Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/guF-nkEPLBqhbteW0YNAcebsoQY.roa
File: guF-nkEPLBqhbteW0YNAcebsoQY.roa (raw, json)
Hash identifier: +kgknPJwqOUKXdP0FGQGNBNw0TGhoWp4p+lyGBorLL0=
Subject key identifier: 82:E1:7E:9E:41:0F:2C:1A:A1:6E:D7:96:D1:83:40:71:E6:EC:A1:06
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0198D171CC20118BDC406690B6CE1768E102
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/guF-nkEPLBqhbteW0YNAcebsoQY.roa
Signing time: Fri 22 Aug 2025 11:02:32 +0000
ROA not before: Fri 22 Aug 2025 11:02:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 137517
IP address blocks: 151.240.120.0/24 maxlen: 24
151.242.90.0/24 maxlen: 24
151.243.136.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 17:19:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d1:71:cc:20:11:8b:dc:40:66:90:b6:ce:17:68:e1:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Aug 22 11:02:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=82e17e9e410f2c1aa16ed796d1834071e6eca106
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:d0:34:4d:da:46:a1:db:63:95:34:76:36:83:
dc:7d:09:0e:29:bf:06:d1:0c:6c:bb:d7:99:48:00:
33:62:07:be:19:42:f7:7b:6e:5f:5d:a9:35:bd:87:
73:2a:1d:61:98:ec:9f:5d:5c:47:b6:c9:5c:d8:00:
33:ad:2e:4f:75:a9:83:fc:00:ec:42:ef:98:ee:dd:
05:3f:b5:1a:16:86:ff:48:e7:45:d9:57:4f:64:c9:
6d:8f:0c:a6:83:e3:20:87:93:5b:0f:8e:3f:c2:01:
80:08:cb:c4:bc:62:ba:58:c0:c0:42:8c:55:c6:55:
93:c7:90:f2:3d:c6:2c:01:a3:93:b6:1d:fe:0a:8a:
42:7d:43:48:f3:1f:47:33:b7:55:d2:45:62:55:f7:
f3:98:16:8e:6e:65:26:c2:b6:e0:50:05:ad:4e:75:
e9:47:f4:07:83:39:6f:e8:f4:14:77:a1:6f:9c:63:
3a:fa:6c:55:f5:ef:d4:11:00:87:97:d3:db:31:6b:
73:25:c7:0b:2c:80:03:9d:a4:27:4a:c4:7d:a3:d1:
d0:75:44:47:48:87:c9:d1:c0:ee:64:d8:82:62:d6:
04:c9:56:05:1f:7a:02:f9:68:28:fb:b0:60:72:8d:
db:71:9a:40:b8:cd:87:25:4a:3e:6e:c5:2f:c2:4a:
d6:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:E1:7E:9E:41:0F:2C:1A:A1:6E:D7:96:D1:83:40:71:E6:EC:A1:06
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/guF-nkEPLBqhbteW0YNAcebsoQY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.240.120.0/24
151.242.90.0/24
151.243.136.0/24
Signature Algorithm: sha256WithRSAEncryption
10:53:0f:55:1a:a9:23:7e:d7:f3:83:72:f2:3e:37:86:af:00:
2b:c5:ec:17:81:72:bc:0b:b5:8a:e1:c8:6d:b6:5b:55:4a:07:
02:f8:92:70:ad:a4:84:ae:87:f5:b1:ab:3d:f4:58:c9:17:dc:
80:6f:11:07:ba:f3:dd:23:e7:a7:75:78:53:d6:6a:2c:f7:8f:
92:2b:d5:62:e3:d6:c5:85:69:4b:08:f8:d7:72:2f:f3:ad:f2:
30:ef:19:c1:0c:fe:f6:71:51:67:25:62:eb:b0:7b:cd:2d:7c:
2d:3d:3f:49:e8:e4:64:b0:4d:27:c7:13:3c:a1:9b:de:32:e7:
4a:f8:ed:94:ff:cc:fc:c4:0e:88:8d:02:a3:8c:e2:fa:ee:63:
d3:d4:01:ee:9b:6e:4c:ee:32:d2:e5:f3:35:38:ed:12:eb:87:
ee:b7:3f:1b:e5:b4:f0:73:a1:8d:83:fd:7b:3a:a8:0e:ec:5e:
8a:e2:9d:75:30:4d:23:e6:34:6f:e9:c1:1c:ab:d9:ae:cc:f6:
58:49:7c:3b:54:23:81:9a:66:85:a3:02:7a:39:ca:b5:6a:6f:
34:88:93:e6:97:47:37:e2:b8:50:0c:6d:ff:2a:6e:a2:08:49:
ea:c4:1f:65:8a:bc:e4:11:83:03:90:09:b7:0c:a1:ad:56:19:
83:20:ed:8c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZjRccwgEYvcQGaQts4XaOECMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwODIyMTEwMjMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MmUxN2U5ZTQxMGYyYzFhYTE2ZWQ3OTZkMTgzNDA3MWU2ZWNhMTA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvNA0TdpGodtjlTR2NoPcfQkOKb8G
0Qxsu9eZSAAzYge+GUL3e25fXak1vYdzKh1hmOyfXVxHtslc2AAzrS5PdamD/ADs
Qu+Y7t0FP7UaFob/SOdF2VdPZMltjwymg+Mgh5NbD44/wgGACMvEvGK6WMDAQoxV
xlWTx5DyPcYsAaOTth3+CopCfUNI8x9HM7dV0kViVffzmBaObmUmwrbgUAWtTnXp
R/QHgzlv6PQUd6FvnGM6+mxV9e/UEQCHl9PbMWtzJccLLIADnaQnSsR9o9HQdURH
SIfJ0cDuZNiCYtYEyVYFH3oC+Wgo+7Bgco3bcZpAuM2HJUo+bsUvwkrWuQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFILhfp5BDywaoW7XltGDQHHm7KEGMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvZ3VGLW5rRVBMQnFoYnRlVzBZTkFjZWJzb1FZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAl/B4AwQA
l/JaAwQAl/OIMA0GCSqGSIb3DQEBCwUAA4IBAQAQUw9VGqkjftfzg3LyPjeGrwAr
xewXgXK8C7WK4chttltVSgcC+JJwraSErof1sas99FjJF9yAbxEHuvPdI+endXhT
1mos94+SK9Vi49bFhWlLCPjXci/zrfIw7xnBDP72cVFnJWLrsHvNLXwtPT9J6ORk
sE0nxxM8oZveMudK+O2U/8z8xA6IjQKjjOL67mPT1AHum25M7jLS5fM1OO0S64fu
tz8b5bTwc6GNg/17OqgO7F6K4p11ME0j5jRv6cEcq9muzPZYSXw7VCOBmmaFowJ6
Ocq1am80iJPml0c34rhQDG3/Km6iCEnqxB9lirzkEYMDkAm3DKGtVhmDIO2M
-----END CERTIFICATE-----
Generated at Sun Aug 24 03:00:57 2025 by rpki-client