Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/wRzIrFPXCjGzln99OEM1XNjNMGI.roa
File: wRzIrFPXCjGzln99OEM1XNjNMGI.roa (raw, json)
Hash identifier: FolSucN/RQWMi4vgCP7y0rV6MU1U8O0/BVixHs0fvCc=
Subject key identifier: C1:1C:C8:AC:53:D7:0A:31:B3:96:7F:7D:38:43:35:5C:D8:CD:30:62
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 01997A173238ECF5D1694A0D98B4AE24F577
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/wRzIrFPXCjGzln99OEM1XNjNMGI.roa
Signing time: Wed 24 Sep 2025 04:59:24 +0000
ROA not before: Wed 24 Sep 2025 04:59:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 30058
IP address blocks: 151.241.147.0/24 maxlen: 24
151.244.0.0/24 maxlen: 24
151.244.186.0/24 maxlen: 24
151.247.129.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 20:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:7a:17:32:38:ec:f5:d1:69:4a:0d:98:b4:ae:24:f5:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Sep 24 04:59:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c11cc8ac53d70a31b3967f7d3843355cd8cd3062
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:8a:9c:e9:c8:25:97:d5:d5:f9:19:87:03:b4:
23:f1:b4:fd:6e:00:5b:1f:db:01:2e:91:0f:e5:df:
b6:46:41:0b:4f:68:8c:bd:c5:62:ea:bc:88:43:0e:
77:83:89:31:1d:08:30:3e:eb:b6:ef:49:a9:29:65:
3c:d3:ac:ac:20:e3:77:d0:a9:fe:33:3e:b4:8e:9f:
7b:38:93:b1:e1:ef:8e:00:fc:27:d7:19:77:57:8a:
55:28:f7:1b:a1:00:2c:e9:e4:3e:e6:90:b6:87:34:
e0:ad:b8:f6:df:9b:20:f6:3d:9f:11:72:fe:d6:af:
d8:78:aa:2a:05:07:4b:16:89:6f:ec:7c:f5:80:06:
a6:71:d2:ae:57:78:38:fb:db:72:a5:17:c0:f3:1c:
ce:0c:e5:e6:93:31:59:eb:7a:dc:e7:0f:ae:d0:e3:
4d:c1:f1:93:0e:6e:4c:e2:ef:34:98:ed:28:2d:0a:
32:65:fd:9d:4e:ad:53:14:dd:e3:bd:de:3b:58:c1:
ca:d4:81:0f:57:4d:14:8b:36:97:a3:af:c5:48:4f:
39:f8:9a:0d:a6:c9:07:e7:26:f5:4b:08:f4:cb:53:
6c:b3:fa:07:09:6d:22:b1:e0:6b:f8:91:1e:ca:d0:
8f:a4:0b:e3:8a:fb:2c:62:11:d6:ef:f2:21:2c:57:
e9:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:1C:C8:AC:53:D7:0A:31:B3:96:7F:7D:38:43:35:5C:D8:CD:30:62
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/wRzIrFPXCjGzln99OEM1XNjNMGI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.241.147.0/24
151.244.0.0/24
151.244.186.0/24
151.247.129.0/24
Signature Algorithm: sha256WithRSAEncryption
a2:06:5f:dd:c8:8c:ba:ef:69:e8:69:87:e7:55:1e:b6:63:53:
08:4d:4f:4c:2f:ee:2c:3a:e7:00:d2:54:ee:e4:35:8e:4e:5a:
32:45:4e:49:55:69:bf:eb:f7:90:24:25:0d:74:ca:12:36:97:
51:8a:0b:71:7c:cd:fd:19:da:98:10:fc:10:46:d5:19:ca:77:
4b:ba:d0:bf:31:83:75:34:ed:e1:c1:5d:b9:14:e3:81:9f:d0:
8a:0e:62:5c:e5:ce:e6:35:db:d4:ec:50:30:1e:0f:2c:30:88:
df:c4:44:76:bf:fe:29:97:89:7b:8b:86:e7:1a:5a:e5:09:5c:
96:24:95:25:cb:b4:18:fb:55:fc:55:92:6c:79:1a:e4:d5:ca:
a7:5f:0c:b8:22:a1:af:d6:f2:54:89:f7:60:d8:85:a7:af:d3:
62:e1:ed:f8:e9:39:ca:2c:5d:b9:b9:e7:fc:1b:63:a8:1f:a9:
47:e4:91:a6:f2:df:0b:d4:a5:a3:3e:99:4f:b2:07:ef:24:9b:
fb:dd:2a:21:45:3d:4d:d4:43:b2:53:1d:8b:8b:b5:9e:84:52:
ec:c4:f4:c4:b0:12:7b:85:29:f4:40:28:dc:30:9e:f0:0f:44:
85:62:e1:6b:a3:36:06:59:79:57:85:18:4c:a7:3e:47:32:7e:
4d:c3:cd:eb
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZl6FzI47PXRaUoNmLSuJPV3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwOTI0MDQ1OTI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTFjYzhhYzUzZDcwYTMxYjM5NjdmN2QzODQzMzU1Y2Q4Y2QzMDYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtYqc6cgll9XV+RmHA7Qj8bT9bgBb
H9sBLpEP5d+2RkELT2iMvcVi6ryIQw53g4kxHQgwPuu270mpKWU806ysION30Kn+
Mz60jp97OJOx4e+OAPwn1xl3V4pVKPcboQAs6eQ+5pC2hzTgrbj235sg9j2fEXL+
1q/YeKoqBQdLFolv7Hz1gAamcdKuV3g4+9typRfA8xzODOXmkzFZ63rc5w+u0ONN
wfGTDm5M4u80mO0oLQoyZf2dTq1TFN3jvd47WMHK1IEPV00UizaXo6/FSE85+JoN
pskH5yb1Swj0y1Nss/oHCW0iseBr+JEeytCPpAvjivssYhHW7/IhLFfpCQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFMEcyKxT1woxs5Z/fThDNVzYzTBiMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvd1J6SXJGUFhDakd6bG45OU9FTTFYTmpOTUdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAl/GTAwQA
l/QAAwQAl/S6AwQAl/eBMA0GCSqGSIb3DQEBCwUAA4IBAQCiBl/dyIy672noaYfn
VR62Y1MITU9ML+4sOucA0lTu5DWOTloyRU5JVWm/6/eQJCUNdMoSNpdRigtxfM39
GdqYEPwQRtUZyndLutC/MYN1NO3hwV25FOOBn9CKDmJc5c7mNdvU7FAwHg8sMIjf
xER2v/4pl4l7i4bnGlrlCVyWJJUly7QY+1X8VZJseRrk1cqnXwy4IqGv1vJUifdg
2IWnr9Ni4e346TnKLF25uef8G2OoH6lH5JGm8t8L1KWjPplPsgfvJJv73SohRT1N
1EOyUx2Li7WehFLsxPTEsBJ7hSn0QCjcMJ7wD0SFYuFrozYGWXlXhRhMpz5HMn5N
w83r
-----END CERTIFICATE-----
Generated at Mon Oct 20 03:40:16 2025 by rpki-client