Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/c6179a-160d-40e2-ae86-7d134980c5be/1/TUQVTjt7qCK2ufUIrI6XyTXXXOo.roa
File: TUQVTjt7qCK2ufUIrI6XyTXXXOo.roa (raw, json)
Hash identifier: iaut8YJ8iknPo6jI/WDMFKjkr1UQ3hZdAnm8iaVfsYY=
Subject key identifier: 4D:44:15:4E:3B:7B:A8:22:B6:B9:F5:08:AC:8E:97:C9:35:D7:5C:EA
Certificate issuer: /CN=02a962c1fe8e2e12a35576fd62987a0cbba463d4
Certificate serial: 0198CDD4ADF2B0565AB7C3164A09075E2625
Authority key identifier: 02:A9:62:C1:FE:8E:2E:12:A3:55:76:FD:62:98:7A:0C:BB:A4:63:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Aqliwf6OLhKjVXb9Yph6DLukY9Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/c6179a-160d-40e2-ae86-7d134980c5be/1/TUQVTjt7qCK2ufUIrI6XyTXXXOo.roa
Signing time: Thu 21 Aug 2025 18:12:04 +0000
ROA not before: Thu 21 Aug 2025 18:12:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215540
IP address blocks: 150.40.102.0/24 maxlen: 24
150.40.104.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/c6179a-160d-40e2-ae86-7d134980c5be/1/Aqliwf6OLhKjVXb9Yph6DLukY9Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/c6179a-160d-40e2-ae86-7d134980c5be/1/Aqliwf6OLhKjVXb9Yph6DLukY9Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/Aqliwf6OLhKjVXb9Yph6DLukY9Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:cd:d4:ad:f2:b0:56:5a:b7:c3:16:4a:09:07:5e:26:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=02a962c1fe8e2e12a35576fd62987a0cbba463d4
Validity
Not Before: Aug 21 18:12:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4d44154e3b7ba822b6b9f508ac8e97c935d75cea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:6f:f2:cd:64:11:31:1f:fd:c9:94:b7:1c:0e:
3f:2d:ef:68:f1:eb:f7:c5:67:28:62:17:2d:f4:be:
ce:fc:a1:8e:c2:9b:9f:bb:d1:fe:58:c4:52:a0:96:
c2:de:56:e9:4a:1d:3a:bb:bd:82:fa:15:52:47:4a:
8d:aa:25:bb:1e:3c:e0:5b:ce:c4:8e:e2:f9:b1:ee:
b9:fe:12:56:82:d0:92:2e:7f:52:92:c1:e9:1c:ce:
8e:05:22:40:6c:3e:37:83:5c:ce:b2:88:91:9e:ab:
bd:5e:bf:4a:d6:b9:ae:b1:46:d8:fa:bb:16:f8:2a:
e8:e6:51:ab:7b:b4:64:a4:e9:81:e0:79:93:95:c1:
ad:9a:2c:bb:89:83:92:0c:fb:e4:1e:81:70:91:e3:
48:60:a9:60:8d:51:11:4e:ec:b3:96:d4:96:a9:63:
3b:73:8b:a7:6f:9e:05:ea:28:11:23:96:05:36:3d:
b2:b6:11:29:e4:86:16:2c:20:bc:36:73:df:b7:20:
09:d7:cb:d0:ba:4e:5d:8a:a6:bb:fd:90:1e:fe:38:
31:d9:6c:a1:39:13:f2:e7:dd:6e:92:c5:d2:33:94:
ae:b2:b5:24:31:09:57:39:d1:b0:a1:86:57:5e:b6:
28:77:30:f4:18:51:d3:88:41:ee:06:cb:3e:32:d7:
19:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:44:15:4E:3B:7B:A8:22:B6:B9:F5:08:AC:8E:97:C9:35:D7:5C:EA
X509v3 Authority Key Identifier:
keyid:02:A9:62:C1:FE:8E:2E:12:A3:55:76:FD:62:98:7A:0C:BB:A4:63:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Aqliwf6OLhKjVXb9Yph6DLukY9Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/c6179a-160d-40e2-ae86-7d134980c5be/1/TUQVTjt7qCK2ufUIrI6XyTXXXOo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/c6179a-160d-40e2-ae86-7d134980c5be/1/Aqliwf6OLhKjVXb9Yph6DLukY9Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
150.40.102.0/24
150.40.104.0/24
Signature Algorithm: sha256WithRSAEncryption
24:c0:d3:c4:0e:58:f6:ab:1d:c5:5a:8c:1a:a7:67:ff:50:aa:
ad:fa:32:e9:cd:13:40:1d:27:1d:05:2a:e4:0f:20:b1:eb:5b:
d3:b1:43:e5:e0:57:32:4e:fb:c8:72:67:df:c2:35:ba:39:f5:
79:d3:69:0b:b5:ee:fa:ed:1e:52:6b:2f:48:85:c9:09:b5:5a:
b7:47:31:b0:08:24:c3:55:c1:f1:e4:e7:6d:65:e4:f3:42:a4:
fb:12:42:ac:76:f1:d4:b1:54:62:10:a3:84:b9:f3:9e:bd:05:
e7:e1:3e:21:79:d6:c2:1f:29:1a:00:34:db:6f:43:9c:f4:d9:
0e:e8:6f:7c:a9:27:c6:4c:88:7e:f5:50:b8:6a:fa:d3:15:d7:
93:d0:56:8b:f7:5d:49:ef:4a:96:96:f8:2a:0e:a9:67:2c:b6:
c0:c6:ce:2c:43:f2:3f:d6:6c:15:d4:45:85:93:d7:9a:53:c0:
e2:9c:45:a3:f2:1f:37:fe:7d:64:a6:56:79:8f:19:06:1c:3b:
a2:93:3f:44:73:f2:20:66:79:5d:78:8c:9e:82:34:89:f9:e5:
23:7c:54:10:12:41:63:54:b4:74:f4:22:d3:5a:9b:de:29:96:
57:35:dc:d1:f0:e6:c7:c0:e2:dd:72:1a:5c:fe:43:c6:95:06:
b5:bf:40:4e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZjN1K3ysFZat8MWSgkHXiYlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyYTk2MmMxZmU4ZTJlMTJhMzU1NzZmZDYyOTg3YTBjYmJh
NDYzZDQwHhcNMjUwODIxMTgxMjA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDQ0MTU0ZTNiN2JhODIyYjZiOWY1MDhhYzhlOTdjOTM1ZDc1Y2VhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz2/yzWQRMR/9yZS3HA4/Le9o8ev3
xWcoYhct9L7O/KGOwpufu9H+WMRSoJbC3lbpSh06u72C+hVSR0qNqiW7HjzgW87E
juL5se65/hJWgtCSLn9SksHpHM6OBSJAbD43g1zOsoiRnqu9Xr9K1rmusUbY+rsW
+Cro5lGre7RkpOmB4HmTlcGtmiy7iYOSDPvkHoFwkeNIYKlgjVERTuyzltSWqWM7
c4unb54F6igRI5YFNj2ythEp5IYWLCC8NnPftyAJ18vQuk5diqa7/ZAe/jgx2Wyh
ORPy591uksXSM5SusrUkMQlXOdGwoYZXXrYodzD0GFHTiEHuBss+MtcZtwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFE1EFU47e6gitrn1CKyOl8k111zqMB8GA1UdIwQY
MBaAFAKpYsH+ji4So1V2/WKYegy7pGPUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQXFsaXdmNk9MaEtqVlhiOVlwaDZETHVrWTlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9jNjE3OWEtMTYwZC00MGUyLWFlODYt
N2QxMzQ5ODBjNWJlLzEvVFVRVlRqdDdxQ0sydWZVSXJJNlh5VFhYWE9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9jNjE3OWEtMTYwZC00MGUyLWFlODYtN2QxMzQ5ODBjNWJl
LzEvQXFsaXdmNk9MaEtqVlhiOVlwaDZETHVrWTlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAlihmAwQA
lihoMA0GCSqGSIb3DQEBCwUAA4IBAQAkwNPEDlj2qx3FWowap2f/UKqt+jLpzRNA
HScdBSrkDyCx61vTsUPl4FcyTvvIcmffwjW6OfV502kLte767R5Say9IhckJtVq3
RzGwCCTDVcHx5OdtZeTzQqT7EkKsdvHUsVRiEKOEufOevQXn4T4hedbCHykaADTb
b0Oc9NkO6G98qSfGTIh+9VC4avrTFdeT0FaL911J70qWlvgqDqlnLLbAxs4sQ/I/
1mwV1EWFk9eaU8DinEWj8h83/n1kplZ5jxkGHDuikz9Ec/IgZnldeIyegjSJ+eUj
fFQQEkFjVLR09CLTWpveKZZXNdzR8ObHwOLdchpc/kPGlQa1v0BO
-----END CERTIFICATE-----
Generated at Sat Aug 23 21:17:38 2025 by rpki-client