Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/FX1Uh1eGXjRmZ-vC-ZrxQ4bydnw.roa
File: FX1Uh1eGXjRmZ-vC-ZrxQ4bydnw.roa (raw, json)
Hash identifier: Nx7E7CjvFLARJ8uXJtyWXdojS6fZ4piXeXUZ6Mo3TlU=
Subject key identifier: 15:7D:54:87:57:86:5E:34:66:67:EB:C2:F9:9A:F1:43:86:F2:76:7C
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019957A1F83D0B642CB8DE72F215DFDAD67D
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/FX1Uh1eGXjRmZ-vC-ZrxQ4bydnw.roa
Signing time: Wed 17 Sep 2025 12:24:16 +0000
ROA not before: Wed 17 Sep 2025 12:24:16 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21859
IP address blocks: 37.202.203.0/24 maxlen: 24
37.202.209.0/24 maxlen: 24
37.202.222.0/24 maxlen: 24
151.241.103.0/24 maxlen: 24
151.241.104.0/24 maxlen: 24
151.242.82.0/24 maxlen: 24
151.242.87.0/24 maxlen: 24
151.242.126.0/24 maxlen: 24
151.242.148.0/24 maxlen: 24
151.242.174.0/23 maxlen: 23
151.242.192.0/23 maxlen: 23
151.242.205.0/24 maxlen: 24
151.243.26.0/24 maxlen: 24
151.243.101.0/24 maxlen: 24
151.243.253.0/24 maxlen: 24
151.244.126.0/24 maxlen: 24
151.244.188.0/24 maxlen: 24
151.245.4.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 19 Sep 2025 20:00:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:57:a1:f8:3d:0b:64:2c:b8:de:72:f2:15:df:da:d6:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Sep 17 12:24:16 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=157d548757865e346667ebc2f99af14386f2767c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:d9:9d:2f:04:ae:1f:a1:9f:4a:25:5e:c5:09:
cd:ae:b1:1b:69:90:32:db:5a:2f:08:95:fe:85:db:
b8:e6:a1:db:63:01:16:b8:d3:d3:70:5e:d8:5e:a4:
e2:ba:64:54:3c:e1:41:ce:b5:a7:d8:34:39:76:ac:
d1:d6:e2:43:c5:9e:df:14:95:8d:36:f2:c8:5c:80:
cf:f7:8d:1e:fd:d8:26:aa:25:9b:44:2a:76:34:7c:
cd:f3:1d:7a:25:c6:fb:d7:8d:50:54:02:66:63:66:
2c:87:5c:45:5a:84:fc:85:a8:fb:f2:02:a5:0f:cc:
15:bc:74:e1:d4:44:c2:21:5c:7b:df:ae:44:58:2b:
72:05:de:b6:31:06:ea:48:c4:f6:8e:0f:fb:c2:75:
28:e6:9c:dd:b7:47:73:73:8d:c7:e8:c3:6e:8f:a8:
1e:b2:43:cc:90:73:4e:54:b0:05:b6:3a:f2:2d:13:
c2:6d:f0:3a:57:80:80:49:07:25:fc:91:ca:5e:9e:
55:cb:a5:32:61:34:f1:9f:ca:57:d5:75:82:4d:80:
44:d1:55:13:f5:f0:fc:97:5d:f8:48:97:1a:c4:27:
d6:40:50:6b:8f:33:ca:15:45:d6:d5:65:2c:2e:cc:
b9:d6:0a:81:e1:5a:9c:f8:c4:30:b3:7c:1e:a3:3b:
84:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:7D:54:87:57:86:5E:34:66:67:EB:C2:F9:9A:F1:43:86:F2:76:7C
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/FX1Uh1eGXjRmZ-vC-ZrxQ4bydnw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.202.203.0/24
37.202.209.0/24
37.202.222.0/24
151.241.103.0-151.241.104.255
151.242.82.0/24
151.242.87.0/24
151.242.126.0/24
151.242.148.0/24
151.242.174.0/23
151.242.192.0/23
151.242.205.0/24
151.243.26.0/24
151.243.101.0/24
151.243.253.0/24
151.244.126.0/24
151.244.188.0/24
151.245.4.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:b8:7d:fb:c3:e9:2c:cf:e5:da:c6:2a:d8:4b:64:e9:69:b8:
2e:57:e9:0a:97:2c:99:e2:57:86:f7:94:07:7c:62:8f:b5:c3:
3c:d4:ff:38:a1:f5:e3:e8:6b:70:58:08:12:8e:c1:9a:30:f0:
27:9a:a7:7e:b8:aa:ca:bd:d2:f3:39:2f:e5:aa:44:15:be:a8:
eb:11:6d:61:c2:88:6d:0e:69:5e:ff:d8:0c:b9:f2:53:20:4e:
c6:14:ef:b1:a8:1c:6c:8d:f2:b9:6a:19:2f:55:3e:8a:c7:93:
52:68:2a:cd:9f:0d:4a:29:53:64:bf:37:60:c5:2d:04:02:9b:
7e:c6:cd:ef:68:dd:8b:39:79:e5:5e:3c:b7:7b:32:a2:0b:cd:
d4:d4:8a:0b:5b:f3:b7:e8:31:26:41:3c:7a:b0:a3:ed:b3:92:
fb:3a:42:65:11:c2:44:66:32:7b:20:33:c4:61:67:f8:76:1f:
76:6b:ef:ec:bb:28:1a:3d:2f:84:e3:47:35:47:46:4b:01:5d:
d7:66:75:39:4e:42:15:09:41:d4:08:b6:10:d1:1e:76:9e:d1:
24:ed:b6:4d:b2:c2:56:11:b4:cf:75:35:a5:86:07:63:60:db:
b6:0b:1a:5b:75:59:95:0d:db:5e:54:27:b7:d5:bd:5d:d2:d9:
38:37:2d:58
-----BEGIN CERTIFICATE-----
MIIFZjCCBE6gAwIBAgISAZlXofg9C2QsuN5y8hXf2tZ9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwOTE3MTIyNDE2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNTdkNTQ4NzU3ODY1ZTM0NjY2N2ViYzJmOTlhZjE0Mzg2ZjI3NjdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvdmdLwSuH6GfSiVexQnNrrEbaZAy
21ovCJX+hdu45qHbYwEWuNPTcF7YXqTiumRUPOFBzrWn2DQ5dqzR1uJDxZ7fFJWN
NvLIXIDP940e/dgmqiWbRCp2NHzN8x16Jcb7141QVAJmY2Ysh1xFWoT8haj78gKl
D8wVvHTh1ETCIVx7365EWCtyBd62MQbqSMT2jg/7wnUo5pzdt0dzc43H6MNuj6ge
skPMkHNOVLAFtjryLRPCbfA6V4CASQcl/JHKXp5Vy6UyYTTxn8pX1XWCTYBE0VUT
9fD8l134SJcaxCfWQFBrjzPKFUXW1WUsLsy51gqB4Vqc+MQws3weozuEnQIDAQAB
o4ICcjCCAm4wHQYDVR0OBBYEFBV9VIdXhl40Zmfrwvma8UOG8nZ8MB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvRlgxVWgxZUdYalJtWi12Qy1acnhRNGJ5ZG53LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGHBggrBgEFBQcBBwEB/wR4MHYwdAQCAAEwbgMEACXKywME
ACXK0QMEACXK3jAMAwQAl/FnAwQAl/FoAwQAl/JSAwQAl/JXAwQAl/J+AwQAl/KU
AwQBl/KuAwQBl/LAAwQAl/LNAwQAl/MaAwQAl/NlAwQAl/P9AwQAl/R+AwQAl/S8
AwQAl/UEMA0GCSqGSIb3DQEBCwUAA4IBAQAcuH37w+ksz+XaxirYS2TpabguV+kK
lyyZ4leG95QHfGKPtcM81P84ofXj6GtwWAgSjsGaMPAnmqd+uKrKvdLzOS/lqkQV
vqjrEW1hwohtDmle/9gMufJTIE7GFO+xqBxsjfK5ahkvVT6Kx5NSaCrNnw1KKVNk
vzdgxS0EApt+xs3vaN2LOXnlXjy3ezKiC83U1IoLW/O36DEmQTx6sKPts5L7OkJl
EcJEZjJ7IDPEYWf4dh92a+/suygaPS+E40c1R0ZLAV3XZnU5TkIVCUHUCLYQ0R52
ntEk7bZNssJWEbTPdTWlhgdjYNu2CxpbdVmVDdteVCe31b1d0tk4Ny1Y
-----END CERTIFICATE-----
Generated at Fri Sep 19 02:51:39 2025 by rpki-client