Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/tTuWH0FiGh_0kgI8Cn_dwzFBpe8.roa
File: tTuWH0FiGh_0kgI8Cn_dwzFBpe8.roa (raw, json)
Hash identifier: tLt5X7MyMwF2sMmws/tRvOPen69tHak8hh5EpbKKWCQ=
Subject key identifier: B5:3B:96:1F:41:62:1A:1F:F4:92:02:3C:0A:7F:DD:C3:31:41:A5:EF
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019811B8F138185B557A09FC488992052C53
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/tTuWH0FiGh_0kgI8Cn_dwzFBpe8.roa
Signing time: Wed 16 Jul 2025 05:33:09 +0000
ROA not before: Wed 16 Jul 2025 05:33:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214208
IP address blocks: 151.242.23.0/24 maxlen: 24
151.242.84.0/24 maxlen: 24
151.242.171.0/24 maxlen: 24
151.243.124.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Jul 2025 07:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:11:b8:f1:38:18:5b:55:7a:09:fc:48:89:92:05:2c:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Jul 16 05:33:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b53b961f41621a1ff492023c0a7fddc33141a5ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:d5:33:dd:1a:a5:cc:82:30:cc:db:1e:a1:a6:
87:91:26:3e:1a:a7:e9:b0:43:0d:7b:2c:8a:b4:3a:
83:95:55:b2:f1:f9:a4:a9:1d:c5:77:33:dd:c5:5d:
7a:db:64:e0:44:3a:1b:3b:35:9f:19:c6:c5:6a:d7:
c8:b6:98:a7:cf:e7:47:a0:f3:38:62:1e:fe:cf:e0:
d4:9a:50:8d:34:46:df:65:da:75:d4:79:84:29:7b:
72:ec:80:02:54:77:ff:4f:ab:91:4f:c4:1f:ba:ab:
e9:02:e6:58:27:4a:12:15:4f:e5:7d:78:43:d7:7e:
9c:14:55:30:42:88:c3:6c:d8:7d:da:d1:a2:2a:d8:
8d:b8:6d:3d:67:7f:91:7d:6b:19:c2:9d:c4:f5:b5:
86:cd:d0:6a:c4:18:58:c6:25:ad:a5:b0:4d:91:62:
81:3d:60:06:e4:6e:22:0d:2d:ce:36:e3:c3:bb:a9:
42:cf:33:8d:d4:c0:c8:3f:d2:23:34:58:0b:9b:8c:
0c:59:c6:db:ce:64:20:5c:24:80:df:b0:c1:a9:44:
73:f3:94:ce:4d:71:ce:5c:93:9c:7f:3a:ff:06:ce:
b3:c1:09:a4:44:b2:b1:f1:c0:21:a9:e1:19:fa:d3:
81:08:e8:69:75:1f:bd:c4:89:b7:4e:74:a4:b5:3a:
04:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:3B:96:1F:41:62:1A:1F:F4:92:02:3C:0A:7F:DD:C3:31:41:A5:EF
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/tTuWH0FiGh_0kgI8Cn_dwzFBpe8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.242.23.0/24
151.242.84.0/24
151.242.171.0/24
151.243.124.0/24
Signature Algorithm: sha256WithRSAEncryption
b2:38:00:be:65:18:fe:90:ba:af:65:f5:43:5e:95:4e:c4:82:
b8:a7:a9:7d:bf:a8:56:d6:6d:14:4b:a0:ee:8f:3b:36:07:b7:
48:23:47:a2:e4:84:f9:b6:4d:e1:69:5e:98:3d:3e:69:25:d8:
8e:f0:69:77:8e:14:e0:cc:72:39:7d:05:3c:d4:d2:93:77:ea:
49:86:f7:5e:a4:02:74:2e:47:0e:a2:80:6a:8c:63:81:3e:17:
bf:a0:0a:f8:e1:34:48:f4:b1:2c:03:b1:c9:bb:c5:69:01:88:
12:3f:e9:86:74:2a:d2:2a:6a:4d:b5:f4:26:85:8c:f9:01:88:
51:2a:d2:2a:e0:07:63:8b:2a:15:fc:16:54:0a:10:1b:6a:53:
e5:92:36:9d:20:89:de:8d:76:67:f0:e6:af:c2:a3:49:03:1c:
ba:4a:e8:04:2b:d3:86:97:f1:38:56:25:b1:17:7c:70:d1:7a:
c6:0b:e6:62:46:c3:82:d8:61:86:49:b8:9b:2b:b7:81:32:59:
89:09:ca:10:06:ee:d5:28:8f:30:ff:db:29:c9:dc:83:2b:60:
e4:f7:6e:f2:9f:a9:5d:a4:a4:b6:92:eb:85:3a:57:92:63:fb:
3e:a8:e8:6d:67:c3:a7:55:6b:85:c1:be:41:2e:73:4a:98:cb:
92:c8:93:03
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZgRuPE4GFtVegn8SImSBSxTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNzE2MDUzMzA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTNiOTYxZjQxNjIxYTFmZjQ5MjAyM2MwYTdmZGRjMzMxNDFhNWVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu9Uz3RqlzIIwzNseoaaHkSY+Gqfp
sEMNeyyKtDqDlVWy8fmkqR3FdzPdxV1622TgRDobOzWfGcbFatfItpinz+dHoPM4
Yh7+z+DUmlCNNEbfZdp11HmEKXty7IACVHf/T6uRT8QfuqvpAuZYJ0oSFU/lfXhD
136cFFUwQojDbNh92tGiKtiNuG09Z3+RfWsZwp3E9bWGzdBqxBhYxiWtpbBNkWKB
PWAG5G4iDS3ONuPDu6lCzzON1MDIP9IjNFgLm4wMWcbbzmQgXCSA37DBqURz85TO
TXHOXJOcfzr/Bs6zwQmkRLKx8cAhqeEZ+tOBCOhpdR+9xIm3TnSktToENwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFLU7lh9BYhof9JICPAp/3cMxQaXvMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvdFR1V0gwRmlHaF8wa2dJOENuX2R3ekZCcGU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAl/IXAwQA
l/JUAwQAl/KrAwQAl/N8MA0GCSqGSIb3DQEBCwUAA4IBAQCyOAC+ZRj+kLqvZfVD
XpVOxIK4p6l9v6hW1m0US6Dujzs2B7dII0ei5IT5tk3haV6YPT5pJdiO8Gl3jhTg
zHI5fQU81NKTd+pJhvdepAJ0LkcOooBqjGOBPhe/oAr44TRI9LEsA7HJu8VpAYgS
P+mGdCrSKmpNtfQmhYz5AYhRKtIq4AdjiyoV/BZUChAbalPlkjadIInejXZn8Oav
wqNJAxy6SugEK9OGl/E4ViWxF3xw0XrGC+ZiRsOC2GGGSbibK7eBMlmJCcoQBu7V
KI8w/9spydyDK2Dk927yn6ldpKS2kuuFOleSY/s+qOhtZ8OnVWuFwb5BLnNKmMuS
yJMD
-----END CERTIFICATE-----
Generated at Mon Jul 21 12:40:50 2025 by rpki-client