Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/742370-e10f-4541-aa6c-61afb66d1e8c/1/8VGto6-m3ZhEtMlMk4okhMSijsU.roa
File: 8VGto6-m3ZhEtMlMk4okhMSijsU.roa (raw, json)
Hash identifier: SKlBiSxKydLy7D3Ilb/NXQqcAfFABqE3nA6lfv3eM7w=
Subject key identifier: F1:51:AD:A3:AF:A6:DD:98:44:B4:C9:4C:93:8A:24:84:C4:A2:8E:C5
Certificate issuer: /CN=19ee5f16fc144acb98977449faa0ab77de1bdcc9
Certificate serial: 01996FF928152A63D7B60A75B53FBD74E26F
Authority key identifier: 19:EE:5F:16:FC:14:4A:CB:98:97:74:49:FA:A0:AB:77:DE:1B:DC:C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ge5fFvwUSsuYl3RJ-qCrd94b3Mk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/742370-e10f-4541-aa6c-61afb66d1e8c/1/8VGto6-m3ZhEtMlMk4okhMSijsU.roa
Signing time: Mon 22 Sep 2025 05:50:23 +0000
ROA not before: Mon 22 Sep 2025 05:50:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6168
IP address blocks: 151.253.180.0/23 maxlen: 24
151.253.180.0/24 maxlen: 24
151.253.181.0/24 maxlen: 24
194.170.246.0/24 maxlen: 24
195.229.47.0/24 maxlen: 24
213.42.110.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b0/742370-e10f-4541-aa6c-61afb66d1e8c/1/Ge5fFvwUSsuYl3RJ-qCrd94b3Mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/b0/742370-e10f-4541-aa6c-61afb66d1e8c/1/Ge5fFvwUSsuYl3RJ-qCrd94b3Mk.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ge5fFvwUSsuYl3RJ-qCrd94b3Mk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:6f:f9:28:15:2a:63:d7:b6:0a:75:b5:3f:bd:74:e2:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19ee5f16fc144acb98977449faa0ab77de1bdcc9
Validity
Not Before: Sep 22 05:50:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f151ada3afa6dd9844b4c94c938a2484c4a28ec5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:f4:c0:a4:58:3a:6e:06:f9:21:78:2c:de:d3:
2d:65:b3:17:74:a6:94:a5:79:7e:64:4d:a3:2f:2b:
b6:aa:d6:21:58:03:27:ab:17:de:b9:4c:24:a2:8a:
8b:9d:e0:52:ae:ba:de:5b:7b:85:1b:3d:3d:63:71:
07:d5:26:75:67:72:20:c9:17:5c:29:36:81:87:2d:
b2:0f:a4:ef:c1:90:2a:2f:43:a6:cc:8c:d7:9e:90:
2c:1f:ea:da:c6:c6:71:2a:ab:00:14:47:d0:7f:2e:
ec:97:37:6f:60:31:77:bb:e5:57:a3:b9:96:ac:2e:
15:69:44:93:c1:aa:13:8b:dd:f1:4d:f8:8c:1b:79:
f1:4e:60:29:ae:3f:56:cf:0e:64:37:d9:04:fb:84:
33:da:d8:ff:ea:7a:61:56:1d:fa:3f:17:52:cb:6f:
bc:29:4a:91:83:84:15:3b:3c:73:cd:68:49:86:cc:
c8:af:05:55:7d:d3:bc:a6:12:13:3b:5a:35:25:85:
8f:db:51:64:1e:c6:79:84:08:ec:3e:1e:a3:58:19:
77:8c:a0:ea:26:97:e4:f2:0d:75:b7:db:d6:ab:32:
c3:84:80:25:20:d4:4d:d8:d1:c0:3f:3e:dc:62:69:
38:8f:14:31:b7:93:2e:60:8e:f6:d6:4d:f6:12:d9:
f5:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:51:AD:A3:AF:A6:DD:98:44:B4:C9:4C:93:8A:24:84:C4:A2:8E:C5
X509v3 Authority Key Identifier:
keyid:19:EE:5F:16:FC:14:4A:CB:98:97:74:49:FA:A0:AB:77:DE:1B:DC:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ge5fFvwUSsuYl3RJ-qCrd94b3Mk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/742370-e10f-4541-aa6c-61afb66d1e8c/1/8VGto6-m3ZhEtMlMk4okhMSijsU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/742370-e10f-4541-aa6c-61afb66d1e8c/1/Ge5fFvwUSsuYl3RJ-qCrd94b3Mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.253.180.0/23
194.170.246.0/24
195.229.47.0/24
213.42.110.0/24
Signature Algorithm: sha256WithRSAEncryption
50:71:59:e3:16:ba:c9:28:00:c5:6a:45:4f:d3:ad:64:76:f0:
44:1a:f8:1f:6d:19:11:4a:80:44:c9:6d:71:75:c0:d1:36:fd:
63:ec:3d:fc:e9:1d:84:36:2f:9c:df:2f:ab:4d:ef:08:9f:69:
da:8e:a7:66:c7:52:6b:70:80:13:a3:2f:1a:b1:be:87:16:63:
e6:99:37:b3:40:af:f7:b2:37:29:7f:4a:00:bc:97:d3:d3:1b:
a6:4c:f3:1c:3f:c6:5a:9f:6c:10:39:3e:fa:58:74:bd:e0:3a:
06:d0:8f:ba:f4:17:ee:87:b9:30:06:7d:14:57:e3:bd:f9:02:
7a:ae:70:1c:90:b1:65:93:36:e4:02:83:b7:7e:55:c5:65:d3:
8e:81:c1:26:50:d7:83:17:9a:3e:ca:80:eb:94:68:f0:a1:94:
12:7b:70:d7:25:e8:bc:c0:13:c3:32:f9:30:d9:e4:cd:fb:d0:
ab:3b:28:db:27:9e:fe:3f:06:47:2d:43:45:f3:b2:d9:4d:0f:
60:4f:f3:ad:9d:86:cb:2a:59:40:13:a0:6e:e6:10:5c:81:d5:
40:93:5e:0b:c5:12:ac:68:65:0f:b7:64:c6:29:9a:68:a9:db:
8c:06:24:e9:a0:78:f0:79:89:42:e9:82:7f:fc:be:79:e4:bb:
70:27:3f:4c
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZlv+SgVKmPXtgp1tT+9dOJvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5ZWU1ZjE2ZmMxNDRhY2I5ODk3NzQ0OWZhYTBhYjc3ZGUx
YmRjYzkwHhcNMjUwOTIyMDU1MDIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMTUxYWRhM2FmYTZkZDk4NDRiNGM5NGM5MzhhMjQ4NGM0YTI4ZWM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs/TApFg6bgb5IXgs3tMtZbMXdKaU
pXl+ZE2jLyu2qtYhWAMnqxfeuUwkooqLneBSrrreW3uFGz09Y3EH1SZ1Z3IgyRdc
KTaBhy2yD6TvwZAqL0OmzIzXnpAsH+raxsZxKqsAFEfQfy7slzdvYDF3u+VXo7mW
rC4VaUSTwaoTi93xTfiMG3nxTmAprj9Wzw5kN9kE+4Qz2tj/6nphVh36PxdSy2+8
KUqRg4QVOzxzzWhJhszIrwVVfdO8phITO1o1JYWP21FkHsZ5hAjsPh6jWBl3jKDq
Jpfk8g11t9vWqzLDhIAlINRN2NHAPz7cYmk4jxQxt5MuYI721k32Etn1mQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPFRraOvpt2YRLTJTJOKJITEoo7FMB8GA1UdIwQY
MBaAFBnuXxb8FErLmJd0Sfqgq3feG9zJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2U1ZkZ2d1VTc3VZbDNSSi1xQ3JkOTRiM01rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC83NDIzNzAtZTEwZi00NTQxLWFhNmMt
NjFhZmI2NmQxZThjLzEvOFZHdG82LW0zWmhFdE1sTWs0b2toTVNpanNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC83NDIzNzAtZTEwZi00NTQxLWFhNmMtNjFhZmI2NmQxZThj
LzEvR2U1ZkZ2d1VTc3VZbDNSSi1xQ3JkOTRiM01rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBl/20AwQA
wqr2AwQAw+UvAwQA1SpuMA0GCSqGSIb3DQEBCwUAA4IBAQBQcVnjFrrJKADFakVP
061kdvBEGvgfbRkRSoBEyW1xdcDRNv1j7D386R2ENi+c3y+rTe8In2najqdmx1Jr
cIAToy8asb6HFmPmmTezQK/3sjcpf0oAvJfT0xumTPMcP8Zan2wQOT76WHS94DoG
0I+69Bfuh7kwBn0UV+O9+QJ6rnAckLFlkzbkAoO3flXFZdOOgcEmUNeDF5o+yoDr
lGjwoZQSe3DXJei8wBPDMvkw2eTN+9CrOyjbJ57+PwZHLUNF87LZTQ9gT/OtnYbL
KllAE6Bu5hBcgdVAk14LxRKsaGUPt2TGKZpoqduMBiTpoHjweYlC6YJ//L555Ltw
Jz9M
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:04:24 2025 by rpki-client