Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/sRuBz9oclaEDx3IzyvGUPNgkk3w.roa
File: sRuBz9oclaEDx3IzyvGUPNgkk3w.roa (raw, json)
Hash identifier: 2F7+1zuSdQEOL+iSRHfBtx8IZUPKHgs3wlB1E8PFzUY=
Subject key identifier: B1:1B:81:CF:DA:1C:95:A1:03:C7:72:33:CA:F1:94:3C:D8:24:93:7C
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019811D0BF72F5ABD803FCACD3D46E5F63FD
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/sRuBz9oclaEDx3IzyvGUPNgkk3w.roa
Signing time: Wed 16 Jul 2025 05:59:09 +0000
ROA not before: Wed 16 Jul 2025 05:59:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215304
IP address blocks: 151.241.128.0/22 maxlen: 24
151.242.4.0/24 maxlen: 24
151.242.14.0/24 maxlen: 24
151.242.17.0/24 maxlen: 24
151.242.27.0/24 maxlen: 24
151.242.32.0/24 maxlen: 24
151.242.40.0/24 maxlen: 24
151.242.64.0/24 maxlen: 24
151.242.78.0/24 maxlen: 24
151.242.79.0/24 maxlen: 24
151.242.82.0/24 maxlen: 24
151.242.139.0/24 maxlen: 24
151.243.44.0/24 maxlen: 24
151.243.115.0/24 maxlen: 24
151.244.3.0/24 maxlen: 24
151.244.128.0/24 maxlen: 24
151.244.129.0/24 maxlen: 24
151.244.130.0/24 maxlen: 24
151.245.120.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 06:18:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:11:d0:bf:72:f5:ab:d8:03:fc:ac:d3:d4:6e:5f:63:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Jul 16 05:59:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b11b81cfda1c95a103c77233caf1943cd824937c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:56:f5:40:ad:7e:99:ef:59:a7:97:40:2e:84:
cd:73:87:27:c3:06:13:fc:23:00:c3:83:26:16:bf:
92:f2:35:ab:e7:8d:a6:1f:fc:be:0c:8f:5d:92:e0:
94:c5:d1:81:22:b7:05:30:20:e7:35:83:5d:d8:3e:
91:f3:ef:d1:fa:db:3c:86:92:41:49:ec:fe:3a:ae:
77:a2:e7:69:40:10:d2:8d:e7:ce:5a:ec:eb:4a:a0:
83:8b:85:a2:da:2b:cc:4b:52:d7:06:51:da:15:91:
cb:76:0d:d7:f6:d5:95:fb:8c:17:df:3a:c5:da:47:
d5:d5:3c:05:88:e5:55:7b:d0:76:fd:e5:e7:82:f2:
73:ae:89:cd:79:6b:49:6f:07:89:13:02:ab:a0:09:
93:b9:a4:20:67:f2:c0:82:c5:f7:f2:9c:e6:d3:02:
6a:de:1f:63:1b:65:ff:ff:fb:f1:58:97:80:17:fb:
99:8e:ac:15:35:12:ac:b6:c3:9d:a1:e5:fd:75:60:
be:a9:b8:3c:16:64:b0:60:b8:26:f8:0e:81:8f:82:
8b:99:e2:f6:49:ab:94:9c:d4:82:75:26:c7:76:d4:
d8:a9:60:e2:97:fe:ab:a6:e7:4a:1d:33:a9:f5:92:
b2:2d:2e:57:fa:b2:87:3a:34:6d:15:7d:74:46:b2:
22:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:1B:81:CF:DA:1C:95:A1:03:C7:72:33:CA:F1:94:3C:D8:24:93:7C
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/sRuBz9oclaEDx3IzyvGUPNgkk3w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.241.128.0/22
151.242.4.0/24
151.242.14.0/24
151.242.17.0/24
151.242.27.0/24
151.242.32.0/24
151.242.40.0/24
151.242.64.0/24
151.242.78.0/23
151.242.82.0/24
151.242.139.0/24
151.243.44.0/24
151.243.115.0/24
151.244.3.0/24
151.244.128.0-151.244.130.255
151.245.120.0/21
Signature Algorithm: sha256WithRSAEncryption
b5:3e:54:21:01:82:c0:b1:1f:1f:a6:81:44:cd:0d:f0:1b:60:
47:13:79:eb:d8:e0:ff:d4:7d:d3:58:85:00:14:34:83:d0:23:
08:f3:3f:d4:39:f1:81:9a:81:9e:85:e0:4b:5e:7b:0e:cc:bc:
73:05:ea:2c:42:5d:0d:60:0a:e0:b5:28:6e:90:88:34:4f:d6:
0a:33:06:7d:6f:1a:10:dd:bd:57:ba:2e:4a:88:0a:f5:10:3b:
ab:c7:5a:38:6e:18:6f:8a:9d:00:4f:15:72:0e:24:85:f2:41:
78:89:22:c0:84:60:d1:24:c1:05:05:8c:a3:2f:07:de:12:2f:
46:d1:5c:a2:2b:c9:ed:a2:0f:1b:ac:3e:06:f5:d3:07:06:cb:
e7:0c:6a:78:14:68:05:c4:17:cd:2b:99:66:e5:23:a0:4d:37:
5d:16:3a:cb:0b:29:ff:54:2c:87:c3:80:2d:fe:cb:bf:63:b1:
f0:b2:5b:59:bf:54:4a:86:66:c9:cd:f2:ff:e5:3b:e8:d0:8c:
ff:af:a0:c7:09:5a:2a:57:21:df:b0:24:19:c6:f1:fb:9e:b4:
fd:d4:da:5d:e4:b9:00:bc:c6:f2:7b:d1:6c:07:d1:d0:6c:f1:
df:b8:fb:ca:80:1c:95:cf:0a:b7:ed:5d:9a:f0:51:4e:93:7d:
4e:12:e6:7d
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgISAZgR0L9y9avYA/ys09RuX2P9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNzE2MDU1OTA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTFiODFjZmRhMWM5NWExMDNjNzcyMzNjYWYxOTQzY2Q4MjQ5MzdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt1b1QK1+me9Zp5dALoTNc4cnwwYT
/CMAw4MmFr+S8jWr542mH/y+DI9dkuCUxdGBIrcFMCDnNYNd2D6R8+/R+ts8hpJB
Sez+Oq53oudpQBDSjefOWuzrSqCDi4Wi2ivMS1LXBlHaFZHLdg3X9tWV+4wX3zrF
2kfV1TwFiOVVe9B2/eXngvJzronNeWtJbweJEwKroAmTuaQgZ/LAgsX38pzm0wJq
3h9jG2X///vxWJeAF/uZjqwVNRKstsOdoeX9dWC+qbg8FmSwYLgm+A6Bj4KLmeL2
SauUnNSCdSbHdtTYqWDil/6rpudKHTOp9ZKyLS5X+rKHOjRtFX10RrIiAwIDAQAB
o4ICbDCCAmgwHQYDVR0OBBYEFLEbgc/aHJWhA8dyM8rxlDzYJJN8MB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvc1J1Qno5b2NsYUVEeDNJenl2R1VQTmdrazN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGBBggrBgEFBQcBBwEB/wRyMHAwbgQCAAEwaAMEApfxgAME
AJfyBAMEAJfyDgMEAJfyEQMEAJfyGwMEAJfyIAMEAJfyKAMEAJfyQAMEAZfyTgME
AJfyUgMEAJfyiwMEAJfzLAMEAJfzcwMEAJf0AzAMAwQHl/SAAwQAl/SCAwQDl/V4
MA0GCSqGSIb3DQEBCwUAA4IBAQC1PlQhAYLAsR8fpoFEzQ3wG2BHE3nr2OD/1H3T
WIUAFDSD0CMI8z/UOfGBmoGeheBLXnsOzLxzBeosQl0NYArgtShukIg0T9YKMwZ9
bxoQ3b1Xui5KiAr1EDurx1o4bhhvip0ATxVyDiSF8kF4iSLAhGDRJMEFBYyjLwfe
Ei9G0VyiK8ntog8brD4G9dMHBsvnDGp4FGgFxBfNK5lm5SOgTTddFjrLCyn/VCyH
w4At/su/Y7HwsltZv1RKhmbJzfL/5Tvo0Iz/r6DHCVoqVyHfsCQZxvH7nrT91Npd
5LkAvMbye9FsB9HQbPHfuPvKgByVzwq37V2a8FFOk31OEuZ9
-----END CERTIFICATE-----
Generated at Sun Jul 20 14:35:12 2025 by rpki-client