Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/M2SYTLoUFFjxJCh14-Z44bSVAak.roa
File: M2SYTLoUFFjxJCh14-Z44bSVAak.roa (raw, json)
Hash identifier: Sf/T/G0Z4PDkHodpSmB47ePXSq574m/zB7rNbMc95G4=
Subject key identifier: 33:64:98:4C:BA:14:14:58:F1:24:28:75:E3:E6:78:E1:B4:95:01:A9
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0197EE55C34C19C8CB77B1B6FC654D20B292
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/M2SYTLoUFFjxJCh14-Z44bSVAak.roa
Signing time: Wed 09 Jul 2025 08:38:07 +0000
ROA not before: Wed 09 Jul 2025 08:38:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 216059
IP address blocks: 151.243.108.0/23 maxlen: 23
151.244.236.0/23 maxlen: 23
151.244.242.0/23 maxlen: 23
151.244.244.0/23 maxlen: 23
151.244.246.0/23 maxlen: 23
151.244.248.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 13:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:ee:55:c3:4c:19:c8:cb:77:b1:b6:fc:65:4d:20:b2:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Jul 9 08:38:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3364984cba141458f1242875e3e678e1b49501a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:ba:2e:b0:fd:7e:c5:96:bb:2e:0c:39:87:2c:
3c:63:14:9f:bd:8f:d7:6c:59:e2:5d:0e:21:75:e1:
a3:f4:6d:61:a4:2c:24:ee:5d:56:c7:9b:a1:87:c1:
95:fb:52:aa:43:ff:3d:78:4d:80:04:7a:78:09:cb:
bf:4d:0f:58:c1:49:c4:3f:04:f5:89:d2:66:75:68:
c0:1c:53:9f:d7:17:66:ec:01:b1:05:8f:e1:6d:3d:
17:b9:f1:54:94:be:01:b9:cc:56:ae:93:3d:86:01:
a5:00:88:6d:03:b5:3d:42:0d:01:46:58:c0:c3:5a:
58:db:31:5b:4b:a3:90:45:74:7a:e7:86:c3:4a:25:
fe:5e:17:bd:20:0b:87:88:46:bb:e3:6f:55:40:ad:
17:92:c8:85:0b:5b:dd:01:d6:de:34:4c:fe:00:a3:
35:b8:da:30:a9:9d:9f:75:ba:57:dc:72:e1:4a:29:
9e:6e:c3:05:6f:c0:f1:30:01:fa:e2:a8:8d:b9:9f:
ce:f9:e2:81:7e:17:31:ae:5d:b6:02:c7:56:c6:29:
17:31:fa:2d:5b:3c:c8:03:65:4f:9d:ed:74:52:65:
3f:6c:66:42:d2:c8:1f:22:3f:fc:73:00:5c:73:38:
d4:62:f7:8e:23:f7:71:60:2b:0b:8a:ab:bd:d5:a5:
16:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:64:98:4C:BA:14:14:58:F1:24:28:75:E3:E6:78:E1:B4:95:01:A9
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/M2SYTLoUFFjxJCh14-Z44bSVAak.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.243.108.0/23
151.244.236.0/23
151.244.242.0-151.244.249.255
Signature Algorithm: sha256WithRSAEncryption
7f:ab:57:27:4e:b8:1b:00:17:56:5b:e2:06:cc:63:4e:e6:9b:
b3:12:d3:ec:93:63:72:75:ef:68:16:e8:36:75:65:ad:d7:57:
d2:51:00:11:8d:66:8e:8f:3d:6e:4f:ac:99:90:67:8b:2d:7a:
ab:50:5c:51:51:f0:33:a6:56:77:bb:dd:54:99:93:f2:fd:a2:
3b:52:eb:c7:9f:60:62:a7:61:93:47:6f:53:85:e8:77:ea:33:
cd:94:3b:4e:36:e6:f7:1e:70:7e:7f:9a:48:2c:63:6c:5a:53:
5b:30:51:cf:9e:a2:1e:d6:62:da:59:e8:d5:6f:aa:b8:1e:30:
ba:91:51:f6:10:71:5b:48:7d:d9:98:e9:32:33:78:dd:df:79:
3c:fe:b5:9c:85:71:fa:90:22:fc:f7:a0:4c:9c:ed:cd:aa:b0:
44:30:62:db:74:c2:52:40:f2:ed:ed:25:65:4e:95:93:de:eb:
19:82:48:80:6f:89:09:08:f7:75:e0:79:34:3a:67:df:ab:b0:
a8:9b:cc:34:30:d0:f9:18:fb:8b:70:8c:94:55:de:30:ba:47:
f4:66:38:47:cc:44:79:8d:8d:a1:e2:04:41:de:4c:fa:1d:c4:
cf:6e:16:c8:83:98:1b:43:47:f7:c8:17:18:53:80:06:69:5b:
46:16:03:fa
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZfuVcNMGcjLd7G2/GVNILKSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNzA5MDgzODA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzY0OTg0Y2JhMTQxNDU4ZjEyNDI4NzVlM2U2NzhlMWI0OTUwMWE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsLousP1+xZa7Lgw5hyw8YxSfvY/X
bFniXQ4hdeGj9G1hpCwk7l1Wx5uhh8GV+1KqQ/89eE2ABHp4Ccu/TQ9YwUnEPwT1
idJmdWjAHFOf1xdm7AGxBY/hbT0XufFUlL4BucxWrpM9hgGlAIhtA7U9Qg0BRljA
w1pY2zFbS6OQRXR654bDSiX+Xhe9IAuHiEa7429VQK0XksiFC1vdAdbeNEz+AKM1
uNowqZ2fdbpX3HLhSimebsMFb8DxMAH64qiNuZ/O+eKBfhcxrl22AsdWxikXMfot
WzzIA2VPne10UmU/bGZC0sgfIj/8cwBcczjUYveOI/dxYCsLiqu91aUWZQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFDNkmEy6FBRY8SQodePmeOG0lQGpMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvTTJTWVRMb1VGRmp4SkNoMTQtWjQ0YlNWQWFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQBl/NsAwQB
l/TsMAwDBAGX9PIDBAGX9PgwDQYJKoZIhvcNAQELBQADggEBAH+rVydOuBsAF1Zb
4gbMY07mm7MS0+yTY3J172gW6DZ1Za3XV9JRABGNZo6PPW5PrJmQZ4steqtQXFFR
8DOmVne73VSZk/L9ojtS68efYGKnYZNHb1OF6HfqM82UO0425vcecH5/mkgsY2xa
U1swUc+eoh7WYtpZ6NVvqrgeMLqRUfYQcVtIfdmY6TIzeN3feTz+tZyFcfqQIvz3
oEyc7c2qsEQwYtt0wlJA8u3tJWVOlZPe6xmCSIBviQkI93XgeTQ6Z9+rsKibzDQw
0PkY+4twjJRV3jC6R/RmOEfMRHmNjaHiBEHeTPodxM9uFsiDmBtDR/fIFxhTgAZp
W0YWA/o=
-----END CERTIFICATE-----
Generated at Sun Jul 20 22:27:42 2025 by rpki-client