
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/MSrOjj_SlSg0CpmLrPaSrAEnGtA.roa
File: MSrOjj_SlSg0CpmLrPaSrAEnGtA.roa (raw, json)
Hash identifier: SNdEDRHFdG4y8DMaT4uSFD961fZGMd0lyc4zZMLulVs=
Subject key identifier: 31:2A:CE:8E:3F:D2:95:28:34:0A:99:8B:AC:F6:92:AC:01:27:1A:D0
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 01982CF144C12A97EFD7B57A3085EAA9B25C
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/MSrOjj_SlSg0CpmLrPaSrAEnGtA.roa
Signing time: Mon 21 Jul 2025 12:24:25 +0000
ROA not before: Mon 21 Jul 2025 12:24:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39798
IP address blocks: 151.241.1.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 24 Jul 2025 10:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:2c:f1:44:c1:2a:97:ef:d7:b5:7a:30:85:ea:a9:b2:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Jul 21 12:24:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=312ace8e3fd29528340a998bacf692ac01271ad0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:da:74:38:d8:ee:80:c7:ae:9f:ae:95:ad:e5:
b6:97:98:b8:f8:dd:0a:c1:f5:77:4d:a8:66:07:75:
c9:db:c0:73:40:27:5f:c6:6b:d5:82:ef:ae:da:d4:
12:4c:6c:14:71:93:f4:24:cb:fc:20:6b:42:2c:3c:
18:03:b9:cf:50:c7:f6:af:ef:de:fc:31:48:7e:d0:
74:d5:e8:ab:5e:cb:43:60:d0:00:2a:dd:05:70:ba:
31:90:a9:5a:28:fa:87:19:59:24:cc:7c:37:e6:59:
71:49:cd:e2:db:c5:2d:34:a3:8c:7d:a9:2e:6c:44:
fc:dc:29:f0:ed:5d:84:9f:51:8d:80:6b:05:55:80:
7d:45:35:75:66:7e:48:71:93:60:ed:ed:72:89:d4:
6b:02:20:e7:72:ec:d5:fe:3c:e1:ad:59:ed:08:65:
86:0a:78:d4:4f:0e:59:ee:38:17:ab:4f:a2:04:06:
36:bb:82:a9:7f:13:f2:2f:d5:ea:d8:5a:fc:29:58:
8c:c4:af:90:18:d9:79:c0:bf:be:83:5d:9c:99:af:
49:1a:d0:b1:0a:9b:ab:24:1c:8e:5f:cf:0a:c3:ab:
1a:ec:26:6b:ad:d2:66:28:43:1e:cd:a2:27:8f:28:
5c:3b:96:d3:ff:32:c0:73:ff:34:7f:4f:22:c9:6d:
44:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:2A:CE:8E:3F:D2:95:28:34:0A:99:8B:AC:F6:92:AC:01:27:1A:D0
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/MSrOjj_SlSg0CpmLrPaSrAEnGtA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.241.1.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:da:e5:38:19:7a:26:95:f9:42:9a:92:f5:cb:e4:45:97:33:
e6:e1:6f:a1:db:c2:54:db:74:a1:0f:48:6b:d9:05:4c:fd:ed:
5f:8e:61:90:66:a9:ae:3c:f6:d2:7c:b2:cb:9e:d6:7f:89:48:
08:3f:58:9f:84:69:27:62:5c:ff:d3:99:c8:75:f3:84:7f:2b:
d3:e1:30:f2:66:f3:ae:c9:48:27:97:94:32:0e:1e:a3:47:b2:
9d:75:50:25:8a:b7:10:9c:8c:10:db:04:e1:2b:98:09:4a:d6:
2d:48:16:ea:dd:3f:7f:c8:67:ca:84:19:b3:58:2a:51:45:30:
69:2d:4c:be:04:0e:25:5d:6a:cd:63:39:5c:53:bd:11:74:87:
b9:2d:07:5e:e3:37:46:58:9f:11:4c:c1:f2:f9:cf:a1:6a:ba:
08:e5:2b:59:66:a5:e4:04:ea:fb:f3:ad:81:db:ef:a9:02:5f:
18:f1:2b:d5:6f:56:14:66:66:ed:b0:76:65:0e:48:9a:8d:56:
a3:a4:c0:cf:06:0c:bd:7b:52:bb:6b:df:38:de:95:1c:40:68:
22:4a:19:b4:59:d8:97:b1:09:67:1e:0b:a0:e8:2e:33:a2:75:
ac:2f:b7:0e:d3:08:44:9d:35:50:0a:48:4b:36:95:a0:8f:ea:
19:18:c1:81
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZgs8UTBKpfv17V6MIXqqbJcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNzIxMTIyNDI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTJhY2U4ZTNmZDI5NTI4MzQwYTk5OGJhY2Y2OTJhYzAxMjcxYWQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAodp0ONjugMeun66VreW2l5i4+N0K
wfV3TahmB3XJ28BzQCdfxmvVgu+u2tQSTGwUcZP0JMv8IGtCLDwYA7nPUMf2r+/e
/DFIftB01eirXstDYNAAKt0FcLoxkKlaKPqHGVkkzHw35llxSc3i28UtNKOMfaku
bET83Cnw7V2En1GNgGsFVYB9RTV1Zn5IcZNg7e1yidRrAiDncuzV/jzhrVntCGWG
CnjUTw5Z7jgXq0+iBAY2u4KpfxPyL9Xq2Fr8KViMxK+QGNl5wL++g12cma9JGtCx
CpurJByOX88Kw6sa7CZrrdJmKEMezaInjyhcO5bT/zLAc/80f08iyW1EzQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDEqzo4/0pUoNAqZi6z2kqwBJxrQMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvTVNyT2pqX1NsU2cwQ3BtTHJQYVNyQUVuR3RBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAl/EBMA0G
CSqGSIb3DQEBCwUAA4IBAQBu2uU4GXomlflCmpL1y+RFlzPm4W+h28JU23ShD0hr
2QVM/e1fjmGQZqmuPPbSfLLLntZ/iUgIP1ifhGknYlz/05nIdfOEfyvT4TDyZvOu
yUgnl5QyDh6jR7KddVAlircQnIwQ2wThK5gJStYtSBbq3T9/yGfKhBmzWCpRRTBp
LUy+BA4lXWrNYzlcU70RdIe5LQde4zdGWJ8RTMHy+c+haroI5StZZqXkBOr7862B
2++pAl8Y8SvVb1YUZmbtsHZlDkiajVajpMDPBgy9e1K7a9843pUcQGgiShm0WdiX
sQlnHgug6C4zonWsL7cO0whEnTVQCkhLNpWgj+oZGMGB
-----END CERTIFICATE-----
Generated at Wed Jul 23 18:51:35 2025 by rpki-client