Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/AlsjUyM5YhVpli01j0D-H0k__bc.roa
File: AlsjUyM5YhVpli01j0D-H0k__bc.roa (raw, json)
Hash identifier: F3yBPnaNI2/gHRKgiOJfgxwkS+BOqQ6NWQhBPnST+Kw=
Subject key identifier: 02:5B:23:53:23:39:62:15:69:96:2D:35:8F:40:FE:1F:49:3F:FD:B7
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0198C74ECCF6CCE4FFD176D0ACEB2F7ECB40
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/AlsjUyM5YhVpli01j0D-H0k__bc.roa
Signing time: Wed 20 Aug 2025 11:48:06 +0000
ROA not before: Wed 20 Aug 2025 11:48:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57043
IP address blocks: 151.240.2.0/24 maxlen: 24
151.241.68.0/24 maxlen: 24
151.242.114.0/24 maxlen: 24
151.242.126.0/24 maxlen: 24
151.242.147.0/24 maxlen: 24
151.242.252.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 12:24:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:c7:4e:cc:f6:cc:e4:ff:d1:76:d0:ac:eb:2f:7e:cb:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Aug 20 11:48:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=025b23532339621569962d358f40fe1f493ffdb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:0f:9c:b4:4d:6b:27:04:96:4d:09:58:a9:ad:
c0:e5:fe:a0:1b:0f:2f:7d:84:4e:fa:34:c0:be:c9:
32:67:7a:d4:ff:65:62:66:51:ad:79:96:43:2d:c8:
1a:a5:bb:f9:d9:f7:a4:c1:79:a7:35:00:6d:74:71:
72:2c:81:0f:eb:4e:c8:98:15:33:3f:51:19:8b:18:
df:65:d9:3f:e0:eb:72:d4:14:22:01:b0:85:8f:a8:
1a:4c:cb:eb:d0:f8:f1:92:91:6d:2b:11:ed:fb:81:
76:c7:e7:51:f8:df:97:f3:2a:14:d2:55:e3:a4:20:
38:52:b7:b8:d0:38:0b:a0:4d:0c:12:63:6b:f0:36:
d0:23:1f:55:2d:7f:eb:e9:2e:3f:fb:5d:db:dc:a9:
ec:1d:5d:e6:15:52:03:29:f4:fa:bb:17:c4:71:e6:
5e:79:d5:16:e4:07:9a:f1:12:dc:d6:c5:46:c7:4d:
fb:cd:d8:c0:dc:9b:b3:63:68:af:22:5a:a4:29:0b:
0d:4e:ca:e7:3c:75:65:52:3f:ab:1f:b3:b3:4c:a3:
27:c0:54:5c:65:2d:f9:57:50:6b:e4:84:e4:e5:8d:
77:34:23:98:01:b5:cb:a4:03:b4:b4:88:76:76:76:
73:65:ee:10:32:90:b5:a1:24:90:d5:cd:49:98:44:
fc:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:5B:23:53:23:39:62:15:69:96:2D:35:8F:40:FE:1F:49:3F:FD:B7
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/AlsjUyM5YhVpli01j0D-H0k__bc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.240.2.0/24
151.241.68.0/24
151.242.114.0/24
151.242.126.0/24
151.242.147.0/24
151.242.252.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:30:f8:fa:9f:2a:ea:1c:96:23:b1:ff:d0:df:d0:df:3b:6b:
7c:ff:3e:02:f7:da:31:d7:e0:8e:44:4c:7f:1d:03:5e:ed:03:
3c:c5:2a:56:0a:58:3b:8d:b7:41:3b:8a:aa:be:97:27:92:f1:
aa:a7:61:df:af:cb:8c:03:56:42:d2:f2:13:48:ee:de:04:8e:
fd:7e:e8:f4:4f:38:69:19:8a:f3:e8:2f:db:40:88:a6:a4:b6:
ef:ac:7f:cd:64:9a:8a:7d:35:ff:8d:60:55:fd:0d:81:f6:f1:
8e:e5:0d:42:8f:b3:c1:91:05:cc:87:4f:60:e1:4e:4f:a3:78:
4b:5f:7d:13:e8:08:99:a8:97:7e:95:69:d9:9a:06:0e:21:67:
9a:4d:0a:d8:00:1d:f1:31:e5:e8:1b:dd:af:42:d0:de:ac:8a:
da:76:e9:3e:ec:ad:6c:82:43:83:9a:f3:44:18:ec:a1:01:a0:
f5:68:31:b0:25:a4:3f:57:ed:f3:e0:9d:2a:3b:40:63:3e:d2:
56:39:48:32:e7:68:01:46:03:75:30:64:c9:d1:25:3a:9c:cf:
71:4d:6e:f5:78:18:3b:0d:ba:f8:f9:49:4a:7b:08:5a:8a:c4:
11:90:3a:ff:a9:df:45:43:4c:13:95:41:88:35:e9:c9:7e:80:
6a:74:25:da
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZjHTsz2zOT/0XbQrOsvfstAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwODIwMTE0ODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjViMjM1MzIzMzk2MjE1Njk5NjJkMzU4ZjQwZmUxZjQ5M2ZmZGI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4g+ctE1rJwSWTQlYqa3A5f6gGw8v
fYRO+jTAvskyZ3rU/2ViZlGteZZDLcgapbv52fekwXmnNQBtdHFyLIEP607ImBUz
P1EZixjfZdk/4Oty1BQiAbCFj6gaTMvr0PjxkpFtKxHt+4F2x+dR+N+X8yoU0lXj
pCA4Ure40DgLoE0MEmNr8DbQIx9VLX/r6S4/+13b3KnsHV3mFVIDKfT6uxfEceZe
edUW5Aea8RLc1sVGx037zdjA3JuzY2ivIlqkKQsNTsrnPHVlUj+rH7OzTKMnwFRc
ZS35V1Br5ITk5Y13NCOYAbXLpAO0tIh2dnZzZe4QMpC1oSSQ1c1JmET80QIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFAJbI1MjOWIVaZYtNY9A/h9JP/23MB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvQWxzalV5TTVZaFZwbGkwMWowRC1IMGtfX2JjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAl/ACAwQA
l/FEAwQAl/JyAwQAl/J+AwQAl/KTAwQAl/L8MA0GCSqGSIb3DQEBCwUAA4IBAQAO
MPj6nyrqHJYjsf/Q39DfO2t8/z4C99ox1+COREx/HQNe7QM8xSpWClg7jbdBO4qq
vpcnkvGqp2Hfr8uMA1ZC0vITSO7eBI79fuj0TzhpGYrz6C/bQIimpLbvrH/NZJqK
fTX/jWBV/Q2B9vGO5Q1Cj7PBkQXMh09g4U5Po3hLX30T6AiZqJd+lWnZmgYOIWea
TQrYAB3xMeXoG92vQtDerIraduk+7K1sgkODmvNEGOyhAaD1aDGwJaQ/V+3z4J0q
O0BjPtJWOUgy52gBRgN1MGTJ0SU6nM9xTW71eBg7Dbr4+UlKewhaisQRkDr/qd9F
Q0wTlUGINenJfoBqdCXa
-----END CERTIFICATE-----
Generated at Wed Aug 20 20:20:17 2025 by rpki-client