Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/l-qLbfTmdM-aSqqJJqstApfmYt4.roa
File: l-qLbfTmdM-aSqqJJqstApfmYt4.roa (raw, json)
Hash identifier: 8uRR0mDoJ6zeix8mVR7ZspszlvwlN0D0D8+jZruG7VM=
Subject key identifier: 97:EA:8B:6D:F4:E6:74:CF:9A:4A:AA:89:26:AB:2D:02:97:E6:62:DE
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0198E0EE8A631C8872B2C992275E014BABB5
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/l-qLbfTmdM-aSqqJJqstApfmYt4.roa
Signing time: Mon 25 Aug 2025 11:13:05 +0000
ROA not before: Mon 25 Aug 2025 11:13:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5065
IP address blocks: 37.202.219.0/24 maxlen: 24
151.240.31.0/24 maxlen: 24
151.240.229.0/24 maxlen: 24
151.240.233.0/24 maxlen: 24
151.240.234.0/24 maxlen: 24
151.240.235.0/24 maxlen: 24
151.240.236.0/24 maxlen: 24
151.240.237.0/24 maxlen: 24
151.240.238.0/24 maxlen: 24
151.240.240.0/24 maxlen: 24
151.242.9.0/24 maxlen: 24
151.242.46.0/24 maxlen: 24
151.242.47.0/24 maxlen: 24
151.242.48.0/24 maxlen: 24
151.242.60.0/24 maxlen: 24
151.242.62.0/24 maxlen: 24
151.242.121.0/24 maxlen: 24
151.242.158.0/24 maxlen: 24
151.242.166.0/23 maxlen: 24
151.242.195.0/24 maxlen: 24
151.243.140.0/24 maxlen: 24
151.244.59.0/24 maxlen: 24
151.244.117.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 04 Sep 2025 13:03:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:e0:ee:8a:63:1c:88:72:b2:c9:92:27:5e:01:4b:ab:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Aug 25 11:13:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=97ea8b6df4e674cf9a4aaa8926ab2d0297e662de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:66:a7:c1:63:76:9a:6f:85:a1:ad:dc:7c:ca:
c4:66:c4:36:f6:90:9e:79:d5:39:7f:c4:5f:1f:1d:
a8:b2:fe:13:a7:35:6e:c7:96:01:32:b5:c0:0f:a3:
db:3f:32:a9:5c:7c:e3:d9:2d:61:5a:1a:dd:1c:54:
ee:8e:e2:d6:50:6f:2a:64:36:ae:2f:d6:82:de:95:
a1:cb:44:f4:90:a5:05:d4:e9:07:6a:74:45:28:b3:
47:0c:33:9b:37:a6:db:fd:ca:7d:c2:b7:9d:c1:c7:
72:a0:97:b6:2b:8a:54:08:da:1c:11:0e:36:dc:75:
b0:48:b5:95:9e:35:db:e9:7d:da:78:69:58:91:cc:
f8:4c:4f:5b:dc:88:a4:2a:58:83:19:0f:ab:4b:82:
2a:58:78:c6:32:de:f0:1b:30:be:ed:05:98:52:75:
7b:fd:99:02:07:f5:45:82:97:53:99:2e:db:42:4d:
c4:92:f5:fa:e7:48:97:3c:20:89:7f:70:29:4a:68:
f9:a1:91:7e:bb:a4:84:25:eb:4a:39:39:02:1d:3a:
4e:48:68:d6:f6:4b:80:d3:a3:b9:50:01:a2:a7:b3:
2f:ca:f4:d0:f0:81:07:0a:c7:4d:c0:13:be:00:82:
a2:30:ff:c9:3a:d9:17:3e:5b:59:61:6c:c6:57:40:
83:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:EA:8B:6D:F4:E6:74:CF:9A:4A:AA:89:26:AB:2D:02:97:E6:62:DE
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/l-qLbfTmdM-aSqqJJqstApfmYt4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.202.219.0/24
151.240.31.0/24
151.240.229.0/24
151.240.233.0-151.240.238.255
151.240.240.0/24
151.242.9.0/24
151.242.46.0-151.242.48.255
151.242.60.0/24
151.242.62.0/24
151.242.121.0/24
151.242.158.0/24
151.242.166.0/23
151.242.195.0/24
151.243.140.0/24
151.244.59.0/24
151.244.117.0/24
Signature Algorithm: sha256WithRSAEncryption
34:d5:82:c7:4f:8e:c0:10:37:60:2a:86:00:14:f1:62:b5:4e:
7d:d9:32:5e:3b:9a:ce:eb:62:62:6a:cc:b1:13:00:82:1d:40:
5a:2a:11:5e:1b:b6:ba:ba:98:85:3a:a1:03:83:33:0d:e3:40:
c6:8c:ee:71:80:9f:1a:b9:0a:3c:c3:d8:1d:8d:4f:3d:d8:8a:
0a:50:84:79:ad:51:2c:01:90:0e:5e:af:c8:1b:87:87:44:27:
e7:54:bc:7b:9d:40:fe:65:37:89:43:ef:70:39:74:11:bc:99:
e6:db:bf:17:9c:51:62:5e:59:1b:b3:cd:b4:28:d7:87:ee:2f:
36:37:b7:14:0b:2a:2b:f6:3a:23:37:ed:f0:3c:23:8f:ea:97:
e8:73:dc:8f:94:30:94:e4:fe:49:1d:90:4f:0f:c6:26:e5:6a:
40:69:06:dc:ff:c5:c2:50:56:05:75:82:35:f4:76:e5:41:de:
c3:db:63:f6:13:9f:c7:f1:84:8d:71:4b:e3:32:29:47:c2:b1:
29:6d:04:3b:48:55:15:0e:8c:56:1d:77:be:86:d7:69:d5:6a:
70:ac:21:b4:1d:13:47:9a:37:23:4f:77:13:74:2a:73:d4:58:
1e:10:5f:be:46:5b:de:31:e0:38:d1:1c:32:4b:d9:5d:01:9b:
27:d6:eb:69
-----BEGIN CERTIFICATE-----
MIIFaDCCBFCgAwIBAgISAZjg7opjHIhyssmSJ14BS6u1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwODI1MTExMzA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5N2VhOGI2ZGY0ZTY3NGNmOWE0YWFhODkyNmFiMmQwMjk3ZTY2MmRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjGanwWN2mm+Foa3cfMrEZsQ29pCe
edU5f8RfHx2osv4TpzVux5YBMrXAD6PbPzKpXHzj2S1hWhrdHFTujuLWUG8qZDau
L9aC3pWhy0T0kKUF1OkHanRFKLNHDDObN6bb/cp9wredwcdyoJe2K4pUCNocEQ42
3HWwSLWVnjXb6X3aeGlYkcz4TE9b3IikKliDGQ+rS4IqWHjGMt7wGzC+7QWYUnV7
/ZkCB/VFgpdTmS7bQk3EkvX650iXPCCJf3ApSmj5oZF+u6SEJetKOTkCHTpOSGjW
9kuA06O5UAGip7MvyvTQ8IEHCsdNwBO+AIKiMP/JOtkXPltZYWzGV0CDdQIDAQAB
o4ICdDCCAnAwHQYDVR0OBBYEFJfqi2305nTPmkqqiSarLQKX5mLeMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvbC1xTGJmVG1kTS1hU3FxSkpxc3RBcGZtWXQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGJBggrBgEFBQcBBwEB/wR6MHgwdgQCAAEwcAMEACXK2wME
AJfwHwMEAJfw5TAMAwQAl/DpAwQAl/DuAwQAl/DwAwQAl/IJMAwDBAGX8i4DBACX
8jADBACX8jwDBACX8j4DBACX8nkDBACX8p4DBAGX8qYDBACX8sMDBACX84wDBACX
9DsDBACX9HUwDQYJKoZIhvcNAQELBQADggEBADTVgsdPjsAQN2AqhgAU8WK1Tn3Z
Ml47ms7rYmJqzLETAIIdQFoqEV4btrq6mIU6oQODMw3jQMaM7nGAnxq5CjzD2B2N
Tz3YigpQhHmtUSwBkA5er8gbh4dEJ+dUvHudQP5lN4lD73A5dBG8mebbvxecUWJe
WRuzzbQo14fuLzY3txQLKiv2OiM37fA8I4/ql+hz3I+UMJTk/kkdkE8PxiblakBp
Btz/xcJQVgV1gjX0duVB3sPbY/YTn8fxhI1xS+MyKUfCsSltBDtIVRUOjFYdd76G
12nVanCsIbQdE0eaNyNPdxN0KnPUWB4QX75GW94x4DjRHDJL2V0BmyfW62k=
-----END CERTIFICATE-----
Generated at Wed Sep 3 18:40:19 2025 by rpki-client