Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/239397-3477-4379-ac46-5c2763648f1c/1/NTeWwEDeDNQ8ivCGH_nj2iuXw7Y.roa
File: NTeWwEDeDNQ8ivCGH_nj2iuXw7Y.roa (raw, json)
Hash identifier: XwWQK6Ul5GFpqyS9S7VFbZnH3vrognGqpWS5B/g4vtM=
Subject key identifier: 35:37:96:C0:40:DE:0C:D4:3C:8A:F0:86:1F:F9:E3:DA:2B:97:C3:B6
Certificate issuer: /CN=a4f6d657c0fa21828d313507354dec1481580ed6
Certificate serial: 01992F22A04AA8E4B978466C7B1F4050D64C
Authority key identifier: A4:F6:D6:57:C0:FA:21:82:8D:31:35:07:35:4D:EC:14:81:58:0E:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pPbWV8D6IYKNMTUHNU3sFIFYDtY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/239397-3477-4379-ac46-5c2763648f1c/1/NTeWwEDeDNQ8ivCGH_nj2iuXw7Y.roa
Signing time: Tue 09 Sep 2025 15:40:22 +0000
ROA not before: Tue 09 Sep 2025 15:40:22 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 1267
IP address blocks: 151.3.0.0/16 maxlen: 16
151.4.0.0/16 maxlen: 16
151.5.0.0/16 maxlen: 16
151.6.0.0/16 maxlen: 16
151.7.0.0/16 maxlen: 16
151.8.0.0/16 maxlen: 16
151.9.0.0/16 maxlen: 16
151.10.0.0/16 maxlen: 16
151.11.0.0/16 maxlen: 16
151.12.0.0/16 maxlen: 16
151.13.0.0/16 maxlen: 16
151.14.0.0/16 maxlen: 16
151.58.0.0/16 maxlen: 16
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/53/239397-3477-4379-ac46-5c2763648f1c/1/pPbWV8D6IYKNMTUHNU3sFIFYDtY.crl
rsync://rpki.ripe.net/repository/DEFAULT/53/239397-3477-4379-ac46-5c2763648f1c/1/pPbWV8D6IYKNMTUHNU3sFIFYDtY.mft
rsync://rpki.ripe.net/repository/DEFAULT/pPbWV8D6IYKNMTUHNU3sFIFYDtY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 10 Sep 2025 21:45:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:2f:22:a0:4a:a8:e4:b9:78:46:6c:7b:1f:40:50:d6:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a4f6d657c0fa21828d313507354dec1481580ed6
Validity
Not Before: Sep 9 15:40:22 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=353796c040de0cd43c8af0861ff9e3da2b97c3b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:c9:78:47:87:31:d5:2c:24:1e:55:a9:db:95:
fd:dd:18:3e:17:a5:3e:db:b8:f8:65:35:2f:50:b3:
40:6a:e1:2d:51:86:7a:c1:14:4d:c3:35:4c:81:17:
9b:7e:7f:8a:be:e6:11:db:27:a7:66:0d:22:a1:5e:
b1:af:7b:73:04:f4:1b:48:66:07:a5:19:ff:88:00:
f0:cc:87:80:12:f4:3f:5f:4b:03:a5:c8:82:a4:80:
12:34:e2:17:4d:62:4d:17:de:a8:f6:7c:c1:f0:e7:
dc:b3:99:17:6f:77:85:bf:a2:d8:f2:d1:c3:9b:de:
21:b2:6c:77:48:9f:dd:06:86:17:c5:7a:bb:aa:fa:
9b:90:8d:3f:ba:0a:d1:61:2a:cb:56:8e:94:3f:ce:
d2:f5:cd:b6:6b:64:52:14:21:84:f4:ed:b5:91:cb:
ad:43:33:6f:cb:e6:13:b5:46:ab:6c:a2:8f:77:70:
8b:9f:a2:e6:f1:d7:43:fe:e8:ca:41:10:a3:40:43:
6f:e2:a5:70:72:ac:b2:f3:1f:ab:7a:e6:5f:32:95:
6e:94:91:b9:7a:10:c0:f5:84:9e:5c:91:d1:57:3f:
a5:cd:19:f0:0e:70:7f:c1:ad:ae:14:4e:09:55:24:
cf:26:29:7d:6c:a4:e2:70:74:b2:ac:fa:4f:97:bc:
ef:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:37:96:C0:40:DE:0C:D4:3C:8A:F0:86:1F:F9:E3:DA:2B:97:C3:B6
X509v3 Authority Key Identifier:
keyid:A4:F6:D6:57:C0:FA:21:82:8D:31:35:07:35:4D:EC:14:81:58:0E:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pPbWV8D6IYKNMTUHNU3sFIFYDtY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/239397-3477-4379-ac46-5c2763648f1c/1/NTeWwEDeDNQ8ivCGH_nj2iuXw7Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/239397-3477-4379-ac46-5c2763648f1c/1/pPbWV8D6IYKNMTUHNU3sFIFYDtY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.3.0.0-151.14.255.255
151.58.0.0/16
Signature Algorithm: sha256WithRSAEncryption
ca:d4:f4:db:39:85:9a:e9:ca:9d:40:77:d0:fa:f2:20:a0:ae:
a5:9f:57:0b:0d:26:05:ae:5f:5e:0e:2a:00:fb:e4:94:45:16:
f1:96:d6:0b:e0:a0:c8:f0:c2:7a:ac:75:97:ec:40:d2:0c:28:
16:70:65:bd:ea:07:3e:72:2a:40:1b:74:d5:10:77:b1:9f:99:
6e:a0:9a:5d:5c:79:b4:8b:5e:64:64:b3:8b:a5:39:64:fa:52:
37:45:bd:42:40:1c:5b:bd:6f:59:73:19:c7:c8:75:d1:b5:09:
18:f4:44:a0:74:15:72:80:d3:dc:9d:2b:bf:a5:b4:ce:37:06:
6c:63:08:7d:96:b3:eb:b7:d7:84:92:cf:f3:5b:af:3c:a7:a9:
d0:74:5a:c2:65:37:0b:0f:1d:7d:12:9f:be:98:6a:c7:76:61:
7a:30:4d:05:f4:24:49:6d:68:df:0f:bd:ea:f4:5f:5f:f7:bb:
04:9c:96:b5:6d:0b:8a:7f:09:07:5e:79:43:ab:26:e8:db:cc:
dc:5a:c4:1b:91:1a:78:6a:69:52:43:a0:04:61:37:d6:3a:ba:
4a:92:48:9e:1e:7b:02:74:7d:6b:c8:2a:26:97:9e:a4:d9:be:
cf:5d:2a:d3:3d:9b:08:50:bf:94:8d:5c:ea:57:04:7a:5f:70:
25:23:00:33
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgISAZkvIqBKqOS5eEZsex9AUNZMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0ZjZkNjU3YzBmYTIxODI4ZDMxMzUwNzM1NGRlYzE0ODE1
ODBlZDYwHhcNMjUwOTA5MTU0MDIyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTM3OTZjMDQwZGUwY2Q0M2M4YWYwODYxZmY5ZTNkYTJiOTdjM2I2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1cl4R4cx1SwkHlWp25X93Rg+F6U+
27j4ZTUvULNAauEtUYZ6wRRNwzVMgRebfn+KvuYR2yenZg0ioV6xr3tzBPQbSGYH
pRn/iADwzIeAEvQ/X0sDpciCpIASNOIXTWJNF96o9nzB8Ofcs5kXb3eFv6LY8tHD
m94hsmx3SJ/dBoYXxXq7qvqbkI0/ugrRYSrLVo6UP87S9c22a2RSFCGE9O21kcut
QzNvy+YTtUarbKKPd3CLn6Lm8ddD/ujKQRCjQENv4qVwcqyy8x+reuZfMpVulJG5
ehDA9YSeXJHRVz+lzRnwDnB/wa2uFE4JVSTPJil9bKTicHSyrPpPl7zvpQIDAQAB
o4ICFDCCAhAwHQYDVR0OBBYEFDU3lsBA3gzUPIrwhh/549orl8O2MB8GA1UdIwQY
MBaAFKT21lfA+iGCjTE1BzVN7BSBWA7WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFBiV1Y4RDZJWUtOTVRVSE5VM3NGSUZZRHRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My8yMzkzOTctMzQ3Ny00Mzc5LWFjNDYt
NWMyNzYzNjQ4ZjFjLzEvTlRlV3dFRGVETlE4aXZDR0hfbmoyaXVYdzdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My8yMzkzOTctMzQ3Ny00Mzc5LWFjNDYtNWMyNzYzNjQ4ZjFj
LzEvcFBiV1Y4RDZJWUtOTVRVSE5VM3NGSUZZRHRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCoGCCsGAQUFBwEHAQH/BBswGTAXBAIAATARMAoDAwCXAwMD
AJcOAwMAlzowDQYJKoZIhvcNAQELBQADggEBAMrU9Ns5hZrpyp1Ad9D68iCgrqWf
VwsNJgWuX14OKgD75JRFFvGW1gvgoMjwwnqsdZfsQNIMKBZwZb3qBz5yKkAbdNUQ
d7GfmW6gml1cebSLXmRks4ulOWT6UjdFvUJAHFu9b1lzGcfIddG1CRj0RKB0FXKA
09ydK7+ltM43BmxjCH2Ws+u314SSz/NbrzynqdB0WsJlNwsPHX0Sn76Yasd2YXow
TQX0JEltaN8Pver0X1/3uwSclrVtC4p/CQdeeUOrJujbzNxaxBuRGnhqaVJDoARh
N9Y6ukqSSJ4eewJ0fWvIKiaXnqTZvs9dKtM9mwhQv5SNXOpXBHpfcCUjADM=
-----END CERTIFICATE-----
Generated at Wed Sep 10 03:18:32 2025 by rpki-client