Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/iIOT18WIVxvJf3PNocT5g276T-o.roa
File: iIOT18WIVxvJf3PNocT5g276T-o.roa (raw, json)
Hash identifier: gctE3aer3h1daT3R0ndwabbQVDuXf4+EO1O2NA7Betw=
Subject key identifier: 88:83:93:D7:C5:88:57:1B:C9:7F:73:CD:A1:C4:F9:83:6E:FA:4F:EA
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 01978C4332F904A6F5696202A7A672F36D0B
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/iIOT18WIVxvJf3PNocT5g276T-o.roa
Signing time: Fri 20 Jun 2025 07:35:03 +0000
ROA not before: Fri 20 Jun 2025 07:35:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212609
IP address blocks: 151.240.113.0/24 maxlen: 24
151.240.114.0/24 maxlen: 24
151.242.72.0/24 maxlen: 24
151.242.207.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 22:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:8c:43:32:f9:04:a6:f5:69:62:02:a7:a6:72:f3:6d:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Jun 20 07:35:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=888393d7c588571bc97f73cda1c4f9836efa4fea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:2a:a9:3e:3e:e3:6c:64:ae:e1:67:1a:c9:e1:
d9:7a:84:37:42:e5:f7:9c:06:58:cb:b3:4c:30:0b:
a5:3d:f7:61:da:03:46:76:75:6c:47:76:cf:15:86:
27:f8:bb:89:04:26:d6:aa:95:bc:c8:a0:e7:55:06:
e8:47:a5:a6:6a:6f:ca:af:5d:d7:57:fe:a8:39:a2:
64:71:cf:21:16:fe:ed:63:9b:f6:8c:1f:f9:61:05:
ee:b2:c7:62:c8:cf:e5:02:d5:a2:13:41:cb:67:df:
d5:af:34:fe:7d:26:d8:91:d1:15:01:48:e9:00:00:
0f:62:09:02:07:92:66:dc:00:69:f0:2a:3a:9d:cc:
e8:50:70:e2:78:6f:ed:bd:4b:db:ba:9f:1c:c4:a1:
37:ca:0a:48:be:74:07:50:7f:bb:10:d1:ac:c5:4d:
43:d4:ab:f9:fd:86:c6:89:91:b8:a1:af:17:6d:d7:
0b:26:f9:62:7b:f7:40:b9:df:2a:3b:3e:b3:c7:eb:
ec:17:b7:f8:53:cc:14:61:d4:57:ea:a8:90:97:3d:
d3:c8:6b:85:19:18:7b:e7:7c:67:b6:e6:17:4a:2e:
97:66:24:9f:e1:5b:d1:d6:aa:06:74:e6:56:ab:5f:
a6:7b:78:86:f0:e4:76:9b:40:09:95:8f:a4:4a:51:
eb:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:83:93:D7:C5:88:57:1B:C9:7F:73:CD:A1:C4:F9:83:6E:FA:4F:EA
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/iIOT18WIVxvJf3PNocT5g276T-o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.240.113.0-151.240.114.255
151.242.72.0/24
151.242.207.0/24
Signature Algorithm: sha256WithRSAEncryption
63:16:7f:a5:fb:e5:b3:01:63:e8:13:d0:a0:51:cf:b1:70:80:
92:71:b7:37:f3:0b:f8:d1:ad:50:76:9a:c9:70:c5:42:85:b1:
35:ef:c9:43:0c:30:f8:4a:a2:aa:ec:3c:e9:05:25:a6:73:58:
64:b8:2e:37:27:f0:a2:05:4a:ff:f5:bb:68:f9:24:44:50:2f:
91:fe:93:a6:9d:e9:50:8c:80:9c:83:35:5f:97:8b:0e:2d:f4:
91:d9:07:9c:7e:a5:bd:8c:e0:ca:ba:98:2f:45:9c:86:26:dd:
30:e3:c6:32:81:35:ed:fc:b8:9f:cb:b9:47:7f:de:1a:49:c2:
24:88:f7:fe:78:3f:ea:a4:f7:9d:c6:7c:a9:be:82:47:17:4c:
77:18:24:02:f5:b6:04:41:42:cd:ae:2b:fa:76:ff:a5:0e:fd:
c0:16:0e:f0:e5:70:fd:9e:56:ab:e5:86:ba:84:56:b4:fe:0b:
ca:5c:20:32:8c:7e:f0:70:ea:d5:fe:99:7c:38:38:4c:f6:e0:
3a:ea:d2:82:e8:1e:16:da:5a:64:41:1f:51:d4:cb:49:71:2b:
e7:8c:9d:cf:e1:07:58:e4:f8:67:97:2c:10:9e:5a:d0:1b:6c:
cd:7c:21:68:74:c6:37:3b:c2:5e:2c:39:3c:18:65:35:8d:a3:
9c:3b:08:42
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZeMQzL5BKb1aWICp6Zy820LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNjIwMDczNTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODgzOTNkN2M1ODg1NzFiYzk3ZjczY2RhMWM0Zjk4MzZlZmE0ZmVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAriqpPj7jbGSu4WcayeHZeoQ3QuX3
nAZYy7NMMAulPfdh2gNGdnVsR3bPFYYn+LuJBCbWqpW8yKDnVQboR6Wmam/Kr13X
V/6oOaJkcc8hFv7tY5v2jB/5YQXussdiyM/lAtWiE0HLZ9/VrzT+fSbYkdEVAUjp
AAAPYgkCB5Jm3ABp8Co6nczoUHDieG/tvUvbup8cxKE3ygpIvnQHUH+7ENGsxU1D
1Kv5/YbGiZG4oa8XbdcLJvlie/dAud8qOz6zx+vsF7f4U8wUYdRX6qiQlz3TyGuF
GRh753xntuYXSi6XZiSf4VvR1qoGdOZWq1+me3iG8OR2m0AJlY+kSlHrOQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFIiDk9fFiFcbyX9zzaHE+YNu+k/qMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvaUlPVDE4V0lWeHZKZjNQTm9jVDVnMjc2VC1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBACX8HED
BACX8HIDBACX8kgDBACX8s8wDQYJKoZIhvcNAQELBQADggEBAGMWf6X75bMBY+gT
0KBRz7FwgJJxtzfzC/jRrVB2mslwxUKFsTXvyUMMMPhKoqrsPOkFJaZzWGS4Ljcn
8KIFSv/1u2j5JERQL5H+k6ad6VCMgJyDNV+Xiw4t9JHZB5x+pb2M4Mq6mC9FnIYm
3TDjxjKBNe38uJ/LuUd/3hpJwiSI9/54P+qk953GfKm+gkcXTHcYJAL1tgRBQs2u
K/p2/6UO/cAWDvDlcP2eVqvlhrqEVrT+C8pcIDKMfvBw6tX+mXw4OEz24Drq0oLo
HhbaWmRBH1HUy0lxK+eMnc/hB1jk+GeXLBCeWtAbbM18IWh0xjc7wl4sOTwYZTWN
o5w7CEI=
-----END CERTIFICATE-----
Generated at Wed Jul 23 02:10:23 2025 by rpki-client