
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/4IMYwIypfQsbZ4fdZ5UkAJKOM4g.roa
File: 4IMYwIypfQsbZ4fdZ5UkAJKOM4g.roa (raw, json)
Hash identifier: DdI3WwX/rViBZmVBUQooVnFW5qfWlCGCj45WiJW6z9Y=
Subject key identifier: E0:83:18:C0:8C:A9:7D:0B:1B:67:87:DD:67:95:24:00:92:8E:33:88
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0197DF778A62576CD95F72DD825AA7B5A234
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/4IMYwIypfQsbZ4fdZ5UkAJKOM4g.roa
Signing time: Sun 06 Jul 2025 11:20:42 +0000
ROA not before: Sun 06 Jul 2025 11:20:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208751
IP address blocks: 151.243.239.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 22:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:df:77:8a:62:57:6c:d9:5f:72:dd:82:5a:a7:b5:a2:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Jul 6 11:20:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e08318c08ca97d0b1b6787dd67952400928e3388
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:76:0c:51:b3:2c:0e:e0:88:2f:32:cd:32:6c:
05:74:8a:b1:92:a3:6d:a7:94:0a:d2:f2:a3:5e:65:
a4:eb:1d:33:bd:73:89:82:01:ee:7a:69:c7:5c:50:
d6:df:bf:ec:2a:ca:29:eb:01:b8:81:16:c0:c4:27:
37:e8:af:3c:0f:e4:93:63:2e:02:ad:f1:9e:71:30:
f5:95:90:09:bd:cb:d8:f3:bf:66:7d:ec:2a:a6:3f:
44:6b:da:28:ca:cb:01:4c:ab:22:11:a9:d7:1b:40:
57:7e:b1:04:86:ca:70:4c:d2:9a:85:19:02:a7:94:
93:d8:29:a4:53:5d:fe:e5:d9:92:7f:32:b7:b3:3b:
c2:99:81:7b:68:64:a0:0a:0f:c3:3a:f5:98:be:72:
69:ab:f3:86:61:1f:30:8f:3f:48:fa:02:46:24:ee:
b0:74:b1:50:fe:e9:90:48:12:82:a8:77:86:8f:1f:
2e:38:dc:10:de:e4:bd:58:f0:0a:75:d2:84:66:16:
1e:ed:13:b5:02:e8:e9:d4:69:be:70:08:ab:17:6f:
58:20:a8:c2:45:7b:96:9e:bd:65:9a:fb:ab:af:0c:
2a:4e:d8:08:d4:fd:6f:53:8a:f1:5a:a4:80:f1:d0:
95:ad:0d:7c:40:13:71:f5:3a:0d:ea:cc:78:cd:83:
e7:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:83:18:C0:8C:A9:7D:0B:1B:67:87:DD:67:95:24:00:92:8E:33:88
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/4IMYwIypfQsbZ4fdZ5UkAJKOM4g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.243.239.0/24
Signature Algorithm: sha256WithRSAEncryption
b5:de:20:37:a5:16:70:b1:63:da:c3:1d:9f:37:4e:69:84:cd:
0d:2a:16:5e:e1:2e:df:2e:49:f6:58:55:a0:08:0f:f6:4f:b8:
cc:3a:99:a1:73:bc:de:27:54:a3:cc:8c:0b:2c:0f:7c:c6:56:
70:e1:c7:5d:75:e1:20:ac:85:53:9e:9e:4e:1f:b6:08:39:fa:
31:e9:22:f9:12:43:2d:26:93:d9:f3:54:dd:53:c9:dd:0b:cf:
1b:a1:27:0c:e0:8b:d0:bb:b2:36:5c:fb:02:e7:93:d2:83:7d:
fc:be:74:c0:52:d4:40:fa:b1:df:27:6a:65:1b:4b:1a:03:db:
15:35:01:fd:77:6b:58:c0:21:0b:85:84:f7:b0:05:c4:1d:c8:
15:0c:8d:45:20:c4:09:39:89:5a:b9:63:60:ec:42:74:25:87:
1e:91:cd:22:f8:fe:1f:cd:8d:8d:85:60:a6:2a:9d:9f:80:1e:
2e:37:be:c3:18:21:7a:1c:90:b1:af:7d:e3:8d:e5:63:da:e3:
db:f8:3a:91:2f:aa:16:62:7d:7c:4f:cd:a4:4f:2c:7e:b1:40:
b2:9f:d2:89:44:66:ec:2d:a4:39:55:0a:c0:c3:cf:7f:59:54:
40:3d:16:2c:89:26:fb:34:33:1f:22:72:09:de:ea:d0:d7:9f:
ac:6d:fa:8f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZffd4piV2zZX3LdglqntaI0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNzA2MTEyMDQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDgzMThjMDhjYTk3ZDBiMWI2Nzg3ZGQ2Nzk1MjQwMDkyOGUzMzg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnHYMUbMsDuCILzLNMmwFdIqxkqNt
p5QK0vKjXmWk6x0zvXOJggHuemnHXFDW37/sKsop6wG4gRbAxCc36K88D+STYy4C
rfGecTD1lZAJvcvY879mfewqpj9Ea9ooyssBTKsiEanXG0BXfrEEhspwTNKahRkC
p5ST2CmkU13+5dmSfzK3szvCmYF7aGSgCg/DOvWYvnJpq/OGYR8wjz9I+gJGJO6w
dLFQ/umQSBKCqHeGjx8uONwQ3uS9WPAKddKEZhYe7RO1Aujp1Gm+cAirF29YIKjC
RXuWnr1lmvurrwwqTtgI1P1vU4rxWqSA8dCVrQ18QBNx9ToN6sx4zYPn7QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOCDGMCMqX0LG2eH3WeVJACSjjOIMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvNElNWXdJeXBmUXNiWjRmZFo1VWtBSktPTTRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAl/PvMA0G
CSqGSIb3DQEBCwUAA4IBAQC13iA3pRZwsWPawx2fN05phM0NKhZe4S7fLkn2WFWg
CA/2T7jMOpmhc7zeJ1SjzIwLLA98xlZw4cdddeEgrIVTnp5OH7YIOfox6SL5EkMt
JpPZ81TdU8ndC88boScM4IvQu7I2XPsC55PSg338vnTAUtRA+rHfJ2plG0saA9sV
NQH9d2tYwCELhYT3sAXEHcgVDI1FIMQJOYlauWNg7EJ0JYcekc0i+P4fzY2NhWCm
Kp2fgB4uN77DGCF6HJCxr33jjeVj2uPb+DqRL6oWYn18T82kTyx+sUCyn9KJRGbs
LaQ5VQrAw89/WVRAPRYsiSb7NDMfInIJ3urQ15+sbfqP
-----END CERTIFICATE-----
Generated at Wed Jul 23 02:27:02 2025 by rpki-client