Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/oLfLAvFBSNk2gjYUbk6XP3NXZd0.roa
File: oLfLAvFBSNk2gjYUbk6XP3NXZd0.roa (raw, json)
Hash identifier: R+b+7VES0j62/hWMtIHd+8rQ8OHpRbD7ghUIFhYH/AI=
Subject key identifier: A0:B7:CB:02:F1:41:48:D9:36:82:36:14:6E:4E:97:3F:73:57:65:DD
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 01989D817C85151013333EA75C8EDDB20E5B
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/oLfLAvFBSNk2gjYUbk6XP3NXZd0.roa
Signing time: Tue 12 Aug 2025 08:59:25 +0000
ROA not before: Tue 12 Aug 2025 08:59:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61317
IP address blocks: 151.240.98.0/24 maxlen: 24
151.241.27.0/24 maxlen: 24
151.243.16.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:9d:81:7c:85:15:10:13:33:3e:a7:5c:8e:dd:b2:0e:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Aug 12 08:59:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a0b7cb02f14148d9368236146e4e973f735765dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:28:57:32:e4:ee:33:18:93:81:7d:94:9f:5c:
b4:1b:ad:88:82:30:d2:15:9b:e6:93:c2:23:26:88:
27:db:b1:e1:20:a6:1f:d9:75:78:c5:4a:c3:30:5b:
b7:24:73:46:65:09:cf:c7:2d:95:87:d0:2f:81:0d:
54:0b:69:80:b3:71:62:74:4e:bd:2e:43:08:73:8e:
c2:65:37:bc:1e:94:7f:53:c7:f2:ae:25:42:4c:1d:
50:b5:8c:f2:80:c6:24:39:13:af:02:d1:d5:f5:02:
d2:d5:b5:7c:ec:a9:a4:ba:51:ff:e3:fa:98:46:8b:
b0:c6:d7:a3:f1:e7:ce:a6:d6:37:88:fe:4f:61:84:
66:47:5e:0a:27:f8:01:87:c7:ff:da:9f:03:6f:4e:
d2:f0:94:e5:d4:de:4a:65:b3:c3:88:0f:d7:6c:5d:
97:a6:01:d2:15:c1:7b:62:9c:72:69:18:51:76:c9:
f0:c7:32:21:05:10:c3:40:c9:e7:b2:d4:c5:64:f2:
d0:27:da:05:ca:41:4b:25:c5:27:4a:1a:c1:1e:ba:
c7:6f:86:8a:18:ce:cc:ed:ef:91:13:14:03:8f:a5:
2a:46:22:6c:ee:2b:76:f8:0f:03:85:b5:a7:a1:44:
89:cd:00:92:f4:5c:d1:b2:af:74:43:00:79:70:60:
83:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:B7:CB:02:F1:41:48:D9:36:82:36:14:6E:4E:97:3F:73:57:65:DD
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/oLfLAvFBSNk2gjYUbk6XP3NXZd0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.240.98.0/24
151.241.27.0/24
151.243.16.0/23
Signature Algorithm: sha256WithRSAEncryption
7f:71:3a:b2:38:53:5e:2a:11:90:c3:08:e6:78:07:d7:e9:aa:
05:8b:ad:6e:1f:d8:63:fa:9a:e9:90:8c:af:48:f4:3a:41:8d:
1e:df:ae:49:ee:23:97:a0:45:55:14:ee:f1:6d:4d:0f:0f:f5:
95:38:2c:28:53:34:59:b5:1a:ab:1d:05:1f:97:54:8b:0a:6f:
8f:8b:81:31:ae:44:bd:07:2c:83:7f:ce:49:b7:de:71:96:d5:
07:1b:50:f9:b6:06:2e:3e:a7:d2:84:09:ac:72:2b:3f:a2:a2:
3c:f4:d9:0b:22:3f:8e:11:1e:69:3b:00:26:0d:82:f5:eb:ba:
d9:fd:cb:91:c1:69:17:0f:4e:d6:d0:9c:46:8a:55:75:50:21:
85:50:d4:17:48:28:41:52:29:49:ba:85:af:12:4c:8a:f7:2d:
6c:e0:dc:35:4f:f8:c1:32:72:f0:ae:a3:4e:e7:e3:aa:82:47:
55:0d:e9:df:6a:00:55:75:73:62:71:fa:7a:eb:d1:c0:25:e1:
bd:a2:75:8f:b8:71:f8:54:64:a3:f6:42:18:e8:3f:9a:f1:0e:
d8:16:90:4d:73:81:54:3c:c5:1c:b4:63:9a:ea:2d:28:c3:15:
c8:f4:1a:e4:f7:b3:25:fe:63:f2:ff:8d:d9:c6:fa:e8:f9:29:
4e:8b:48:04
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZidgXyFFRATMz6nXI7dsg5bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwODEyMDg1OTI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMGI3Y2IwMmYxNDE0OGQ5MzY4MjM2MTQ2ZTRlOTczZjczNTc2NWRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5ihXMuTuMxiTgX2Un1y0G62IgjDS
FZvmk8IjJogn27HhIKYf2XV4xUrDMFu3JHNGZQnPxy2Vh9AvgQ1UC2mAs3FidE69
LkMIc47CZTe8HpR/U8fyriVCTB1QtYzygMYkOROvAtHV9QLS1bV87KmkulH/4/qY
Rouwxtej8efOptY3iP5PYYRmR14KJ/gBh8f/2p8Db07S8JTl1N5KZbPDiA/XbF2X
pgHSFcF7YpxyaRhRdsnwxzIhBRDDQMnnstTFZPLQJ9oFykFLJcUnShrBHrrHb4aK
GM7M7e+RExQDj6UqRiJs7it2+A8DhbWnoUSJzQCS9FzRsq90QwB5cGCDLwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKC3ywLxQUjZNoI2FG5Olz9zV2XdMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvb0xmTEF2RkJTTmsyZ2pZVWJrNlhQM05YWmQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAl/BiAwQA
l/EbAwQBl/MQMA0GCSqGSIb3DQEBCwUAA4IBAQB/cTqyOFNeKhGQwwjmeAfX6aoF
i61uH9hj+prpkIyvSPQ6QY0e365J7iOXoEVVFO7xbU0PD/WVOCwoUzRZtRqrHQUf
l1SLCm+Pi4ExrkS9ByyDf85Jt95xltUHG1D5tgYuPqfShAmscis/oqI89NkLIj+O
ER5pOwAmDYL167rZ/cuRwWkXD07W0JxGilV1UCGFUNQXSChBUilJuoWvEkyK9y1s
4Nw1T/jBMnLwrqNO5+OqgkdVDenfagBVdXNicfp669HAJeG9onWPuHH4VGSj9kIY
6D+a8Q7YFpBNc4FUPMUctGOa6i0owxXI9Brk97Ml/mPy/43Zxvro+SlOi0gE
-----END CERTIFICATE-----
Generated at Sat Aug 23 08:22:11 2025 by rpki-client