Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/IHcTiGPojB_w8ebC1pcJqtDFEF4.roa
File: IHcTiGPojB_w8ebC1pcJqtDFEF4.roa (raw, json)
Hash identifier: KINFN5pGtkSWn3MF7P2+DNjWYEhNICWsJTz/LtNMH/I=
Subject key identifier: 20:77:13:88:63:E8:8C:1F:F0:F1:E6:C2:D6:97:09:AA:D0:C5:10:5E
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019905F3A5A5AA41319466FE6F02E64D640B
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/IHcTiGPojB_w8ebC1pcJqtDFEF4.roa
Signing time: Mon 01 Sep 2025 15:44:37 +0000
ROA not before: Mon 01 Sep 2025 15:44:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215672
IP address blocks: 151.242.10.0/24 maxlen: 24
151.243.22.0/24 maxlen: 24
151.243.25.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 04 Sep 2025 13:03:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:05:f3:a5:a5:aa:41:31:94:66:fe:6f:02:e6:4d:64:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Sep 1 15:44:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2077138863e88c1ff0f1e6c2d69709aad0c5105e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:43:b1:f8:d6:6c:50:94:5c:07:f6:8f:35:ac:
11:05:87:fb:85:27:77:3d:25:70:ce:8e:7e:c8:d9:
8a:3e:ae:87:c1:2c:0a:a7:93:3a:17:93:af:42:54:
75:5b:fd:ff:34:82:a6:25:c6:90:76:0f:33:2f:f5:
be:fc:9f:14:54:ef:49:d4:3e:03:17:ca:c4:cc:96:
20:d3:74:48:95:95:e8:aa:29:3d:71:55:f3:e9:3a:
44:f1:6d:17:2d:3c:04:af:75:60:32:88:d3:30:44:
62:73:2b:08:67:3f:33:ee:0c:42:9e:ad:75:6c:a9:
c6:d8:19:4f:ab:21:df:e2:a3:d9:12:34:ac:4a:f9:
4f:c1:a1:87:da:06:eb:0d:6a:9b:c2:d7:d4:5e:b5:
53:3a:31:8f:90:88:8a:08:ba:82:52:b1:50:49:0d:
9c:e7:a6:40:9a:d5:bb:09:5d:da:d2:ef:82:4d:31:
4e:5f:cb:d8:dd:0c:66:a3:e3:35:e7:4c:02:3d:21:
03:06:b7:48:d4:cc:74:98:fd:e0:dd:08:25:c5:97:
94:58:97:d6:9b:5d:33:41:23:aa:bb:53:35:3d:3d:
19:40:a0:69:0d:02:fa:f2:18:06:d8:b3:7e:1a:be:
2c:cf:71:22:6f:b3:3c:e7:70:97:7c:ee:02:9f:cd:
32:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:77:13:88:63:E8:8C:1F:F0:F1:E6:C2:D6:97:09:AA:D0:C5:10:5E
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/IHcTiGPojB_w8ebC1pcJqtDFEF4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.242.10.0/24
151.243.22.0/24
151.243.25.0/24
Signature Algorithm: sha256WithRSAEncryption
97:9b:a5:01:05:80:d6:25:c9:7f:90:c0:53:07:7b:11:85:64:
bb:fe:8a:da:57:df:67:2d:4c:7b:93:38:11:b3:85:1c:1f:48:
c2:2f:8b:6c:7a:fb:67:a6:96:31:15:c3:07:fb:c7:d5:9a:74:
fb:68:4c:b8:36:3f:02:65:33:c5:c9:d1:f5:64:1e:5b:95:c4:
a4:2b:60:41:98:b5:d4:17:bb:c2:a8:78:66:54:84:ef:25:6d:
99:d0:c9:8d:dc:17:b4:3c:ae:71:19:72:b4:b2:00:c0:2a:12:
50:f2:eb:90:e7:a7:03:f1:5b:2b:15:06:0d:f0:d7:b3:5b:be:
ba:fb:5d:e3:17:6c:e2:7e:d2:8e:a8:01:8b:d2:c0:76:f2:88:
8a:f6:80:68:6c:92:9f:7e:b8:4c:b1:2e:bd:13:76:e8:7a:3b:
86:12:4a:31:bd:8a:b4:bf:b6:75:0c:4b:a8:03:e8:40:07:7b:
15:41:47:16:c8:04:74:8c:45:5b:42:f6:f7:b6:95:6f:a0:f7:
8f:ed:f8:87:9a:a9:38:37:dd:1e:db:5a:23:25:3c:b4:67:16:
d7:e9:62:11:2c:94:00:25:55:e5:a3:d9:50:db:75:a4:63:e8:
7b:ae:c2:0a:68:56:40:b5:cf:9e:00:74:09:3d:22:17:48:ac:
4a:a2:25:73
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZkF86WlqkExlGb+bwLmTWQLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwOTAxMTU0NDM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDc3MTM4ODYzZTg4YzFmZjBmMWU2YzJkNjk3MDlhYWQwYzUxMDVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq0Ox+NZsUJRcB/aPNawRBYf7hSd3
PSVwzo5+yNmKPq6HwSwKp5M6F5OvQlR1W/3/NIKmJcaQdg8zL/W+/J8UVO9J1D4D
F8rEzJYg03RIlZXoqik9cVXz6TpE8W0XLTwEr3VgMojTMERicysIZz8z7gxCnq11
bKnG2BlPqyHf4qPZEjSsSvlPwaGH2gbrDWqbwtfUXrVTOjGPkIiKCLqCUrFQSQ2c
56ZAmtW7CV3a0u+CTTFOX8vY3Qxmo+M150wCPSEDBrdI1Mx0mP3g3QglxZeUWJfW
m10zQSOqu1M1PT0ZQKBpDQL68hgG2LN+Gr4sz3Eib7M853CXfO4Cn80yfwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCB3E4hj6Iwf8PHmwtaXCarQxRBeMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvSUhjVGlHUG9qQl93OGViQzFwY0pxdERGRUY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAl/IKAwQA
l/MWAwQAl/MZMA0GCSqGSIb3DQEBCwUAA4IBAQCXm6UBBYDWJcl/kMBTB3sRhWS7
/oraV99nLUx7kzgRs4UcH0jCL4tsevtnppYxFcMH+8fVmnT7aEy4Nj8CZTPFydH1
ZB5blcSkK2BBmLXUF7vCqHhmVITvJW2Z0MmN3Be0PK5xGXK0sgDAKhJQ8uuQ56cD
8VsrFQYN8NezW766+13jF2ziftKOqAGL0sB28oiK9oBobJKffrhMsS69E3boejuG
EkoxvYq0v7Z1DEuoA+hAB3sVQUcWyAR0jEVbQvb3tpVvoPeP7fiHmqk4N90e21oj
JTy0ZxbX6WIRLJQAJVXlo9lQ23WkY+h7rsIKaFZAtc+eAHQJPSIXSKxKoiVz
-----END CERTIFICATE-----
Generated at Wed Sep 3 18:40:26 2025 by rpki-client