Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/CQ-vogC6imIrk6XR9Pb2lC9wlhg.roa
File: CQ-vogC6imIrk6XR9Pb2lC9wlhg.roa (raw, json)
Hash identifier: iyE2q430apIU5NTDEAXYAnovNc871BuLxamA/CIgG7g=
Subject key identifier: 09:0F:AF:A2:00:BA:8A:62:2B:93:A5:D1:F4:F6:F6:94:2F:70:96:18
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019811D0BDA786469EAD69D9F1D3038C215F
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/CQ-vogC6imIrk6XR9Pb2lC9wlhg.roa
Signing time: Wed 16 Jul 2025 05:59:09 +0000
ROA not before: Wed 16 Jul 2025 05:59:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 36530
IP address blocks: 151.241.128.0/22 maxlen: 24
151.242.4.0/24 maxlen: 24
151.242.14.0/24 maxlen: 24
151.242.17.0/24 maxlen: 24
151.242.27.0/24 maxlen: 24
151.242.32.0/24 maxlen: 24
151.242.40.0/24 maxlen: 24
151.242.64.0/24 maxlen: 24
151.242.78.0/24 maxlen: 24
151.242.79.0/24 maxlen: 24
151.242.82.0/24 maxlen: 24
151.242.139.0/24 maxlen: 24
151.243.44.0/24 maxlen: 24
151.243.115.0/24 maxlen: 24
151.244.3.0/24 maxlen: 24
151.244.128.0/24 maxlen: 24
151.244.129.0/24 maxlen: 24
151.244.130.0/24 maxlen: 24
151.245.120.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 06:18:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:11:d0:bd:a7:86:46:9e:ad:69:d9:f1:d3:03:8c:21:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Jul 16 05:59:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=090fafa200ba8a622b93a5d1f4f6f6942f709618
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:66:d3:b2:87:da:66:58:6f:6e:98:a1:54:1f:
a9:95:a0:ca:97:07:ab:eb:9d:60:ff:42:de:6b:66:
5b:c8:68:db:43:05:ab:40:b3:56:00:06:ba:c8:7e:
1e:22:5a:ef:8a:fb:da:36:57:71:cc:2d:1e:f3:14:
c8:61:b8:86:68:e2:2f:36:c1:49:11:c9:c1:cf:3c:
42:b6:93:67:4e:5d:fb:c1:be:56:bf:d6:69:e6:dd:
40:88:c4:2d:ce:59:f7:ed:5c:92:d5:40:f7:12:75:
21:54:a4:ae:d7:31:48:cf:5a:e3:0c:27:c9:cb:00:
fa:e2:81:de:f5:72:a2:66:49:d4:8f:cc:3d:4b:4a:
71:f8:9b:f6:2c:3f:86:46:5c:c5:e9:36:0a:e1:90:
fd:8c:26:68:ac:d1:f7:e6:59:a6:7e:a1:60:87:e1:
d6:78:68:a4:f6:d1:47:36:32:a0:38:63:a6:cc:cd:
6c:1d:f6:45:51:87:c4:b2:ef:32:49:6d:5b:b1:3a:
0e:3e:cf:46:57:fd:b9:24:7e:17:a9:c7:68:c2:54:
84:0c:de:f2:98:c4:2b:9d:b9:b9:01:83:05:1f:c2:
da:5b:eb:03:b7:53:9c:21:fb:6f:3f:b6:6a:2a:6b:
18:1f:a8:94:5a:2e:d2:6a:7d:20:34:45:d2:4f:43:
9b:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:0F:AF:A2:00:BA:8A:62:2B:93:A5:D1:F4:F6:F6:94:2F:70:96:18
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/CQ-vogC6imIrk6XR9Pb2lC9wlhg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.241.128.0/22
151.242.4.0/24
151.242.14.0/24
151.242.17.0/24
151.242.27.0/24
151.242.32.0/24
151.242.40.0/24
151.242.64.0/24
151.242.78.0/23
151.242.82.0/24
151.242.139.0/24
151.243.44.0/24
151.243.115.0/24
151.244.3.0/24
151.244.128.0-151.244.130.255
151.245.120.0/21
Signature Algorithm: sha256WithRSAEncryption
a3:e5:91:40:3c:7b:33:75:51:68:20:a4:e3:7e:a9:c2:84:ba:
4a:e8:c7:ad:6b:29:b9:74:45:8a:8c:ac:cb:78:40:95:f2:bf:
dd:50:27:99:c5:52:db:26:8c:58:76:73:bd:97:48:b8:6f:cb:
8c:4a:bc:5f:f6:fb:05:cc:8c:b8:ae:ed:c4:13:58:e5:c9:da:
52:05:ec:d7:f7:7b:31:ab:4c:a4:ee:33:5d:10:43:ff:0e:ed:
64:3c:eb:c1:75:e2:ba:4f:de:04:41:e8:52:7e:c7:b5:24:d4:
92:58:29:b3:46:63:2d:b0:9a:84:34:98:db:fc:c1:c2:43:56:
c7:81:b5:8a:20:3e:fe:72:43:13:a8:df:c3:a2:7e:91:a7:ca:
b0:ed:1c:79:39:fe:5f:60:cd:1e:5d:83:7f:6f:c4:fc:96:20:
b8:49:94:c3:32:fd:e0:04:55:61:67:ae:f4:c4:ea:43:94:f2:
5c:d3:1e:82:77:26:7c:6a:ab:15:a2:8e:ad:cc:cc:bb:8e:08:
6f:fa:c6:c2:b2:26:ad:bc:21:e9:0a:97:02:f8:23:99:43:fc:
2a:22:b2:05:b7:ec:2f:f4:b6:98:2b:22:c8:1a:c2:b9:13:ed:
ec:78:b9:4c:84:00:e9:c2:36:61:09:4a:b6:68:49:ad:6f:3f:
5e:e1:7e:a3
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgISAZgR0L2nhkaerWnZ8dMDjCFfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNzE2MDU1OTA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTBmYWZhMjAwYmE4YTYyMmI5M2E1ZDFmNGY2ZjY5NDJmNzA5NjE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwWbTsofaZlhvbpihVB+plaDKlwer
651g/0Lea2ZbyGjbQwWrQLNWAAa6yH4eIlrvivvaNldxzC0e8xTIYbiGaOIvNsFJ
EcnBzzxCtpNnTl37wb5Wv9Zp5t1AiMQtzln37VyS1UD3EnUhVKSu1zFIz1rjDCfJ
ywD64oHe9XKiZknUj8w9S0px+Jv2LD+GRlzF6TYK4ZD9jCZorNH35lmmfqFgh+HW
eGik9tFHNjKgOGOmzM1sHfZFUYfEsu8ySW1bsToOPs9GV/25JH4XqcdowlSEDN7y
mMQrnbm5AYMFH8LaW+sDt1OcIftvP7ZqKmsYH6iUWi7San0gNEXST0ObvwIDAQAB
o4ICbDCCAmgwHQYDVR0OBBYEFAkPr6IAuopiK5Ol0fT29pQvcJYYMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvQ1Etdm9nQzZpbUlyazZYUjlQYjJsQzl3bGhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGBBggrBgEFBQcBBwEB/wRyMHAwbgQCAAEwaAMEApfxgAME
AJfyBAMEAJfyDgMEAJfyEQMEAJfyGwMEAJfyIAMEAJfyKAMEAJfyQAMEAZfyTgME
AJfyUgMEAJfyiwMEAJfzLAMEAJfzcwMEAJf0AzAMAwQHl/SAAwQAl/SCAwQDl/V4
MA0GCSqGSIb3DQEBCwUAA4IBAQCj5ZFAPHszdVFoIKTjfqnChLpK6Metaym5dEWK
jKzLeECV8r/dUCeZxVLbJoxYdnO9l0i4b8uMSrxf9vsFzIy4ru3EE1jlydpSBezX
93sxq0yk7jNdEEP/Du1kPOvBdeK6T94EQehSfse1JNSSWCmzRmMtsJqENJjb/MHC
Q1bHgbWKID7+ckMTqN/Don6Rp8qw7Rx5Of5fYM0eXYN/b8T8liC4SZTDMv3gBFVh
Z670xOpDlPJc0x6CdyZ8aqsVoo6tzMy7jghv+sbCsiatvCHpCpcC+COZQ/wqIrIF
t+wv9LaYKyLIGsK5E+3seLlMhADpwjZhCUq2aEmtbz9e4X6j
-----END CERTIFICATE-----
Generated at Sun Jul 20 15:00:10 2025 by rpki-client