Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/jfVddjpDwa77lcaV_SnHAtcbbWA.roa
File: jfVddjpDwa77lcaV_SnHAtcbbWA.roa (raw, json)
Hash identifier: Hv10tEJnscVxx4qqqXfTvb5wYzjXuItlh4h3tI1eVWA=
Subject key identifier: 8D:F5:5D:76:3A:43:C1:AE:FB:95:C6:95:FD:29:C7:02:D7:1B:6D:60
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0198A384A5EF263048C2E6C34A625B49482D
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/jfVddjpDwa77lcaV_SnHAtcbbWA.roa
Signing time: Wed 13 Aug 2025 13:00:36 +0000
ROA not before: Wed 13 Aug 2025 13:00:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211693
IP address blocks: 151.242.59.0/24 maxlen: 24
151.242.81.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:a3:84:a5:ef:26:30:48:c2:e6:c3:4a:62:5b:49:48:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Aug 13 13:00:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8df55d763a43c1aefb95c695fd29c702d71b6d60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:cf:a4:11:e6:bf:b2:d9:92:1c:e5:32:2f:25:
fa:18:ba:76:06:8c:de:6e:98:6a:aa:d5:23:1d:e6:
59:13:99:fd:00:60:c4:41:93:9f:cb:2f:74:c5:15:
61:3a:5b:97:d8:c0:56:b3:cd:46:b7:4f:c2:9c:42:
13:3a:7a:e5:bb:22:3b:d3:72:b1:e6:8a:c3:7d:9a:
3e:d8:85:4a:bd:d8:1e:a0:57:41:30:62:26:b8:b9:
c2:7f:2e:f2:2a:b3:b8:d6:a2:13:48:d0:b5:b4:cc:
c0:7c:3c:39:af:c7:d8:4e:cb:50:96:86:95:96:19:
a6:77:ae:8a:95:ad:6e:08:69:86:7c:c4:7a:f8:33:
bc:42:cc:46:a4:ab:30:ab:46:ca:2a:12:a1:cc:dc:
df:ef:49:57:d8:11:80:80:90:9c:c7:6b:28:0d:41:
6f:d5:95:c4:24:0c:bc:be:f4:a6:a3:47:4f:fc:4f:
d0:bc:3f:28:fd:65:44:2a:d7:f7:0c:e7:89:a1:93:
c1:9b:bb:a4:17:1c:27:7c:23:be:20:de:2c:94:7f:
c9:9e:f0:76:e0:cc:24:de:0d:d0:c2:4d:e1:19:63:
8b:53:7a:67:b7:57:91:43:1d:09:ed:4a:4d:9c:dd:
02:3b:ba:51:1b:b0:e7:b7:9e:d4:c1:97:d2:96:6e:
35:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:F5:5D:76:3A:43:C1:AE:FB:95:C6:95:FD:29:C7:02:D7:1B:6D:60
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/jfVddjpDwa77lcaV_SnHAtcbbWA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.242.59.0/24
151.242.81.0/24
Signature Algorithm: sha256WithRSAEncryption
29:07:b1:2d:21:f4:b1:40:9b:ab:03:31:52:c2:a9:cb:0d:d1:
4b:0e:20:2e:9b:b1:db:52:48:1e:e8:fe:fe:47:43:f9:72:a4:
d3:97:4f:06:a1:2f:31:a9:fd:81:a9:d5:fb:15:58:27:e7:00:
34:44:76:ee:ef:93:75:80:67:c3:08:ef:e7:eb:63:36:60:80:
e6:f0:41:6e:21:87:6d:1c:3a:68:01:94:26:f4:aa:21:a6:5c:
8f:83:f3:10:2b:52:aa:1e:51:7f:51:d3:d6:25:ee:8c:af:17:
1d:f5:5b:8b:1c:05:f9:90:13:f6:27:f5:9b:b8:58:6f:ef:4e:
05:2b:b8:16:7d:d0:83:3f:26:52:b3:da:08:96:4d:4b:46:d8:
d2:34:65:1a:80:b7:54:14:85:e8:d0:88:55:6c:b6:d9:6f:1e:
62:1e:5f:7d:e4:5b:5c:b8:4e:a7:ec:65:2d:6e:a7:d9:a4:e5:
fc:20:90:67:fd:13:b9:94:54:ee:76:41:ca:75:ae:1d:97:f5:
c6:17:af:c2:3f:87:ad:68:61:7e:6f:5a:3c:ab:54:1d:88:2d:
ed:fa:57:15:d9:be:8e:66:e5:65:55:c8:e7:9e:7f:9b:68:db:
a6:04:c7:ca:8d:4c:7b:50:f7:14:7a:79:30:c5:e7:c1:27:f5:
fc:aa:63:df
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZijhKXvJjBIwubDSmJbSUgtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwODEzMTMwMDM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZGY1NWQ3NjNhNDNjMWFlZmI5NWM2OTVmZDI5YzcwMmQ3MWI2ZDYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu8+kEea/stmSHOUyLyX6GLp2Boze
bphqqtUjHeZZE5n9AGDEQZOfyy90xRVhOluX2MBWs81Gt0/CnEITOnrluyI703Kx
5orDfZo+2IVKvdgeoFdBMGImuLnCfy7yKrO41qITSNC1tMzAfDw5r8fYTstQloaV
lhmmd66Kla1uCGmGfMR6+DO8QsxGpKswq0bKKhKhzNzf70lX2BGAgJCcx2soDUFv
1ZXEJAy8vvSmo0dP/E/QvD8o/WVEKtf3DOeJoZPBm7ukFxwnfCO+IN4slH/JnvB2
4Mwk3g3Qwk3hGWOLU3pnt1eRQx0J7UpNnN0CO7pRG7Dnt57UwZfSlm41AQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFI31XXY6Q8Gu+5XGlf0pxwLXG21gMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvamZWZGRqcER3YTc3bGNhVl9TbkhBdGNiYldBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAl/I7AwQA
l/JRMA0GCSqGSIb3DQEBCwUAA4IBAQApB7EtIfSxQJurAzFSwqnLDdFLDiAum7Hb
Ukge6P7+R0P5cqTTl08GoS8xqf2BqdX7FVgn5wA0RHbu75N1gGfDCO/n62M2YIDm
8EFuIYdtHDpoAZQm9KohplyPg/MQK1KqHlF/UdPWJe6Mrxcd9VuLHAX5kBP2J/Wb
uFhv704FK7gWfdCDPyZSs9oIlk1LRtjSNGUagLdUFIXo0IhVbLbZbx5iHl995Ftc
uE6n7GUtbqfZpOX8IJBn/RO5lFTudkHKda4dl/XGF6/CP4etaGF+b1o8q1QdiC3t
+lcV2b6OZuVlVcjnnn+baNumBMfKjUx7UPcUenkwxefBJ/X8qmPf
-----END CERTIFICATE-----
Generated at Sat Aug 23 14:20:09 2025 by rpki-client