Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/ZOmmf3WnEEh7Phf4VHiwg9G_sY4.roa
File: ZOmmf3WnEEh7Phf4VHiwg9G_sY4.roa (raw, json)
Hash identifier: ZWWoekDZCjnatC+jnU6c3foIs/zJa1RLHbjE41oCdJw=
Subject key identifier: 64:E9:A6:7F:75:A7:10:48:7B:3E:17:F8:54:78:B0:83:D1:BF:B1:8E
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0198267BD41FDAE558D25F95FD2849F3508C
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/ZOmmf3WnEEh7Phf4VHiwg9G_sY4.roa
Signing time: Sun 20 Jul 2025 06:18:26 +0000
ROA not before: Sun 20 Jul 2025 06:18:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3320
IP address blocks: 151.242.93.0/24 maxlen: 24
151.242.94.0/24 maxlen: 24
151.242.95.0/24 maxlen: 24
151.242.98.0/24 maxlen: 24
151.242.100.0/24 maxlen: 24
151.242.101.0/24 maxlen: 24
151.242.105.0/24 maxlen: 24
151.242.107.0/24 maxlen: 24
151.242.109.0/24 maxlen: 24
151.242.113.0/24 maxlen: 24
151.242.115.0/24 maxlen: 24
151.242.184.0/22 maxlen: 22
151.242.196.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Jul 2025 12:24:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:26:7b:d4:1f:da:e5:58:d2:5f:95:fd:28:49:f3:50:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Jul 20 06:18:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=64e9a67f75a710487b3e17f85478b083d1bfb18e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:49:35:2e:89:bc:0e:87:47:9e:1f:a8:db:b8:
2f:5a:df:48:de:9e:23:51:d4:bc:1d:9f:a5:d4:d8:
2b:f0:02:e6:61:30:31:06:ef:ea:f0:25:74:3e:11:
d0:c7:f0:3d:92:e1:70:ca:81:5f:94:b0:d6:4f:83:
81:75:44:86:c4:73:5f:cc:70:17:ca:c7:cb:0c:40:
e9:c0:2e:7c:e5:e9:8b:72:4f:e8:eb:a4:a8:2b:37:
7a:97:9d:d7:b2:60:e8:f4:57:6f:eb:28:36:a4:4a:
9f:42:b6:83:fd:f8:ce:f3:1f:a4:51:31:1c:14:30:
62:4b:84:e5:35:41:f1:d8:1b:4f:c7:37:11:6f:74:
42:1b:23:48:8d:74:18:f4:34:21:86:32:8d:28:14:
4a:c4:0d:46:be:9f:ef:bc:8f:df:86:df:2c:b1:dd:
31:6b:e4:46:d8:80:c6:a3:4b:b5:91:38:f6:d8:2b:
28:dc:82:58:3a:44:05:6a:8c:71:29:4b:9a:10:bf:
10:b1:48:4b:a4:06:60:51:98:2b:28:d7:38:9f:3f:
b5:99:c4:49:75:15:57:3f:a1:3b:82:5e:58:ad:07:
ff:f4:49:e2:f0:de:55:80:b0:4f:f6:a7:12:c0:a6:
71:d2:05:3c:eb:02:65:74:54:46:11:26:a5:7d:db:
d6:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:E9:A6:7F:75:A7:10:48:7B:3E:17:F8:54:78:B0:83:D1:BF:B1:8E
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/ZOmmf3WnEEh7Phf4VHiwg9G_sY4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.242.93.0-151.242.95.255
151.242.98.0/24
151.242.100.0/23
151.242.105.0/24
151.242.107.0/24
151.242.109.0/24
151.242.113.0/24
151.242.115.0/24
151.242.184.0/22
151.242.196.0/22
Signature Algorithm: sha256WithRSAEncryption
25:86:f0:b1:c6:1c:49:cd:0d:8d:2f:b6:3b:00:e2:82:14:f4:
36:5b:3a:fa:3a:65:63:0c:d1:cc:ed:a2:fb:c1:ac:1f:e6:a8:
43:8e:03:00:43:a6:4b:53:7f:e8:26:73:cf:f6:6d:e8:d1:39:
fc:f9:26:0b:40:e9:98:16:68:5c:fd:3c:5a:33:83:39:ca:3c:
86:16:a7:cb:6e:64:fe:25:dd:c0:33:b7:ef:77:26:c8:30:40:
6a:ac:80:3e:ee:cb:e8:39:3e:32:cf:6f:2a:9b:99:0e:77:b4:
5f:34:e0:14:99:ae:37:38:6b:2b:3a:05:9e:8d:be:0c:4d:3b:
d4:66:3a:41:50:c6:89:ae:8f:5c:c5:96:32:26:3b:cc:8c:8f:
00:30:39:69:d8:78:af:dc:3d:57:01:22:a3:7a:52:a9:68:3b:
c7:82:77:7d:0f:d0:8e:26:68:06:4a:74:20:02:87:c1:8c:b5:
49:c9:34:73:16:0e:08:8d:64:79:14:a0:65:7d:43:a6:0d:ae:
1e:15:4f:6c:27:47:b0:30:e0:ed:fd:ee:17:c5:9f:2e:c1:85:
d6:67:ee:9f:4e:50:20:b4:71:5a:d0:16:73:45:f0:56:23:4e:
e0:b2:d5:0d:49:96:59:e6:8a:e4:b4:be:e8:43:ea:28:48:43:
5a:02:55:b6
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAZgme9Qf2uVY0l+V/ShJ81CMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNzIwMDYxODI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NGU5YTY3Zjc1YTcxMDQ4N2IzZTE3Zjg1NDc4YjA4M2QxYmZiMThlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsEk1Lom8DodHnh+o27gvWt9I3p4j
UdS8HZ+l1Ngr8ALmYTAxBu/q8CV0PhHQx/A9kuFwyoFflLDWT4OBdUSGxHNfzHAX
ysfLDEDpwC585emLck/o66SoKzd6l53XsmDo9Fdv6yg2pEqfQraD/fjO8x+kUTEc
FDBiS4TlNUHx2BtPxzcRb3RCGyNIjXQY9DQhhjKNKBRKxA1Gvp/vvI/fht8ssd0x
a+RG2IDGo0u1kTj22Cso3IJYOkQFaoxxKUuaEL8QsUhLpAZgUZgrKNc4nz+1mcRJ
dRVXP6E7gl5YrQf/9Eni8N5VgLBP9qcSwKZx0gU86wJldFRGESalfdvWhwIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFGTppn91pxBIez4X+FR4sIPRv7GOMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvWk9tbWYzV25FRWg3UGhmNFZIaXdnOUdfc1k0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDBKBAIAATBEMAwDBACX8l0D
BAWX8kADBACX8mIDBAGX8mQDBACX8mkDBACX8msDBACX8m0DBACX8nEDBACX8nMD
BAKX8rgDBAKX8sQwDQYJKoZIhvcNAQELBQADggEBACWG8LHGHEnNDY0vtjsA4oIU
9DZbOvo6ZWMM0cztovvBrB/mqEOOAwBDpktTf+gmc8/2bejROfz5JgtA6ZgWaFz9
PFozgznKPIYWp8tuZP4l3cAzt+93JsgwQGqsgD7uy+g5PjLPbyqbmQ53tF804BSZ
rjc4ays6BZ6NvgxNO9RmOkFQxomuj1zFljImO8yMjwAwOWnYeK/cPVcBIqN6Uqlo
O8eCd30P0I4maAZKdCACh8GMtUnJNHMWDgiNZHkUoGV9Q6YNrh4VT2wnR7Aw4O39
7hfFny7BhdZn7p9OUCC0cVrQFnNF8FYjTuCy1Q1JllnmiuS0vuhD6ihIQ1oCVbY=
-----END CERTIFICATE-----
Generated at Mon Jul 21 18:22:18 2025 by rpki-client