
IP address blocks: 151.240.45.0/24 maxlen: 24
151.240.120.0/23 maxlen: 23
151.241.64.0/24 maxlen: 24
151.241.67.0/24 maxlen: 24
151.241.70.0/24 maxlen: 24
151.241.71.0/24 maxlen: 24
151.241.73.0/24 maxlen: 24
151.241.204.0/24 maxlen: 24
151.242.45.0/24 maxlen: 24
151.242.57.0/24 maxlen: 24
151.242.136.0/23 maxlen: 23
151.242.144.0/23 maxlen: 23
151.242.158.0/24 maxlen: 24
151.243.2.0/24 maxlen: 24
151.243.105.0/24 maxlen: 24
151.243.159.0/24 maxlen: 24
151.243.248.0/22 maxlen: 22
151.244.57.0/24 maxlen: 24
151.244.111.0/24 maxlen: 24
151.244.115.0/24 maxlen: 24
151.244.131.0/24 maxlen: 24
151.244.132.0/24 maxlen: 24
151.244.133.0/24 maxlen: 24
151.244.198.0/24 maxlen: 24
151.244.201.0/24 maxlen: 24
151.244.212.0/24 maxlen: 24
151.245.78.0/24 maxlen: 24
151.245.116.0/22 maxlen: 22
151.245.212.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 04 Jul 2025 04:00:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:cb:44:a5:42:12:64:93:64:62:b2:de:18:ea:5b:73:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Jul 2 13:12:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6e25840600bfcd33bc2f979f8e933a0a174e18b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:19:a6:30:77:d3:c4:42:bd:00:43:08:b1:a3:
cb:f0:66:ae:38:d8:d3:e9:08:fe:f4:e8:d6:a0:02:
b8:c6:bc:1a:fa:67:c3:1c:d6:80:04:7e:6a:87:d7:
fe:65:91:8d:3d:d1:3d:c2:6e:8f:5c:cf:b1:62:08:
12:09:99:ae:4a:f0:03:75:6b:73:9f:97:9a:4e:70:
cf:11:ef:2d:ef:08:13:db:71:83:1a:be:70:ce:d2:
23:e8:3f:da:12:26:31:ec:48:20:9b:ac:3a:aa:39:
d4:8e:bb:d0:2e:49:51:2c:ab:7a:14:5f:13:eb:d2:
44:a0:5c:c3:9f:f7:f5:0b:68:41:8e:93:22:71:74:
ca:3e:e3:8a:ee:a1:89:ca:9b:a1:b4:98:fd:9c:eb:
e9:9c:c0:2c:66:be:b4:d7:9c:00:f3:e7:e7:50:e0:
cc:17:2a:75:18:d0:46:b7:5d:62:51:e9:22:c5:9f:
97:b1:e2:30:f4:c2:7b:ae:3d:48:54:de:15:f9:7f:
56:7f:99:48:08:40:17:72:de:20:92:59:fa:12:2d:
9f:7a:4b:54:23:69:75:ee:ff:53:75:1d:f6:88:d5:
29:8a:b6:df:08:b8:c9:2b:56:0e:b6:c4:57:5d:08:
a1:69:42:e0:5a:e3:4d:4a:67:31:ea:10:56:ae:64:
53:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:25:84:06:00:BF:CD:33:BC:2F:97:9F:8E:93:3A:0A:17:4E:18:B8
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/biWEBgC_zTO8L5efjpM6ChdOGLg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.240.45.0/24
151.240.120.0/23
151.241.64.0/24
151.241.67.0/24
151.241.70.0/23
151.241.73.0/24
151.241.204.0/24
151.242.45.0/24
151.242.57.0/24
151.242.136.0/23
151.242.144.0/23
151.242.158.0/24
151.243.2.0/24
151.243.105.0/24
151.243.159.0/24
151.243.248.0/22
151.244.57.0/24
151.244.111.0/24
151.244.115.0/24
151.244.131.0-151.244.133.255
151.244.198.0/24
151.244.201.0/24
151.244.212.0/24
151.245.78.0/24
151.245.116.0/22
151.245.212.0/24
Signature Algorithm: sha256WithRSAEncryption
9e:36:33:8b:36:73:0b:03:ed:77:9a:7b:f4:5f:64:25:42:43:
c6:3e:89:6a:18:29:ff:e9:aa:60:bf:92:f9:2e:d4:9d:f3:8e:
5e:c5:82:e3:ba:78:ec:7a:65:37:63:4f:4e:78:8c:cc:af:d4:
8e:ef:c1:12:c3:01:fc:ab:58:93:71:8c:0f:40:21:1e:ad:c0:
12:6a:64:60:6a:73:e7:d4:17:15:e1:91:9d:82:d0:27:ef:e8:
32:94:a6:54:29:e9:58:c3:1d:e7:6d:bf:6f:36:7e:20:30:b9:
fc:80:f1:68:5f:8e:25:95:4b:09:29:81:4d:85:a6:be:4f:1f:
66:50:1e:dd:44:d8:1e:ef:42:0d:20:bf:63:7b:14:d1:71:8e:
9e:15:33:28:e1:b2:cd:61:52:08:1a:29:84:11:b3:3a:6d:f9:
cd:c0:72:1a:13:aa:7a:8d:5a:1e:dc:a7:9f:ca:5c:cb:e5:c7:
a6:bb:01:41:73:16:92:4f:a4:55:bb:8a:92:37:25:5b:3c:b4:
d7:e5:c0:2c:f1:f0:35:f4:73:b2:3f:59:8e:12:19:75:7a:55:
88:74:21:63:83:85:1e:f0:4b:24:e9:ad:d1:48:bc:4f:fc:06:
9d:ce:74:7c:eb:f9:8d:bd:d4:42:e6:42:e8:04:c9:de:b3:84:
45:a9:e6:5b
-----BEGIN CERTIFICATE-----
MIIFoDCCBIigAwIBAgISAZfLRKVCEmSTZGKy3hjqW3NHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNzAyMTMxMjQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTI1ODQwNjAwYmZjZDMzYmMyZjk3OWY4ZTkzM2EwYTE3NGUxOGI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuBmmMHfTxEK9AEMIsaPL8GauONjT
6Qj+9OjWoAK4xrwa+mfDHNaABH5qh9f+ZZGNPdE9wm6PXM+xYggSCZmuSvADdWtz
n5eaTnDPEe8t7wgT23GDGr5wztIj6D/aEiYx7Eggm6w6qjnUjrvQLklRLKt6FF8T
69JEoFzDn/f1C2hBjpMicXTKPuOK7qGJypuhtJj9nOvpnMAsZr6015wA8+fnUODM
Fyp1GNBGt11iUekixZ+XseIw9MJ7rj1IVN4V+X9Wf5lICEAXct4gkln6Ei2fektU
I2l17v9TdR32iNUpirbfCLjJK1YOtsRXXQihaULgWuNNSmcx6hBWrmRTuwIDAQAB
o4ICrDCCAqgwHQYDVR0OBBYEFG4lhAYAv80zvC+Xn46TOgoXThi4MB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvYmlXRUJnQ196VE84TDVlZmpwTTZDaGRPR0xnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHBBggrBgEFBQcBBwEB/wSBsTCBrjCBqwQCAAEwgaQDBACX
8C0DBAGX8HgDBACX8UADBACX8UMDBAGX8UYDBACX8UkDBACX8cwDBACX8i0DBACX
8jkDBAGX8ogDBAGX8pADBACX8p4DBACX8wIDBACX82kDBACX858DBAKX8/gDBACX
9DkDBACX9G8DBACX9HMwDAMEAJf0gwMEAZf0hAMEAJf0xgMEAJf0yQMEAJf01AME
AJf1TgMEApf1dAMEAJf11DANBgkqhkiG9w0BAQsFAAOCAQEAnjYzizZzCwPtd5p7
9F9kJUJDxj6Jahgp/+mqYL+S+S7UnfOOXsWC47p47HplN2NPTniMzK/Uju/BEsMB
/KtYk3GMD0AhHq3AEmpkYGpz59QXFeGRnYLQJ+/oMpSmVCnpWMMd522/bzZ+IDC5
/IDxaF+OJZVLCSmBTYWmvk8fZlAe3UTYHu9CDSC/Y3sU0XGOnhUzKOGyzWFSCBop
hBGzOm35zcByGhOqeo1aHtynn8pcy+XHprsBQXMWkk+kVbuKkjclWzy01+XALPHw
NfRzsj9ZjhIZdXpViHQhY4OFHvBLJOmt0Ui8T/wGnc50fOv5jb3UQuZC6ATJ3rOE
RanmWw==
-----END CERTIFICATE-----
Generated at Thu Jul 3 06:49:48 2025 by rpki-client