Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/o8pLoOtmezLOBia7g7cmtkVPTWg.roa
File: o8pLoOtmezLOBia7g7cmtkVPTWg.roa (raw, json)
Hash identifier: tkM1XIoz8LIpDMz6ZYrmq+uayJtDXbRpjj/VHhilTKo=
Subject key identifier: A3:CA:4B:A0:EB:66:7B:32:CE:06:26:BB:83:B7:26:B6:45:4F:4D:68
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0198BBC289EDAD7F79636AFC0F5615951290
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/o8pLoOtmezLOBia7g7cmtkVPTWg.roa
Signing time: Mon 18 Aug 2025 05:59:05 +0000
ROA not before: Mon 18 Aug 2025 05:59:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 151.240.128.0/21 maxlen: 24
151.240.136.0/21 maxlen: 24
151.240.171.0/24 maxlen: 24
151.241.132.0/22 maxlen: 22
151.241.232.0/21 maxlen: 24
151.242.56.0/24 maxlen: 24
151.242.119.0/24 maxlen: 24
151.243.8.0/23 maxlen: 23
151.243.146.0/24 maxlen: 24
151.243.204.0/23 maxlen: 23
151.244.56.0/24 maxlen: 24
151.245.56.0/22 maxlen: 22
151.245.185.0/24 maxlen: 24
151.245.187.0/24 maxlen: 24
151.245.188.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 21 Aug 2025 01:03:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:bb:c2:89:ed:ad:7f:79:63:6a:fc:0f:56:15:95:12:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Aug 18 05:59:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a3ca4ba0eb667b32ce0626bb83b726b6454f4d68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:2c:bd:1e:14:06:3e:c1:f3:0a:61:33:11:9e:
a7:dd:1a:5c:bb:da:bc:c3:47:86:c7:e6:ef:01:34:
1f:7a:ed:01:9f:47:55:cd:84:7d:97:ac:ad:0c:af:
5e:26:77:ad:d8:3c:73:1a:be:4a:24:d4:95:d2:82:
26:bb:65:7a:69:94:15:af:fb:c0:85:ad:54:31:f1:
a5:b1:57:31:25:65:c7:c3:6c:04:eb:b1:df:3a:7f:
5a:4c:03:92:de:d4:ce:a6:5b:db:2a:ec:ac:ae:6f:
b4:ba:45:ce:2a:15:8c:29:1e:86:d8:06:33:6e:a3:
d9:08:b6:d4:5c:2f:0d:d0:5b:b1:b9:76:3e:9c:ef:
ad:d9:82:d5:87:8d:62:87:e2:ef:29:85:8d:7a:0c:
5d:48:40:03:1d:ca:53:0a:d7:86:4f:d9:35:b1:15:
7f:d0:ae:f3:d0:7f:a9:02:54:c3:4e:6b:46:2e:88:
72:27:69:26:02:9e:7d:ff:25:4d:f7:40:ae:15:75:
32:a3:8f:fb:47:63:44:09:be:5b:dc:88:d0:36:e5:
ba:e3:53:8a:c4:eb:ea:66:bf:8c:2a:e0:47:47:6c:
6b:b1:6e:7d:b7:78:d4:6b:32:29:63:21:38:a6:61:
56:f0:07:9a:b5:24:1d:21:42:37:95:16:14:ca:a2:
92:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:CA:4B:A0:EB:66:7B:32:CE:06:26:BB:83:B7:26:B6:45:4F:4D:68
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/o8pLoOtmezLOBia7g7cmtkVPTWg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.240.128.0/20
151.240.171.0/24
151.241.132.0/22
151.241.232.0/21
151.242.56.0/24
151.242.119.0/24
151.243.8.0/23
151.243.146.0/24
151.243.204.0/23
151.244.56.0/24
151.245.56.0/22
151.245.185.0/24
151.245.187.0-151.245.188.255
Signature Algorithm: sha256WithRSAEncryption
7c:16:0e:34:05:6a:88:7d:20:3e:37:cd:78:91:49:1f:bc:23:
62:50:3e:4f:9a:a8:9b:9f:b3:95:b7:52:4b:a0:10:06:13:fb:
b0:c3:3d:ab:7e:c6:45:a8:e1:1f:11:b2:49:86:8c:a0:de:e7:
c8:71:f9:49:c7:14:32:41:94:ba:9d:b3:17:be:5e:cd:50:09:
3a:48:67:f2:27:67:89:50:74:4f:a6:a8:78:23:9f:73:bb:26:
d8:9e:03:a0:80:be:7b:cb:17:a6:9f:27:b6:97:e3:ac:3c:b5:
87:11:43:a1:96:d5:75:20:ee:27:24:9b:3c:aa:0f:49:11:32:
3d:f5:84:2c:73:48:84:e7:74:2f:fd:d1:a2:91:8d:4d:b1:f6:
05:85:07:47:93:01:71:04:eb:48:d8:63:99:e0:2d:4a:60:65:
9d:32:04:bc:63:9d:54:10:e1:3c:d5:75:7d:31:d9:71:12:24:
7c:04:ef:bc:44:f4:55:b9:7f:5c:de:73:cc:89:b1:92:b5:e9:
f8:06:04:88:ba:93:3a:23:46:23:d5:c5:f0:2d:ef:67:d0:fb:
ae:5b:44:38:95:5b:f1:0f:96:32:8e:e6:29:6b:01:ae:85:83:
06:9d:8a:85:69:e4:ac:d6:88:7a:22:5f:3d:e8:52:56:ff:37:
95:f0:55:f1
-----BEGIN CERTIFICATE-----
MIIFTTCCBDWgAwIBAgISAZi7wontrX95Y2r8D1YVlRKQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwODE4MDU1OTA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhM2NhNGJhMGViNjY3YjMyY2UwNjI2YmI4M2I3MjZiNjQ1NGY0ZDY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsiy9HhQGPsHzCmEzEZ6n3Rpcu9q8
w0eGx+bvATQfeu0Bn0dVzYR9l6ytDK9eJnet2DxzGr5KJNSV0oImu2V6aZQVr/vA
ha1UMfGlsVcxJWXHw2wE67HfOn9aTAOS3tTOplvbKuysrm+0ukXOKhWMKR6G2AYz
bqPZCLbUXC8N0FuxuXY+nO+t2YLVh41ih+LvKYWNegxdSEADHcpTCteGT9k1sRV/
0K7z0H+pAlTDTmtGLohyJ2kmAp59/yVN90CuFXUyo4/7R2NECb5b3IjQNuW641OK
xOvqZr+MKuBHR2xrsW59t3jUazIpYyE4pmFW8AeatSQdIUI3lRYUyqKSQwIDAQAB
o4ICWTCCAlUwHQYDVR0OBBYEFKPKS6DrZnsyzgYmu4O3JrZFT01oMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvbzhwTG9PdG1lekxPQmlhN2c3Y210a1ZQVFdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG8GCCsGAQUFBwEHAQH/BGAwXjBcBAIAATBWAwQEl/CAAwQA
l/CrAwQCl/GEAwQDl/HoAwQAl/I4AwQAl/J3AwQBl/MIAwQAl/OSAwQBl/PMAwQA
l/Q4AwQCl/U4AwQAl/W5MAwDBACX9bsDBACX9bwwDQYJKoZIhvcNAQELBQADggEB
AHwWDjQFaoh9ID43zXiRSR+8I2JQPk+aqJufs5W3UkugEAYT+7DDPat+xkWo4R8R
skmGjKDe58hx+UnHFDJBlLqdsxe+Xs1QCTpIZ/InZ4lQdE+mqHgjn3O7JtieA6CA
vnvLF6afJ7aX46w8tYcRQ6GW1XUg7ickmzyqD0kRMj31hCxzSITndC/90aKRjU2x
9gWFB0eTAXEE60jYY5ngLUpgZZ0yBLxjnVQQ4TzVdX0x2XESJHwE77xE9FW5f1ze
c8yJsZK16fgGBIi6kzojRiPVxfAt72fQ+65bRDiVW/EPljKO5ilrAa6FgwadioVp
5KzWiHoiXz3oUlb/N5XwVfE=
-----END CERTIFICATE-----
Generated at Wed Aug 20 10:48:30 2025 by rpki-client