Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/mHG2hSmf1ZJ_7l18pJoyEXm_kQM.roa
File: mHG2hSmf1ZJ_7l18pJoyEXm_kQM.roa (raw, json)
Hash identifier: 1AcP67SrkoRCXuE/TX7SaboYMq1yMAm6+iO03huR7P8=
Subject key identifier: 98:71:B6:85:29:9F:D5:92:7F:EE:5D:7C:A4:9A:32:11:79:BF:91:03
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0197C966BD88FD825B087E2DBB0111155DE8
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/mHG2hSmf1ZJ_7l18pJoyEXm_kQM.roa
Signing time: Wed 02 Jul 2025 04:30:42 +0000
ROA not before: Wed 02 Jul 2025 04:30:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 13335
IP address blocks: 151.240.3.0/24 maxlen: 24
151.242.227.0/24 maxlen: 24
151.243.132.0/24 maxlen: 24
151.243.133.0/24 maxlen: 24
151.243.134.0/24 maxlen: 24
151.243.135.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 04 Jul 2025 04:00:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:c9:66:bd:88:fd:82:5b:08:7e:2d:bb:01:11:15:5d:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Jul 2 04:30:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9871b685299fd5927fee5d7ca49a321179bf9103
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:5c:f4:40:a2:54:b0:5c:a7:e8:16:74:bf:73:
0f:0b:b4:40:ea:c6:9b:1e:85:9c:23:71:71:6d:6d:
bb:ac:ee:3b:4b:b9:0d:5f:01:a5:b9:3c:12:98:c4:
80:96:3b:4c:84:80:74:60:03:e6:2d:0e:94:62:6d:
9c:4f:ec:b4:46:65:44:da:2b:c5:68:68:62:fa:b4:
a1:08:e7:a8:cd:e4:e3:7f:ec:13:b6:74:e0:95:94:
01:61:ac:c2:19:8d:74:51:d4:ef:31:c4:5e:39:68:
ee:07:73:57:22:b0:00:f0:b4:7e:03:26:41:03:f2:
ae:48:f3:82:1b:64:0b:fb:61:0b:2d:0a:72:ad:b8:
64:6b:f0:b2:d1:e2:95:30:78:0d:f5:ee:89:86:d3:
b9:e8:64:79:27:24:0b:03:4c:86:9f:8e:3c:d7:21:
28:b4:b2:6e:44:a8:80:2c:e1:7a:99:f8:95:12:9f:
0d:85:60:b8:eb:04:85:e6:5a:3c:ad:0e:f3:d3:cb:
70:3e:b8:8d:34:22:8e:71:7d:83:ae:54:9c:03:20:
98:c1:3b:b7:ca:37:79:59:72:58:7a:58:16:1b:94:
91:00:2f:3b:2c:fe:78:4c:0e:f4:b6:78:88:e7:f1:
71:15:b1:af:f3:06:a7:af:82:f1:d5:9f:9c:01:e4:
5c:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:71:B6:85:29:9F:D5:92:7F:EE:5D:7C:A4:9A:32:11:79:BF:91:03
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/mHG2hSmf1ZJ_7l18pJoyEXm_kQM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.240.3.0/24
151.242.227.0/24
151.243.132.0/22
Signature Algorithm: sha256WithRSAEncryption
24:dc:c7:2f:75:6b:b7:32:e0:49:bb:1a:e6:aa:11:8a:cd:32:
16:6c:4c:a1:e8:bf:12:aa:68:cc:1f:ea:80:f5:96:a2:f8:1e:
f2:a6:98:fe:59:91:67:17:06:5f:ce:ab:53:0b:d1:e7:f3:4f:
5f:f1:ca:0f:25:20:9e:67:93:c5:10:4a:18:a0:fd:b8:ce:4c:
03:d3:1f:45:83:7b:a2:a1:b0:cd:f7:0d:e2:a0:01:e1:2e:77:
4b:d1:8d:6d:eb:fd:f0:82:7d:1c:79:25:a4:82:51:61:c2:b0:
b2:17:ae:75:8b:de:bd:cb:29:00:1e:32:5d:2f:58:38:33:58:
b7:90:b1:3b:7b:8d:87:9c:62:73:15:d0:ef:97:57:4f:d9:6a:
0a:fd:8a:06:d1:d5:5f:fc:3a:0c:1d:c0:8c:50:c6:de:4c:cf:
eb:b2:81:85:02:cd:92:41:de:1e:0f:03:05:f9:68:4a:4f:aa:
ec:84:e6:01:8e:69:71:32:bd:d8:f3:28:44:fc:1e:7a:96:02:
98:42:57:a1:24:b7:39:84:b9:27:20:66:2b:f3:d9:d6:fc:8d:
a4:f4:03:fe:e5:41:7c:25:5e:f1:83:1b:8c:6f:04:5e:62:f0:
76:25:d5:98:d1:41:8f:cd:7d:fa:df:8d:43:ad:2e:b3:95:6d:
94:f6:c3:d5
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZfJZr2I/YJbCH4tuwERFV3oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNzAyMDQzMDQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODcxYjY4NTI5OWZkNTkyN2ZlZTVkN2NhNDlhMzIxMTc5YmY5MTAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAslz0QKJUsFyn6BZ0v3MPC7RA6sab
HoWcI3FxbW27rO47S7kNXwGluTwSmMSAljtMhIB0YAPmLQ6UYm2cT+y0RmVE2ivF
aGhi+rShCOeozeTjf+wTtnTglZQBYazCGY10UdTvMcReOWjuB3NXIrAA8LR+AyZB
A/KuSPOCG2QL+2ELLQpyrbhka/Cy0eKVMHgN9e6JhtO56GR5JyQLA0yGn4481yEo
tLJuRKiALOF6mfiVEp8NhWC46wSF5lo8rQ7z08twPriNNCKOcX2DrlScAyCYwTu3
yjd5WXJYelgWG5SRAC87LP54TA70tniI5/FxFbGv8wanr4Lx1Z+cAeRc8QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJhxtoUpn9WSf+5dfKSaMhF5v5EDMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvbUhHMmhTbWYxWkpfN2wxOHBKb3lFWG1fa1FNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAl/ADAwQA
l/LjAwQCl/OEMA0GCSqGSIb3DQEBCwUAA4IBAQAk3McvdWu3MuBJuxrmqhGKzTIW
bEyh6L8SqmjMH+qA9Zai+B7yppj+WZFnFwZfzqtTC9Hn809f8coPJSCeZ5PFEEoY
oP24zkwD0x9Fg3uiobDN9w3ioAHhLndL0Y1t6/3wgn0ceSWkglFhwrCyF651i969
yykAHjJdL1g4M1i3kLE7e42HnGJzFdDvl1dP2WoK/YoG0dVf/DoMHcCMUMbeTM/r
soGFAs2SQd4eDwMF+WhKT6rshOYBjmlxMr3Y8yhE/B56lgKYQlehJLc5hLknIGYr
89nW/I2k9AP+5UF8JV7xgxuMbwReYvB2JdWY0UGPzX36341DrS6zlW2U9sPV
-----END CERTIFICATE-----
Generated at Thu Jul 3 07:06:18 2025 by rpki-client