Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/sOgIz4EKnvnu6WMW-h25EgaF1U8.roa
File: sOgIz4EKnvnu6WMW-h25EgaF1U8.roa (raw, json)
Hash identifier: iyj4DJGWmaOQXWMQutDaS3yhNi/m2oIXVFt3KmSVG0M=
Subject key identifier: B0:E8:08:CF:81:0A:9E:F9:EE:E9:63:16:FA:1D:B9:12:06:85:D5:4F
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 01990DEB7041E0491F11DAB0B49A4FC694BE
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/sOgIz4EKnvnu6WMW-h25EgaF1U8.roa
Signing time: Wed 03 Sep 2025 04:52:37 +0000
ROA not before: Wed 03 Sep 2025 04:52:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59432
IP address blocks: 151.243.30.0/24 maxlen: 24
151.243.109.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 04 Sep 2025 13:03:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:0d:eb:70:41:e0:49:1f:11:da:b0:b4:9a:4f:c6:94:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Sep 3 04:52:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b0e808cf810a9ef9eee96316fa1db9120685d54f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f7:bb:56:b7:a9:41:b1:d0:7c:89:8d:9b:0c:d0:
71:b1:f8:a8:f4:74:d4:b6:18:03:0b:ca:d2:1b:a9:
07:f5:da:00:05:74:f1:87:0f:ff:11:39:e5:b9:8f:
05:04:1c:3e:10:7b:3d:e2:5f:12:f1:de:7e:39:9b:
ab:d0:9c:a5:2b:19:ab:48:e1:2f:d7:80:93:11:39:
f4:3e:80:b0:d2:7d:8d:3c:4b:2b:b9:23:11:57:80:
d5:ca:4f:52:9e:79:ce:f5:30:ef:e7:e7:31:e7:29:
7b:4d:fe:f8:47:bb:1a:1a:a5:04:d6:7e:ef:64:98:
5a:be:96:7d:58:fb:14:34:43:b2:9b:fe:da:d2:04:
f7:16:d3:56:96:c0:4d:41:8d:7a:b6:c8:94:f7:ed:
13:85:8e:3b:16:94:03:06:fc:a5:88:08:0b:70:70:
bd:a1:ae:83:7a:5b:1a:90:10:cf:22:3b:0f:2e:b7:
47:97:d0:67:f0:5c:3f:f4:e8:5d:f2:2f:5d:64:d1:
b6:a5:7f:d6:d6:fc:42:cd:f1:ca:1e:00:2f:3f:eb:
3e:79:b1:de:55:3d:cf:0e:51:24:94:8d:a8:37:04:
e7:20:8c:93:4a:bd:cb:e2:76:15:0b:a6:f5:17:5e:
61:24:da:59:56:d2:7b:94:d2:8c:67:ec:91:bc:d6:
fc:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:E8:08:CF:81:0A:9E:F9:EE:E9:63:16:FA:1D:B9:12:06:85:D5:4F
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/sOgIz4EKnvnu6WMW-h25EgaF1U8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.243.30.0/24
151.243.109.0/24
Signature Algorithm: sha256WithRSAEncryption
52:4e:e2:2d:50:d6:eb:3c:a1:9e:11:ff:6e:73:fb:b2:dd:9a:
fb:68:a6:87:6d:37:fd:bf:01:17:bd:61:84:10:f9:48:8c:4a:
78:ea:69:f5:32:57:b3:77:05:8f:28:c1:5b:d0:05:33:7e:78:
ec:8c:f6:1e:d6:a2:b7:1a:19:2e:38:26:84:c8:d5:fe:c6:5b:
49:bd:cc:12:08:4b:a8:93:94:48:a8:5d:51:07:5c:47:e3:28:
5e:f8:d4:1f:ea:c6:9d:10:74:c3:27:4a:23:6c:5e:ca:91:38:
29:bc:b3:fe:ad:fc:b2:12:85:28:69:19:77:25:20:9e:d3:a3:
c7:1c:f0:e1:d4:fe:42:7e:b3:79:cc:c6:06:02:71:b7:8f:49:
3b:f5:c0:5e:45:d0:48:00:3e:ec:ae:3a:37:78:a5:12:38:d3:
bf:85:45:13:48:ef:38:a6:6c:bb:43:3e:e8:69:43:97:fb:46:
01:90:84:06:28:c8:7f:ec:e8:46:35:90:57:45:90:f9:e3:45:
c4:8b:22:32:6b:8f:c4:93:9c:ca:33:40:26:37:fa:bb:47:e7:
23:96:b6:e9:a4:0f:d0:8c:ff:00:cc:ac:f7:c1:fd:bc:d4:32:
9b:f0:80:89:4e:e3:d7:90:5f:95:b8:66:82:e2:27:03:3f:30:
35:9a:d4:57
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZkN63BB4EkfEdqwtJpPxpS+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwOTAzMDQ1MjM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMGU4MDhjZjgxMGE5ZWY5ZWVlOTYzMTZmYTFkYjkxMjA2ODVkNTRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA97tWt6lBsdB8iY2bDNBxsfio9HTU
thgDC8rSG6kH9doABXTxhw//ETnluY8FBBw+EHs94l8S8d5+OZur0JylKxmrSOEv
14CTETn0PoCw0n2NPEsruSMRV4DVyk9SnnnO9TDv5+cx5yl7Tf74R7saGqUE1n7v
ZJhavpZ9WPsUNEOym/7a0gT3FtNWlsBNQY16tsiU9+0ThY47FpQDBvyliAgLcHC9
oa6DelsakBDPIjsPLrdHl9Bn8Fw/9Ohd8i9dZNG2pX/W1vxCzfHKHgAvP+s+ebHe
VT3PDlEklI2oNwTnIIyTSr3L4nYVC6b1F15hJNpZVtJ7lNKMZ+yRvNb8nQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLDoCM+BCp757uljFvoduRIGhdVPMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvc09nSXo0RUtudm51NldNVy1oMjVFZ2FGMVU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAl/MeAwQA
l/NtMA0GCSqGSIb3DQEBCwUAA4IBAQBSTuItUNbrPKGeEf9uc/uy3Zr7aKaHbTf9
vwEXvWGEEPlIjEp46mn1MlezdwWPKMFb0AUzfnjsjPYe1qK3GhkuOCaEyNX+xltJ
vcwSCEuok5RIqF1RB1xH4yhe+NQf6sadEHTDJ0ojbF7KkTgpvLP+rfyyEoUoaRl3
JSCe06PHHPDh1P5CfrN5zMYGAnG3j0k79cBeRdBIAD7srjo3eKUSONO/hUUTSO84
pmy7Qz7oaUOX+0YBkIQGKMh/7OhGNZBXRZD540XEiyIya4/Ek5zKM0AmN/q7R+cj
lrbppA/QjP8AzKz3wf281DKb8ICJTuPXkF+VuGaC4icDPzA1mtRX
-----END CERTIFICATE-----
Generated at Wed Sep 3 18:37:19 2025 by rpki-client