Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/iGJvG0mcCauU_bXWkR_WeTuubjc.roa
File: iGJvG0mcCauU_bXWkR_WeTuubjc.roa (raw, json)
Hash identifier: 5LrB1wmWs5vRURU38uoYBmBt2rhHGeU04uw7oeVN1kY=
Subject key identifier: 88:62:6F:1B:49:9C:09:AB:94:FD:B5:D6:91:1F:D6:79:3B:AE:6E:37
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 01978C5582C157CB5FB4A108D128F6A98139
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/iGJvG0mcCauU_bXWkR_WeTuubjc.roa
Signing time: Fri 20 Jun 2025 07:55:03 +0000
ROA not before: Fri 20 Jun 2025 07:55:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3356
IP address blocks: 151.242.180.0/22 maxlen: 24
151.243.117.0/24 maxlen: 24
151.243.119.0/24 maxlen: 24
151.243.121.0/24 maxlen: 24
151.243.122.0/24 maxlen: 24
151.243.232.0/24 maxlen: 24
151.243.236.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 03 Jul 2025 01:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:8c:55:82:c1:57:cb:5f:b4:a1:08:d1:28:f6:a9:81:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Jun 20 07:55:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=88626f1b499c09ab94fdb5d6911fd6793bae6e37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:56:be:e1:f9:54:cd:84:fa:40:0d:17:b5:3c:
34:92:6f:b8:4c:72:44:5c:a8:2c:d4:71:e8:64:da:
cc:20:7f:5c:48:8a:cb:f0:61:b0:f6:a0:25:21:25:
88:6f:85:1c:f3:81:88:9a:84:d8:c6:eb:09:1a:4a:
a5:68:a4:e9:f3:3c:98:c2:91:4e:9f:64:a7:80:c5:
37:db:96:4f:6b:43:16:62:a1:66:ed:4b:0c:cd:d5:
f7:9e:b0:b0:33:c6:d0:c5:b1:d3:3f:85:e2:83:b7:
8d:19:f9:5c:be:fa:57:7a:61:e8:4f:38:ca:57:db:
98:b1:5c:0d:37:d9:c9:8d:81:ac:bb:ae:2f:9f:6a:
c0:ed:d0:33:6e:3d:87:55:bd:bc:ba:12:6f:0a:6f:
bf:96:b5:1a:e3:4c:cb:b3:b1:2e:7a:80:a3:59:dd:
09:1f:76:bc:b0:e9:78:64:95:af:f5:06:0b:69:19:
f0:cc:c1:d6:32:85:10:33:8e:4f:b7:96:fb:51:df:
73:b1:4e:60:d6:bf:e3:54:95:73:6b:07:d8:f4:95:
eb:b4:a0:12:6c:b0:a7:14:59:c4:4c:a2:1c:3a:9f:
82:08:36:f4:5d:58:71:e7:cb:6c:5e:cd:8e:ee:ad:
fe:09:ac:19:f2:4a:82:8d:7d:d4:e7:a5:ba:a5:aa:
e8:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:62:6F:1B:49:9C:09:AB:94:FD:B5:D6:91:1F:D6:79:3B:AE:6E:37
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/iGJvG0mcCauU_bXWkR_WeTuubjc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.242.180.0/22
151.243.117.0/24
151.243.119.0/24
151.243.121.0-151.243.122.255
151.243.232.0/24
151.243.236.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:15:03:90:cc:50:cf:3f:fa:c6:9a:7d:cc:dc:2e:36:fa:73:
89:78:2f:6f:56:8b:45:57:cd:97:b2:e6:b0:71:99:dd:c9:ef:
a2:4c:2e:59:c7:2a:c6:2e:e5:e8:ee:c4:6b:67:5e:da:f9:e2:
95:5c:3b:b4:f3:99:f7:3d:a0:22:e6:a6:4f:23:7b:0b:a0:c5:
d2:8d:3b:04:8d:58:ec:9f:42:99:bb:a5:41:39:32:0f:f9:7e:
a6:8a:53:a2:d9:a5:dd:a3:d8:ad:ac:d9:c5:15:43:a9:90:a3:
bf:23:18:a3:13:db:3c:b6:4f:d2:10:35:62:b0:d6:48:04:da:
33:53:8f:ee:d8:3e:29:ec:8c:e1:ee:02:fb:24:dc:18:9d:f5:
1e:94:60:cc:f1:83:0c:dc:0b:d5:35:5a:b8:f8:6c:7d:a1:f3:
b7:cb:d1:0c:82:01:1d:6b:9d:2c:1e:4d:75:d7:17:ec:cd:7d:
0a:56:9c:16:91:26:54:a8:fd:f0:b1:50:ab:c7:30:0d:7c:9a:
01:0f:9e:d1:19:49:66:13:2e:fc:66:91:bc:e5:cd:66:a7:3c:
c3:d4:47:17:9e:dd:4f:4c:48:77:15:19:09:96:b5:8d:92:cb:
27:79:80:4f:c1:19:97:09:b2:5a:70:8f:32:be:c6:8f:f0:b3:
b4:ba:be:09
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZeMVYLBV8tftKEI0Sj2qYE5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNjIwMDc1NTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODYyNmYxYjQ5OWMwOWFiOTRmZGI1ZDY5MTFmZDY3OTNiYWU2ZTM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5la+4flUzYT6QA0XtTw0km+4THJE
XKgs1HHoZNrMIH9cSIrL8GGw9qAlISWIb4Uc84GImoTYxusJGkqlaKTp8zyYwpFO
n2SngMU325ZPa0MWYqFm7UsMzdX3nrCwM8bQxbHTP4Xig7eNGflcvvpXemHoTzjK
V9uYsVwNN9nJjYGsu64vn2rA7dAzbj2HVb28uhJvCm+/lrUa40zLs7EueoCjWd0J
H3a8sOl4ZJWv9QYLaRnwzMHWMoUQM45Pt5b7Ud9zsU5g1r/jVJVzawfY9JXrtKAS
bLCnFFnETKIcOp+CCDb0XVhx58tsXs2O7q3+CawZ8kqCjX3U56W6parodQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFIhibxtJnAmrlP211pEf1nk7rm43MB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvaUdKdkcwbWNDYXVVX2JYV2tSX1dlVHV1YmpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQCl/K0AwQA
l/N1AwQAl/N3MAwDBACX83kDBACX83oDBACX8+gDBACX8+wwDQYJKoZIhvcNAQEL
BQADggEBACsVA5DMUM8/+saafczcLjb6c4l4L29Wi0VXzZey5rBxmd3J76JMLlnH
KsYu5ejuxGtnXtr54pVcO7Tzmfc9oCLmpk8jewugxdKNOwSNWOyfQpm7pUE5Mg/5
fqaKU6LZpd2j2K2s2cUVQ6mQo78jGKMT2zy2T9IQNWKw1kgE2jNTj+7YPinsjOHu
Avsk3Bid9R6UYMzxgwzcC9U1Wrj4bH2h87fL0QyCAR1rnSweTXXXF+zNfQpWnBaR
JlSo/fCxUKvHMA18mgEPntEZSWYTLvxmkbzlzWanPMPURxee3U9MSHcVGQmWtY2S
yyd5gE/BGZcJslpwjzK+xo/ws7S6vgk=
-----END CERTIFICATE-----
Generated at Wed Jul 2 07:30:37 2025 by rpki-client