Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/NnV-rQ6fDqV_b_a_Cu45XbbeDsg.roa
File: NnV-rQ6fDqV_b_a_Cu45XbbeDsg.roa (raw, json)
Hash identifier: HNunZmFuAPe7rVFBBznfOXO1qwSPU0icbQGKd/Z2/PA=
Subject key identifier: 36:75:7E:AD:0E:9F:0E:A5:7F:6F:F6:BF:0A:EE:39:5D:B6:DE:0E:C8
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0198E6883F76B4227169752D7C332CF20680
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/NnV-rQ6fDqV_b_a_Cu45XbbeDsg.roa
Signing time: Tue 26 Aug 2025 13:19:05 +0000
ROA not before: Tue 26 Aug 2025 13:19:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59642
IP address blocks: 151.243.152.0/22 maxlen: 24
151.244.92.0/24 maxlen: 24
151.244.120.0/22 maxlen: 24
151.244.120.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 04 Sep 2025 13:03:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:e6:88:3f:76:b4:22:71:69:75:2d:7c:33:2c:f2:06:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Aug 26 13:19:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=36757ead0e9f0ea57f6ff6bf0aee395db6de0ec8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:70:45:43:1a:c4:15:72:5a:5e:b1:7a:d8:71:
ff:ee:67:47:48:0f:a5:f5:d7:2d:4f:03:b2:00:80:
8e:82:5b:d6:b9:72:dc:6a:1b:04:4d:b9:39:d1:dd:
28:db:a4:86:75:82:42:e5:31:f4:47:a2:3a:e4:8d:
ad:8d:9d:6d:6f:de:20:14:27:62:fe:49:d9:fc:8a:
85:4d:b7:ee:db:37:5f:d6:68:c4:d8:31:d9:03:20:
f8:e6:38:d5:8c:ce:f5:7b:75:68:6a:be:78:26:33:
c4:fb:bf:db:3b:33:1c:c5:38:c4:b8:43:ca:1f:b7:
d5:44:6e:26:4c:86:ab:b3:a4:29:c8:4c:bc:e9:f8:
3d:10:d4:95:93:3c:8f:7d:88:95:3f:c3:cb:fd:cd:
8a:3e:1f:5b:92:f5:8b:7d:3a:22:1c:44:a6:35:98:
52:fa:c3:19:62:ad:fe:9d:1b:40:5e:c0:f7:cc:5c:
7a:44:a9:37:e8:d9:38:c6:30:48:0f:da:a1:c7:fc:
f7:25:04:24:03:28:9f:68:08:b3:f2:f2:dd:02:11:
56:db:d7:13:de:65:69:3a:e4:b9:44:43:8b:86:ef:
7f:c1:38:94:61:9e:a1:a8:8e:9e:32:ac:79:9a:92:
95:75:c0:c2:6a:04:9f:e7:84:93:1a:a3:9b:bb:db:
ca:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:75:7E:AD:0E:9F:0E:A5:7F:6F:F6:BF:0A:EE:39:5D:B6:DE:0E:C8
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/NnV-rQ6fDqV_b_a_Cu45XbbeDsg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.243.152.0/22
151.244.92.0/24
151.244.120.0/22
Signature Algorithm: sha256WithRSAEncryption
58:07:8b:ab:69:a3:75:ae:f0:ae:69:35:79:a4:33:60:e8:3a:
c9:55:49:30:b5:10:05:07:11:bb:29:64:c4:1c:fe:f7:63:e4:
5a:e5:c0:fd:a4:36:fa:66:7d:20:aa:c3:fc:24:89:66:fc:7f:
6f:a4:38:8a:d7:b0:b3:b9:b2:cd:44:3c:42:de:e9:30:51:c9:
83:34:af:01:ca:97:9c:22:1d:3c:80:1c:43:4a:06:b0:42:11:
ce:95:9f:af:56:ef:b9:5c:e8:04:1b:5e:0f:af:5d:2f:e0:cd:
c7:46:78:b5:8d:a8:76:d0:82:18:21:4c:57:44:4f:fb:c1:c2:
d1:7c:b7:83:31:07:b3:c7:00:06:fb:bb:97:4a:cf:b7:8b:0b:
fc:4d:47:06:bd:66:34:73:b2:79:08:a4:b8:02:84:79:e8:9e:
3e:46:a3:a2:bb:c1:01:ba:19:86:f7:a3:f0:ae:0b:50:a6:dc:
8c:c5:7d:ca:00:b3:29:22:48:99:63:50:d0:ac:a1:26:14:68:
97:1e:fe:b7:e1:19:41:02:a1:64:ad:4f:b1:f1:9d:42:12:8c:
9c:1d:29:4a:ca:7d:43:8c:6b:c2:a6:9b:09:39:c4:a4:39:52:
3c:5f:8b:01:84:7e:09:ed:8c:fe:2b:f1:a2:83:40:f3:a2:62:
9f:a9:20:eb
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZjmiD92tCJxaXUtfDMs8gaAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwODI2MTMxOTA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjc1N2VhZDBlOWYwZWE1N2Y2ZmY2YmYwYWVlMzk1ZGI2ZGUwZWM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv3BFQxrEFXJaXrF62HH/7mdHSA+l
9dctTwOyAICOglvWuXLcahsETbk50d0o26SGdYJC5TH0R6I65I2tjZ1tb94gFCdi
/knZ/IqFTbfu2zdf1mjE2DHZAyD45jjVjM71e3Voar54JjPE+7/bOzMcxTjEuEPK
H7fVRG4mTIars6QpyEy86fg9ENSVkzyPfYiVP8PL/c2KPh9bkvWLfToiHESmNZhS
+sMZYq3+nRtAXsD3zFx6RKk36Nk4xjBID9qhx/z3JQQkAyifaAiz8vLdAhFW29cT
3mVpOuS5REOLhu9/wTiUYZ6hqI6eMqx5mpKVdcDCagSf54STGqObu9vK9wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDZ1fq0Onw6lf2/2vwruOV223g7IMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvTm5WLXJRNmZEcVZfYl9hX0N1NDVYYmJlRHNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCl/OYAwQA
l/RcAwQCl/R4MA0GCSqGSIb3DQEBCwUAA4IBAQBYB4uraaN1rvCuaTV5pDNg6DrJ
VUkwtRAFBxG7KWTEHP73Y+Ra5cD9pDb6Zn0gqsP8JIlm/H9vpDiK17CzubLNRDxC
3ukwUcmDNK8BypecIh08gBxDSgawQhHOlZ+vVu+5XOgEG14Pr10v4M3HRni1jah2
0IIYIUxXRE/7wcLRfLeDMQezxwAG+7uXSs+3iwv8TUcGvWY0c7J5CKS4AoR56J4+
RqOiu8EBuhmG96PwrgtQptyMxX3KALMpIkiZY1DQrKEmFGiXHv634RlBAqFkrU+x
8Z1CEoycHSlKyn1DjGvCppsJOcSkOVI8X4sBhH4J7Yz+K/Gig0DzomKfqSDr
-----END CERTIFICATE-----
Generated at Wed Sep 3 18:40:27 2025 by rpki-client