Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/0M-zqf0LgSF8Pi5JRnCHG7_bKB4.roa
File: 0M-zqf0LgSF8Pi5JRnCHG7_bKB4.roa (raw, json)
Hash identifier: xP1qr3ACtgw0+TFr2VxUCpbOOdLxbqtRjgdvJcGmveY=
Subject key identifier: D0:CF:B3:A9:FD:0B:81:21:7C:3E:2E:49:46:70:87:1B:BF:DB:28:1E
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0197968C41EAB08BBFD2B6C58B16AB27C4BB
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/0M-zqf0LgSF8Pi5JRnCHG7_bKB4.roa
Signing time: Sun 22 Jun 2025 07:31:03 +0000
ROA not before: Sun 22 Jun 2025 07:31:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 395839
IP address blocks: 151.242.120.0/24 maxlen: 24
151.242.200.0/24 maxlen: 24
151.242.201.0/24 maxlen: 24
151.243.52.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 01 Jul 2025 20:00:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:96:8c:41:ea:b0:8b:bf:d2:b6:c5:8b:16:ab:27:c4:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Jun 22 07:31:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d0cfb3a9fd0b81217c3e2e494670871bbfdb281e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:c1:fd:9f:67:86:ee:7e:36:da:3f:0c:8f:52:
ce:8d:8c:58:bb:e0:e9:cd:db:f1:39:b2:ed:29:b7:
76:32:30:23:59:b7:92:a2:c8:54:e3:6b:54:2f:93:
ff:b2:a3:7a:84:25:3c:45:7e:09:d1:91:87:d5:b5:
d4:6f:c7:0b:99:e2:8e:8f:96:38:e9:59:f8:85:42:
79:f9:30:19:b1:ef:db:4d:03:a7:75:3e:4e:59:cc:
d0:3c:13:1b:35:f8:7b:c1:7e:f4:ca:86:c0:3a:e5:
84:cc:d0:82:de:e0:09:59:96:de:f3:5e:15:37:62:
01:c5:4e:cb:94:68:8b:a3:8a:23:2a:c5:de:2c:bb:
33:95:fc:25:0d:07:f9:5a:ef:6e:52:70:00:2d:81:
80:83:f3:d1:1a:4e:9d:0a:5b:8f:e3:c2:d2:21:07:
8a:d6:5d:99:a9:19:3b:6f:d4:d6:a1:19:3a:74:ca:
2c:e9:32:df:de:ae:40:56:f3:1f:6c:8e:8c:3e:b2:
65:4e:3e:a8:17:36:b9:6f:6a:9d:02:45:dc:fd:06:
d1:56:a8:3a:ae:a3:fd:e1:6a:e8:6f:43:2f:d8:d2:
db:74:d9:82:6c:c5:4f:e6:49:5c:41:c9:3d:7f:6e:
52:50:6e:c7:c6:1c:6e:fc:a6:57:52:b1:5a:6c:72:
e9:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:CF:B3:A9:FD:0B:81:21:7C:3E:2E:49:46:70:87:1B:BF:DB:28:1E
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/0M-zqf0LgSF8Pi5JRnCHG7_bKB4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.242.120.0/24
151.242.200.0/23
151.243.52.0/23
Signature Algorithm: sha256WithRSAEncryption
10:6b:7a:a6:dd:c6:7f:0f:4b:e5:18:6f:fa:ae:c2:40:f3:fe:
c2:5e:63:d0:c8:23:da:a3:2c:95:12:d3:cb:95:1d:72:fa:18:
47:4f:91:5c:a6:dc:e6:d5:ed:50:39:cb:8e:35:bf:6c:02:cc:
27:0e:38:80:8e:3b:cc:49:1c:bd:57:2e:28:2e:56:02:43:cf:
27:73:e4:88:18:01:f3:b6:d3:3f:c2:5e:d3:cf:73:18:54:eb:
d5:ab:d1:a4:21:b9:e2:50:fd:17:25:73:39:82:38:0b:d0:aa:
35:67:f6:84:bf:23:fe:6a:6a:37:57:0c:99:ae:c3:02:11:c2:
4b:a5:10:fb:ab:c3:0d:1f:a8:84:bc:ad:b2:8b:c3:28:63:c8:
88:fb:41:5d:e2:28:dc:c0:f1:1b:11:80:a9:ce:88:0f:cd:40:
f9:92:2f:c0:02:0e:7b:fa:fd:d2:c5:fb:7d:8f:e5:f3:c4:64:
fd:d1:40:de:70:95:55:87:4b:6c:37:93:76:2a:23:81:d0:68:
1f:08:57:a8:21:75:7d:6b:4a:ca:57:75:3a:6c:70:eb:d5:85:
08:69:aa:03:1b:83:e1:7d:a5:c8:03:ea:33:e8:00:21:c4:ec:
c1:c8:7f:cd:e0:34:c7:c6:09:fa:bd:ec:fd:61:73:73:bb:07:
0c:65:33:c6
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZeWjEHqsIu/0rbFixarJ8S7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNjIyMDczMTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMGNmYjNhOWZkMGI4MTIxN2MzZTJlNDk0NjcwODcxYmJmZGIyODFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAosH9n2eG7n422j8Mj1LOjYxYu+Dp
zdvxObLtKbd2MjAjWbeSoshU42tUL5P/sqN6hCU8RX4J0ZGH1bXUb8cLmeKOj5Y4
6Vn4hUJ5+TAZse/bTQOndT5OWczQPBMbNfh7wX70yobAOuWEzNCC3uAJWZbe814V
N2IBxU7LlGiLo4ojKsXeLLszlfwlDQf5Wu9uUnAALYGAg/PRGk6dCluP48LSIQeK
1l2ZqRk7b9TWoRk6dMos6TLf3q5AVvMfbI6MPrJlTj6oFza5b2qdAkXc/QbRVqg6
rqP94Wrob0Mv2NLbdNmCbMVP5klcQck9f25SUG7Hxhxu/KZXUrFabHLpUwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNDPs6n9C4EhfD4uSUZwhxu/2ygeMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvME0tenFmMExnU0Y4UGk1SlJuQ0hHN19iS0I0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAl/J4AwQB
l/LIAwQBl/M0MA0GCSqGSIb3DQEBCwUAA4IBAQAQa3qm3cZ/D0vlGG/6rsJA8/7C
XmPQyCPaoyyVEtPLlR1y+hhHT5Fcptzm1e1QOcuONb9sAswnDjiAjjvMSRy9Vy4o
LlYCQ88nc+SIGAHzttM/wl7Tz3MYVOvVq9GkIbniUP0XJXM5gjgL0Ko1Z/aEvyP+
amo3VwyZrsMCEcJLpRD7q8MNH6iEvK2yi8MoY8iI+0Fd4ijcwPEbEYCpzogPzUD5
ki/AAg57+v3Sxft9j+XzxGT90UDecJVVh0tsN5N2KiOB0GgfCFeoIXV9a0rKV3U6
bHDr1YUIaaoDG4PhfaXIA+oz6AAhxOzByH/N4DTHxgn6vez9YXNzuwcMZTPG
-----END CERTIFICATE-----
Generated at Tue Jul 1 01:21:45 2025 by rpki-client