Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/Ry4sDOAZE2N9ar60yeKfGWoYfJA.roa
File: Ry4sDOAZE2N9ar60yeKfGWoYfJA.roa (raw, json)
Hash identifier: 9Asj5oHidqCW1U+lx8Wa0fDtRBQAkgjpKZlP8bj0wP0=
Subject key identifier: 47:2E:2C:0C:E0:19:13:63:7D:6A:BE:B4:C9:E2:9F:19:6A:18:7C:90
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0197D955695CCACEAF9B5591DC36242A6B34
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/Ry4sDOAZE2N9ar60yeKfGWoYfJA.roa
Signing time: Sat 05 Jul 2025 06:45:42 +0000
ROA not before: Sat 05 Jul 2025 06:45:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 151.240.128.0/21 maxlen: 24
151.240.136.0/21 maxlen: 24
151.240.171.0/24 maxlen: 24
151.241.132.0/22 maxlen: 22
151.241.232.0/21 maxlen: 24
151.242.56.0/24 maxlen: 24
151.243.8.0/23 maxlen: 23
151.243.204.0/23 maxlen: 23
151.244.16.0/21 maxlen: 21
151.245.56.0/22 maxlen: 22
151.245.188.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 22:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:d9:55:69:5c:ca:ce:af:9b:55:91:dc:36:24:2a:6b:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Jul 5 06:45:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=472e2c0ce01913637d6abeb4c9e29f196a187c90
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:4a:92:a2:4f:e7:0d:fe:b0:2f:14:ea:fb:aa:
62:4a:19:ee:45:09:b1:f5:01:69:ec:d0:f1:3c:0b:
5d:a7:19:e1:d5:e7:fb:af:75:78:2c:8b:73:82:48:
8e:73:8f:60:09:7c:69:31:80:c7:c7:c9:76:cb:fe:
22:40:5e:64:54:77:83:ad:ff:97:3a:94:f3:c8:69:
23:ba:91:43:d5:35:ea:a8:17:64:e2:1f:56:3d:5d:
33:1d:c7:78:b3:d6:a4:7f:f0:e5:a6:7f:93:95:46:
0f:15:26:3e:60:29:8f:18:da:69:36:0a:b7:c3:bb:
91:2e:3e:55:65:51:17:31:5c:af:01:0c:31:ff:f2:
1d:e0:84:93:18:00:59:da:56:8c:a3:f1:a0:8c:64:
a8:3d:9a:7d:bc:2d:c8:01:95:5c:a5:6a:3a:d2:78:
e2:0b:a0:a9:ac:35:c8:b4:b1:36:c2:9c:16:ca:c1:
9c:e3:61:38:9f:bd:52:bb:96:2b:87:33:66:13:ab:
10:09:2c:03:f6:2d:a6:37:fa:c1:5f:b8:ba:42:ae:
ef:f7:7c:33:21:a5:86:b6:f8:b8:6d:36:8f:e1:53:
b5:fc:8d:68:58:97:0d:a2:cd:19:af:b9:88:1e:16:
23:df:89:9c:aa:2b:86:a2:33:cd:56:7e:65:a7:cf:
3c:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:2E:2C:0C:E0:19:13:63:7D:6A:BE:B4:C9:E2:9F:19:6A:18:7C:90
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/Ry4sDOAZE2N9ar60yeKfGWoYfJA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.240.128.0/20
151.240.171.0/24
151.241.132.0/22
151.241.232.0/21
151.242.56.0/24
151.243.8.0/23
151.243.204.0/23
151.244.16.0/21
151.245.56.0/22
151.245.188.0/24
Signature Algorithm: sha256WithRSAEncryption
44:62:3e:2c:66:45:0d:45:f8:84:5e:e6:d6:d1:92:20:5a:a4:
16:60:76:16:69:e9:8f:b1:91:b5:66:1e:d8:08:e0:81:16:f5:
c1:71:c1:d9:ec:e5:33:4b:90:ca:32:c8:13:79:57:55:9d:da:
2e:bd:96:e9:7c:38:f6:5a:4c:5a:4f:d7:6c:c4:3e:c5:44:33:
ca:49:7b:5d:c0:9d:9d:e5:a8:f6:35:5f:4f:c2:a5:60:05:8a:
26:42:f4:2c:49:1b:2c:b0:ec:55:c2:35:0f:2a:31:37:a7:c8:
55:ea:9c:91:5a:04:60:42:22:2e:69:ca:ee:e2:55:07:0d:f1:
ef:50:e3:1a:40:d2:e6:b6:1e:aa:b4:78:2a:b5:90:7c:35:19:
c6:1c:e9:80:7a:6b:35:f9:e0:c4:d7:7a:60:78:b4:31:57:fc:
43:c0:27:a6:4d:2d:e6:31:89:fa:d3:a7:e4:a5:08:5f:f4:97:
cb:13:d2:1c:21:f6:c4:66:d9:53:3a:0b:1d:a1:4d:b6:06:e8:
66:be:d3:76:a0:69:67:9a:bd:81:4b:95:f9:7a:5d:e4:53:5b:
87:e5:9a:62:d8:b7:9e:5c:49:50:7f:00:f3:bc:ec:c0:c9:f8:
6b:5b:ec:56:9c:c4:16:bc:6f:48:ea:97:61:db:8f:2e:c3:82:
b6:e4:38:fa
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZfZVWlcys6vm1WR3DYkKms0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNzA1MDY0NTQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzJlMmMwY2UwMTkxMzYzN2Q2YWJlYjRjOWUyOWYxOTZhMTg3YzkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu0qSok/nDf6wLxTq+6piShnuRQmx
9QFp7NDxPAtdpxnh1ef7r3V4LItzgkiOc49gCXxpMYDHx8l2y/4iQF5kVHeDrf+X
OpTzyGkjupFD1TXqqBdk4h9WPV0zHcd4s9akf/Dlpn+TlUYPFSY+YCmPGNppNgq3
w7uRLj5VZVEXMVyvAQwx//Id4ISTGABZ2laMo/GgjGSoPZp9vC3IAZVcpWo60nji
C6CprDXItLE2wpwWysGc42E4n71Su5YrhzNmE6sQCSwD9i2mN/rBX7i6Qq7v93wz
IaWGtvi4bTaP4VO1/I1oWJcNos0Zr7mIHhYj34mcqiuGojPNVn5lp8886QIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFEcuLAzgGRNjfWq+tMninxlqGHyQMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvUnk0c0RPQVpFMk45YXI2MHllS2ZHV29ZZkpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQEl/CAAwQA
l/CrAwQCl/GEAwQDl/HoAwQAl/I4AwQBl/MIAwQBl/PMAwQDl/QQAwQCl/U4AwQA
l/W8MA0GCSqGSIb3DQEBCwUAA4IBAQBEYj4sZkUNRfiEXubW0ZIgWqQWYHYWaemP
sZG1Zh7YCOCBFvXBccHZ7OUzS5DKMsgTeVdVndouvZbpfDj2WkxaT9dsxD7FRDPK
SXtdwJ2d5aj2NV9PwqVgBYomQvQsSRsssOxVwjUPKjE3p8hV6pyRWgRgQiIuacru
4lUHDfHvUOMaQNLmth6qtHgqtZB8NRnGHOmAems1+eDE13pgeLQxV/xDwCemTS3m
MYn606fkpQhf9JfLE9IcIfbEZtlTOgsdoU22BuhmvtN2oGlnmr2BS5X5el3kU1uH
5Zpi2LeeXElQfwDzvOzAyfhrW+xWnMQWvG9I6pdh248uw4K25Dj6
-----END CERTIFICATE-----
Generated at Wed Jul 23 02:27:02 2025 by rpki-client