Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/wGJM1v3oqhWX0Iiui_v9bfXawjE.roa
File: wGJM1v3oqhWX0Iiui_v9bfXawjE.roa (raw, json)
Hash identifier: hE5iO/NDM1p7cxVA3HvaDfoeneGzkrlH6CXFgiHmh68=
Subject key identifier: C0:62:4C:D6:FD:E8:AA:15:97:D0:88:AE:8B:FB:FD:6D:F5:DA:C2:31
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019807805E5C5B1B43B4715DD19FDB615819
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/wGJM1v3oqhWX0Iiui_v9bfXawjE.roa
Signing time: Mon 14 Jul 2025 05:55:09 +0000
ROA not before: Mon 14 Jul 2025 05:55:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212238
IP address blocks: 151.240.45.0/24 maxlen: 24
151.240.163.0/24 maxlen: 24
151.240.173.0/24 maxlen: 24
151.241.50.0/24 maxlen: 24
151.241.64.0/24 maxlen: 24
151.241.67.0/24 maxlen: 24
151.241.70.0/24 maxlen: 24
151.241.71.0/24 maxlen: 24
151.241.73.0/24 maxlen: 24
151.241.160.0/24 maxlen: 24
151.241.204.0/24 maxlen: 24
151.242.45.0/24 maxlen: 24
151.242.57.0/24 maxlen: 24
151.242.158.0/24 maxlen: 24
151.243.2.0/24 maxlen: 24
151.243.105.0/24 maxlen: 24
151.243.159.0/24 maxlen: 24
151.244.5.0/24 maxlen: 24
151.244.57.0/24 maxlen: 24
151.244.111.0/24 maxlen: 24
151.244.115.0/24 maxlen: 24
151.244.131.0/24 maxlen: 24
151.244.132.0/24 maxlen: 24
151.244.133.0/24 maxlen: 24
151.244.191.0/24 maxlen: 24
151.244.193.0/24 maxlen: 24
151.244.198.0/24 maxlen: 24
151.244.201.0/24 maxlen: 24
151.244.212.0/24 maxlen: 24
151.245.70.0/24 maxlen: 24
151.245.78.0/24 maxlen: 24
151.245.201.0/24 maxlen: 24
151.245.212.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 13:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:07:80:5e:5c:5b:1b:43:b4:71:5d:d1:9f:db:61:58:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Jul 14 05:55:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c0624cd6fde8aa1597d088ae8bfbfd6df5dac231
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:67:db:30:8e:76:46:38:a8:05:ec:ca:70:d4:
51:4a:e5:5f:7b:66:56:fd:ec:21:2d:b5:07:b7:19:
13:34:45:7e:cc:55:1f:09:ca:2e:73:60:79:45:a5:
b5:65:d5:8b:ac:6e:ca:25:2a:12:34:14:f0:2f:92:
b7:b0:bf:c4:11:59:0e:90:cc:21:e8:26:b4:38:c4:
73:05:55:9d:6f:45:d9:7f:2e:60:63:c7:88:67:43:
c9:a2:c7:bf:c9:e5:a6:e2:52:f6:9b:41:ea:eb:12:
41:49:12:fa:64:9a:81:b5:c2:1d:87:dd:55:da:2d:
03:d8:fb:60:7d:1d:7b:97:79:7e:0e:77:f1:35:f5:
37:67:67:ba:24:fc:47:9e:46:39:0e:25:bf:a3:22:
23:d3:31:e8:79:b9:1c:96:e2:47:85:48:c5:a9:db:
42:66:58:d5:bf:90:77:c5:59:ab:33:be:e6:0f:b8:
29:7d:7f:c0:09:00:5e:6f:ab:05:ed:ea:9d:b0:b8:
b2:6e:2f:52:a6:ce:c1:e0:2a:2b:0a:b0:1c:38:ce:
05:92:04:a3:13:c7:af:2f:7c:ae:8a:4a:ab:3e:f8:
ca:1c:12:07:24:b9:c1:69:da:28:24:73:be:78:f1:
d4:35:a9:cf:e3:3c:af:6d:b6:ca:45:2d:52:d6:ea:
35:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:62:4C:D6:FD:E8:AA:15:97:D0:88:AE:8B:FB:FD:6D:F5:DA:C2:31
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/wGJM1v3oqhWX0Iiui_v9bfXawjE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.240.45.0/24
151.240.163.0/24
151.240.173.0/24
151.241.50.0/24
151.241.64.0/24
151.241.67.0/24
151.241.70.0/23
151.241.73.0/24
151.241.160.0/24
151.241.204.0/24
151.242.45.0/24
151.242.57.0/24
151.242.158.0/24
151.243.2.0/24
151.243.105.0/24
151.243.159.0/24
151.244.5.0/24
151.244.57.0/24
151.244.111.0/24
151.244.115.0/24
151.244.131.0-151.244.133.255
151.244.191.0/24
151.244.193.0/24
151.244.198.0/24
151.244.201.0/24
151.244.212.0/24
151.245.70.0/24
151.245.78.0/24
151.245.201.0/24
151.245.212.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:df:55:42:b1:4c:67:3e:20:d2:10:9c:fb:6d:92:e8:31:a7:
af:aa:f8:ae:11:3e:04:45:d0:a9:62:83:28:a3:d1:4e:51:fa:
2b:d0:c4:e3:4a:2a:bf:64:51:ce:b4:1e:53:85:d3:08:90:34:
af:94:d7:32:d1:08:04:5a:ef:63:77:6b:df:23:be:63:15:fb:
57:93:da:f6:a0:73:03:0f:83:92:5a:8f:98:b6:bd:61:c6:86:
2f:04:28:49:cb:50:a5:ba:67:5d:df:eb:d4:e1:2b:8d:d0:91:
67:80:64:72:9e:a6:96:2d:a6:8a:4c:fb:53:ea:fc:51:cf:aa:
f3:bd:8a:b7:3e:76:06:3f:32:b8:78:3f:00:b0:c2:43:ea:b0:
40:c1:fc:db:57:26:b7:9f:9c:69:b3:93:e5:9a:56:e3:97:f5:
12:b6:26:50:0e:7d:1b:96:44:57:09:47:db:c3:50:bb:2b:b6:
dc:65:f3:08:8c:33:65:68:ba:14:90:72:41:8d:ec:f6:4d:20:
a5:30:e6:ec:3c:f9:a4:cc:8b:19:68:73:f0:b8:11:28:10:cd:
87:c1:b1:58:f8:41:36:b8:46:06:4c:6d:23:01:42:c0:75:a8:
9e:79:01:34:06:64:45:4d:26:54:fb:e8:16:df:56:e9:e2:ae:
ae:a8:74:dd
-----BEGIN CERTIFICATE-----
MIIFuDCCBKCgAwIBAgISAZgHgF5cWxtDtHFd0Z/bYVgZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNzE0MDU1NTA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDYyNGNkNmZkZThhYTE1OTdkMDg4YWU4YmZiZmQ2ZGY1ZGFjMjMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArWfbMI52RjioBezKcNRRSuVfe2ZW
/ewhLbUHtxkTNEV+zFUfCcouc2B5RaW1ZdWLrG7KJSoSNBTwL5K3sL/EEVkOkMwh
6Ca0OMRzBVWdb0XZfy5gY8eIZ0PJose/yeWm4lL2m0Hq6xJBSRL6ZJqBtcIdh91V
2i0D2PtgfR17l3l+DnfxNfU3Z2e6JPxHnkY5DiW/oyIj0zHoebkcluJHhUjFqdtC
ZljVv5B3xVmrM77mD7gpfX/ACQBeb6sF7eqdsLiybi9Sps7B4CorCrAcOM4FkgSj
E8evL3yuikqrPvjKHBIHJLnBadooJHO+ePHUNanP4zyvbbbKRS1S1uo1rwIDAQAB
o4ICxDCCAsAwHQYDVR0OBBYEFMBiTNb96KoVl9CIrov7/W312sIxMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvd0dKTTF2M29xaFdYMElpdWlfdjliZlhhd2pFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHZBggrBgEFBQcBBwEB/wSByTCBxjCBwwQCAAEwgbwDBACX
8C0DBACX8KMDBACX8K0DBACX8TIDBACX8UADBACX8UMDBAGX8UYDBACX8UkDBACX
8aADBACX8cwDBACX8i0DBACX8jkDBACX8p4DBACX8wIDBACX82kDBACX858DBACX
9AUDBACX9DkDBACX9G8DBACX9HMwDAMEAJf0gwMEAZf0hAMEAJf0vwMEAJf0wQME
AJf0xgMEAJf0yQMEAJf01AMEAJf1RgMEAJf1TgMEAJf1yQMEAJf11DANBgkqhkiG
9w0BAQsFAAOCAQEAjN9VQrFMZz4g0hCc+22S6DGnr6r4rhE+BEXQqWKDKKPRTlH6
K9DE40oqv2RRzrQeU4XTCJA0r5TXMtEIBFrvY3dr3yO+YxX7V5Pa9qBzAw+DklqP
mLa9YcaGLwQoSctQpbpnXd/r1OErjdCRZ4Bkcp6mli2mikz7U+r8Uc+q872Ktz52
Bj8yuHg/ALDCQ+qwQMH821cmt5+cabOT5ZpW45f1ErYmUA59G5ZEVwlH28NQuyu2
3GXzCIwzZWi6FJByQY3s9k0gpTDm7Dz5pMyLGWhz8LgRKBDNh8GxWPhBNrhGBkxt
IwFCwHWonnkBNAZkRU0mVPvoFt9W6eKurqh03Q==
-----END CERTIFICATE-----
Generated at Sun Jul 20 16:26:00 2025 by rpki-client