Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/wt3KnVkaN-OSlFIrI8S09FJOlsk.roa
File: wt3KnVkaN-OSlFIrI8S09FJOlsk.roa (raw, json)
Hash identifier: jkzlbmIWokVxHCT4B0VVh4FYNsKIbS9BPPSjyZSBrog=
Subject key identifier: C2:DD:CA:9D:59:1A:37:E3:92:94:52:2B:23:C4:B4:F4:52:4E:96:C9
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0199AE14CA427FE09F956C132C4ABCDD0BDA
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/wt3KnVkaN-OSlFIrI8S09FJOlsk.roa
Signing time: Sat 04 Oct 2025 07:17:02 +0000
ROA not before: Sat 04 Oct 2025 07:17:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 53107
IP address blocks: 151.242.96.0/24 maxlen: 24
151.245.229.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:ae:14:ca:42:7f:e0:9f:95:6c:13:2c:4a:bc:dd:0b:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Oct 4 07:17:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c2ddca9d591a37e39294522b23c4b4f4524e96c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:01:2b:cc:33:6d:48:96:e7:2e:8b:bb:5c:ef:
97:0b:c0:59:e3:42:8d:f8:41:9e:13:c2:08:91:da:
9f:66:5d:fd:8a:73:9c:e6:f9:a9:c1:7a:71:1f:67:
09:77:45:de:ab:d7:d9:97:cd:db:2d:07:b2:c9:69:
9d:17:9e:72:d6:68:9b:69:15:da:96:33:49:e4:db:
9b:d1:80:18:24:41:58:f0:b4:f5:9a:18:63:90:a2:
31:15:a5:40:7b:f9:ae:20:66:c0:a7:7e:0b:7a:3a:
de:a8:31:b3:a5:dc:bf:21:8a:28:e1:eb:ba:9b:b1:
9a:2e:75:49:17:b6:0e:27:9a:9d:02:af:88:c9:11:
d4:64:09:dc:ef:a8:30:90:4f:9d:d5:95:db:c2:6f:
e8:2c:7a:de:ea:7a:cf:e8:a3:88:49:da:27:f0:b7:
ad:4c:0c:60:a4:ea:fb:2b:2e:25:06:f5:33:15:41:
12:77:4b:1e:9d:47:81:1d:9d:b1:29:2b:e0:6d:23:
27:5d:51:bb:33:69:ba:cf:ff:46:50:e6:77:22:0b:
70:ab:ed:96:ed:a8:e9:c4:ba:09:9e:4f:dc:a7:b7:
1f:0f:af:08:42:cc:bc:c4:c9:62:39:75:f2:05:49:
41:a5:dc:cb:8f:31:5e:67:cf:10:9d:53:63:69:7d:
fc:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:DD:CA:9D:59:1A:37:E3:92:94:52:2B:23:C4:B4:F4:52:4E:96:C9
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/wt3KnVkaN-OSlFIrI8S09FJOlsk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.242.96.0/24
151.245.229.0/24
Signature Algorithm: sha256WithRSAEncryption
60:7f:1c:e0:03:a1:89:83:6a:a4:63:74:6c:b8:42:21:07:26:
f5:f1:e1:9a:15:15:a1:a9:fa:e3:a5:7f:17:5e:a4:64:1f:a8:
cf:b0:61:76:e5:84:6e:08:63:3f:2c:e4:f4:87:10:73:be:b7:
6d:24:34:fb:fd:85:f7:ca:10:5d:24:28:51:ef:48:15:f8:ca:
eb:1f:b2:fa:28:f9:21:25:e3:77:25:4d:3a:37:66:89:2c:f7:
d5:09:a5:20:24:80:f3:74:01:04:20:0e:cc:2d:0a:99:ee:64:
23:ed:f6:f0:ba:1a:3e:fa:8f:59:f1:94:11:e6:06:6c:cb:41:
5f:68:0b:a6:4d:2d:f6:7a:c2:0a:a1:5c:d6:10:54:f5:ab:95:
30:79:ce:b7:bc:aa:e9:5d:83:18:99:82:b4:92:e0:35:8b:58:
6f:13:29:2b:44:79:52:f6:43:d4:33:3e:d1:d6:2c:c9:26:59:
91:2f:87:96:83:91:e5:ff:a9:61:5b:19:ea:9b:70:94:47:ce:
93:97:27:16:de:cb:b1:0c:cb:16:f8:a2:6a:6a:2c:20:81:ae:
45:e0:5f:57:c8:b7:38:7b:09:22:0c:68:cd:1f:aa:b8:b8:07:
1c:ee:00:33:c9:73:16:a0:37:a5:24:cd:b0:e6:11:45:99:88:
b2:9d:77:f9
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZmuFMpCf+CflWwTLEq83QvaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUxMDA0MDcxNzAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMmRkY2E5ZDU5MWEzN2UzOTI5NDUyMmIyM2M0YjRmNDUyNGU5NmM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAogErzDNtSJbnLou7XO+XC8BZ40KN
+EGeE8IIkdqfZl39inOc5vmpwXpxH2cJd0Xeq9fZl83bLQeyyWmdF55y1mibaRXa
ljNJ5Nub0YAYJEFY8LT1mhhjkKIxFaVAe/muIGbAp34LejreqDGzpdy/IYoo4eu6
m7GaLnVJF7YOJ5qdAq+IyRHUZAnc76gwkE+d1ZXbwm/oLHre6nrP6KOISdon8Let
TAxgpOr7Ky4lBvUzFUESd0senUeBHZ2xKSvgbSMnXVG7M2m6z/9GUOZ3Igtwq+2W
7ajpxLoJnk/cp7cfD68IQsy8xMliOXXyBUlBpdzLjzFeZ88QnVNjaX384QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMLdyp1ZGjfjkpRSKyPEtPRSTpbJMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvd3QzS25Wa2FOLU9TbEZJckk4UzA5RkpPbHNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAl/JgAwQA
l/XlMA0GCSqGSIb3DQEBCwUAA4IBAQBgfxzgA6GJg2qkY3RsuEIhByb18eGaFRWh
qfrjpX8XXqRkH6jPsGF25YRuCGM/LOT0hxBzvrdtJDT7/YX3yhBdJChR70gV+Mrr
H7L6KPkhJeN3JU06N2aJLPfVCaUgJIDzdAEEIA7MLQqZ7mQj7fbwuho++o9Z8ZQR
5gZsy0FfaAumTS32esIKoVzWEFT1q5Uwec63vKrpXYMYmYK0kuA1i1hvEykrRHlS
9kPUMz7R1izJJlmRL4eWg5Hl/6lhWxnqm3CUR86TlycW3suxDMsW+KJqaiwgga5F
4F9XyLc4ewkiDGjNH6q4uAcc7gAzyXMWoDelJM2w5hFFmYiynXf5
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:05:46 2025 by rpki-client