Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/6EJH-gcb8BkZfcwcYW7DCYEAG-0.roa
File: 6EJH-gcb8BkZfcwcYW7DCYEAG-0.roa (raw, json)
Hash identifier: BnuaD5BrDRKQU3DB6blCGwhKT1309XtOMYqR1MIiQgg=
Subject key identifier: E8:42:47:FA:07:1B:F0:19:19:7D:CC:1C:61:6E:C3:09:81:00:1B:ED
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019908C340A3C82B4BB5CA18940EBFC24C3C
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/6EJH-gcb8BkZfcwcYW7DCYEAG-0.roa
Signing time: Tue 02 Sep 2025 04:50:37 +0000
ROA not before: Tue 02 Sep 2025 04:50:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207043
IP address blocks: 151.243.18.0/24 maxlen: 24
151.243.113.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 04 Sep 2025 13:03:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:08:c3:40:a3:c8:2b:4b:b5:ca:18:94:0e:bf:c2:4c:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Sep 2 04:50:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e84247fa071bf019197dcc1c616ec30981001bed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:96:50:f7:43:34:7b:ae:f4:9d:f4:aa:56:b2:
1b:c3:a6:e2:3a:72:45:2c:16:43:49:36:d4:3b:5a:
24:6d:00:22:8b:19:8f:ca:70:33:96:b6:e1:07:33:
d7:65:31:ad:e7:65:ea:f7:2c:3c:98:84:9a:a8:4d:
60:18:9c:d8:9d:88:dd:16:15:95:cd:0f:d3:9d:ee:
ab:5a:37:2f:84:48:b9:cd:ac:9e:48:7a:ba:4c:f5:
ce:20:84:52:00:0b:c4:0b:c8:d0:4d:d2:b8:40:9f:
38:a9:5a:82:4c:61:01:1c:2f:f3:b2:f6:eb:dd:54:
22:1c:46:6c:e2:ba:0d:f0:34:e5:18:64:fb:ed:cb:
40:e6:35:56:a4:50:2c:01:a2:30:01:ae:c8:3e:ab:
31:7e:ae:3d:49:85:f2:27:50:a5:3f:ef:fb:be:29:
d7:9b:94:0d:2d:81:9c:48:b7:62:d2:d9:09:ac:3a:
40:2c:78:47:78:ef:8b:f4:0b:fe:1c:60:88:4b:27:
24:be:0d:5a:be:9b:1b:ab:93:8b:e0:99:e6:9f:a6:
a7:e6:a6:f7:50:06:1f:2a:6a:11:07:fc:a7:1b:2f:
c0:af:a3:34:5f:72:b9:40:66:73:c9:e2:1d:48:6e:
cc:a7:34:0d:dc:6c:66:57:f2:32:f2:65:47:80:19:
b0:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:42:47:FA:07:1B:F0:19:19:7D:CC:1C:61:6E:C3:09:81:00:1B:ED
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/6EJH-gcb8BkZfcwcYW7DCYEAG-0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.243.18.0/24
151.243.113.0/24
Signature Algorithm: sha256WithRSAEncryption
20:4b:65:5b:39:b8:56:0b:72:cb:06:bf:27:c2:44:82:ee:dc:
22:b8:00:7d:a3:54:e1:f4:f6:31:01:02:7c:56:d5:bc:ba:72:
ea:c6:37:0e:e8:d5:41:ee:ec:1b:6e:7d:27:33:80:45:b2:70:
6e:2b:63:c9:b3:05:51:13:52:4e:2c:83:69:9e:49:63:14:93:
e1:d3:dd:9a:a9:b5:14:a7:a4:21:d2:3e:f7:3f:c4:22:21:b1:
33:66:f8:4a:6c:56:69:35:d2:12:a9:4b:1c:48:fc:e9:13:4f:
c1:0c:54:06:8c:fd:93:57:21:ea:4e:87:d1:a2:7b:79:e4:dd:
c3:71:a7:96:c9:dc:ef:98:a7:04:26:38:58:8e:36:22:1e:b4:
91:a9:e6:2c:d5:bd:b0:d0:ee:de:7f:88:c9:72:e5:4b:d2:60:
5d:3c:0c:74:08:96:83:3b:ce:34:77:25:22:48:94:02:a4:12:
37:3a:96:99:c9:27:f5:84:8e:47:b7:09:b8:e2:f4:bc:87:b6:
a3:a1:98:eb:42:f5:0a:3f:54:f0:05:51:42:86:3b:6d:89:59:
49:25:56:f9:13:0b:91:02:6c:6e:5b:30:43:45:a3:78:0a:b6:
cb:b1:c0:4f:05:01:20:86:f0:52:85:f7:96:20:6c:61:1e:8c:
82:c2:4c:1b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZkIw0CjyCtLtcoYlA6/wkw8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwOTAyMDQ1MDM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlODQyNDdmYTA3MWJmMDE5MTk3ZGNjMWM2MTZlYzMwOTgxMDAxYmVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4pZQ90M0e670nfSqVrIbw6biOnJF
LBZDSTbUO1okbQAiixmPynAzlrbhBzPXZTGt52Xq9yw8mISaqE1gGJzYnYjdFhWV
zQ/Tne6rWjcvhEi5zayeSHq6TPXOIIRSAAvEC8jQTdK4QJ84qVqCTGEBHC/zsvbr
3VQiHEZs4roN8DTlGGT77ctA5jVWpFAsAaIwAa7IPqsxfq49SYXyJ1ClP+/7vinX
m5QNLYGcSLdi0tkJrDpALHhHeO+L9Av+HGCISyckvg1avpsbq5OL4Jnmn6an5qb3
UAYfKmoRB/ynGy/Ar6M0X3K5QGZzyeIdSG7MpzQN3GxmV/Iy8mVHgBmwqwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOhCR/oHG/AZGX3MHGFuwwmBABvtMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvNkVKSC1nY2I4QmtaZmN3Y1lXN0RDWUVBRy0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAl/MSAwQA
l/NxMA0GCSqGSIb3DQEBCwUAA4IBAQAgS2VbObhWC3LLBr8nwkSC7twiuAB9o1Th
9PYxAQJ8VtW8unLqxjcO6NVB7uwbbn0nM4BFsnBuK2PJswVRE1JOLINpnkljFJPh
092aqbUUp6Qh0j73P8QiIbEzZvhKbFZpNdISqUscSPzpE0/BDFQGjP2TVyHqTofR
ont55N3DcaeWydzvmKcEJjhYjjYiHrSRqeYs1b2w0O7ef4jJcuVL0mBdPAx0CJaD
O840dyUiSJQCpBI3OpaZySf1hI5Htwm44vS8h7ajoZjrQvUKP1TwBVFChjttiVlJ
JVb5EwuRAmxuWzBDRaN4CrbLscBPBQEghvBShfeWIGxhHoyCwkwb
-----END CERTIFICATE-----
Generated at Wed Sep 3 18:42:33 2025 by rpki-client