Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/mZecwNXah2_CUVcfOmTkSn4qXC8.roa
File: mZecwNXah2_CUVcfOmTkSn4qXC8.roa (raw, json)
Hash identifier: zcYnj3h4d2XzaYycffWVidd4zlO/u6cQWbSNkScdSNk=
Subject key identifier: 99:97:9C:C0:D5:DA:87:6F:C2:51:57:1F:3A:64:E4:4A:7E:2A:5C:2F
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0198B69EEE3148842946FD87B20021D2DBB4
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/mZecwNXah2_CUVcfOmTkSn4qXC8.roa
Signing time: Sun 17 Aug 2025 06:02:05 +0000
ROA not before: Sun 17 Aug 2025 06:02:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215304
IP address blocks: 151.241.12.0/24 maxlen: 24
151.241.128.0/22 maxlen: 24
151.242.4.0/24 maxlen: 24
151.242.14.0/24 maxlen: 24
151.242.17.0/24 maxlen: 24
151.242.27.0/24 maxlen: 24
151.242.32.0/24 maxlen: 24
151.242.40.0/24 maxlen: 24
151.242.78.0/24 maxlen: 24
151.242.79.0/24 maxlen: 24
151.242.82.0/24 maxlen: 24
151.242.139.0/24 maxlen: 24
151.243.44.0/24 maxlen: 24
151.243.115.0/24 maxlen: 24
151.244.3.0/24 maxlen: 24
151.244.128.0/24 maxlen: 24
151.244.129.0/24 maxlen: 24
151.244.130.0/24 maxlen: 24
151.245.85.0/24 maxlen: 24
151.245.120.0/21 maxlen: 24
151.247.195.0/24 maxlen: 24
151.247.196.0/24 maxlen: 24
151.247.197.0/24 maxlen: 24
151.247.198.0/24 maxlen: 24
151.247.199.0/24 maxlen: 24
151.247.200.0/24 maxlen: 24
151.247.218.0/24 maxlen: 24
151.247.219.0/24 maxlen: 24
151.247.220.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:b6:9e:ee:31:48:84:29:46:fd:87:b2:00:21:d2:db:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Aug 17 06:02:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=99979cc0d5da876fc251571f3a64e44a7e2a5c2f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:27:4a:d3:aa:77:da:92:aa:19:b5:69:53:1b:
93:83:a2:a4:a0:17:1c:3a:f9:fb:87:2c:bf:d5:7c:
c1:7d:5c:4a:8a:a0:02:cc:09:f4:77:ea:bf:6f:f0:
a4:13:30:94:e8:1c:f8:39:e8:06:ea:1d:34:33:f7:
0b:7a:ba:40:3c:d7:d0:91:f0:b4:92:dc:49:28:79:
04:5c:19:06:ab:1b:fc:6e:86:29:6d:9b:ee:c3:c2:
ae:f0:da:f9:d3:a6:68:1f:b0:3e:c7:25:af:c2:e5:
4f:da:cd:bb:a4:fe:8f:4d:04:8a:5e:2e:cd:da:b3:
5a:73:85:cc:72:d0:81:2f:c5:0c:7d:84:91:1f:6d:
66:65:81:9d:99:9c:63:d8:a8:44:79:6b:85:38:8b:
2e:82:49:12:9c:96:56:97:85:84:1e:fe:4e:2e:ec:
68:05:ba:f5:8f:d3:ee:af:08:ed:c1:be:9d:b0:95:
16:d7:c1:c9:50:b2:70:70:b0:95:46:de:b7:9b:a1:
75:90:ca:1e:bd:c1:ab:38:38:9d:3b:d6:de:b5:ea:
99:c8:60:16:79:92:a1:3f:26:70:09:4a:04:5b:5e:
b2:13:4a:70:03:33:dd:89:2a:a1:05:51:c6:6d:19:
8f:07:ae:12:99:12:3f:80:c9:ed:d4:0d:60:ad:8b:
86:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:97:9C:C0:D5:DA:87:6F:C2:51:57:1F:3A:64:E4:4A:7E:2A:5C:2F
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/mZecwNXah2_CUVcfOmTkSn4qXC8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.241.12.0/24
151.241.128.0/22
151.242.4.0/24
151.242.14.0/24
151.242.17.0/24
151.242.27.0/24
151.242.32.0/24
151.242.40.0/24
151.242.78.0/23
151.242.82.0/24
151.242.139.0/24
151.243.44.0/24
151.243.115.0/24
151.244.3.0/24
151.244.128.0-151.244.130.255
151.245.85.0/24
151.245.120.0/21
151.247.195.0-151.247.200.255
151.247.218.0-151.247.220.255
Signature Algorithm: sha256WithRSAEncryption
a5:aa:24:d4:09:f3:d8:d8:b4:6c:59:6c:6c:e2:1d:2b:ca:69:
f1:a9:46:b7:92:28:ec:a4:27:b0:a7:9a:e1:3c:9e:52:48:45:
59:45:d8:cc:a4:25:5f:8f:fd:c6:73:90:6c:16:b3:9f:f9:fc:
7c:1e:be:f7:81:4d:13:ac:ee:db:67:ff:f4:09:d6:46:23:a3:
c0:7f:5b:d7:b1:e2:d0:23:45:86:de:0a:26:35:94:ac:a5:8e:
b6:99:72:87:4c:25:8a:a2:9d:63:ca:3d:39:07:cd:84:fa:81:
6e:80:f6:9d:ff:45:98:4e:ba:6a:d2:31:65:76:67:ed:af:85:
71:d9:43:9c:10:ae:c2:e2:23:3b:6a:08:3e:cb:2d:bc:2e:87:
b4:8b:6c:e5:40:c5:da:42:ff:3d:b9:ac:f3:68:03:a9:5b:81:
5f:40:4a:25:99:1b:c8:81:15:ea:75:dc:e7:d4:cc:c5:9b:fc:
db:a5:af:c2:60:9e:40:75:9c:63:ed:0b:85:3c:80:1e:79:75:
1b:91:5f:73:15:7a:02:4e:3d:e7:8e:90:dd:cb:34:70:b0:67:
57:71:ff:cb:13:19:05:66:a3:62:aa:91:78:55:57:97:e8:54:
9c:b4:f9:7e:e0:b2:2e:82:17:d0:f2:ba:44:50:4f:76:fd:1e:
c2:67:fa:af
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgISAZi2nu4xSIQpRv2HsgAh0tu0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwODE3MDYwMjA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTk3OWNjMGQ1ZGE4NzZmYzI1MTU3MWYzYTY0ZTQ0YTdlMmE1YzJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2ydK06p32pKqGbVpUxuTg6KkoBcc
Ovn7hyy/1XzBfVxKiqACzAn0d+q/b/CkEzCU6Bz4OegG6h00M/cLerpAPNfQkfC0
ktxJKHkEXBkGqxv8boYpbZvuw8Ku8Nr506ZoH7A+xyWvwuVP2s27pP6PTQSKXi7N
2rNac4XMctCBL8UMfYSRH21mZYGdmZxj2KhEeWuFOIsugkkSnJZWl4WEHv5OLuxo
Bbr1j9Purwjtwb6dsJUW18HJULJwcLCVRt63m6F1kMoevcGrODidO9beteqZyGAW
eZKhPyZwCUoEW16yE0pwAzPdiSqhBVHGbRmPB64SmRI/gMnt1A1grYuGYwIDAQAB
o4ICkjCCAo4wHQYDVR0OBBYEFJmXnMDV2odvwlFXHzpk5Ep+KlwvMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvbVplY3dOWGFoMl9DVVZjZk9tVGtTbjRxWEM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGnBggrBgEFBQcBBwEB/wSBlzCBlDCBkQQCAAEwgYoDBACX
8QwDBAKX8YADBACX8gQDBACX8g4DBACX8hEDBACX8hsDBACX8iADBACX8igDBAGX
8k4DBACX8lIDBACX8osDBACX8ywDBACX83MDBACX9AMwDAMEB5f0gAMEAJf0ggME
AJf1VQMEA5f1eDAMAwQAl/fDAwQAl/fIMAwDBAGX99oDBACX99wwDQYJKoZIhvcN
AQELBQADggEBAKWqJNQJ89jYtGxZbGziHSvKafGpRreSKOykJ7CnmuE8nlJIRVlF
2MykJV+P/cZzkGwWs5/5/HwevveBTROs7ttn//QJ1kYjo8B/W9ex4tAjRYbeCiY1
lKyljraZcodMJYqinWPKPTkHzYT6gW6A9p3/RZhOumrSMWV2Z+2vhXHZQ5wQrsLi
IztqCD7LLbwuh7SLbOVAxdpC/z25rPNoA6lbgV9ASiWZG8iBFep13OfUzMWb/Nul
r8JgnkB1nGPtC4U8gB55dRuRX3MVegJOPeeOkN3LNHCwZ1dx/8sTGQVmo2KqkXhV
V5foVJy0+X7gsi6CF9DyukRQT3b9HsJn+q8=
-----END CERTIFICATE-----
Generated at Sat Aug 23 14:22:21 2025 by rpki-client