Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/JKVOm9iRyi7pevqCelYqktbanB4.roa
File: JKVOm9iRyi7pevqCelYqktbanB4.roa (raw, json)
Hash identifier: bNS23Sr1JjNWkzKyu23Qnw5ezo7I0UzWCBqkiqYaQ3U=
Subject key identifier: 24:A5:4E:9B:D8:91:CA:2E:E9:7A:FA:82:7A:56:2A:92:D6:DA:9C:1E
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0198EA1732FF36667AE3A1BCBEC62AEA5D66
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/JKVOm9iRyi7pevqCelYqktbanB4.roa
Signing time: Wed 27 Aug 2025 05:54:05 +0000
ROA not before: Wed 27 Aug 2025 05:54:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 19318
IP address blocks: 151.242.41.0/24 maxlen: 24
151.242.58.0/24 maxlen: 24
151.242.122.0/24 maxlen: 24
151.242.200.0/24 maxlen: 24
151.242.201.0/24 maxlen: 24
151.243.52.0/23 maxlen: 24
151.243.164.0/22 maxlen: 24
151.243.254.0/24 maxlen: 24
151.244.136.0/22 maxlen: 22
151.244.160.0/22 maxlen: 22
151.244.170.0/24 maxlen: 24
151.244.172.0/22 maxlen: 22
151.244.176.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 04 Sep 2025 13:03:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:ea:17:32:ff:36:66:7a:e3:a1:bc:be:c6:2a:ea:5d:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Aug 27 05:54:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=24a54e9bd891ca2ee97afa827a562a92d6da9c1e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:2e:0e:ba:de:83:0f:01:de:a5:63:6d:3b:87:
a7:78:d9:b2:ae:bb:72:0f:96:d8:3c:03:a6:61:94:
00:68:95:9f:bb:72:98:c4:56:fc:17:5f:be:b9:37:
9e:44:81:d6:b3:d4:54:8b:78:ef:eb:d2:1e:9e:35:
86:db:06:2c:b5:86:75:c4:83:56:1e:f1:4f:c4:72:
f4:f5:58:2a:49:95:d7:71:d3:00:34:36:c5:a4:4c:
42:06:8a:c8:cc:32:38:a2:38:45:91:7b:68:77:d6:
23:28:ec:48:97:a6:c5:d4:81:cc:ac:e8:ba:53:9d:
c1:fc:91:cf:84:60:85:5c:0b:b4:5d:6a:4b:9d:c5:
c7:ed:1a:83:f2:25:c6:f3:72:27:19:7d:39:c2:3c:
67:17:93:91:68:ad:c9:ee:c6:a3:89:92:c2:07:f1:
a6:12:69:4c:07:06:6d:4a:99:71:28:2b:47:3a:ed:
b5:ff:4a:a4:bf:7f:43:da:c5:e2:2d:bf:21:65:cf:
64:b0:1e:7c:f5:d0:18:a0:2f:64:6c:ed:ae:ff:2e:
e2:56:01:6c:d6:47:c2:85:ee:0d:29:9b:2a:42:d6:
28:d1:65:1e:7e:b6:e0:e1:6b:51:14:d6:4a:fb:d5:
29:67:d2:01:c7:13:4a:14:fc:39:81:93:40:82:c6:
a6:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:A5:4E:9B:D8:91:CA:2E:E9:7A:FA:82:7A:56:2A:92:D6:DA:9C:1E
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/JKVOm9iRyi7pevqCelYqktbanB4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.242.41.0/24
151.242.58.0/24
151.242.122.0/24
151.242.200.0/23
151.243.52.0/23
151.243.164.0/22
151.243.254.0/24
151.244.136.0/22
151.244.160.0/22
151.244.170.0/24
151.244.172.0-151.244.179.255
Signature Algorithm: sha256WithRSAEncryption
33:2b:b6:a0:6a:37:90:3b:b8:06:39:e3:a3:3d:a2:54:b4:b8:
ff:1c:e5:bb:0a:a9:a8:6e:d6:93:3e:bd:9f:8d:41:a1:6b:6b:
d2:8f:07:b0:22:23:af:fe:11:31:ac:ac:a9:5c:e6:8a:a6:ae:
42:d8:d6:56:16:93:52:8a:a6:25:34:41:ec:a8:5a:8c:7e:b2:
d0:eb:85:21:50:3e:ed:72:9f:ed:d4:bd:67:98:1b:dc:e0:da:
1b:6c:2a:03:c4:63:0e:dd:a1:66:ac:6f:cd:9b:85:b2:50:ed:
54:62:06:cd:9a:d6:21:4d:ef:0d:7d:3b:a2:d1:dd:26:40:c9:
2c:9d:2b:fa:f9:28:73:32:97:4f:61:fd:5a:cc:c1:45:7b:70:
fd:08:1f:c6:a6:77:75:26:dc:34:ec:aa:9c:f5:d6:4c:23:3e:
22:ab:79:09:23:08:44:56:59:d4:a7:4d:16:88:42:b6:d1:42:
10:37:63:f7:72:04:f7:75:b4:7e:f1:76:80:96:5e:bc:d0:d7:
1d:94:22:49:ff:6a:bd:8c:ef:6d:62:88:c3:6c:15:65:f3:33:
36:40:52:9a:b1:eb:f2:e4:ca:5c:05:e0:b7:6b:57:3a:e4:8f:
06:72:0f:59:07:c0:8c:ef:98:d3:a4:42:8e:27:cc:be:58:cc:
f2:f0:99:de
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgISAZjqFzL/NmZ646G8vsYq6l1mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwODI3MDU1NDA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNGE1NGU5YmQ4OTFjYTJlZTk3YWZhODI3YTU2MmE5MmQ2ZGE5YzFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsi4Out6DDwHepWNtO4eneNmyrrty
D5bYPAOmYZQAaJWfu3KYxFb8F1++uTeeRIHWs9RUi3jv69IenjWG2wYstYZ1xINW
HvFPxHL09VgqSZXXcdMANDbFpExCBorIzDI4ojhFkXtod9YjKOxIl6bF1IHMrOi6
U53B/JHPhGCFXAu0XWpLncXH7RqD8iXG83InGX05wjxnF5ORaK3J7sajiZLCB/Gm
EmlMBwZtSplxKCtHOu21/0qkv39D2sXiLb8hZc9ksB589dAYoC9kbO2u/y7iVgFs
1kfChe4NKZsqQtYo0WUefrbg4WtRFNZK+9UpZ9IBxxNKFPw5gZNAgsamywIDAQAB
o4ICTTCCAkkwHQYDVR0OBBYEFCSlTpvYkcou6Xr6gnpWKpLW2pweMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvSktWT205aVJ5aTdwZXZxQ2VsWXFrdGJhbkI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGMGCCsGAQUFBwEHAQH/BFQwUjBQBAIAATBKAwQAl/IpAwQA
l/I6AwQAl/J6AwQBl/LIAwQBl/M0AwQCl/OkAwQAl/P+AwQCl/SIAwQCl/SgAwQA
l/SqMAwDBAKX9KwDBAKX9LAwDQYJKoZIhvcNAQELBQADggEBADMrtqBqN5A7uAY5
46M9olS0uP8c5bsKqahu1pM+vZ+NQaFra9KPB7AiI6/+ETGsrKlc5oqmrkLY1lYW
k1KKpiU0QeyoWox+stDrhSFQPu1yn+3UvWeYG9zg2htsKgPEYw7doWasb82bhbJQ
7VRiBs2a1iFN7w19O6LR3SZAySydK/r5KHMyl09h/VrMwUV7cP0IH8amd3Um3DTs
qpz11kwjPiKreQkjCERWWdSnTRaIQrbRQhA3Y/dyBPd1tH7xdoCWXrzQ1x2UIkn/
ar2M721iiMNsFWXzMzZAUpqx6/LkylwF4LdrVzrkjwZyD1kHwIzvmNOkQo4nzL5Y
zPLwmd4=
-----END CERTIFICATE-----
Generated at Wed Sep 3 18:42:24 2025 by rpki-client