Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xyH2ZerLPYxcdAco3sD_hPaZN-k.roa
File: xyH2ZerLPYxcdAco3sD_hPaZN-k.roa (raw, json)
Hash identifier: QY4WHDB99edVP3zWsjNjRFSuPvUcJheAeqRfx02Dsjc=
Subject key identifier: C7:21:F6:65:EA:CB:3D:8C:5C:74:07:28:DE:C0:FF:84:F6:99:37:E9
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0198AE2F31CCDFFAEB17D80FC982E86B1D8C
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xyH2ZerLPYxcdAco3sD_hPaZN-k.roa
Signing time: Fri 15 Aug 2025 14:43:05 +0000
ROA not before: Fri 15 Aug 2025 14:43:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214305
IP address blocks: 151.240.76.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 09:25:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:ae:2f:31:cc:df:fa:eb:17:d8:0f:c9:82:e8:6b:1d:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Aug 15 14:43:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c721f665eacb3d8c5c740728dec0ff84f69937e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:f1:0f:ab:e5:c5:c0:ca:1d:b7:f1:dd:7f:39:
14:3d:05:45:08:45:13:78:07:1c:c9:16:3d:02:39:
b1:45:32:c3:a0:41:b7:27:98:08:da:1b:ee:5e:4a:
f7:82:b0:3c:bc:24:e2:94:16:60:d5:f7:c2:c2:79:
01:0b:77:1f:23:ac:2b:69:01:8a:d7:48:d9:e0:3a:
9b:37:c3:dd:f8:50:fa:64:9e:45:e9:c4:d2:13:d2:
a6:81:4b:4a:32:9d:bc:82:d1:c4:39:a1:dd:e0:74:
e9:d3:e6:79:41:e4:de:bf:3a:ba:2a:d5:da:d9:70:
15:c7:a5:92:d8:bb:50:b1:b8:15:e8:64:ae:96:06:
5e:07:89:fe:b1:99:e2:6b:5b:3f:32:af:f7:d4:bb:
b5:a3:b2:f3:9b:55:c3:80:8d:a6:a2:28:f2:38:04:
3b:ec:a0:78:92:a7:db:41:68:c3:e2:a1:04:2b:84:
5b:34:85:b1:29:20:7a:a7:b8:ee:ac:ff:fd:f0:f6:
5d:86:1d:da:3a:00:fd:75:93:c8:d3:12:d4:65:1c:
5f:47:78:33:c1:d9:87:13:0c:3b:c9:5d:f6:d6:b4:
2a:9e:13:58:6d:21:c5:25:51:12:a7:fb:83:e1:3d:
65:3a:2c:09:40:29:5a:df:a9:97:d8:c8:8b:fd:44:
78:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:21:F6:65:EA:CB:3D:8C:5C:74:07:28:DE:C0:FF:84:F6:99:37:E9
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xyH2ZerLPYxcdAco3sD_hPaZN-k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.240.76.0/24
Signature Algorithm: sha256WithRSAEncryption
28:d5:d3:6a:2d:4f:73:ce:4f:29:af:5c:9e:42:4d:52:3f:6d:
2d:36:81:76:f2:34:32:d9:34:86:35:96:2f:68:f0:b1:4a:11:
bd:71:47:1b:9f:7c:39:bb:db:2f:5f:98:5b:18:49:66:e2:0b:
b9:a1:71:6e:fb:4c:77:3d:39:b7:58:29:17:0c:54:c4:7d:b8:
af:ea:36:3d:b6:89:6b:67:82:f9:32:e5:de:c0:44:d0:dd:56:
df:2d:bb:88:99:0e:7e:42:bc:c7:24:23:5b:f7:5b:bc:4b:42:
0d:c5:8a:fd:aa:55:0c:cb:54:2a:38:d1:07:7b:3a:8f:e3:16:
4d:2d:6b:f9:73:e2:54:45:73:7a:c0:73:f1:42:82:31:ee:8d:
d4:be:bc:61:61:36:fe:12:b1:43:a6:61:c6:3e:79:c0:21:90:
80:84:ad:08:87:0a:bd:71:a4:87:34:08:df:ed:69:d5:93:b4:
36:57:c2:43:b7:42:f6:9a:4c:1c:ed:c1:1c:96:d6:e6:72:3c:
f5:ff:ab:d7:52:0a:cc:c5:72:34:52:df:68:e9:df:bf:c5:dc:
8f:90:31:5f:f1:79:79:2b:86:bf:87:87:11:cf:2b:a1:6d:31:
eb:5b:af:af:d8:db:e7:96:45:2e:4f:fd:b8:11:fa:e4:84:49:
b7:b6:e8:62
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZiuLzHM3/rrF9gPyYLoax2MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwODE1MTQ0MzA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzIxZjY2NWVhY2IzZDhjNWM3NDA3MjhkZWMwZmY4NGY2OTkzN2U5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5/EPq+XFwModt/HdfzkUPQVFCEUT
eAccyRY9AjmxRTLDoEG3J5gI2hvuXkr3grA8vCTilBZg1ffCwnkBC3cfI6wraQGK
10jZ4DqbN8Pd+FD6ZJ5F6cTSE9KmgUtKMp28gtHEOaHd4HTp0+Z5QeTevzq6KtXa
2XAVx6WS2LtQsbgV6GSulgZeB4n+sZnia1s/Mq/31Lu1o7Lzm1XDgI2moijyOAQ7
7KB4kqfbQWjD4qEEK4RbNIWxKSB6p7jurP/98PZdhh3aOgD9dZPI0xLUZRxfR3gz
wdmHEww7yV321rQqnhNYbSHFJVESp/uD4T1lOiwJQCla36mX2MiL/UR4PQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMch9mXqyz2MXHQHKN7A/4T2mTfpMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEveHlIMlplckxQWXhjZEFjbzNzRF9oUGFaTi1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAl/BMMA0G
CSqGSIb3DQEBCwUAA4IBAQAo1dNqLU9zzk8pr1yeQk1SP20tNoF28jQy2TSGNZYv
aPCxShG9cUcbn3w5u9svX5hbGElm4gu5oXFu+0x3PTm3WCkXDFTEfbiv6jY9tolr
Z4L5MuXewETQ3VbfLbuImQ5+QrzHJCNb91u8S0INxYr9qlUMy1QqONEHezqP4xZN
LWv5c+JURXN6wHPxQoIx7o3UvrxhYTb+ErFDpmHGPnnAIZCAhK0Ihwq9caSHNAjf
7WnVk7Q2V8JDt0L2mkwc7cEcltbmcjz1/6vXUgrMxXI0Ut9o6d+/xdyPkDFf8Xl5
K4a/h4cRzyuhbTHrW6+v2NvnlkUuT/24EfrkhEm3tuhi
-----END CERTIFICATE-----
Generated at Sat Aug 23 17:24:25 2025 by rpki-client