Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/K_8wwiU_thLpmJ9YoRd8Q2E8WGY.roa
File: K_8wwiU_thLpmJ9YoRd8Q2E8WGY.roa (raw, json)
Hash identifier: oFbAc50amjnNxMfSDerqqqWsTWGg+tNenyBnvj+hNVA=
Subject key identifier: 2B:FF:30:C2:25:3F:B6:12:E9:98:9F:58:A1:17:7C:43:61:3C:58:66
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 01982C0C6348DF613E65A6D238839BA4F0F7
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/K_8wwiU_thLpmJ9YoRd8Q2E8WGY.roa
Signing time: Mon 21 Jul 2025 08:14:25 +0000
ROA not before: Mon 21 Jul 2025 08:14:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 395839
IP address blocks: 151.242.120.0/24 maxlen: 24
151.242.200.0/24 maxlen: 24
151.242.201.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Jul 2025 11:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:2c:0c:63:48:df:61:3e:65:a6:d2:38:83:9b:a4:f0:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Jul 21 08:14:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2bff30c2253fb612e9989f58a1177c43613c5866
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:1d:ec:b8:2f:fb:64:fb:43:f8:d2:9a:85:a1:
d6:ff:a1:44:0b:a3:b6:ab:be:e2:3d:dd:da:e0:41:
26:7d:55:03:fb:1a:20:0b:db:f9:2d:7e:34:b6:94:
7a:25:f2:9e:9b:b5:99:4c:1b:ef:ee:ec:60:3a:08:
f1:c2:10:5d:15:cd:97:20:f6:2c:69:4b:c5:86:de:
ac:86:46:ba:f0:26:42:06:da:e5:b5:fc:29:6e:71:
c8:c2:be:83:86:09:d4:1b:d3:7b:2a:c4:d3:1f:30:
ad:13:f0:b7:57:4e:d9:f7:df:49:16:57:44:6d:f5:
d6:88:fd:5d:45:96:9b:71:d5:ab:93:fb:42:f8:43:
fc:70:e3:03:6e:c6:18:69:05:cc:c4:c6:a8:c1:ff:
b3:72:80:43:47:4b:13:0b:11:da:80:65:1d:13:b8:
38:67:73:ec:0a:ff:b7:f7:2a:45:d7:aa:88:8b:87:
8e:33:58:c9:d2:ff:87:20:8d:c9:7b:e6:9d:8a:b0:
e8:a1:f8:58:b3:6c:98:52:84:37:b7:46:b6:b0:92:
ba:6e:c8:ea:f9:8d:6a:bf:4c:6f:e6:94:78:b3:83:
45:1b:5d:d1:08:da:b8:5e:66:ac:7c:00:d9:7b:6c:
2b:06:43:15:7a:e8:8e:8e:4e:59:73:66:f0:b5:5a:
68:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:FF:30:C2:25:3F:B6:12:E9:98:9F:58:A1:17:7C:43:61:3C:58:66
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/K_8wwiU_thLpmJ9YoRd8Q2E8WGY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.242.120.0/24
151.242.200.0/23
Signature Algorithm: sha256WithRSAEncryption
10:81:fa:66:39:06:3d:c7:9c:c1:b7:32:51:a0:93:8e:dc:ae:
2f:40:dc:bd:36:a3:34:84:ae:b3:24:9c:95:27:4b:2b:e2:d3:
13:55:bd:28:a7:03:78:97:a8:e0:7b:da:d8:f1:5f:96:dd:b0:
c6:df:ed:44:0f:a3:75:44:2c:43:9b:7e:70:19:c3:53:3e:18:
3e:9d:cf:10:b9:e4:69:bd:96:18:ec:94:2f:8b:9f:b0:e8:43:
86:5b:52:01:ad:bf:ef:c9:0e:6e:8c:ab:86:da:73:ca:88:0c:
38:2a:93:16:09:25:ca:19:ee:06:6f:7a:9e:d6:2d:80:0e:1f:
3e:78:00:bf:3b:12:a7:bf:34:f8:d4:b5:02:a0:e4:d9:15:60:
40:38:58:d0:76:79:5a:9d:cb:f4:28:0d:eb:c8:85:bf:9f:81:
4f:63:9e:d5:ce:01:71:fe:60:f2:f7:6f:54:9d:51:90:a4:30:
b6:ce:f7:d1:46:15:bd:13:34:a7:f9:b6:57:5f:a0:74:20:8f:
70:df:17:11:b3:75:1b:dc:41:e0:02:74:d5:31:61:3c:83:1d:
84:b6:27:49:c9:37:9d:d1:ef:11:5f:cb:04:2a:4c:33:86:a8:
44:17:cf:b6:43:ec:54:f3:e2:b6:cc:d8:50:02:7e:31:90:7a:
ee:73:6a:52
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZgsDGNI32E+ZabSOIObpPD3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNzIxMDgxNDI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYmZmMzBjMjI1M2ZiNjEyZTk5ODlmNThhMTE3N2M0MzYxM2M1ODY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtB3suC/7ZPtD+NKahaHW/6FEC6O2
q77iPd3a4EEmfVUD+xogC9v5LX40tpR6JfKem7WZTBvv7uxgOgjxwhBdFc2XIPYs
aUvFht6shka68CZCBtrltfwpbnHIwr6DhgnUG9N7KsTTHzCtE/C3V07Z999JFldE
bfXWiP1dRZabcdWrk/tC+EP8cOMDbsYYaQXMxMaowf+zcoBDR0sTCxHagGUdE7g4
Z3PsCv+39ypF16qIi4eOM1jJ0v+HII3Je+adirDoofhYs2yYUoQ3t0a2sJK6bsjq
+Y1qv0xv5pR4s4NFG13RCNq4XmasfADZe2wrBkMVeuiOjk5Zc2bwtVpoNQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCv/MMIlP7YS6ZifWKEXfENhPFhmMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvS184d3dpVV90aExwbUo5WW9SZDhRMkU4V0dZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAl/J4AwQB
l/LIMA0GCSqGSIb3DQEBCwUAA4IBAQAQgfpmOQY9x5zBtzJRoJOO3K4vQNy9NqM0
hK6zJJyVJ0sr4tMTVb0opwN4l6jge9rY8V+W3bDG3+1ED6N1RCxDm35wGcNTPhg+
nc8QueRpvZYY7JQvi5+w6EOGW1IBrb/vyQ5ujKuG2nPKiAw4KpMWCSXKGe4Gb3qe
1i2ADh8+eAC/OxKnvzT41LUCoOTZFWBAOFjQdnlancv0KA3ryIW/n4FPY57VzgFx
/mDy929UnVGQpDC2zvfRRhW9EzSn+bZXX6B0II9w3xcRs3Ub3EHgAnTVMWE8gx2E
tidJyTed0e8RX8sEKkwzhqhEF8+2Q+xU8+K2zNhQAn4xkHruc2pS
-----END CERTIFICATE-----
Generated at Sat Jul 26 20:36:18 2025 by rpki-client