Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/qwWV1U9fmfS5qsZsLwr_kd6y33M.roa
File: qwWV1U9fmfS5qsZsLwr_kd6y33M.roa (raw, json)
Hash identifier: FN8WpemCbfG6Or+aOZ3+CBEm1Uvw3RZ5Uj39omXQBLc=
Subject key identifier: AB:05:95:D5:4F:5F:99:F4:B9:AA:C6:6C:2F:0A:FF:91:DE:B2:DF:73
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0196FE7AFDAAEE55CA050B7653398E5FEE53
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/qwWV1U9fmfS5qsZsLwr_kd6y33M.roa
Signing time: Fri 23 May 2025 18:49:55 +0000
ROA not before: Fri 23 May 2025 18:49:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215304
IP address blocks: 151.241.128.0/22 maxlen: 24
151.242.15.0/24 maxlen: 24
151.242.23.0/24 maxlen: 24
151.242.40.0/24 maxlen: 24
151.242.64.0/24 maxlen: 24
151.242.73.0/24 maxlen: 24
151.242.74.0/24 maxlen: 24
151.242.75.0/24 maxlen: 24
151.242.76.0/24 maxlen: 24
151.242.77.0/24 maxlen: 24
151.242.78.0/24 maxlen: 24
151.242.79.0/24 maxlen: 24
151.242.80.0/24 maxlen: 24
151.242.81.0/24 maxlen: 24
151.242.82.0/24 maxlen: 24
151.242.170.0/24 maxlen: 24
151.242.171.0/24 maxlen: 24
151.242.172.0/24 maxlen: 24
151.242.173.0/24 maxlen: 24
151.242.242.0/24 maxlen: 24
151.243.35.0/24 maxlen: 24
151.243.38.0/24 maxlen: 24
151.243.41.0/24 maxlen: 24
151.243.115.0/24 maxlen: 24
151.243.120.0/24 maxlen: 24
151.243.214.0/24 maxlen: 24
151.244.4.0/24 maxlen: 24
151.244.5.0/24 maxlen: 24
151.244.6.0/24 maxlen: 24
151.244.56.0/24 maxlen: 24
151.244.58.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 15:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:fe:7a:fd:aa:ee:55:ca:05:0b:76:53:39:8e:5f:ee:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: May 23 18:49:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ab0595d54f5f99f4b9aac66c2f0aff91deb2df73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:8e:63:a5:9f:36:a6:04:b7:95:87:c9:74:d4:
0e:26:4e:fd:4c:d7:86:c7:bf:c0:c8:bf:04:51:e8:
f6:d2:18:33:f6:54:d8:1f:95:d6:ad:13:7f:cb:9a:
23:8a:99:3a:aa:54:b3:1d:14:2b:50:d2:40:7b:3c:
4e:23:60:53:ed:1e:0f:1f:4c:a4:fc:8f:ac:3c:81:
a6:ce:56:df:fe:f6:27:b7:3b:6e:3c:6b:e1:6f:1c:
c5:ed:70:f2:72:6f:48:ef:d3:05:f6:42:0c:a0:a9:
bb:b5:56:85:80:1a:7b:b1:8a:09:a9:ba:97:e9:68:
a1:7f:d3:7f:3c:fa:2b:77:74:93:4d:b0:8a:ad:d7:
d9:34:e1:9d:92:d6:15:f3:f8:ac:89:5a:5e:d6:ba:
ce:26:d9:05:88:67:6f:ba:b6:94:e2:e3:e4:b9:66:
d0:f2:5e:a8:6d:6a:27:bb:e9:81:8f:bd:0a:ef:21:
c6:5e:ef:31:bb:6a:66:97:1d:ad:d9:72:db:00:ff:
03:58:23:28:fd:65:41:f5:6b:1d:d4:d9:f6:8b:b7:
58:d7:68:c6:47:59:be:36:ab:77:1c:67:fd:3d:54:
63:0f:ab:87:cb:0d:a2:15:cf:e4:59:ad:f5:28:80:
b0:9b:5b:66:7a:e3:56:7c:74:1e:6e:f6:36:6b:ba:
8a:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:05:95:D5:4F:5F:99:F4:B9:AA:C6:6C:2F:0A:FF:91:DE:B2:DF:73
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/qwWV1U9fmfS5qsZsLwr_kd6y33M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.241.128.0/22
151.242.15.0/24
151.242.23.0/24
151.242.40.0/24
151.242.64.0/24
151.242.73.0-151.242.82.255
151.242.170.0-151.242.173.255
151.242.242.0/24
151.243.35.0/24
151.243.38.0/24
151.243.41.0/24
151.243.115.0/24
151.243.120.0/24
151.243.214.0/24
151.244.4.0-151.244.6.255
151.244.56.0/24
151.244.58.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:ef:1f:0a:3e:24:9e:76:8d:fa:71:ed:7d:7e:8d:4f:2d:df:
dd:d0:ef:3a:6f:99:e4:c5:29:d2:0b:7e:2b:25:ee:4d:41:76:
54:ba:bb:dc:ed:9c:3a:11:24:cd:49:84:94:95:f0:c4:56:e6:
d1:87:0a:c5:82:1d:82:d1:53:ea:15:b8:da:60:fe:7c:cb:f7:
d4:ea:a6:0e:27:39:ad:08:5f:7c:4f:1a:ad:11:e6:c4:ce:83:
5c:b5:70:79:83:cc:68:6a:e4:fe:80:21:64:1e:53:5b:d2:41:
f0:ad:4f:ca:94:d0:e1:c9:47:c0:19:75:a7:fd:03:c4:08:b7:
fc:64:09:fa:b6:ab:c2:5d:7b:7d:8a:7a:8d:ce:f2:44:2f:1f:
09:72:b0:69:c6:5f:9f:15:3e:0c:50:d1:f4:9d:7b:02:cc:22:
14:4e:22:bd:1c:1b:29:56:ba:17:0a:f6:c2:98:39:e2:3f:e0:
45:53:31:03:a3:92:4a:b2:e6:20:3e:43:f2:a6:76:4b:0f:4d:
fa:2a:c4:98:24:92:35:0f:6a:bf:2c:17:74:cd:f3:7d:d9:82:
74:ec:96:40:b6:5e:da:1a:4a:7a:23:4a:06:e6:33:ac:c1:24:
dc:05:6e:6a:83:f6:7b:d5:1f:5d:3b:8e:bf:f1:1d:18:d3:7b:
49:48:f3:cf
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgISAZb+ev2q7lXKBQt2UzmOX+5TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNTIzMTg0OTU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjA1OTVkNTRmNWY5OWY0YjlhYWM2NmMyZjBhZmY5MWRlYjJkZjczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAho5jpZ82pgS3lYfJdNQOJk79TNeG
x7/AyL8EUej20hgz9lTYH5XWrRN/y5ojipk6qlSzHRQrUNJAezxOI2BT7R4PH0yk
/I+sPIGmzlbf/vYntztuPGvhbxzF7XDycm9I79MF9kIMoKm7tVaFgBp7sYoJqbqX
6Wihf9N/PPord3STTbCKrdfZNOGdktYV8/isiVpe1rrOJtkFiGdvuraU4uPkuWbQ
8l6obWonu+mBj70K7yHGXu8xu2pmlx2t2XLbAP8DWCMo/WVB9Wsd1Nn2i7dY12jG
R1m+Nqt3HGf9PVRjD6uHyw2iFc/kWa31KICwm1tmeuNWfHQebvY2a7qKSQIDAQAB
o4IChTCCAoEwHQYDVR0OBBYEFKsFldVPX5n0uarGbC8K/5Hest9zMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvcXdXVjFVOWZtZlM1cXNac0x3cl9rZDZ5MzNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGaBggrBgEFBQcBBwEB/wSBijCBhzCBhAQCAAEwfgMEApfx
gAMEAJfyDwMEAJfyFwMEAJfyKAMEAJfyQDAMAwQAl/JJAwQAl/JSMAwDBAGX8qoD
BAGX8qwDBACX8vIDBACX8yMDBACX8yYDBACX8ykDBACX83MDBACX83gDBACX89Yw
DAMEApf0BAMEAJf0BgMEAJf0OAMEAJf0OjANBgkqhkiG9w0BAQsFAAOCAQEAO+8f
Cj4knnaN+nHtfX6NTy3f3dDvOm+Z5MUp0gt+KyXuTUF2VLq73O2cOhEkzUmElJXw
xFbm0YcKxYIdgtFT6hW42mD+fMv31OqmDic5rQhffE8arRHmxM6DXLVweYPMaGrk
/oAhZB5TW9JB8K1PypTQ4clHwBl1p/0DxAi3/GQJ+rarwl17fYp6jc7yRC8fCXKw
acZfnxU+DFDR9J17AswiFE4ivRwbKVa6Fwr2wpg54j/gRVMxA6OSSrLmID5D8qZ2
Sw9N+irEmCSSNQ9qvywXdM3zfdmCdOyWQLZe2hpKeiNKBuYzrMEk3AVuaoP2e9Uf
XTuOv/EdGNN7SUjzzw==
-----END CERTIFICATE-----
Generated at Fri Jun 6 19:40:28 2025 by rpki-client