Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/yhBIbSjJczlbw8H_ksSqKoqG1I0.roa
File: yhBIbSjJczlbw8H_ksSqKoqG1I0.roa (raw, json)
Hash identifier: HLSxc0PJchWyDBKO8vQb/OjNTLkqY6E9UsutDgXaPsw=
Subject key identifier: CA:10:48:6D:28:C9:73:39:5B:C3:C1:FF:92:C4:AA:2A:8A:86:D4:8D
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0199655E9F4BE58A8B80EFBE856C1DC56013
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/yhBIbSjJczlbw8H_ksSqKoqG1I0.roa
Signing time: Sat 20 Sep 2025 04:25:23 +0000
ROA not before: Sat 20 Sep 2025 04:25:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 135402
IP address blocks: 151.240.96.0/24 maxlen: 24
151.242.86.0/24 maxlen: 24
151.243.4.0/24 maxlen: 24
151.243.206.0/24 maxlen: 24
151.243.221.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:65:5e:9f:4b:e5:8a:8b:80:ef:be:85:6c:1d:c5:60:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Sep 20 04:25:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ca10486d28c973395bc3c1ff92c4aa2a8a86d48d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:2e:28:63:ab:dd:7f:c9:29:7c:2a:1f:72:89:
16:0b:84:4b:b4:9a:58:4a:ac:c6:00:f5:cd:f6:49:
0e:7e:a1:d2:a8:3d:33:c5:ef:be:b7:17:70:c7:d5:
2d:19:75:f3:f0:07:8f:59:9f:80:1d:7b:08:a7:77:
f4:a0:47:cb:78:19:9b:6d:f5:08:72:6d:27:b9:cc:
99:31:ba:3e:1e:fd:8a:85:af:15:93:47:32:56:2c:
61:51:b6:28:8a:0a:15:de:3e:01:2e:a8:bf:3f:eb:
73:1c:1a:34:98:c0:53:d6:c8:a6:ec:74:84:45:f5:
d8:91:31:3f:0b:9b:30:3f:85:76:e7:1a:44:95:16:
8a:f7:6b:ea:ab:18:4f:af:93:50:05:29:d1:b3:13:
3a:79:ac:61:53:14:50:da:64:b3:d8:c0:77:db:9d:
01:99:02:aa:3b:35:ad:f1:04:6e:5b:db:3b:4e:d0:
34:74:73:fc:f8:b3:64:02:0e:98:78:0e:a0:43:69:
2f:83:cd:f5:cf:27:6c:18:a9:5c:9b:b2:a6:e7:2c:
f7:91:c5:53:90:c4:0b:f0:d0:d0:04:ea:e1:64:7c:
c6:55:3e:9e:e4:a9:e9:32:7a:1a:a4:80:7e:e8:ac:
6c:8d:ef:a7:47:93:22:16:0e:b3:1f:b7:10:72:ca:
32:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:10:48:6D:28:C9:73:39:5B:C3:C1:FF:92:C4:AA:2A:8A:86:D4:8D
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/yhBIbSjJczlbw8H_ksSqKoqG1I0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.240.96.0/24
151.242.86.0/24
151.243.4.0/24
151.243.206.0/24
151.243.221.0/24
Signature Algorithm: sha256WithRSAEncryption
07:4b:00:98:d7:6c:c3:6a:ab:df:88:45:57:a9:4a:84:db:38:
8e:25:8f:69:d9:01:10:60:58:5b:b4:fc:de:68:27:d2:37:3f:
1d:07:7e:70:e4:f9:20:5f:5b:1e:46:b8:4b:61:c9:3f:7e:33:
05:b2:99:17:cf:79:bf:c9:67:5c:e6:41:7c:a7:0a:31:12:bb:
9c:03:17:22:70:c1:8d:c3:68:8b:20:22:6e:67:89:3b:93:1f:
5a:40:27:67:5f:f6:fe:6b:03:d3:37:da:bc:36:ac:4f:7b:c7:
15:3f:ec:bd:67:62:c8:09:39:c0:fa:9e:a3:84:59:7f:70:bf:
af:80:72:f6:4f:83:11:72:a7:19:71:eb:ca:8b:06:c1:57:b1:
58:c3:6f:8a:d5:6f:77:48:26:55:10:84:55:f0:b8:17:ec:bd:
09:06:90:45:d9:7b:2b:89:c9:a8:ed:de:c5:e7:ea:00:b2:7d:
cc:2a:f5:22:62:79:b2:d1:d3:7a:01:a9:71:9a:76:20:ab:1c:
3f:20:6a:0f:c2:99:10:77:ae:30:c7:02:16:1b:82:ea:0d:50:
32:97:e5:8f:7f:ce:73:95:bf:25:f6:c2:b7:28:25:a5:e4:ff:
8b:58:e8:9e:de:dc:fd:09:78:da:09:b8:07:39:e8:f1:bb:8e:
05:85:15:e3
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZllXp9L5YqLgO++hWwdxWATMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwOTIwMDQyNTIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTEwNDg2ZDI4Yzk3MzM5NWJjM2MxZmY5MmM0YWEyYThhODZkNDhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArS4oY6vdf8kpfCofcokWC4RLtJpY
SqzGAPXN9kkOfqHSqD0zxe++txdwx9UtGXXz8AePWZ+AHXsIp3f0oEfLeBmbbfUI
cm0nucyZMbo+Hv2Kha8Vk0cyVixhUbYoigoV3j4BLqi/P+tzHBo0mMBT1sim7HSE
RfXYkTE/C5swP4V25xpElRaK92vqqxhPr5NQBSnRsxM6eaxhUxRQ2mSz2MB3250B
mQKqOzWt8QRuW9s7TtA0dHP8+LNkAg6YeA6gQ2kvg831zydsGKlcm7Km5yz3kcVT
kMQL8NDQBOrhZHzGVT6e5KnpMnoapIB+6Kxsje+nR5MiFg6zH7cQcsoyuwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFMoQSG0oyXM5W8PB/5LEqiqKhtSNMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEveWhCSWJTakpjemxidzhIX2tzU3FLb3FHMUkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAl/BgAwQA
l/JWAwQAl/MEAwQAl/POAwQAl/PdMA0GCSqGSIb3DQEBCwUAA4IBAQAHSwCY12zD
aqvfiEVXqUqE2ziOJY9p2QEQYFhbtPzeaCfSNz8dB35w5PkgX1seRrhLYck/fjMF
spkXz3m/yWdc5kF8pwoxErucAxcicMGNw2iLICJuZ4k7kx9aQCdnX/b+awPTN9q8
NqxPe8cVP+y9Z2LICTnA+p6jhFl/cL+vgHL2T4MRcqcZcevKiwbBV7FYw2+K1W93
SCZVEIRV8LgX7L0JBpBF2Xsricmo7d7F5+oAsn3MKvUiYnmy0dN6AalxmnYgqxw/
IGoPwpkQd64wxwIWG4LqDVAyl+WPf85zlb8l9sK3KCWl5P+LWOie3tz9CXjaCbgH
Oejxu44FhRXj
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:05:46 2025 by rpki-client