Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/DOKVClDIK4TXAihayqCdcGqtRP4.roa
File: DOKVClDIK4TXAihayqCdcGqtRP4.roa (raw, json)
Hash identifier: 1mO+eD0RcIVej6W9pgO7zGF1XU8YG5e6i1D1PZlyX28=
Subject key identifier: 0C:E2:95:0A:50:C8:2B:84:D7:02:28:5A:CA:A0:9D:70:6A:AD:44:FE
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0199990F59C8AD91AD468794F9E1C686913F
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/DOKVClDIK4TXAihayqCdcGqtRP4.roa
Signing time: Tue 30 Sep 2025 05:19:04 +0000
ROA not before: Tue 30 Sep 2025 05:19:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61317
IP address blocks: 151.240.98.0/24 maxlen: 24
151.241.27.0/24 maxlen: 24
151.243.16.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 Oct 2025 22:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:99:0f:59:c8:ad:91:ad:46:87:94:f9:e1:c6:86:91:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Sep 30 05:19:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0ce2950a50c82b84d702285acaa09d706aad44fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:e7:0d:28:59:40:e4:a1:a6:bd:93:da:b1:ad:
c8:f2:56:82:c1:f8:30:f5:45:b6:d5:0a:cc:72:df:
70:7d:54:10:72:4e:3e:12:3f:d7:14:01:c2:ba:f2:
c9:fd:9a:a8:f9:a3:97:7f:59:78:ad:7a:b6:10:a8:
16:1c:82:e2:95:e6:48:d8:e5:aa:9f:04:69:6d:27:
f3:94:df:63:91:ce:16:48:fa:ff:96:70:1f:9d:47:
9e:68:eb:8c:55:f4:4f:40:93:d4:60:1d:ec:2d:e3:
d2:f1:c5:ca:0e:09:28:d0:58:da:6b:30:50:77:e9:
07:43:36:d8:26:27:3b:33:f7:5f:29:87:6c:6d:fc:
60:cf:f0:16:55:9f:f3:2f:6c:64:84:e9:6b:68:a3:
6c:7b:f0:c6:89:f6:84:07:2f:23:03:71:43:cf:4e:
f2:4f:e2:89:37:f1:6b:54:7b:b5:03:76:68:cc:f9:
64:23:4f:56:60:6a:51:32:6e:f1:76:23:d4:e6:2f:
1b:21:72:39:1d:51:8a:43:86:ad:45:10:ef:53:7f:
77:56:d0:29:d1:00:5b:c6:7c:44:7d:59:b2:29:6c:
bf:14:60:d9:62:ec:73:d4:7a:98:60:9a:9c:70:3b:
df:49:54:41:6b:9b:68:58:bc:fd:ac:29:65:27:5b:
56:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:E2:95:0A:50:C8:2B:84:D7:02:28:5A:CA:A0:9D:70:6A:AD:44:FE
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/DOKVClDIK4TXAihayqCdcGqtRP4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.240.98.0/24
151.241.27.0/24
151.243.16.0/23
Signature Algorithm: sha256WithRSAEncryption
92:29:bc:13:98:d5:62:c9:55:fd:a4:97:4b:d4:ce:b6:22:64:
27:79:dc:1e:af:90:97:54:38:0d:1a:e5:68:b0:64:28:70:d4:
55:ef:c7:33:67:45:ba:bf:39:5b:c9:4f:53:b3:0d:c1:9f:53:
28:3c:11:03:2e:3c:17:67:fa:d0:ff:1f:e1:92:27:53:5c:f2:
fb:61:ac:df:d9:6e:3b:d2:22:c6:f2:19:b9:7b:02:48:98:3f:
f5:a0:08:62:13:d6:ac:4b:d7:83:7d:4b:a1:02:76:93:43:a7:
eb:1d:0a:2b:af:ec:96:57:10:28:8e:90:af:56:fc:75:88:7b:
ff:76:e5:60:8d:00:d7:73:cc:e5:51:68:73:6c:0f:8a:7f:d6:
be:68:05:29:f8:e1:0e:79:41:dc:1e:d3:b9:e9:ad:81:b7:88:
e0:a7:49:b3:f4:f6:67:6d:66:91:47:18:89:f1:5b:29:f0:e4:
ff:23:85:e5:06:62:1c:1c:8f:0c:46:2f:f9:67:e8:c8:47:9c:
9f:8c:69:31:63:8d:aa:54:ed:db:a2:2e:df:89:c9:3c:fe:b6:
8f:dd:5f:49:5f:33:f9:c1:08:3e:4b:75:7c:71:7a:50:c7:26:
9b:ab:3e:db:b9:5f:30:3b:80:7a:b8:d3:df:d2:82:70:62:03:
b0:89:86:79
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZmZD1nIrZGtRoeU+eHGhpE/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwOTMwMDUxOTA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwY2UyOTUwYTUwYzgyYjg0ZDcwMjI4NWFjYWEwOWQ3MDZhYWQ0NGZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApucNKFlA5KGmvZPasa3I8laCwfgw
9UW21QrMct9wfVQQck4+Ej/XFAHCuvLJ/Zqo+aOXf1l4rXq2EKgWHILileZI2OWq
nwRpbSfzlN9jkc4WSPr/lnAfnUeeaOuMVfRPQJPUYB3sLePS8cXKDgko0FjaazBQ
d+kHQzbYJic7M/dfKYdsbfxgz/AWVZ/zL2xkhOlraKNse/DGifaEBy8jA3FDz07y
T+KJN/FrVHu1A3ZozPlkI09WYGpRMm7xdiPU5i8bIXI5HVGKQ4atRRDvU393VtAp
0QBbxnxEfVmyKWy/FGDZYuxz1HqYYJqccDvfSVRBa5toWLz9rCllJ1tW6wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAzilQpQyCuE1wIoWsqgnXBqrUT+MB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvRE9LVkNsRElLNFRYQWloYXlxQ2RjR3F0UlA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAl/BiAwQA
l/EbAwQBl/MQMA0GCSqGSIb3DQEBCwUAA4IBAQCSKbwTmNViyVX9pJdL1M62ImQn
edwer5CXVDgNGuVosGQocNRV78czZ0W6vzlbyU9Tsw3Bn1MoPBEDLjwXZ/rQ/x/h
kidTXPL7Yazf2W470iLG8hm5ewJImD/1oAhiE9asS9eDfUuhAnaTQ6frHQorr+yW
VxAojpCvVvx1iHv/duVgjQDXc8zlUWhzbA+Kf9a+aAUp+OEOeUHcHtO56a2Bt4jg
p0mz9PZnbWaRRxiJ8Vsp8OT/I4XlBmIcHI8MRi/5Z+jIR5yfjGkxY42qVO3boi7f
ick8/raP3V9JXzP5wQg+S3V8cXpQxyabqz7buV8wO4B6uNPf0oJwYgOwiYZ5
-----END CERTIFICATE-----
Generated at Thu Oct 9 03:45:45 2025 by rpki-client