Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/u54IxLL0OHHxnd-8ICPgVNXJ9Jw.roa
File: u54IxLL0OHHxnd-8ICPgVNXJ9Jw.roa (raw, json)
Hash identifier: Bp7tOgaJ9ZGbe92hygwCgh315faIaJAExI1yC8ko4NI=
Subject key identifier: BB:9E:08:C4:B2:F4:38:71:F1:9D:DF:BC:20:23:E0:54:D5:C9:F4:9C
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0199F5988F3F2011DAF53161844F55FC3EC6
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/u54IxLL0OHHxnd-8ICPgVNXJ9Jw.roa
Signing time: Sat 18 Oct 2025 04:33:59 +0000
ROA not before: Sat 18 Oct 2025 04:33:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 393406
IP address blocks: 151.241.19.0/24 maxlen: 24
151.241.110.0/24 maxlen: 24
151.241.231.0/24 maxlen: 24
151.245.198.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:f5:98:8f:3f:20:11:da:f5:31:61:84:4f:55:fc:3e:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Oct 18 04:33:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bb9e08c4b2f43871f19ddfbc2023e054d5c9f49c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:d0:09:bb:42:8e:36:12:fd:64:e6:6e:b6:45:
e7:81:c1:86:19:0e:3e:7b:7a:0b:9c:4b:b8:c9:49:
3f:0f:bb:17:07:dc:f3:8a:ae:84:ed:25:07:9c:5e:
72:a1:49:2f:b5:aa:bf:bf:75:40:b9:c9:7e:80:75:
d9:8c:85:c9:05:34:07:00:58:40:44:6e:14:b9:95:
04:b3:9a:e2:00:37:ed:39:6a:fa:3f:83:37:c3:3d:
a8:fb:bd:a2:2b:d0:f2:26:db:21:8f:4a:b6:c8:a4:
44:18:c1:76:96:19:9b:18:97:c2:64:b0:5a:89:7c:
97:01:d4:c6:33:ac:f3:8b:4a:1c:c5:16:77:7d:e0:
bd:84:94:de:98:0b:3e:53:ba:1d:a4:a2:91:6a:d6:
d9:7a:21:e9:7e:82:c2:2f:80:4b:62:56:a6:33:dc:
fb:77:9e:0c:97:95:2c:11:74:92:5a:99:44:a1:c2:
1d:d0:ce:66:62:1b:84:e9:2a:c3:41:e3:7a:17:ed:
2c:3b:e1:0d:66:6b:85:f1:f4:9d:65:53:cf:a8:d6:
0e:5e:23:36:4b:7f:9a:db:36:75:ce:9b:06:58:4e:
bb:28:50:3e:22:85:ff:ae:85:95:32:b5:e3:54:1c:
5d:8b:8c:d5:59:50:90:0f:ad:9d:e4:c7:59:02:0d:
cf:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:9E:08:C4:B2:F4:38:71:F1:9D:DF:BC:20:23:E0:54:D5:C9:F4:9C
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/u54IxLL0OHHxnd-8ICPgVNXJ9Jw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.241.19.0/24
151.241.110.0/24
151.241.231.0/24
151.245.198.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:a3:27:32:1f:de:b2:d3:cd:58:40:78:ef:a9:fe:b9:e3:7d:
b9:28:e1:6f:54:53:f2:13:1c:c1:79:e3:9d:c4:82:a8:2e:4d:
ed:93:60:52:a8:11:fa:ce:85:20:47:6e:e0:b7:11:c1:62:67:
df:65:c8:68:68:b4:95:37:f1:a6:4d:32:8a:dd:cf:5b:da:6b:
ea:58:6d:6c:35:14:86:33:f2:92:5a:06:b5:da:7b:19:38:32:
88:8b:07:58:09:b6:00:ea:65:33:85:8c:e9:8d:98:d2:7c:b0:
b7:85:9c:b3:51:9d:de:e8:b7:e7:ff:0b:56:c3:35:c4:4a:88:
3d:aa:e7:e2:ab:cd:5c:7c:65:a9:7d:f9:b5:28:e6:42:5d:03:
e8:41:7f:f7:f9:0e:de:ff:f6:4d:a9:80:93:72:48:be:ee:7f:
79:93:04:41:25:c1:34:c3:f7:a7:84:97:01:a4:b8:b3:35:03:
ed:3b:53:8a:55:a6:b7:c9:69:96:22:bb:3b:b2:66:cd:53:70:
8e:d9:ff:66:42:87:c5:df:15:02:54:d9:9a:73:ac:48:d2:80:
60:75:0e:ef:79:30:a9:a6:7e:42:bd:bc:61:61:79:5b:cf:cb:
a5:e6:7a:0d:22:9b:d6:d8:62:8b:4a:cc:2e:3a:d2:89:5f:67:
fa:01:b8:9d
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZn1mI8/IBHa9TFhhE9V/D7GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUxMDE4MDQzMzU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjllMDhjNGIyZjQzODcxZjE5ZGRmYmMyMDIzZTA1NGQ1YzlmNDljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4NAJu0KONhL9ZOZutkXngcGGGQ4+
e3oLnEu4yUk/D7sXB9zziq6E7SUHnF5yoUkvtaq/v3VAucl+gHXZjIXJBTQHAFhA
RG4UuZUEs5riADftOWr6P4M3wz2o+72iK9DyJtshj0q2yKREGMF2lhmbGJfCZLBa
iXyXAdTGM6zzi0ocxRZ3feC9hJTemAs+U7odpKKRatbZeiHpfoLCL4BLYlamM9z7
d54Ml5UsEXSSWplEocId0M5mYhuE6SrDQeN6F+0sO+ENZmuF8fSdZVPPqNYOXiM2
S3+a2zZ1zpsGWE67KFA+IoX/roWVMrXjVBxdi4zVWVCQD62d5MdZAg3PFQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFLueCMSy9Dhx8Z3fvCAj4FTVyfScMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvdTU0SXhMTDBPSEh4bmQtOElDUGdWTlhKOUp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAl/ETAwQA
l/FuAwQAl/HnAwQAl/XGMA0GCSqGSIb3DQEBCwUAA4IBAQA+oycyH96y081YQHjv
qf654325KOFvVFPyExzBeeOdxIKoLk3tk2BSqBH6zoUgR27gtxHBYmffZchoaLSV
N/GmTTKK3c9b2mvqWG1sNRSGM/KSWga12nsZODKIiwdYCbYA6mUzhYzpjZjSfLC3
hZyzUZ3e6Lfn/wtWwzXESog9qufiq81cfGWpffm1KOZCXQPoQX/3+Q7e//ZNqYCT
cki+7n95kwRBJcE0w/enhJcBpLizNQPtO1OKVaa3yWmWIrs7smbNU3CO2f9mQofF
3xUCVNmac6xI0oBgdQ7veTCppn5CvbxhYXlbz8ul5noNIpvW2GKLSswuOtKJX2f6
Abid
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:05:37 2025 by rpki-client