
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/4G9XbVxKay15t4PCnlAzqNebu6c.roa
File: 4G9XbVxKay15t4PCnlAzqNebu6c.roa (raw, json)
Hash identifier: 71oKjFplO4ba+uSwKxkY7H5vsTG6bkC1I0dmBLgNInk=
Subject key identifier: E0:6F:57:6D:5C:4A:6B:2D:79:B7:83:C2:9E:50:33:A8:D7:9B:BB:A7
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0197E858493AAB09B8155B53D9E34E61D553
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/4G9XbVxKay15t4PCnlAzqNebu6c.roa
Signing time: Tue 08 Jul 2025 04:43:09 +0000
ROA not before: Tue 08 Jul 2025 04:43:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 150004
IP address blocks: 151.242.108.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 13:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:e8:58:49:3a:ab:09:b8:15:5b:53:d9:e3:4e:61:d5:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Jul 8 04:43:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e06f576d5c4a6b2d79b783c29e5033a8d79bbba7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:4d:ef:ce:a1:88:ea:df:c5:87:73:f3:77:12:
50:d7:fb:63:80:c7:a0:3d:5b:a3:7e:f6:22:ee:a7:
03:37:b0:f2:d2:9c:78:dd:65:95:7c:1c:44:db:5e:
64:a4:46:34:70:fa:aa:4c:d3:a8:f1:fd:7d:66:e4:
93:11:05:8d:98:a0:91:05:57:2f:49:68:70:20:6d:
d4:50:c1:2c:cf:10:e4:44:02:19:9a:7e:68:1e:5c:
44:bc:6b:46:8f:5e:a6:a7:07:72:e4:5f:80:64:d7:
7a:67:48:e8:50:1f:64:69:c8:41:ad:ba:49:2d:ce:
22:bd:3f:41:3c:0e:45:d3:7c:62:ac:a5:ed:ea:1b:
d7:55:92:f4:ae:45:24:ea:12:fe:b2:fb:d1:e7:9a:
1c:20:a9:42:d6:d7:d8:c3:ba:11:22:e0:94:31:17:
69:88:1c:c2:0f:43:85:54:52:10:85:a6:5a:d6:c4:
21:53:d4:23:1e:f8:0c:ac:46:17:49:21:ca:12:64:
17:cb:cb:2b:ff:85:e1:91:d3:ba:67:b8:82:54:bf:
8f:56:f1:64:4a:a5:97:7b:4c:e1:2b:2c:40:82:b2:
01:c3:0b:46:78:06:de:d7:64:d0:62:6f:95:3c:a9:
7f:15:e1:1a:2f:3f:44:49:80:b3:78:ef:3a:df:23:
08:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:6F:57:6D:5C:4A:6B:2D:79:B7:83:C2:9E:50:33:A8:D7:9B:BB:A7
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/4G9XbVxKay15t4PCnlAzqNebu6c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.242.108.0/24
Signature Algorithm: sha256WithRSAEncryption
76:00:8e:b1:6d:5b:b4:c2:d0:17:72:ee:2e:1d:46:d3:68:e6:
7d:40:3a:2e:59:1a:3c:0d:37:19:7a:7a:b2:da:0b:86:3e:8e:
d3:a5:f1:3f:56:4b:a2:7f:51:c8:6c:68:3f:ee:d5:e2:d4:d7:
10:99:55:64:36:db:84:32:1c:1b:73:d4:b1:16:62:9c:ac:42:
42:ef:d2:e7:23:fb:b8:e5:4b:c3:d4:8b:6f:5f:b3:b2:28:03:
16:cd:45:4f:b6:a8:63:86:80:6e:cc:e9:c1:9e:58:db:60:10:
05:68:fa:b2:f3:60:95:25:23:b6:39:08:68:c5:b7:98:3c:bb:
48:4e:37:d2:95:10:52:e0:e1:98:42:c9:43:14:26:9d:61:dd:
fc:78:40:cc:c2:5d:9b:f8:45:eb:90:28:b5:af:a4:07:b0:63:
a1:18:19:c1:e1:60:9a:28:8d:1f:09:b2:00:74:23:49:9e:c7:
40:4a:2d:a5:85:45:7d:a3:f9:78:6a:1a:11:56:f1:6f:94:20:
ad:7b:eb:09:30:85:38:2a:ee:5b:40:c3:3d:92:32:8e:fc:3c:
74:62:93:f9:b8:d9:16:0f:de:f0:19:13:86:96:f7:40:05:91:
ab:98:e6:5f:57:8e:1e:7e:37:ae:d7:4d:d6:28:6d:ce:85:8f:
16:2d:39:d4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZfoWEk6qwm4FVtT2eNOYdVTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNzA4MDQ0MzA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDZmNTc2ZDVjNGE2YjJkNzliNzgzYzI5ZTUwMzNhOGQ3OWJiYmE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmk3vzqGI6t/Fh3PzdxJQ1/tjgMeg
PVujfvYi7qcDN7Dy0px43WWVfBxE215kpEY0cPqqTNOo8f19ZuSTEQWNmKCRBVcv
SWhwIG3UUMEszxDkRAIZmn5oHlxEvGtGj16mpwdy5F+AZNd6Z0joUB9kachBrbpJ
Lc4ivT9BPA5F03xirKXt6hvXVZL0rkUk6hL+svvR55ocIKlC1tfYw7oRIuCUMRdp
iBzCD0OFVFIQhaZa1sQhU9QjHvgMrEYXSSHKEmQXy8sr/4XhkdO6Z7iCVL+PVvFk
SqWXe0zhKyxAgrIBwwtGeAbe12TQYm+VPKl/FeEaLz9ESYCzeO863yMIqQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOBvV21cSmstebeDwp5QM6jXm7unMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvNEc5WGJWeEtheTE1dDRQQ25sQXpxTmVidTZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAl/JsMA0G
CSqGSIb3DQEBCwUAA4IBAQB2AI6xbVu0wtAXcu4uHUbTaOZ9QDouWRo8DTcZenqy
2guGPo7TpfE/Vkuif1HIbGg/7tXi1NcQmVVkNtuEMhwbc9SxFmKcrEJC79LnI/u4
5UvD1ItvX7OyKAMWzUVPtqhjhoBuzOnBnljbYBAFaPqy82CVJSO2OQhoxbeYPLtI
TjfSlRBS4OGYQslDFCadYd38eEDMwl2b+EXrkCi1r6QHsGOhGBnB4WCaKI0fCbIA
dCNJnsdASi2lhUV9o/l4ahoRVvFvlCCte+sJMIU4Ku5bQMM9kjKO/Dx0YpP5uNkW
D97wGROGlvdABZGrmOZfV44efjeu103WKG3OhY8WLTnU
-----END CERTIFICATE-----
Generated at Sun Jul 20 22:28:14 2025 by rpki-client