Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/i5y1sxDD7zIq0MZrspNDNL_mv0g.roa
File: i5y1sxDD7zIq0MZrspNDNL_mv0g.roa (raw, json)
Hash identifier: u/vGXWLAzRviANwHdw8otpAVJJAoSTTD0b0UNET0nMI=
Subject key identifier: 8B:9C:B5:B3:10:C3:EF:32:2A:D0:C6:6B:B2:93:43:34:BF:E6:BF:48
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019908C3400B1DD292DCD232750C64EAD16C
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/i5y1sxDD7zIq0MZrspNDNL_mv0g.roa
Signing time: Tue 02 Sep 2025 04:50:37 +0000
ROA not before: Tue 02 Sep 2025 04:50:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21840
IP address blocks: 151.241.94.0/24 maxlen: 24
151.243.31.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 04 Sep 2025 13:03:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:08:c3:40:0b:1d:d2:92:dc:d2:32:75:0c:64:ea:d1:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Sep 2 04:50:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8b9cb5b310c3ef322ad0c66bb2934334bfe6bf48
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:de:56:ca:8c:9e:36:05:b5:da:ba:d4:6c:fd:
99:7e:8f:9f:85:bd:ac:bc:d6:01:e4:03:14:98:23:
9d:4d:8e:ee:a3:c2:fb:a2:26:50:bf:48:5b:91:e6:
49:cf:8f:23:c2:ad:e8:6e:8d:d4:78:ad:9e:ca:40:
d5:a0:7a:e4:5b:a1:e4:25:37:fb:36:fa:80:84:d2:
b8:8c:86:ea:6e:7b:09:c8:9f:a0:0c:7a:65:63:4b:
0b:cd:bf:3b:01:24:26:c4:f0:52:9c:14:8c:c9:56:
d5:ad:ad:50:9d:cc:52:4b:1b:77:ac:53:5b:9f:95:
b9:83:06:7a:5e:19:b6:ed:31:80:e0:4f:bd:d7:39:
94:f8:d5:17:0c:6d:84:d7:27:fc:7a:13:c1:3f:64:
e6:56:a8:f1:d6:2b:ca:3e:d3:9c:5d:8b:9f:56:bd:
c0:ae:7d:6c:8a:11:50:cb:cc:de:74:db:6f:42:41:
60:66:b5:3a:5e:e0:49:8c:0a:8d:1b:18:83:08:4a:
7c:55:65:55:08:b1:27:3b:a1:a8:c7:5a:00:ac:6a:
71:e5:36:b1:87:8f:6e:a1:a2:3a:63:d9:40:f3:dd:
b3:09:ad:33:e0:fa:38:16:db:af:5a:22:49:57:f0:
8c:e6:e0:d1:39:0e:5f:08:4a:9a:50:2e:01:35:f7:
dd:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:9C:B5:B3:10:C3:EF:32:2A:D0:C6:6B:B2:93:43:34:BF:E6:BF:48
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/i5y1sxDD7zIq0MZrspNDNL_mv0g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.241.94.0/24
151.243.31.0/24
Signature Algorithm: sha256WithRSAEncryption
78:ad:b4:ad:2a:6b:3c:04:97:ab:d2:3a:fb:cd:7a:5f:cb:e9:
dc:99:c4:8a:87:41:a2:e9:64:9b:1d:97:41:11:16:46:e0:67:
d8:1b:97:a9:37:ae:04:0a:ca:d9:71:65:10:2c:d1:ff:c5:e4:
c3:f1:74:86:10:39:06:22:34:5d:fb:e8:36:fc:0c:d5:6f:bf:
bc:aa:69:46:97:49:5d:71:1e:f6:57:fb:44:c2:6f:27:e8:55:
0d:21:0c:1c:2b:38:b7:f1:a1:e9:ee:db:48:85:6c:2f:53:28:
59:8a:d9:fa:5a:6c:9d:43:a8:47:c7:6a:61:8e:b5:85:1b:4a:
93:03:2b:41:ab:4a:f2:a4:26:4d:84:3e:9e:f4:9e:f4:6a:a3:
34:dc:cf:8f:03:86:dd:fc:25:52:cc:34:9d:0e:0d:e6:24:56:
3d:c2:91:be:54:43:f1:38:15:00:52:9d:54:cf:a1:fd:1f:55:
72:2b:96:38:40:d1:d2:09:ce:ac:18:14:e0:81:0a:d5:b7:08:
b7:2d:2f:0d:26:ab:26:46:b2:3c:03:3d:52:1e:17:29:cc:07:
e8:10:0d:51:46:ce:7a:d2:c4:05:a0:02:d6:43:88:4f:ff:f5:
6b:2d:4d:fd:84:94:cb:33:fe:e7:d9:94:ca:fe:b4:b5:6c:5f:
1d:5c:75:0d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZkIw0ALHdKS3NIydQxk6tFsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwOTAyMDQ1MDM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjljYjViMzEwYzNlZjMyMmFkMGM2NmJiMjkzNDMzNGJmZTZiZjQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyd5WyoyeNgW12rrUbP2Zfo+fhb2s
vNYB5AMUmCOdTY7uo8L7oiZQv0hbkeZJz48jwq3obo3UeK2eykDVoHrkW6HkJTf7
NvqAhNK4jIbqbnsJyJ+gDHplY0sLzb87ASQmxPBSnBSMyVbVra1QncxSSxt3rFNb
n5W5gwZ6Xhm27TGA4E+91zmU+NUXDG2E1yf8ehPBP2TmVqjx1ivKPtOcXYufVr3A
rn1sihFQy8zedNtvQkFgZrU6XuBJjAqNGxiDCEp8VWVVCLEnO6Gox1oArGpx5Tax
h49uoaI6Y9lA892zCa0z4Po4FtuvWiJJV/CM5uDROQ5fCEqaUC4BNffdswIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIuctbMQw+8yKtDGa7KTQzS/5r9IMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvaTV5MXN4REQ3eklxME1acnNwTkROTF9tdjBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAl/FeAwQA
l/MfMA0GCSqGSIb3DQEBCwUAA4IBAQB4rbStKms8BJer0jr7zXpfy+ncmcSKh0Gi
6WSbHZdBERZG4GfYG5epN64ECsrZcWUQLNH/xeTD8XSGEDkGIjRd++g2/AzVb7+8
qmlGl0ldcR72V/tEwm8n6FUNIQwcKzi38aHp7ttIhWwvUyhZitn6WmydQ6hHx2ph
jrWFG0qTAytBq0rypCZNhD6e9J70aqM03M+PA4bd/CVSzDSdDg3mJFY9wpG+VEPx
OBUAUp1Uz6H9H1VyK5Y4QNHSCc6sGBTggQrVtwi3LS8NJqsmRrI8Az1SHhcpzAfo
EA1RRs560sQFoALWQ4hP//VrLU39hJTLM/7n2ZTK/rS1bF8dXHUN
-----END CERTIFICATE-----
Generated at Wed Sep 3 18:36:06 2025 by rpki-client