Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/O-ScXtS53N9Javp_I61W2GhPR08.roa
File: O-ScXtS53N9Javp_I61W2GhPR08.roa (raw, json)
Hash identifier: 7VH/7fS4fl4/Ue8NkSXbw5cZnhApr/Zz3r4GdBo9+hU=
Subject key identifier: 3B:E4:9C:5E:D4:B9:DC:DF:49:6A:FA:7F:23:AD:56:D8:68:4F:47:4F
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 01994168E51CC9573EE6D84BF34172A969E1
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/O-ScXtS53N9Javp_I61W2GhPR08.roa
Signing time: Sat 13 Sep 2025 04:50:17 +0000
ROA not before: Sat 13 Sep 2025 04:50:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14618
IP address blocks: 151.240.128.0/21 maxlen: 24
151.240.136.0/21 maxlen: 24
151.240.171.0/24 maxlen: 24
151.241.105.0/24 maxlen: 24
151.241.106.0/24 maxlen: 24
151.241.107.0/24 maxlen: 24
151.241.132.0/22 maxlen: 22
151.242.56.0/24 maxlen: 24
151.242.70.0/24 maxlen: 24
151.242.71.0/24 maxlen: 24
151.242.135.0/24 maxlen: 24
151.243.8.0/23 maxlen: 23
151.243.204.0/23 maxlen: 23
151.244.56.0/24 maxlen: 24
151.245.2.0/24 maxlen: 24
151.245.22.0/24 maxlen: 24
151.245.56.0/22 maxlen: 22
151.245.185.0/24 maxlen: 24
151.245.187.0/24 maxlen: 24
151.245.188.0/24 maxlen: 24
151.247.133.0/24 maxlen: 24
151.247.134.0/24 maxlen: 24
151.247.135.0/24 maxlen: 24
151.247.188.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 Oct 2025 13:21:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:41:68:e5:1c:c9:57:3e:e6:d8:4b:f3:41:72:a9:69:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Sep 13 04:50:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3be49c5ed4b9dcdf496afa7f23ad56d8684f474f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:67:7b:be:52:e4:b4:56:6c:b0:2c:71:75:a1:
eb:6f:87:4e:e1:79:f4:37:ce:5b:39:d1:7e:36:6a:
99:34:71:48:18:37:c0:0f:b3:70:71:5b:af:29:bf:
1d:33:90:5a:a1:34:aa:4c:55:6b:67:a2:df:9e:3f:
f2:69:ee:79:fe:d9:c4:16:0e:66:ac:19:23:6d:96:
ee:9a:f2:8f:9f:63:e9:66:e0:66:3e:a1:a1:3b:1d:
44:c6:26:c2:8a:77:3b:cf:a7:98:d2:a0:4a:8a:bc:
a2:ec:f8:21:cf:a1:00:5a:12:38:00:0d:22:af:e6:
5f:fd:fe:fc:96:fa:60:03:0a:6e:24:c7:2f:37:fa:
f4:b6:52:67:7d:1f:71:ac:cf:0d:92:d5:17:ae:c6:
6d:fd:58:18:71:b9:b5:65:2c:ab:11:9e:0f:e1:ab:
46:f9:73:b1:dd:f6:71:b9:d4:32:9e:6c:99:fa:65:
43:a8:ef:a2:cb:4d:ca:8c:f7:76:e2:c0:ff:17:04:
8b:b5:0e:b7:0d:e8:ee:82:f6:1d:63:1f:65:80:f3:
1b:4e:84:87:7e:9c:3d:79:a2:b8:67:99:f8:d4:c0:
12:50:0b:c5:03:d2:0f:51:f5:9f:8e:8c:bf:87:c2:
88:8f:de:5e:0c:85:21:c8:78:3c:96:bb:47:d3:a4:
df:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:E4:9C:5E:D4:B9:DC:DF:49:6A:FA:7F:23:AD:56:D8:68:4F:47:4F
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/O-ScXtS53N9Javp_I61W2GhPR08.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.240.128.0/20
151.240.171.0/24
151.241.105.0-151.241.107.255
151.241.132.0/22
151.242.56.0/24
151.242.70.0/23
151.242.135.0/24
151.243.8.0/23
151.243.204.0/23
151.244.56.0/24
151.245.2.0/24
151.245.22.0/24
151.245.56.0/22
151.245.185.0/24
151.245.187.0-151.245.188.255
151.247.133.0-151.247.135.255
151.247.188.0/22
Signature Algorithm: sha256WithRSAEncryption
04:05:29:3e:10:8e:98:8b:b8:b0:6b:91:ad:a9:d0:52:27:71:
21:24:ba:3a:b3:04:c3:21:65:5d:16:f1:01:b6:d1:64:bb:9d:
98:85:4c:2e:17:d9:e4:c7:96:8e:a1:c4:4d:23:61:e3:f8:84:
2e:be:ce:69:2a:8f:79:42:14:fe:83:9a:df:78:47:93:b1:8f:
6a:d5:33:81:9f:89:f1:b4:f6:46:fe:79:59:41:7d:a4:82:3e:
28:a0:4b:71:47:28:c3:ef:6b:f9:6b:ba:33:24:ef:1e:45:4f:
82:85:da:35:f3:18:58:61:f4:5a:ae:50:2d:79:3c:b0:b5:4c:
8f:c4:ab:b2:d7:0d:97:a0:5a:a5:65:a3:ed:71:fd:19:0e:5a:
f7:52:d1:76:3b:38:a7:35:80:22:5c:e9:94:06:4b:53:03:77:
94:42:90:13:0d:76:89:72:34:7e:23:74:51:89:6a:b6:15:9d:
96:b6:83:b9:d7:62:fd:f3:81:03:ee:92:98:e5:a4:a4:c9:f5:
89:c0:11:7b:b9:f4:1c:f3:10:40:c0:04:86:23:64:98:0d:f6:
38:0d:d9:cf:26:c4:75:08:a1:35:af:88:e1:d7:5a:a9:ca:ac:
bd:d6:cc:89:87:57:2e:4d:ce:0a:a1:03:f2:96:46:7f:4c:08:
de:1a:7a:57
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgISAZlBaOUcyVc+5thL80FyqWnhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwOTEzMDQ1MDE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmU0OWM1ZWQ0YjlkY2RmNDk2YWZhN2YyM2FkNTZkODY4NGY0NzRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsWd7vlLktFZssCxxdaHrb4dO4Xn0
N85bOdF+NmqZNHFIGDfAD7NwcVuvKb8dM5BaoTSqTFVrZ6Lfnj/yae55/tnEFg5m
rBkjbZbumvKPn2PpZuBmPqGhOx1ExibCinc7z6eY0qBKiryi7Pghz6EAWhI4AA0i
r+Zf/f78lvpgAwpuJMcvN/r0tlJnfR9xrM8NktUXrsZt/VgYcbm1ZSyrEZ4P4atG
+XOx3fZxudQynmyZ+mVDqO+iy03KjPd24sD/FwSLtQ63DejugvYdYx9lgPMbToSH
fpw9eaK4Z5n41MASUAvFA9IPUfWfjoy/h8KIj95eDIUhyHg8lrtH06TfSQIDAQAB
o4IChTCCAoEwHQYDVR0OBBYEFDvknF7UudzfSWr6fyOtVthoT0dPMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvTy1TY1h0UzUzTjlKYXZwX0k2MVcyR2hQUjA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGaBggrBgEFBQcBBwEB/wSBijCBhzCBhAQCAAEwfgMEBJfw
gAMEAJfwqzAMAwQAl/FpAwQCl/FoAwQCl/GEAwQAl/I4AwQBl/JGAwQAl/KHAwQB
l/MIAwQBl/PMAwQAl/Q4AwQAl/UCAwQAl/UWAwQCl/U4AwQAl/W5MAwDBACX9bsD
BACX9bwwDAMEAJf3hQMEA5f3gAMEApf3vDANBgkqhkiG9w0BAQsFAAOCAQEABAUp
PhCOmIu4sGuRranQUidxISS6OrMEwyFlXRbxAbbRZLudmIVMLhfZ5MeWjqHETSNh
4/iELr7OaSqPeUIU/oOa33hHk7GPatUzgZ+J8bT2Rv55WUF9pII+KKBLcUcow+9r
+Wu6MyTvHkVPgoXaNfMYWGH0Wq5QLXk8sLVMj8SrstcNl6BapWWj7XH9GQ5a91LR
djs4pzWAIlzplAZLUwN3lEKQEw12iXI0fiN0UYlqthWdlraDuddi/fOBA+6SmOWk
pMn1icARe7n0HPMQQMAEhiNkmA32OA3ZzybEdQihNa+I4ddaqcqsvdbMiYdXLk3O
CqED8pZGf0wI3hp6Vw==
-----END CERTIFICATE-----
Generated at Wed Oct 8 21:28:35 2025 by rpki-client