Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xqqOSCtf4CbZtSczXo56zfXsVsc.roa
File: xqqOSCtf4CbZtSczXo56zfXsVsc.roa (raw, json)
Hash identifier: 5jk16zTMtRLL3QtGx6g3oI+O5nPMFBSlaYQoFD3bPo4=
Subject key identifier: C6:AA:8E:48:2B:5F:E0:26:D9:B5:27:33:5E:8E:7A:CD:F5:EC:56:C7
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0197C966BE661D6B5AAE642E5BB9B070A00B
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xqqOSCtf4CbZtSczXo56zfXsVsc.roa
Signing time: Wed 02 Jul 2025 04:30:43 +0000
ROA not before: Wed 02 Jul 2025 04:30:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21859
IP address blocks: 37.202.222.0/24 maxlen: 24
151.240.79.0/24 maxlen: 24
151.240.177.0/24 maxlen: 24
151.242.87.0/24 maxlen: 24
151.242.174.0/23 maxlen: 23
151.242.192.0/23 maxlen: 23
151.242.205.0/24 maxlen: 24
151.243.3.0/24 maxlen: 24
151.243.101.0/24 maxlen: 24
151.244.188.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 04 Jul 2025 05:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:c9:66:be:66:1d:6b:5a:ae:64:2e:5b:b9:b0:70:a0:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Jul 2 04:30:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c6aa8e482b5fe026d9b527335e8e7acdf5ec56c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:ac:e0:81:d2:b3:4a:5f:83:15:2e:be:0e:e1:
54:81:05:a7:d3:4d:7f:ea:ff:86:15:48:30:b2:11:
10:15:f8:a5:32:52:ff:32:de:07:72:91:09:7c:3e:
d8:13:1f:a3:ff:86:73:8d:39:fe:12:2a:94:86:29:
8b:69:e0:8f:27:2a:dd:d7:f9:ae:1a:fe:aa:ec:fd:
c8:b3:d8:15:33:27:06:ea:08:ee:e8:68:26:7e:99:
75:a3:36:16:4e:9b:42:06:ad:54:f4:87:21:69:dd:
35:37:c5:63:57:bb:ed:53:ab:a1:8d:b5:36:15:1b:
6c:db:81:7f:ec:d7:ef:7b:d0:4a:4d:5d:d3:5f:2f:
9c:4f:2d:56:98:be:4c:17:2f:a0:f7:c7:ca:43:8a:
5d:6c:bb:81:dc:41:b2:4c:db:48:c8:ce:e1:4a:8a:
85:40:0a:18:b2:5e:78:b1:a2:52:71:41:1b:69:32:
77:0e:51:43:22:c2:02:93:c3:e4:d2:a7:96:7c:a4:
a1:39:d2:bc:8d:bc:a1:0d:e8:33:f1:9a:47:bb:ef:
59:f1:4e:d0:68:da:35:9d:cc:22:ca:24:ca:33:8d:
41:a8:fe:d3:ed:c8:b0:10:37:61:54:01:81:c1:d8:
5e:0d:71:d5:a5:ab:9a:ec:8f:02:4f:22:ad:73:44:
1e:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:AA:8E:48:2B:5F:E0:26:D9:B5:27:33:5E:8E:7A:CD:F5:EC:56:C7
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xqqOSCtf4CbZtSczXo56zfXsVsc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.202.222.0/24
151.240.79.0/24
151.240.177.0/24
151.242.87.0/24
151.242.174.0/23
151.242.192.0/23
151.242.205.0/24
151.243.3.0/24
151.243.101.0/24
151.244.188.0/24
Signature Algorithm: sha256WithRSAEncryption
67:44:38:71:d1:a6:de:82:4c:ce:c1:e1:3f:14:2a:86:e1:dc:
7c:ba:50:bb:ee:a3:04:74:4c:b8:67:e1:b4:66:50:c3:19:54:
49:34:e6:09:27:7f:70:9c:43:25:fd:1b:73:94:97:b4:7f:79:
5b:25:01:9d:0b:4c:d2:5e:63:f4:1f:9f:a4:66:6a:f6:dd:6f:
c0:6e:91:84:99:65:82:4b:c4:8f:ff:03:a5:1e:58:9e:8b:b9:
44:d4:56:a2:89:b8:86:67:2f:ce:67:2f:37:0d:67:f2:87:b6:
df:3d:0b:df:52:aa:cf:82:61:f5:07:f8:38:c6:e0:1f:af:0e:
d7:47:c5:25:bc:9c:1c:41:c4:56:e1:e0:3c:ef:fd:f0:d9:bd:
de:2c:6d:7e:37:d6:19:64:ad:d1:d5:52:ad:ac:e1:23:e6:ff:
2f:54:e2:11:f3:56:f6:86:dc:b0:7b:13:6b:42:91:65:b4:1f:
a7:8d:d3:c7:d5:4d:db:bf:06:1b:b1:62:cb:93:7b:e9:a8:af:
e1:12:84:86:68:dc:c8:e0:5c:50:44:b4:c7:6b:ee:b0:e1:a6:
66:de:91:49:6f:48:82:3f:ef:26:fb:ef:34:e5:5a:8e:59:c6:
d0:25:1a:39:6c:35:b1:ec:b1:57:f4:2d:ce:18:74:9f:c8:1d:
2a:99:aa:c9
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZfJZr5mHWtarmQuW7mwcKALMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNzAyMDQzMDQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNmFhOGU0ODJiNWZlMDI2ZDliNTI3MzM1ZThlN2FjZGY1ZWM1NmM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw6zggdKzSl+DFS6+DuFUgQWn001/
6v+GFUgwshEQFfilMlL/Mt4HcpEJfD7YEx+j/4ZzjTn+EiqUhimLaeCPJyrd1/mu
Gv6q7P3Is9gVMycG6gju6Ggmfpl1ozYWTptCBq1U9Ichad01N8VjV7vtU6uhjbU2
FRts24F/7Nfve9BKTV3TXy+cTy1WmL5MFy+g98fKQ4pdbLuB3EGyTNtIyM7hSoqF
QAoYsl54saJScUEbaTJ3DlFDIsICk8Pk0qeWfKShOdK8jbyhDegz8ZpHu+9Z8U7Q
aNo1ncwiyiTKM41BqP7T7ciwEDdhVAGBwdheDXHVpaua7I8CTyKtc0QeBQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFMaqjkgrX+Am2bUnM16Oes317FbHMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEveHFxT1NDdGY0Q2JadFNjelhvNTZ6ZlhzVnNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQAJcreAwQA
l/BPAwQAl/CxAwQAl/JXAwQBl/KuAwQBl/LAAwQAl/LNAwQAl/MDAwQAl/NlAwQA
l/S8MA0GCSqGSIb3DQEBCwUAA4IBAQBnRDhx0abegkzOweE/FCqG4dx8ulC77qME
dEy4Z+G0ZlDDGVRJNOYJJ39wnEMl/RtzlJe0f3lbJQGdC0zSXmP0H5+kZmr23W/A
bpGEmWWCS8SP/wOlHliei7lE1FaiibiGZy/OZy83DWfyh7bfPQvfUqrPgmH1B/g4
xuAfrw7XR8UlvJwcQcRW4eA87/3w2b3eLG1+N9YZZK3R1VKtrOEj5v8vVOIR81b2
htywexNrQpFltB+njdPH1U3bvwYbsWLLk3vpqK/hEoSGaNzI4FxQRLTHa+6w4aZm
3pFJb0iCP+8m++805VqOWcbQJRo5bDWx7LFX9C3OGHSfyB0qmarJ
-----END CERTIFICATE-----
Generated at Thu Jul 3 10:23:41 2025 by rpki-client