Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/0xJe01qFLlmSPzsiwaF-D1doydo.roa
File: 0xJe01qFLlmSPzsiwaF-D1doydo.roa (raw, json)
Hash identifier: nhROwfoDzfJsAKADfyDAc6wyl/U7i4YTPhUaMPwDssw=
Subject key identifier: D3:12:5E:D3:5A:85:2E:59:92:3F:3B:22:C1:A1:7E:0F:57:68:C9:DA
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 01992CDD516A80CCDEE6EEB1EDC92DE839C3
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/0xJe01qFLlmSPzsiwaF-D1doydo.roa
Signing time: Tue 09 Sep 2025 05:05:25 +0000
ROA not before: Tue 09 Sep 2025 05:05:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2856
IP address blocks: 151.240.180.0/22 maxlen: 24
151.240.184.0/22 maxlen: 24
151.240.188.0/22 maxlen: 24
151.240.192.0/22 maxlen: 24
151.240.196.0/22 maxlen: 24
151.240.200.0/22 maxlen: 24
151.241.9.0/24 maxlen: 24
151.241.52.0/22 maxlen: 24
151.241.56.0/22 maxlen: 24
151.241.60.0/22 maxlen: 24
151.241.138.0/24 maxlen: 24
151.241.140.0/22 maxlen: 24
151.241.180.0/22 maxlen: 24
151.241.184.0/22 maxlen: 24
151.241.188.0/22 maxlen: 24
151.241.192.0/22 maxlen: 24
151.241.196.0/22 maxlen: 24
151.241.200.0/22 maxlen: 24
151.244.80.0/22 maxlen: 24
151.244.204.0/22 maxlen: 24
151.244.208.0/22 maxlen: 24
151.245.80.0/22 maxlen: 24
151.245.204.0/22 maxlen: 24
151.245.208.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 19 Sep 2025 19:02:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:2c:dd:51:6a:80:cc:de:e6:ee:b1:ed:c9:2d:e8:39:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Sep 9 05:05:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d3125ed35a852e59923f3b22c1a17e0f5768c9da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:ac:72:92:e9:ba:ac:6a:91:e4:0a:2d:44:73:
50:9a:f9:15:a1:5e:85:13:f6:13:b4:c4:e9:ef:a6:
c1:ad:49:3a:7c:a6:cd:5e:04:2a:f5:60:27:7d:02:
a0:58:80:f8:6d:c8:f3:ab:2c:d6:0d:63:6b:7d:18:
9a:0e:47:d6:47:d6:ef:75:0a:53:ad:bf:c9:78:30:
2c:a9:29:47:8e:77:51:43:d3:2e:48:23:16:21:e8:
b8:64:8a:1d:4d:54:1d:86:3c:90:1a:68:f2:00:87:
e8:7b:b0:05:a2:2a:56:0a:d6:91:f0:16:15:0d:96:
23:97:0a:7b:82:8a:63:a7:72:de:34:9e:4a:4a:55:
39:e9:e7:44:71:b2:0e:e6:5f:01:26:e5:2f:f2:b9:
5e:12:da:fa:7d:9a:e9:b1:8b:95:6e:7b:cc:23:2a:
c6:47:7c:0e:b1:a6:08:21:1e:3d:c1:c1:bd:f4:97:
72:05:f0:8b:69:89:73:6d:12:c3:eb:b7:40:71:8f:
4f:5f:1e:4f:a7:30:a7:42:aa:1d:8d:5a:e4:96:2c:
c1:f0:61:35:09:ab:4c:bc:61:2a:7e:8a:82:bd:c1:
44:12:2c:35:b2:51:73:19:ba:52:ec:65:5a:42:1b:
56:4d:8f:4a:5c:94:e9:1e:96:9e:06:62:fd:db:e2:
4c:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:12:5E:D3:5A:85:2E:59:92:3F:3B:22:C1:A1:7E:0F:57:68:C9:DA
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/0xJe01qFLlmSPzsiwaF-D1doydo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.240.180.0-151.240.203.255
151.241.9.0/24
151.241.52.0-151.241.63.255
151.241.138.0/24
151.241.140.0/22
151.241.180.0-151.241.203.255
151.244.80.0/22
151.244.204.0-151.244.211.255
151.245.80.0/22
151.245.204.0-151.245.211.255
Signature Algorithm: sha256WithRSAEncryption
86:89:9f:76:0a:01:41:e5:1f:86:29:ff:d2:56:64:5a:c7:d7:
ea:b0:dd:98:30:3d:3a:a6:86:ee:18:6e:39:c1:42:f4:34:dc:
a8:93:33:cf:ef:0a:a9:3d:5f:f8:dd:34:ea:e3:5d:c7:7f:17:
c0:c0:98:f6:27:9f:b5:23:cf:74:fd:5d:35:56:50:ec:22:76:
34:3f:44:76:e7:2f:6f:51:07:57:7e:ac:9d:0a:66:95:d9:39:
3b:1e:4b:d6:b3:2b:f8:43:a0:e6:73:38:3a:ed:7d:f8:bc:50:
6a:0e:74:eb:b4:16:88:15:46:56:cb:c2:df:6d:0c:ab:05:7b:
cf:76:85:28:41:75:a9:e0:1d:fc:6f:a9:2d:1d:d8:80:c7:d6:
72:32:c4:d1:28:3a:c7:44:5c:52:4d:0f:97:59:c8:ce:2b:b1:
4e:c6:30:02:9f:bc:28:30:e6:93:06:1b:74:30:66:8d:77:6b:
bd:8d:6f:38:8e:e5:e1:c1:b9:34:86:a8:04:58:b9:e1:3d:4a:
c8:d2:e1:96:92:bd:1a:73:06:ef:54:78:77:e4:ed:77:86:80:
47:59:8a:34:fc:4f:28:3b:3f:45:92:14:90:f1:b0:2f:75:89:
cb:19:70:46:c9:ac:98:08:b0:6c:27:2e:31:30:04:6d:14:71:
7d:d9:0c:44
-----BEGIN CERTIFICATE-----
MIIFWzCCBEOgAwIBAgISAZks3VFqgMze5u6x7ckt6DnDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwOTA5MDUwNTI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzEyNWVkMzVhODUyZTU5OTIzZjNiMjJjMWExN2UwZjU3NjhjOWRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArKxykum6rGqR5AotRHNQmvkVoV6F
E/YTtMTp76bBrUk6fKbNXgQq9WAnfQKgWID4bcjzqyzWDWNrfRiaDkfWR9bvdQpT
rb/JeDAsqSlHjndRQ9MuSCMWIei4ZIodTVQdhjyQGmjyAIfoe7AFoipWCtaR8BYV
DZYjlwp7gopjp3LeNJ5KSlU56edEcbIO5l8BJuUv8rleEtr6fZrpsYuVbnvMIyrG
R3wOsaYIIR49wcG99JdyBfCLaYlzbRLD67dAcY9PXx5PpzCnQqodjVrklizB8GE1
CatMvGEqfoqCvcFEEiw1slFzGbpS7GVaQhtWTY9KXJTpHpaeBmL92+JMtQIDAQAB
o4ICZzCCAmMwHQYDVR0OBBYEFNMSXtNahS5Zkj87IsGhfg9XaMnaMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvMHhKZTAxcUZMbG1TUHpzaXdhRi1EMWRveWRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH0GCCsGAQUFBwEHAQH/BG4wbDBqBAIAATBkMAwDBAKX8LQD
BAKX8MgDBACX8QkwDAMEApfxNAMEBpfxAAMEAJfxigMEApfxjDAMAwQCl/G0AwQC
l/HIAwQCl/RQMAwDBAKX9MwDBAKX9NADBAKX9VAwDAMEApf1zAMEApf10DANBgkq
hkiG9w0BAQsFAAOCAQEAhomfdgoBQeUfhin/0lZkWsfX6rDdmDA9OqaG7hhuOcFC
9DTcqJMzz+8KqT1f+N006uNdx38XwMCY9ieftSPPdP1dNVZQ7CJ2ND9Educvb1EH
V36snQpmldk5Ox5L1rMr+EOg5nM4Ou19+LxQag5067QWiBVGVsvC320MqwV7z3aF
KEF1qeAd/G+pLR3YgMfWcjLE0Sg6x0RcUk0Pl1nIziuxTsYwAp+8KDDmkwYbdDBm
jXdrvY1vOI7l4cG5NIaoBFi54T1KyNLhlpK9GnMG71R4d+Ttd4aAR1mKNPxPKDs/
RZIUkPGwL3WJyxlwRsmsmAiwbCcuMTAEbRRxfdkMRA==
-----END CERTIFICATE-----
Generated at Thu Sep 18 23:45:58 2025 by rpki-client