Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/QXCbjGbiZ_b2IQc5k1LEB6-aEco.roa
File: QXCbjGbiZ_b2IQc5k1LEB6-aEco.roa (raw, json)
Hash identifier: /WbM6I5fBmaULlbBbqGx836HxZ+4fsplHzJC75BueMo=
Subject key identifier: 41:70:9B:8C:66:E2:67:F6:F6:21:07:39:93:52:C4:07:AF:9A:11:CA
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 01982C12CC36E953547FA312E306DCEA87FB
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/QXCbjGbiZ_b2IQc5k1LEB6-aEco.roa
Signing time: Mon 21 Jul 2025 08:21:26 +0000
ROA not before: Mon 21 Jul 2025 08:21:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209612
IP address blocks: 151.242.136.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Jul 2025 20:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:2c:12:cc:36:e9:53:54:7f:a3:12:e3:06:dc:ea:87:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Jul 21 08:21:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=41709b8c66e267f6f62107399352c407af9a11ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:f7:0a:14:68:5a:f5:d4:61:6f:3a:f4:2d:3a:
ad:50:ee:fe:f2:a9:d0:45:58:de:ab:93:35:cc:51:
b7:dd:ab:08:ef:52:d2:46:60:24:3c:b0:aa:59:98:
d9:57:ff:96:df:d7:08:26:5d:11:c5:0f:79:bd:c0:
05:fe:51:e4:91:90:63:89:d9:82:e1:c1:b9:8a:c8:
fe:5a:28:2e:7b:c6:8a:f8:08:ac:08:fd:c5:db:cd:
b2:aa:c1:1a:ea:de:68:a7:74:dc:21:73:dd:7b:ce:
83:2c:76:c2:ee:86:62:84:b5:72:87:c9:da:2c:31:
cb:5c:b2:eb:19:e1:c0:62:f7:73:53:87:fe:3b:4e:
1e:25:08:b9:78:e2:a3:9f:a5:16:63:d6:a8:74:42:
2c:04:00:94:96:5c:8e:b9:11:63:46:6f:08:dc:ee:
78:c1:e8:bd:0b:59:e6:6e:17:f9:52:a0:d7:12:f9:
d2:3f:53:74:0e:10:f9:56:40:5c:32:72:a7:eb:c0:
bc:55:b8:63:15:b2:7a:ac:24:0f:44:9b:e4:f9:dc:
65:90:cb:c4:fc:76:5f:cc:62:f8:cf:b9:32:6d:5b:
9b:18:30:76:2a:49:ae:a3:47:5a:0a:b0:dd:a6:1e:
be:5a:af:54:cf:4e:d6:69:51:aa:d8:5a:1b:c0:20:
0c:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:70:9B:8C:66:E2:67:F6:F6:21:07:39:93:52:C4:07:AF:9A:11:CA
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/QXCbjGbiZ_b2IQc5k1LEB6-aEco.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.242.136.0/24
Signature Algorithm: sha256WithRSAEncryption
41:5d:e2:99:c1:9e:1c:c2:27:9a:e3:bb:35:0f:30:5f:31:1c:
41:e4:a5:fd:f5:b4:46:73:4d:b9:9e:fa:ec:8e:7b:05:fc:67:
48:eb:9c:db:cd:9e:5b:aa:f4:c0:e0:60:36:71:b9:9f:78:ed:
61:96:0b:83:33:b8:ac:8d:c9:3d:87:66:1b:e5:eb:f1:da:2c:
ea:a4:ed:ac:ea:49:73:b8:fe:9e:33:23:d5:ae:e9:d9:4d:32:
03:28:6f:c4:53:fb:29:ff:8f:0f:d1:cc:0a:31:13:17:88:95:
0d:6d:78:57:97:01:fd:9f:95:9f:36:1d:ff:a7:96:d8:3f:6a:
37:c8:14:37:2a:cb:ad:51:6d:8e:d0:48:ca:e2:02:aa:38:74:
68:2c:1d:d7:b9:77:55:df:08:6d:82:91:c6:1f:89:df:3f:08:
37:d6:5d:05:4d:68:66:14:ec:cd:14:1d:ff:1b:7f:be:f7:d5:
4a:b2:a9:fe:c3:c8:0e:e6:3e:8a:af:1a:7b:76:00:b4:79:4e:
3d:45:48:23:d3:db:bd:4d:ed:c6:86:c8:15:f5:e3:2b:85:79:
13:8e:8c:9c:76:e3:7f:60:70:33:12:cc:8c:ac:4b:6b:92:53:
a4:d9:90:ff:10:18:97:9a:cb:9f:2f:24:d4:34:30:41:3e:48:
04:88:a1:e4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZgsEsw26VNUf6MS4wbc6of7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNzIxMDgyMTI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTcwOWI4YzY2ZTI2N2Y2ZjYyMTA3Mzk5MzUyYzQwN2FmOWExMWNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs/cKFGha9dRhbzr0LTqtUO7+8qnQ
RVjeq5M1zFG33asI71LSRmAkPLCqWZjZV/+W39cIJl0RxQ95vcAF/lHkkZBjidmC
4cG5isj+Wigue8aK+AisCP3F282yqsEa6t5op3TcIXPde86DLHbC7oZihLVyh8na
LDHLXLLrGeHAYvdzU4f+O04eJQi5eOKjn6UWY9aodEIsBACUllyOuRFjRm8I3O54
wei9C1nmbhf5UqDXEvnSP1N0DhD5VkBcMnKn68C8VbhjFbJ6rCQPRJvk+dxlkMvE
/HZfzGL4z7kybVubGDB2Kkmuo0daCrDdph6+Wq9Uz07WaVGq2FobwCAMLwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEFwm4xm4mf29iEHOZNSxAevmhHKMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvUVhDYmpHYmlaX2IySVFjNWsxTEVCNi1hRWNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAl/KIMA0G
CSqGSIb3DQEBCwUAA4IBAQBBXeKZwZ4cwiea47s1DzBfMRxB5KX99bRGc025nvrs
jnsF/GdI65zbzZ5bqvTA4GA2cbmfeO1hlguDM7isjck9h2Yb5evx2izqpO2s6klz
uP6eMyPVrunZTTIDKG/EU/sp/48P0cwKMRMXiJUNbXhXlwH9n5WfNh3/p5bYP2o3
yBQ3KsutUW2O0EjK4gKqOHRoLB3XuXdV3whtgpHGH4nfPwg31l0FTWhmFOzNFB3/
G3++99VKsqn+w8gO5j6Krxp7dgC0eU49RUgj09u9Te3GhsgV9eMrhXkTjoycduN/
YHAzEsyMrEtrklOk2ZD/EBiXmsufLyTUNDBBPkgEiKHk
-----END CERTIFICATE-----
Generated at Sun Jul 27 04:57:06 2025 by rpki-client