Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/FhEsjxK6WaEfxDy7mSB26oOsDFg.roa
File: FhEsjxK6WaEfxDy7mSB26oOsDFg.roa (raw, json)
Hash identifier: DB+WJVwCb2YEvHFNZyaT+aBW9twoA08xdHeuJae1u9k=
Subject key identifier: 16:11:2C:8F:12:BA:59:A1:1F:C4:3C:BB:99:20:76:EA:83:AC:0C:58
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0198BBC460353B2BAA6571A33085B4527952
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/FhEsjxK6WaEfxDy7mSB26oOsDFg.roa
Signing time: Mon 18 Aug 2025 06:01:05 +0000
ROA not before: Mon 18 Aug 2025 06:01:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14618
IP address blocks: 151.240.128.0/21 maxlen: 24
151.240.136.0/21 maxlen: 24
151.240.171.0/24 maxlen: 24
151.241.132.0/22 maxlen: 22
151.241.232.0/21 maxlen: 24
151.242.56.0/24 maxlen: 24
151.243.8.0/23 maxlen: 23
151.243.204.0/23 maxlen: 23
151.244.56.0/24 maxlen: 24
151.245.56.0/22 maxlen: 22
151.245.185.0/24 maxlen: 24
151.245.187.0/24 maxlen: 24
151.245.188.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Aug 2025 15:01:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:bb:c4:60:35:3b:2b:aa:65:71:a3:30:85:b4:52:79:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Aug 18 06:01:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=16112c8f12ba59a11fc43cbb992076ea83ac0c58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:90:bb:c9:ea:0c:be:2e:6b:08:30:a7:db:81:
c1:ff:95:df:65:9c:bf:d0:9e:22:65:da:b3:01:4f:
a1:2e:1d:71:48:cf:95:0c:de:6b:91:5a:b7:34:a3:
b2:9c:cc:05:cd:85:c6:a8:3a:69:40:a0:c4:2e:31:
51:6e:58:2b:ca:05:23:41:5f:c4:c2:72:8a:c2:e9:
d7:b7:48:36:df:59:b4:1b:b5:7c:60:7f:05:64:48:
ec:35:d3:db:28:fa:c4:30:2f:18:d2:26:89:81:ce:
96:1e:e5:0f:42:c9:dd:bc:70:0d:e3:12:d8:e1:59:
b5:e7:a4:5b:ce:4b:59:7f:b0:54:08:12:f8:0f:e7:
48:ea:22:18:65:2b:d3:86:6f:f9:87:c0:0a:1a:f7:
34:ed:49:25:b5:5a:39:f6:ac:50:70:63:0e:53:8e:
ef:d4:31:df:3f:d1:49:b7:f3:07:43:29:f3:56:9f:
ff:e2:a7:5b:70:d2:dc:86:c5:ab:cf:b8:70:58:7e:
33:36:a2:02:ad:2f:b0:8e:f1:01:67:56:b8:15:3a:
73:76:75:11:db:90:fc:de:46:9b:b8:9e:f3:92:76:
7f:20:2d:d1:43:52:12:74:28:ac:0d:6d:b4:15:f9:
41:f3:9f:de:3c:4b:92:c3:ec:68:8a:66:27:0f:df:
d9:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:11:2C:8F:12:BA:59:A1:1F:C4:3C:BB:99:20:76:EA:83:AC:0C:58
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/FhEsjxK6WaEfxDy7mSB26oOsDFg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.240.128.0/20
151.240.171.0/24
151.241.132.0/22
151.241.232.0/21
151.242.56.0/24
151.243.8.0/23
151.243.204.0/23
151.244.56.0/24
151.245.56.0/22
151.245.185.0/24
151.245.187.0-151.245.188.255
Signature Algorithm: sha256WithRSAEncryption
9e:8a:1e:76:b6:ec:8d:7a:e9:b2:dd:80:74:aa:3d:02:73:a5:
91:6f:bf:22:85:fa:5b:77:62:a3:a5:d3:fc:fb:77:1b:d3:1d:
eb:b6:f3:50:05:31:90:33:31:17:3e:ea:d6:b6:ce:c0:32:63:
e2:ce:67:95:31:2b:2b:15:89:7e:4e:45:6a:c6:dc:29:62:16:
3a:5c:e8:6a:df:2f:83:f6:e8:46:bd:8a:55:ec:2c:ed:12:02:
e0:50:68:ce:e6:24:80:c1:df:06:01:24:64:22:26:0f:2b:54:
37:8d:e7:4e:2c:9a:d6:c0:32:19:06:81:37:f3:52:3a:29:97:
8c:de:91:38:47:ce:b6:03:45:a9:8a:f6:eb:60:bb:fc:70:58:
e5:61:11:94:d3:e5:be:15:77:e1:ca:76:6d:36:85:96:50:6e:
20:cd:20:8f:68:1f:79:5d:e7:12:45:19:70:02:16:05:39:46:
d9:2e:72:15:83:85:67:ad:a0:19:71:24:c4:d7:17:64:21:30:
1e:54:ab:ee:9c:5e:a3:87:58:a7:e9:62:46:c8:d1:0b:ea:38:
7c:21:2d:6d:26:27:a7:99:76:4d:c7:67:c2:b6:a7:b1:85:86:
bf:84:4c:ba:48:a7:cb:1d:df:be:48:44:b7:62:f6:d2:c2:23:
73:55:cb:f9
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgISAZi7xGA1OyuqZXGjMIW0UnlSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwODE4MDYwMTA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNjExMmM4ZjEyYmE1OWExMWZjNDNjYmI5OTIwNzZlYTgzYWMwYzU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv5C7yeoMvi5rCDCn24HB/5XfZZy/
0J4iZdqzAU+hLh1xSM+VDN5rkVq3NKOynMwFzYXGqDppQKDELjFRblgrygUjQV/E
wnKKwunXt0g231m0G7V8YH8FZEjsNdPbKPrEMC8Y0iaJgc6WHuUPQsndvHAN4xLY
4Vm156RbzktZf7BUCBL4D+dI6iIYZSvThm/5h8AKGvc07UkltVo59qxQcGMOU47v
1DHfP9FJt/MHQynzVp//4qdbcNLchsWrz7hwWH4zNqICrS+wjvEBZ1a4FTpzdnUR
25D83kabuJ7zknZ/IC3RQ1ISdCisDW20FflB85/ePEuSw+xoimYnD9/ZpwIDAQAB
o4ICTTCCAkkwHQYDVR0OBBYEFBYRLI8SulmhH8Q8u5kgduqDrAxYMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvRmhFc2p4SzZXYUVmeER5N21TQjI2b09zREZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGMGCCsGAQUFBwEHAQH/BFQwUjBQBAIAATBKAwQEl/CAAwQA
l/CrAwQCl/GEAwQDl/HoAwQAl/I4AwQBl/MIAwQBl/PMAwQAl/Q4AwQCl/U4AwQA
l/W5MAwDBACX9bsDBACX9bwwDQYJKoZIhvcNAQELBQADggEBAJ6KHna27I166bLd
gHSqPQJzpZFvvyKF+lt3YqOl0/z7dxvTHeu281AFMZAzMRc+6ta2zsAyY+LOZ5Ux
KysViX5ORWrG3CliFjpc6GrfL4P26Ea9ilXsLO0SAuBQaM7mJIDB3wYBJGQiJg8r
VDeN504smtbAMhkGgTfzUjopl4zekThHzrYDRamK9utgu/xwWOVhEZTT5b4Vd+HK
dm02hZZQbiDNII9oH3ld5xJFGXACFgU5RtkuchWDhWetoBlxJMTXF2QhMB5Uq+6c
XqOHWKfpYkbI0QvqOHwhLW0mJ6eZdk3HZ8K2p7GFhr+ETLpIp8sd375IRLdi9tLC
I3NVy/k=
-----END CERTIFICATE-----
Generated at Thu Aug 21 19:02:59 2025 by rpki-client