Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/1LfpG43hJBGwNQ2jkobh2fAwONo.roa
File: 1LfpG43hJBGwNQ2jkobh2fAwONo.roa (raw, json)
Hash identifier: g2MEgycsRhtpZN75sl7eP1afiW2CKglukyPxq7OoS/M=
Subject key identifier: D4:B7:E9:1B:8D:E1:24:11:B0:35:0D:A3:92:86:E1:D9:F0:30:38:DA
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019811D0BD31B836001783862C9354D74E01
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/1LfpG43hJBGwNQ2jkobh2fAwONo.roa
Signing time: Wed 16 Jul 2025 05:59:09 +0000
ROA not before: Wed 16 Jul 2025 05:59:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 22427
IP address blocks: 151.242.154.0/24 maxlen: 24
151.242.253.0/24 maxlen: 24
151.243.246.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 13:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:11:d0:bd:31:b8:36:00:17:83:86:2c:93:54:d7:4e:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Jul 16 05:59:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d4b7e91b8de12411b0350da39286e1d9f03038da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:63:5f:5e:af:f4:c9:ed:d0:f0:b5:d4:b8:b3:
85:00:61:5f:a1:45:9b:98:55:b9:e0:13:4d:c4:65:
2d:85:ad:d6:7e:e3:12:f7:88:85:02:a1:18:83:97:
41:a7:82:05:d7:7e:6e:db:26:ab:34:c9:50:e2:c1:
d2:54:ed:0a:e7:8e:bd:98:ca:3f:e8:20:23:6d:9d:
3d:67:d5:7b:a3:ab:21:25:94:fd:8c:51:d3:63:7f:
22:13:56:4d:7c:a5:82:9d:84:99:ea:0e:84:ad:00:
32:47:f9:b3:cc:ac:61:4c:2b:df:1d:95:c1:98:fb:
2c:3c:f1:bc:14:bf:97:36:91:b8:ea:cb:d7:1a:e0:
e1:8b:c8:0c:44:11:8b:33:d0:53:20:a9:b1:04:bf:
38:cb:e1:d9:ca:7a:19:c3:a9:e5:ef:9a:85:a7:4f:
80:ce:ae:78:9b:ba:76:d9:29:39:87:bd:6f:86:cc:
a1:92:ec:6a:5f:f2:c3:af:56:8c:21:ab:87:8a:64:
d8:6f:44:52:58:a3:d1:f5:0b:e3:6c:4c:61:b4:b2:
a1:36:95:e7:fd:71:02:6b:86:ab:4c:12:53:11:5c:
60:4a:29:cf:be:c7:5a:48:69:90:1a:7f:44:d5:7a:
d4:e8:3d:ab:ef:08:96:41:c4:aa:a7:19:76:81:a2:
66:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:B7:E9:1B:8D:E1:24:11:B0:35:0D:A3:92:86:E1:D9:F0:30:38:DA
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/1LfpG43hJBGwNQ2jkobh2fAwONo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.242.154.0/24
151.242.253.0/24
151.243.246.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:95:23:02:f7:8d:2f:7c:f8:18:1c:04:38:5d:2f:63:30:4a:
76:5a:96:c0:0a:76:4e:c1:9a:a3:b9:f6:2b:f6:f0:ce:07:c6:
35:8b:70:a3:c2:74:23:4d:c9:0a:ab:6e:63:8e:74:22:f0:df:
b5:2c:34:8d:04:56:2e:d9:12:af:a5:a4:94:aa:a9:3f:d7:36:
32:da:d8:11:e2:d1:18:e8:ee:4d:47:0b:d4:f3:ad:4a:b8:e0:
77:db:e4:6a:3d:f2:ce:fa:e0:df:be:4a:13:c3:ef:71:84:0e:
47:57:be:84:16:31:2c:d2:52:f1:a8:63:5c:4b:c1:67:b0:99:
94:59:b4:68:e0:1f:4b:29:e6:81:0e:93:d8:9c:6d:c1:1d:66:
93:9b:93:0b:cf:d3:e4:60:99:54:97:1b:eb:5a:ea:e0:a7:8d:
94:eb:98:6c:02:29:49:df:bd:18:48:19:93:f1:87:ed:75:76:
4c:39:f9:2c:40:9c:30:89:ab:d6:f5:71:a6:2a:78:d4:1b:63:
04:d6:d9:b4:2f:c1:dc:43:c4:dc:13:64:85:ac:a7:42:a6:06:
77:8a:31:da:c6:7a:31:32:74:8d:24:0b:a9:61:68:6e:68:ff:
d9:58:e5:aa:72:a6:86:08:00:03:78:3b:80:fc:76:ed:66:23:
55:93:55:19
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZgR0L0xuDYAF4OGLJNU104BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNzE2MDU1OTA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNGI3ZTkxYjhkZTEyNDExYjAzNTBkYTM5Mjg2ZTFkOWYwMzAzOGRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtmNfXq/0ye3Q8LXUuLOFAGFfoUWb
mFW54BNNxGUtha3WfuMS94iFAqEYg5dBp4IF135u2yarNMlQ4sHSVO0K5469mMo/
6CAjbZ09Z9V7o6shJZT9jFHTY38iE1ZNfKWCnYSZ6g6ErQAyR/mzzKxhTCvfHZXB
mPssPPG8FL+XNpG46svXGuDhi8gMRBGLM9BTIKmxBL84y+HZynoZw6nl75qFp0+A
zq54m7p22Sk5h71vhsyhkuxqX/LDr1aMIauHimTYb0RSWKPR9QvjbExhtLKhNpXn
/XECa4arTBJTEVxgSinPvsdaSGmQGn9E1XrU6D2r7wiWQcSqpxl2gaJm8wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNS36RuN4SQRsDUNo5KG4dnwMDjaMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvMUxmcEc0M2hKQkd3TlEyamtvYmgyZkF3T05vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAl/KaAwQA
l/L9AwQAl/P2MA0GCSqGSIb3DQEBCwUAA4IBAQAclSMC940vfPgYHAQ4XS9jMEp2
WpbACnZOwZqjufYr9vDOB8Y1i3CjwnQjTckKq25jjnQi8N+1LDSNBFYu2RKvpaSU
qqk/1zYy2tgR4tEY6O5NRwvU861KuOB32+RqPfLO+uDfvkoTw+9xhA5HV76EFjEs
0lLxqGNcS8FnsJmUWbRo4B9LKeaBDpPYnG3BHWaTm5MLz9PkYJlUlxvrWurgp42U
65hsAilJ370YSBmT8YftdXZMOfksQJwwiavW9XGmKnjUG2ME1tm0L8HcQ8TcE2SF
rKdCpgZ3ijHaxnoxMnSNJAupYWhuaP/ZWOWqcqaGCAADeDuA/HbtZiNVk1UZ
-----END CERTIFICATE-----
Generated at Sun Jul 20 18:21:13 2025 by rpki-client