Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/stqrP_jsYW0OqMjbOTCsFHtkKpc.roa
File: stqrP_jsYW0OqMjbOTCsFHtkKpc.roa (raw, json)
Hash identifier: HfJ19eEmPjDP4CdhZ1aY+Pz+e0MkOiYrQpxeNFuDWp8=
Subject key identifier: B2:DA:AB:3F:F8:EC:61:6D:0E:A8:C8:DB:39:30:AC:14:7B:64:2A:97
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019811B8F21AE053B6A89EAE04B6E5B9DE5A
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/stqrP_jsYW0OqMjbOTCsFHtkKpc.roa
Signing time: Wed 16 Jul 2025 05:33:09 +0000
ROA not before: Wed 16 Jul 2025 05:33:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 273478
IP address blocks: 151.244.241.0/24 maxlen: 24
151.245.242.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 13:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:11:b8:f2:1a:e0:53:b6:a8:9e:ae:04:b6:e5:b9:de:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Jul 16 05:33:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b2daab3ff8ec616d0ea8c8db3930ac147b642a97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:1c:49:7b:5d:bf:ab:2e:a7:62:d9:3f:f2:a2:
9c:b9:d6:f2:6e:ae:c6:3e:2a:db:b9:ac:d6:d7:ea:
b6:c4:7d:53:f4:b5:5e:cb:ec:fe:d3:09:2f:c8:f2:
b3:d5:66:99:a6:69:07:ee:09:f1:d9:ea:82:ed:11:
91:9e:da:c4:a7:a0:d4:5f:53:d1:bb:e5:5f:38:ef:
7d:67:6f:0e:b3:1c:76:53:bd:ad:ac:95:17:e6:00:
03:47:2c:f5:5b:22:98:e7:09:75:39:8e:bf:47:96:
ce:0a:91:92:cf:b5:38:08:08:81:26:1b:31:61:82:
29:f3:f9:d9:ae:6d:f1:47:0f:58:e9:57:4d:34:18:
0f:f2:65:37:38:80:6f:8f:4f:8e:76:91:c9:37:25:
0d:e3:d0:a0:59:0c:98:d9:e7:05:1e:01:ef:05:70:
bd:e9:75:33:22:92:ca:db:68:37:ba:2b:92:2a:37:
29:bb:82:54:31:05:42:e1:96:3c:66:d2:03:2b:27:
c4:e1:c7:45:c1:30:4c:93:8b:50:a3:18:69:4f:67:
5f:9a:ab:df:cd:d1:ac:29:b1:2f:1f:e9:08:94:5f:
28:20:a5:26:fe:28:a0:03:75:14:3a:82:4f:38:73:
79:d1:f5:da:50:a1:c1:d9:7f:16:ac:26:f2:d4:2b:
41:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:DA:AB:3F:F8:EC:61:6D:0E:A8:C8:DB:39:30:AC:14:7B:64:2A:97
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/stqrP_jsYW0OqMjbOTCsFHtkKpc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.244.241.0/24
151.245.242.0/23
Signature Algorithm: sha256WithRSAEncryption
57:fb:4e:09:88:df:39:e8:d4:18:8e:61:a2:8e:52:76:41:c7:
33:ae:19:26:7e:bd:2a:27:7a:23:0d:7e:f8:5e:7c:92:0c:0e:
4d:5d:14:54:ce:69:21:93:3c:1f:75:e9:38:04:54:ff:8e:ac:
19:e6:85:45:93:b3:ce:dc:72:84:23:4a:70:69:c7:a5:83:1a:
d5:a2:c2:63:f5:bc:27:c6:5e:f9:9e:ea:7a:37:01:fc:b4:38:
9e:97:77:c3:8a:76:3e:94:a6:fc:f1:d2:fe:5c:d0:8d:e0:44:
9f:29:a3:98:95:83:ca:d2:16:64:02:62:29:96:e7:ad:ae:99:
eb:09:c6:b4:0b:d7:d7:6d:95:6a:6c:88:9c:d8:c4:2c:12:d5:
ee:e5:4f:da:44:c6:b8:d5:6f:53:93:9a:36:d7:7f:50:7a:c0:
61:57:22:87:fe:5d:62:b5:9f:c1:ca:0f:53:b4:0a:b6:fc:fb:
0c:72:86:c3:18:02:71:a8:dc:0e:2d:5c:08:81:8d:be:22:4f:
97:84:ca:55:09:1e:cf:af:0e:27:d3:02:3c:32:ca:98:de:89:
f2:39:e6:25:4e:5b:4f:2e:38:21:50:c4:69:a7:a2:d6:6d:7f:
5d:a6:cb:54:4c:09:6f:a6:54:93:79:a1:ee:0c:30:03:4c:16:
86:f2:1d:c6
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZgRuPIa4FO2qJ6uBLblud5aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNzE2MDUzMzA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMmRhYWIzZmY4ZWM2MTZkMGVhOGM4ZGIzOTMwYWMxNDdiNjQyYTk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwhxJe12/qy6nYtk/8qKcudbybq7G
PirbuazW1+q2xH1T9LVey+z+0wkvyPKz1WaZpmkH7gnx2eqC7RGRntrEp6DUX1PR
u+VfOO99Z28Osxx2U72trJUX5gADRyz1WyKY5wl1OY6/R5bOCpGSz7U4CAiBJhsx
YYIp8/nZrm3xRw9Y6VdNNBgP8mU3OIBvj0+OdpHJNyUN49CgWQyY2ecFHgHvBXC9
6XUzIpLK22g3uiuSKjcpu4JUMQVC4ZY8ZtIDKyfE4cdFwTBMk4tQoxhpT2dfmqvf
zdGsKbEvH+kIlF8oIKUm/iigA3UUOoJPOHN50fXaUKHB2X8WrCby1CtBnwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLLaqz/47GFtDqjI2zkwrBR7ZCqXMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvc3RxclBfanNZVzBPcU1qYk9UQ3NGSHRrS3BjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAl/TxAwQB
l/XyMA0GCSqGSIb3DQEBCwUAA4IBAQBX+04JiN856NQYjmGijlJ2Qcczrhkmfr0q
J3ojDX74XnySDA5NXRRUzmkhkzwfdek4BFT/jqwZ5oVFk7PO3HKEI0pwacelgxrV
osJj9bwnxl75nup6NwH8tDiel3fDinY+lKb88dL+XNCN4ESfKaOYlYPK0hZkAmIp
luetrpnrCca0C9fXbZVqbIic2MQsEtXu5U/aRMa41W9Tk5o2139QesBhVyKH/l1i
tZ/Byg9TtAq2/PsMcobDGAJxqNwOLVwIgY2+Ik+XhMpVCR7Prw4n0wI8MsqY3ony
OeYlTltPLjghUMRpp6LWbX9dpstUTAlvplSTeaHuDDADTBaG8h3G
-----END CERTIFICATE-----
Generated at Sun Jul 20 22:36:18 2025 by rpki-client