
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/HWKJvUTwxG81VnwUYkuK-HThFm4.roa
File: HWKJvUTwxG81VnwUYkuK-HThFm4.roa (raw, json)
Hash identifier: Y0q0IfCEnBUz6UgBIIXNIaQ6W7JoGDxNTWeJzTPF5/k=
Subject key identifier: 1D:62:89:BD:44:F0:C4:6F:35:56:7C:14:62:4B:8A:F8:74:E1:16:6E
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0196DCECD76930998454FAC39A9A7B0378EA
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/HWKJvUTwxG81VnwUYkuK-HThFm4.roa
Signing time: Sat 17 May 2025 06:27:11 +0000
ROA not before: Sat 17 May 2025 06:27:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44486
IP address blocks: 151.242.156.0/24 maxlen: 24
151.243.60.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 10 Jun 2025 19:25:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:dc:ec:d7:69:30:99:84:54:fa:c3:9a:9a:7b:03:78:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: May 17 06:27:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1d6289bd44f0c46f35567c14624b8af874e1166e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fd:60:e7:c3:16:55:b3:df:a2:4f:ae:a9:f1:9a:
fd:d5:94:21:ec:21:e2:5a:16:b0:cf:9c:f7:6a:f3:
48:73:b6:20:87:c9:0f:d3:09:e5:48:bb:49:2f:cd:
86:e2:58:62:ce:f6:89:39:64:11:d6:8b:97:65:5a:
a7:a9:71:2c:5c:9c:ed:79:f6:e0:ee:40:d1:e9:3f:
89:32:8d:5a:26:c1:db:9e:55:a0:3c:86:0e:aa:9f:
cb:20:8b:aa:bd:5d:92:fa:a6:9b:8a:eb:46:f4:27:
e7:fa:2d:da:9d:cb:b4:a0:f2:0c:76:ca:cd:0e:60:
1c:44:24:03:97:d0:d4:4a:2c:21:69:bb:ce:6a:80:
af:97:57:63:16:f1:34:23:a4:3b:ad:fa:0a:bb:ff:
5e:fa:93:a6:3e:7e:86:f6:fe:f3:b7:d0:f1:91:70:
6e:37:82:30:c9:a8:c5:88:cd:41:79:7d:ce:bc:5e:
1b:18:8c:d7:39:25:58:9d:f9:e8:d4:ce:ec:ff:0d:
da:a1:53:0c:e5:5c:a7:b4:f6:11:6b:df:b6:8f:6c:
ab:44:07:fc:24:9e:ca:cd:a6:f0:79:53:a7:0f:3e:
37:53:b9:da:01:a7:8f:05:f4:3b:23:30:ff:c1:fc:
ed:7e:60:13:0b:dc:c0:03:e2:bc:3a:5b:27:71:20:
b1:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:62:89:BD:44:F0:C4:6F:35:56:7C:14:62:4B:8A:F8:74:E1:16:6E
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/HWKJvUTwxG81VnwUYkuK-HThFm4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.242.156.0/24
151.243.60.0/23
Signature Algorithm: sha256WithRSAEncryption
42:7b:52:55:97:de:a1:a6:7d:70:f4:ae:5e:3e:fa:d6:cb:e5:
fd:20:c9:f2:11:02:48:74:35:37:61:8d:eb:10:75:79:48:c5:
f3:70:52:2c:7c:4c:15:0a:28:40:40:41:0b:7c:4c:62:57:07:
b1:77:1a:eb:a0:ba:be:11:ed:74:f6:7a:97:7b:34:c1:f0:08:
4e:81:8e:59:7e:68:7d:da:18:ca:e3:a1:ab:ec:5b:28:80:a1:
95:de:d3:f1:18:93:10:bc:f5:a7:60:c0:43:fb:de:99:16:33:
fd:fa:d0:24:7d:8a:db:72:5d:3e:43:e4:75:68:70:79:85:0b:
e0:3b:f1:82:d5:d6:3e:1d:ea:fb:c9:78:0a:38:58:7c:15:9f:
52:79:5a:78:7b:41:a9:0e:5c:c2:cd:a7:d2:91:56:18:24:17:
c8:8f:cc:a9:96:88:42:a0:20:82:fc:a3:17:f6:a3:c6:eb:fc:
20:09:72:5e:4e:95:d7:4b:1c:61:bc:bd:d7:82:b6:69:cf:d5:
18:ee:f7:2b:78:93:ac:ff:05:a0:01:ec:a6:e8:64:b2:6c:7a:
79:1d:82:a7:cb:4e:ee:42:9a:7e:b8:12:71:de:ab:5c:10:da:
88:8b:86:b6:a8:ad:7c:d2:6d:c6:85:1c:f0:f4:b8:77:e7:14:
9e:7f:78:25
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZbc7NdpMJmEVPrDmpp7A3jqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNTE3MDYyNzExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDYyODliZDQ0ZjBjNDZmMzU1NjdjMTQ2MjRiOGFmODc0ZTExNjZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA/WDnwxZVs9+iT66p8Zr91ZQh7CHi
Whawz5z3avNIc7Ygh8kP0wnlSLtJL82G4lhizvaJOWQR1ouXZVqnqXEsXJztefbg
7kDR6T+JMo1aJsHbnlWgPIYOqp/LIIuqvV2S+qabiutG9Cfn+i3ancu0oPIMdsrN
DmAcRCQDl9DUSiwhabvOaoCvl1djFvE0I6Q7rfoKu/9e+pOmPn6G9v7zt9DxkXBu
N4IwyajFiM1BeX3OvF4bGIzXOSVYnfno1M7s/w3aoVMM5VyntPYRa9+2j2yrRAf8
JJ7KzabweVOnDz43U7naAaePBfQ7IzD/wfztfmATC9zAA+K8OlsncSCxyQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFB1iib1E8MRvNVZ8FGJLivh04RZuMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvSFdLSnZVVHd4RzgxVm53VVlrdUstSFRoRm00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAl/KcAwQB
l/M8MA0GCSqGSIb3DQEBCwUAA4IBAQBCe1JVl96hpn1w9K5ePvrWy+X9IMnyEQJI
dDU3YY3rEHV5SMXzcFIsfEwVCihAQEELfExiVwexdxrroLq+Ee109nqXezTB8AhO
gY5Zfmh92hjK46Gr7FsogKGV3tPxGJMQvPWnYMBD+96ZFjP9+tAkfYrbcl0+Q+R1
aHB5hQvgO/GC1dY+Her7yXgKOFh8FZ9SeVp4e0GpDlzCzafSkVYYJBfIj8yplohC
oCCC/KMX9qPG6/wgCXJeTpXXSxxhvL3XgrZpz9UY7vcreJOs/wWgAeym6GSybHp5
HYKny07uQpp+uBJx3qtcENqIi4a2qK180m3GhRzw9Lh35xSef3gl
-----END CERTIFICATE-----
Generated at Tue Jun 10 06:05:27 2025 by rpki-client