Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/tFF8wCXWKLXIElVl3jUgdFedUBc.roa
File: tFF8wCXWKLXIElVl3jUgdFedUBc.roa (raw, json)
Hash identifier: 4jGDt3G2/ixIy808Dmzzg7dnnpqTWGdH+7hJ8soxUEM=
Subject key identifier: B4:51:7C:C0:25:D6:28:B5:C8:12:55:65:DE:35:20:74:57:9D:50:17
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0199F5988CFBA306DDA2999379D1AEE1014B
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/tFF8wCXWKLXIElVl3jUgdFedUBc.roa
Signing time: Sat 18 Oct 2025 04:33:59 +0000
ROA not before: Sat 18 Oct 2025 04:33:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16276
IP address blocks: 37.202.202.0/24 maxlen: 24
151.240.1.0/24 maxlen: 24
151.240.9.0/24 maxlen: 24
151.240.14.0/24 maxlen: 24
151.240.17.0/24 maxlen: 24
151.240.24.0/24 maxlen: 24
151.241.1.0/24 maxlen: 24
151.241.8.0/24 maxlen: 24
151.241.68.0/24 maxlen: 24
151.241.69.0/24 maxlen: 24
151.242.5.0/24 maxlen: 24
151.242.67.0/24 maxlen: 24
151.242.91.0/24 maxlen: 24
151.242.103.0/24 maxlen: 24
151.242.117.0/24 maxlen: 24
151.243.6.0/24 maxlen: 24
151.243.120.0/24 maxlen: 24
151.243.160.0/22 maxlen: 22
151.244.78.0/24 maxlen: 24
151.244.192.0/24 maxlen: 24
151.244.203.0/24 maxlen: 24
151.245.54.0/24 maxlen: 24
151.245.238.0/24 maxlen: 24
151.246.177.0/24 maxlen: 24
151.246.190.0/24 maxlen: 24
151.247.168.0/24 maxlen: 24
151.247.217.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:f5:98:8c:fb:a3:06:dd:a2:99:93:79:d1:ae:e1:01:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Oct 18 04:33:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b4517cc025d628b5c8125565de352074579d5017
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:22:a7:3a:9a:1b:8d:1d:bd:46:89:08:d7:42:
90:0a:73:5b:c6:ac:aa:0e:74:f6:5c:19:d7:e6:30:
86:c8:59:db:f0:97:c9:93:3f:f1:9a:0e:e3:72:08:
9c:6b:62:6c:2f:50:4d:b3:70:cf:09:2c:ad:42:4c:
39:18:72:63:c6:f8:fb:c4:8c:e8:7d:bb:0c:25:a6:
8b:47:cf:9c:f4:28:a3:d5:3b:d2:1f:e3:56:c6:fe:
f0:ce:a7:86:f6:fb:ea:04:b1:cb:2e:5d:7e:e4:03:
02:0b:eb:41:22:9b:1e:a3:b4:0d:33:0f:2e:52:cd:
d9:da:07:0c:6c:69:8b:85:09:30:8d:76:cd:8a:8c:
33:e9:cc:fa:e3:ad:72:54:b6:63:28:c0:85:7a:b4:
b5:41:cb:ec:43:45:99:cf:10:b4:2e:69:9e:30:82:
2e:ef:9c:c1:23:74:45:92:2e:64:99:da:59:a5:f7:
91:b6:9b:60:55:64:9d:30:b5:d1:47:a1:3b:8a:27:
50:00:fd:01:39:22:48:e2:22:23:fd:d3:80:93:66:
16:7a:99:46:10:c7:76:e1:21:62:12:97:a9:f3:be:
d1:88:07:aa:84:2d:36:03:ec:d7:d1:68:99:e8:6f:
0f:05:c5:7d:f4:ef:a7:bb:2d:f4:6a:e4:ad:27:68:
2d:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:51:7C:C0:25:D6:28:B5:C8:12:55:65:DE:35:20:74:57:9D:50:17
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/tFF8wCXWKLXIElVl3jUgdFedUBc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.202.202.0/24
151.240.1.0/24
151.240.9.0/24
151.240.14.0/24
151.240.17.0/24
151.240.24.0/24
151.241.1.0/24
151.241.8.0/24
151.241.68.0/23
151.242.5.0/24
151.242.67.0/24
151.242.91.0/24
151.242.103.0/24
151.242.117.0/24
151.243.6.0/24
151.243.120.0/24
151.243.160.0/22
151.244.78.0/24
151.244.192.0/24
151.244.203.0/24
151.245.54.0/24
151.245.238.0/24
151.246.177.0/24
151.246.190.0/24
151.247.168.0/24
151.247.217.0/24
Signature Algorithm: sha256WithRSAEncryption
18:fb:56:ea:b8:47:64:b5:a0:86:88:dd:68:ec:13:e6:89:60:
88:18:3e:7b:f1:d1:04:65:d3:7b:4e:41:67:42:ab:7e:17:93:
9f:f8:00:bf:17:b8:83:5e:4b:af:72:0e:b3:f5:df:a7:82:79:
2f:93:b6:57:60:5e:a8:51:e8:b7:d4:bc:0f:23:33:11:c7:fd:
b1:e0:2e:14:25:c8:da:ea:99:c6:a0:2d:4b:4a:f8:41:1d:95:
d0:71:eb:8b:b3:2e:5a:88:63:4a:1c:3c:36:06:7c:d4:89:a5:
09:ba:00:fa:3a:d7:00:f4:4a:86:0b:27:72:eb:33:44:55:21:
90:d7:aa:6f:23:71:c4:05:96:38:e7:38:d9:07:a1:49:e2:d9:
8c:eb:8c:d3:f2:fa:df:8d:e4:f9:7e:7d:40:d0:a2:27:99:4a:
48:48:7b:16:f6:a6:d3:53:2b:83:f0:e1:20:f9:f4:07:47:37:
1a:43:db:a9:65:e5:41:c1:35:e8:8e:6f:2b:4e:60:42:69:8f:
23:5e:5d:3c:34:de:40:42:e1:f5:d4:1f:ff:a0:c6:d0:1e:fd:
29:1c:01:2f:68:f1:71:fd:57:c5:52:74:ca:cc:65:5d:96:c4:
83:d1:62:3e:46:18:13:f8:94:6c:5a:2e:8c:55:d1:9e:f8:85:
d6:64:26:f7
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgISAZn1mIz7owbdopmTedGu4QFLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUxMDE4MDQzMzU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDUxN2NjMDI1ZDYyOGI1YzgxMjU1NjVkZTM1MjA3NDU3OWQ1MDE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoiKnOpobjR29RokI10KQCnNbxqyq
DnT2XBnX5jCGyFnb8JfJkz/xmg7jcgica2JsL1BNs3DPCSytQkw5GHJjxvj7xIzo
fbsMJaaLR8+c9Cij1TvSH+NWxv7wzqeG9vvqBLHLLl1+5AMCC+tBIpseo7QNMw8u
Us3Z2gcMbGmLhQkwjXbNiowz6cz6461yVLZjKMCFerS1QcvsQ0WZzxC0LmmeMIIu
75zBI3RFki5kmdpZpfeRtptgVWSdMLXRR6E7iidQAP0BOSJI4iIj/dOAk2YWeplG
EMd24SFiEpep877RiAeqhC02A+zX0WiZ6G8PBcV99O+nuy30auStJ2gttQIDAQAB
o4ICpDCCAqAwHQYDVR0OBBYEFLRRfMAl1ii1yBJVZd41IHRXnVAXMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvdEZGOHdDWFdLTFhJRWxWbDNqVWdkRmVkVUJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG5BggrBgEFBQcBBwEB/wSBqTCBpjCBowQCAAEwgZwDBAAl
ysoDBACX8AEDBACX8AkDBACX8A4DBACX8BEDBACX8BgDBACX8QEDBACX8QgDBAGX
8UQDBACX8gUDBACX8kMDBACX8lsDBACX8mcDBACX8nUDBACX8wYDBACX83gDBAKX
86ADBACX9E4DBACX9MADBACX9MsDBACX9TYDBACX9e4DBACX9rEDBACX9r4DBACX
96gDBACX99kwDQYJKoZIhvcNAQELBQADggEBABj7Vuq4R2S1oIaI3WjsE+aJYIgY
Pnvx0QRl03tOQWdCq34Xk5/4AL8XuINeS69yDrP136eCeS+TtldgXqhR6LfUvA8j
MxHH/bHgLhQlyNrqmcagLUtK+EEdldBx64uzLlqIY0ocPDYGfNSJpQm6APo61wD0
SoYLJ3LrM0RVIZDXqm8jccQFljjnONkHoUni2YzrjNPy+t+N5Pl+fUDQoieZSkhI
exb2ptNTK4Pw4SD59AdHNxpD26ll5UHBNeiObytOYEJpjyNeXTw03kBC4fXUH/+g
xtAe/SkcAS9o8XH9V8VSdMrMZV2WxIPRYj5GGBP4lGxaLoxV0Z74hdZkJvc=
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:05:46 2025 by rpki-client