Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/tmHCoz4nCi5sPpr9KNdMAxDWwvc.roa
File: tmHCoz4nCi5sPpr9KNdMAxDWwvc.roa (raw, json)
Hash identifier: vMr/pWtwUFZs+p5kHBf53iVH67+LskDFGJPM6b2QeIk=
Subject key identifier: B6:61:C2:A3:3E:27:0A:2E:6C:3E:9A:FD:28:D7:4C:03:10:D6:C2:F7
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019811D0BEB1C452B1EC394EAAE9B93EEE53
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/tmHCoz4nCi5sPpr9KNdMAxDWwvc.roa
Signing time: Wed 16 Jul 2025 05:59:09 +0000
ROA not before: Wed 16 Jul 2025 05:59:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214025
IP address blocks: 151.242.40.0/24 maxlen: 24
151.242.64.0/24 maxlen: 24
151.243.115.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Jul 2025 07:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:11:d0:be:b1:c4:52:b1:ec:39:4e:aa:e9:b9:3e:ee:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Jul 16 05:59:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b661c2a33e270a2e6c3e9afd28d74c0310d6c2f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:d3:5e:de:6b:7d:80:30:9a:cd:0f:8b:bc:b0:
93:9b:d7:e2:f4:58:b2:54:fc:79:c2:00:30:c1:a6:
4a:df:29:e8:07:af:6c:ab:cf:45:e4:83:9a:d9:d0:
25:d5:db:22:2d:d6:e5:a6:ca:ec:a0:41:5b:7c:21:
c3:b6:1a:1e:06:ec:59:71:5e:e7:ce:7b:9a:2d:25:
59:3f:c3:56:08:4b:0c:98:17:d3:09:eb:ce:18:c6:
ae:00:7d:2e:7b:0c:a3:f4:60:e6:4e:9f:ba:a1:1c:
b7:0e:df:e1:54:66:fa:6f:53:16:9c:bc:92:3a:f9:
58:c0:86:88:63:49:d0:5a:e0:fe:33:84:f7:6d:dd:
4b:4b:27:22:0f:80:ca:b3:00:07:fd:32:b0:8f:08:
6f:cf:98:72:d8:f2:a6:f2:66:e3:56:32:98:d4:35:
86:55:82:f9:e5:90:39:f5:84:e7:de:ee:56:d3:5f:
76:75:db:94:01:13:83:09:31:61:db:25:7e:26:ff:
08:5f:4b:d0:eb:e9:84:bd:91:8e:62:d2:f2:c2:5e:
7c:7b:c5:53:3f:de:98:bc:b3:28:92:6d:e3:4c:c7:
9d:d8:e5:85:ef:03:bb:a9:7b:a8:6f:d9:c2:4b:b2:
b9:3f:25:c9:27:85:66:97:f5:fc:1b:f1:ca:77:d1:
1b:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:61:C2:A3:3E:27:0A:2E:6C:3E:9A:FD:28:D7:4C:03:10:D6:C2:F7
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/tmHCoz4nCi5sPpr9KNdMAxDWwvc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.242.40.0/24
151.242.64.0/24
151.243.115.0/24
Signature Algorithm: sha256WithRSAEncryption
71:6f:e3:cf:6a:7b:ef:9b:cd:97:df:22:1d:5a:74:42:1d:cb:
17:15:89:e7:b3:64:49:56:e6:9f:ac:5b:83:47:b2:f4:ef:3c:
82:ae:92:6a:cd:fc:65:37:60:9c:8a:00:58:e5:52:2b:59:cc:
b9:37:e0:8d:dc:90:55:78:b9:a6:20:05:30:04:3f:89:f6:79:
a2:f6:71:15:a2:9c:50:51:6d:02:04:11:1b:a3:0e:8d:b9:aa:
1d:60:cb:d3:35:39:b2:fe:a9:10:f6:18:11:e2:9b:f5:56:df:
18:6e:f6:ef:4d:46:00:20:57:e2:21:f6:96:82:a6:71:a6:ed:
53:4a:ad:39:de:c6:ae:be:79:d2:dd:57:d0:c3:c6:2e:68:3c:
49:b7:79:75:2a:f0:92:ce:ed:46:e8:f7:5b:b0:1f:2c:60:c1:
dd:c6:93:75:42:32:e9:05:1c:be:87:e4:39:52:1c:82:0f:dd:
bb:0d:16:60:93:ec:a9:bc:59:40:c9:13:cd:e4:58:8e:b6:d1:
03:1b:a1:40:89:82:78:88:db:aa:9f:9d:b6:56:5a:68:81:e1:
47:28:a2:78:6e:be:a4:e6:7e:f3:e9:ad:9a:7a:ca:29:28:20:
6d:51:4a:aa:5e:87:c5:8b:e5:e6:74:fc:59:3d:c5:08:37:cb:
aa:6e:4a:3b
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZgR0L6xxFKx7DlOqum5Pu5TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNzE2MDU1OTA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjYxYzJhMzNlMjcwYTJlNmMzZTlhZmQyOGQ3NGMwMzEwZDZjMmY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtdNe3mt9gDCazQ+LvLCTm9fi9Fiy
VPx5wgAwwaZK3ynoB69sq89F5IOa2dAl1dsiLdblpsrsoEFbfCHDthoeBuxZcV7n
znuaLSVZP8NWCEsMmBfTCevOGMauAH0uewyj9GDmTp+6oRy3Dt/hVGb6b1MWnLyS
OvlYwIaIY0nQWuD+M4T3bd1LSyciD4DKswAH/TKwjwhvz5hy2PKm8mbjVjKY1DWG
VYL55ZA59YTn3u5W0192dduUARODCTFh2yV+Jv8IX0vQ6+mEvZGOYtLywl58e8VT
P96YvLMokm3jTMed2OWF7wO7qXuob9nCS7K5PyXJJ4Vml/X8G/HKd9EblQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLZhwqM+JwoubD6a/SjXTAMQ1sL3MB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvdG1IQ296NG5DaTVzUHByOUtOZE1BeERXd3ZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAl/IoAwQA
l/JAAwQAl/NzMA0GCSqGSIb3DQEBCwUAA4IBAQBxb+PPanvvm82X3yIdWnRCHcsX
FYnns2RJVuafrFuDR7L07zyCrpJqzfxlN2CcigBY5VIrWcy5N+CN3JBVeLmmIAUw
BD+J9nmi9nEVopxQUW0CBBEbow6NuaodYMvTNTmy/qkQ9hgR4pv1Vt8YbvbvTUYA
IFfiIfaWgqZxpu1TSq053sauvnnS3VfQw8YuaDxJt3l1KvCSzu1G6PdbsB8sYMHd
xpN1QjLpBRy+h+Q5UhyCD927DRZgk+ypvFlAyRPN5FiOttEDG6FAiYJ4iNuqn522
VlpogeFHKKJ4br6k5n7z6a2aesopKCBtUUqqXofFi+XmdPxZPcUIN8uqbko7
-----END CERTIFICATE-----
Generated at Mon Jul 21 12:47:06 2025 by rpki-client