Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/PSbs5uOtdpdypZABcQUNfy95Td8.roa
File: PSbs5uOtdpdypZABcQUNfy95Td8.roa (raw, json)
Hash identifier: XT7ChGFHv77UaDAH7bBXfzDmIjFuCWdxWmHM2G7dAT0=
Subject key identifier: 3D:26:EC:E6:E3:AD:76:97:72:A5:90:01:71:05:0D:7F:2F:79:4D:DF
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019831191DC257807D0D6DF9459AB767A160
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/PSbs5uOtdpdypZABcQUNfy95Td8.roa
Signing time: Tue 22 Jul 2025 07:46:26 +0000
ROA not before: Tue 22 Jul 2025 07:46:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214432
IP address blocks: 151.240.73.0/24 maxlen: 24
151.240.78.0/24 maxlen: 24
151.240.144.0/24 maxlen: 24
151.244.62.0/24 maxlen: 24
151.244.75.0/24 maxlen: 24
151.244.87.0/24 maxlen: 24
151.245.102.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 24 Jul 2025 10:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:31:19:1d:c2:57:80:7d:0d:6d:f9:45:9a:b7:67:a1:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Jul 22 07:46:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3d26ece6e3ad769772a5900171050d7f2f794ddf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:c6:68:29:76:f5:25:1b:5e:8a:d2:21:a2:ce:
ad:71:bc:06:87:9f:ab:6f:39:0b:e9:62:15:db:a6:
1e:41:0d:66:54:33:00:e7:01:76:98:be:48:8d:a5:
d2:22:34:47:71:11:d7:56:5c:e3:f0:52:fd:53:f1:
53:67:5c:a9:d9:23:b2:38:40:01:e6:06:f5:0b:08:
9b:06:9a:78:af:88:04:74:bf:da:1e:0c:2b:1f:3f:
e5:8c:e0:75:aa:3c:6e:f2:e1:25:85:91:b2:ce:55:
3a:f2:8b:9d:41:59:1c:58:21:d5:48:4a:84:3d:37:
3b:3d:49:07:5c:07:21:aa:4f:52:ad:69:17:96:4a:
26:d6:37:a8:4d:17:08:d6:30:73:dc:05:cc:8d:24:
4c:bb:64:13:0f:4d:80:6b:09:db:73:bb:f3:f3:4b:
84:da:65:4d:a4:3c:87:40:60:c9:d9:ea:12:da:17:
08:d6:fc:51:c4:8d:98:d7:9c:77:4c:57:7d:80:40:
59:d4:e5:64:f8:01:89:fc:a2:f3:7a:35:d6:9e:1a:
d5:f7:6d:1b:06:8f:6e:ff:1b:e3:eb:eb:b0:02:e1:
3b:d7:fc:08:36:e7:45:29:77:0f:35:5c:9b:77:a7:
58:dc:e0:e4:d2:3a:bc:2b:35:3b:19:01:2e:b3:ba:
30:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:26:EC:E6:E3:AD:76:97:72:A5:90:01:71:05:0D:7F:2F:79:4D:DF
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/PSbs5uOtdpdypZABcQUNfy95Td8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.240.73.0/24
151.240.78.0/24
151.240.144.0/24
151.244.62.0/24
151.244.75.0/24
151.244.87.0/24
151.245.102.0/24
Signature Algorithm: sha256WithRSAEncryption
02:9c:11:0c:9c:52:38:0b:57:44:bd:08:ce:7c:43:f2:66:ce:
c8:cb:de:79:95:33:66:c2:7f:4d:22:06:2c:b1:71:90:c7:60:
c3:54:5a:6e:b4:43:c8:f3:b9:87:60:c2:3c:d7:4b:64:87:a2:
57:99:ef:84:14:7c:06:c0:5b:1f:47:6a:b7:88:b0:b0:68:80:
65:3e:cd:e9:71:99:69:42:f0:05:e1:74:64:79:ad:d1:d4:86:
92:a7:b9:0e:63:a2:d9:12:df:25:fe:27:1e:af:e6:15:d3:93:
94:30:01:24:63:5c:bc:e4:99:a9:16:95:ad:65:e3:ee:2b:ea:
5e:68:48:85:a6:d4:cc:cb:81:b0:94:aa:e7:0c:78:80:1e:ec:
8a:46:db:0c:08:13:1b:8e:8f:0f:0d:70:0d:9d:25:1b:92:66:
68:d8:16:85:7f:a0:82:1a:09:89:65:bc:6b:b3:a6:be:d8:2a:
30:2a:82:d0:e7:54:3c:11:f1:2b:2f:7c:7b:87:dd:da:0d:8e:
7d:e9:8a:f9:32:0d:a3:1e:cf:f2:d5:cc:5f:ec:ba:c0:17:42:
a7:1f:85:9a:e8:80:67:c4:17:88:27:0b:61:ad:35:9f:6b:e5:
f5:e2:c5:40:34:ee:f8:d7:f4:37:d5:b7:b2:a7:da:ec:7d:80:
dc:3b:c2:d4
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZgxGR3CV4B9DW35RZq3Z6FgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNzIyMDc0NjI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDI2ZWNlNmUzYWQ3Njk3NzJhNTkwMDE3MTA1MGQ3ZjJmNzk0ZGRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApcZoKXb1JRteitIhos6tcbwGh5+r
bzkL6WIV26YeQQ1mVDMA5wF2mL5IjaXSIjRHcRHXVlzj8FL9U/FTZ1yp2SOyOEAB
5gb1CwibBpp4r4gEdL/aHgwrHz/ljOB1qjxu8uElhZGyzlU68oudQVkcWCHVSEqE
PTc7PUkHXAchqk9SrWkXlkom1jeoTRcI1jBz3AXMjSRMu2QTD02Aawnbc7vz80uE
2mVNpDyHQGDJ2eoS2hcI1vxRxI2Y15x3TFd9gEBZ1OVk+AGJ/KLzejXWnhrV920b
Bo9u/xvj6+uwAuE71/wINudFKXcPNVybd6dY3ODk0jq8KzU7GQEus7owPQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFD0m7ObjrXaXcqWQAXEFDX8veU3fMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvUFNiczV1T3RkcGR5cFpBQmNRVU5meTk1VGQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAl/BJAwQA
l/BOAwQAl/CQAwQAl/Q+AwQAl/RLAwQAl/RXAwQAl/VmMA0GCSqGSIb3DQEBCwUA
A4IBAQACnBEMnFI4C1dEvQjOfEPyZs7Iy955lTNmwn9NIgYssXGQx2DDVFputEPI
87mHYMI810tkh6JXme+EFHwGwFsfR2q3iLCwaIBlPs3pcZlpQvAF4XRkea3R1IaS
p7kOY6LZEt8l/icer+YV05OUMAEkY1y85JmpFpWtZePuK+peaEiFptTMy4GwlKrn
DHiAHuyKRtsMCBMbjo8PDXANnSUbkmZo2BaFf6CCGgmJZbxrs6a+2CowKoLQ51Q8
EfErL3x7h93aDY596Yr5Mg2jHs/y1cxf7LrAF0KnH4Wa6IBnxBeIJwthrTWfa+X1
4sVANO741/Q31beyp9rsfYDcO8LU
-----END CERTIFICATE-----
Generated at Wed Jul 23 19:38:40 2025 by rpki-client