Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/qQZ_XVzVbwlfPN72xu6e7NuKubM.roa
File: qQZ_XVzVbwlfPN72xu6e7NuKubM.roa (raw, json)
Hash identifier: jDFqDP5QElUvHNsqBVDAkHTBkaN6bo+OwX16P697BLs=
Subject key identifier: A9:06:7F:5D:5C:D5:6F:09:5F:3C:DE:F6:C6:EE:9E:EC:DB:8A:B9:B3
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 01994168E356FB3C8E38AA050DD14E2CA0F6
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/qQZ_XVzVbwlfPN72xu6e7NuKubM.roa
Signing time: Sat 13 Sep 2025 04:50:16 +0000
ROA not before: Sat 13 Sep 2025 04:50:16 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 174
IP address blocks: 151.240.205.0/24 maxlen: 24
151.241.119.0/24 maxlen: 24
151.241.122.0/24 maxlen: 24
151.241.123.0/24 maxlen: 24
151.241.125.0/24 maxlen: 24
151.243.176.0/21 maxlen: 24
151.243.192.0/21 maxlen: 24
151.243.225.0/24 maxlen: 24
151.243.227.0/24 maxlen: 24
151.243.235.0/24 maxlen: 24
151.243.241.0/24 maxlen: 24
151.246.16.0/21 maxlen: 21
151.246.32.0/21 maxlen: 21
151.247.238.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Sep 2025 11:00:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:41:68:e3:56:fb:3c:8e:38:aa:05:0d:d1:4e:2c:a0:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Sep 13 04:50:16 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a9067f5d5cd56f095f3cdef6c6ee9eecdb8ab9b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:57:1e:03:6f:b0:46:00:6d:1d:54:b8:93:f9:
a5:58:e8:80:0e:85:6f:96:36:0c:4d:b8:c9:72:5d:
59:58:27:0a:eb:08:29:18:cb:87:31:2d:af:df:fe:
88:6f:2c:98:a6:35:84:8a:83:bb:6d:3d:e5:f5:83:
12:94:4d:c5:08:7a:cd:3d:57:cf:d7:ff:be:70:6d:
96:82:44:a0:ed:e1:79:b8:f3:f4:2d:3f:fa:92:8b:
d5:e0:f1:26:60:80:7c:c2:5e:39:fc:98:49:ba:4d:
d7:12:e0:c5:f9:2e:18:92:ef:e4:65:c5:42:d3:04:
10:f7:24:03:89:2c:02:8e:58:18:77:7d:e1:85:37:
53:06:17:3e:ec:0d:3d:b6:c6:ff:1e:42:ee:eb:3f:
3b:f2:8d:1a:f5:53:42:8a:0c:6a:fa:ca:14:84:ee:
9a:cd:ab:6b:cd:7c:63:75:a0:91:78:58:f0:1f:14:
2c:60:59:0c:4c:8d:72:a1:22:07:37:88:12:04:9c:
c6:1c:c7:9c:60:62:f7:92:bd:04:ee:4f:e1:c6:d6:
1f:37:bb:76:40:fe:22:2a:b8:1c:9a:ee:cf:90:c3:
82:57:ca:4d:6b:fd:9c:04:0d:4a:de:eb:90:91:e2:
5b:a3:a1:be:ee:b5:3a:af:b7:34:fb:47:81:1f:7f:
5d:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:06:7F:5D:5C:D5:6F:09:5F:3C:DE:F6:C6:EE:9E:EC:DB:8A:B9:B3
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/qQZ_XVzVbwlfPN72xu6e7NuKubM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.240.205.0/24
151.241.119.0/24
151.241.122.0/23
151.241.125.0/24
151.243.176.0/21
151.243.192.0/21
151.243.225.0/24
151.243.227.0/24
151.243.235.0/24
151.243.241.0/24
151.246.16.0/21
151.246.32.0/21
151.247.238.0/24
Signature Algorithm: sha256WithRSAEncryption
b3:05:13:39:52:c8:da:d9:56:fc:e0:24:c0:2b:6b:df:65:24:
a0:d8:25:08:dd:b9:41:ff:c7:22:71:4e:1d:c1:37:32:50:84:
9b:fc:6c:c0:32:6b:7b:69:2f:43:be:1d:39:3f:fa:ef:ef:d1:
85:63:2d:25:00:50:54:69:b7:62:9e:07:85:f0:ac:4b:fb:be:
01:e3:be:d1:59:7b:97:15:b5:c6:eb:9c:68:17:91:28:1e:0c:
56:4e:be:06:bb:13:ae:20:06:5f:f8:70:c3:fd:97:ad:0f:fa:
df:97:a8:d6:3d:fc:2c:b4:d8:04:b8:98:5c:7a:84:05:94:6d:
cf:99:17:d2:dd:c4:73:8c:67:7c:4d:fa:10:85:73:21:19:fb:
d7:73:3c:33:a8:85:3f:4e:dd:78:a1:14:ac:a3:79:17:c9:e0:
12:27:7a:aa:87:1a:76:cc:51:20:99:99:e7:d0:51:e0:a3:38:
ca:56:f1:f0:18:cf:8d:c3:00:3f:99:d3:42:a7:5a:44:d1:d9:
c7:3a:1f:66:f7:97:67:b6:9a:ab:7f:e6:ad:73:33:6f:21:ff:
09:a8:12:fb:2c:ef:fe:38:f4:ef:15:8f:8b:24:87:5c:e7:59:
94:e9:1b:22:37:86:99:a3:57:f8:89:9c:22:bc:6c:cd:f2:7b:
ee:48:03:fb
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAZlBaONW+zyOOKoFDdFOLKD2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwOTEzMDQ1MDE2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTA2N2Y1ZDVjZDU2ZjA5NWYzY2RlZjZjNmVlOWVlY2RiOGFiOWIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0lceA2+wRgBtHVS4k/mlWOiADoVv
ljYMTbjJcl1ZWCcK6wgpGMuHMS2v3/6IbyyYpjWEioO7bT3l9YMSlE3FCHrNPVfP
1/++cG2WgkSg7eF5uPP0LT/6kovV4PEmYIB8wl45/JhJuk3XEuDF+S4Yku/kZcVC
0wQQ9yQDiSwCjlgYd33hhTdTBhc+7A09tsb/HkLu6z878o0a9VNCigxq+soUhO6a
zatrzXxjdaCReFjwHxQsYFkMTI1yoSIHN4gSBJzGHMecYGL3kr0E7k/hxtYfN7t2
QP4iKrgcmu7PkMOCV8pNa/2cBA1K3uuQkeJbo6G+7rU6r7c0+0eBH39dvwIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFKkGf11c1W8JXzze9sbunuzbirmzMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvcVFaX1hWelZid2xmUE43Mnh1NmU3TnVLdWJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQAl/DNAwQA
l/F3AwQBl/F6AwQAl/F9AwQDl/OwAwQDl/PAAwQAl/PhAwQAl/PjAwQAl/PrAwQA
l/PxAwQDl/YQAwQDl/YgAwQAl/fuMA0GCSqGSIb3DQEBCwUAA4IBAQCzBRM5Usja
2Vb84CTAK2vfZSSg2CUI3blB/8cicU4dwTcyUISb/GzAMmt7aS9Dvh05P/rv79GF
Yy0lAFBUabdingeF8KxL+74B477RWXuXFbXG65xoF5EoHgxWTr4GuxOuIAZf+HDD
/ZetD/rfl6jWPfwstNgEuJhceoQFlG3PmRfS3cRzjGd8TfoQhXMhGfvXczwzqIU/
Tt14oRSso3kXyeASJ3qqhxp2zFEgmZnn0FHgozjKVvHwGM+NwwA/mdNCp1pE0dnH
Oh9m95dntpqrf+atczNvIf8JqBL7LO/+OPTvFY+LJIdc51mU6RsiN4aZo1f4iZwi
vGzN8nvuSAP7
-----END CERTIFICATE-----
Generated at Sat Sep 13 20:28:27 2025 by rpki-client