Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/3_0a8ppoe00TLXR9FCy0agFsgFw.roa
File: 3_0a8ppoe00TLXR9FCy0agFsgFw.roa (raw, json)
Hash identifier: T5jTU25QrdygzCDQoqVeWZZJ7oRk4FycwpOy8RAllfQ=
Subject key identifier: DF:FD:1A:F2:9A:68:7B:4D:13:2D:74:7D:14:2C:B4:6A:01:6C:80:5C
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0199AE14CB5C650300EB41F36AD1650DA4E8
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/3_0a8ppoe00TLXR9FCy0agFsgFw.roa
Signing time: Sat 04 Oct 2025 07:17:02 +0000
ROA not before: Sat 04 Oct 2025 07:17:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 63023
IP address blocks: 151.244.28.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:ae:14:cb:5c:65:03:00:eb:41:f3:6a:d1:65:0d:a4:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Oct 4 07:17:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dffd1af29a687b4d132d747d142cb46a016c805c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:ee:82:ad:a2:75:d6:2a:20:ad:05:d5:f8:93:
4a:ae:21:4d:5d:e7:52:e4:d4:6c:fc:93:39:b7:26:
1c:73:13:a1:9d:4e:75:90:c8:92:fd:eb:20:09:2d:
90:d6:56:02:9d:79:aa:ed:df:f5:7d:9f:fd:4c:77:
7a:c4:53:cf:4b:71:15:08:c4:0a:6f:c4:ec:0b:9f:
81:ad:96:7d:88:a1:c0:ba:8f:f3:a2:90:05:d3:58:
c5:e7:a5:04:2a:b1:8c:c1:3e:0e:2e:68:d5:6b:ae:
dc:68:ea:24:7e:e0:82:72:8f:5e:b3:ed:60:09:c1:
ab:66:65:64:92:41:43:96:13:34:a0:36:96:b0:8b:
4d:5a:d8:5b:d8:a1:91:7c:2f:37:45:3a:b8:4f:ed:
24:48:f0:6f:98:6f:f6:15:84:87:51:79:93:7b:43:
ba:b6:93:10:64:a6:47:4f:74:d5:d0:d5:69:1e:ee:
27:53:f8:b2:8c:e8:55:6d:f9:e4:05:5d:24:ef:ec:
ae:e1:dd:30:ae:6e:04:88:b8:51:41:5d:57:07:67:
bb:f3:73:a2:0e:00:36:87:f0:7f:2e:5e:f1:79:50:
16:c0:ae:ba:ba:15:06:35:c6:23:be:d7:13:67:61:
36:19:84:4a:3b:cb:99:81:a1:9e:c2:08:2b:fc:11:
eb:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:FD:1A:F2:9A:68:7B:4D:13:2D:74:7D:14:2C:B4:6A:01:6C:80:5C
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/3_0a8ppoe00TLXR9FCy0agFsgFw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.244.28.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:ca:b7:a4:8b:d7:6f:17:90:1e:00:a3:78:1d:c3:03:2f:6e:
fa:1b:96:05:da:92:74:1d:c0:34:47:fa:f5:de:ef:30:0d:b6:
29:24:d3:c7:70:b0:22:73:0a:aa:36:2c:8e:cc:07:8d:13:8a:
9d:ec:02:22:b0:75:56:50:e9:40:0d:a5:b5:15:f7:bf:2d:72:
6a:3b:00:80:5a:23:b1:20:f1:af:ee:9a:34:93:16:a6:f9:90:
d3:21:5e:30:45:1a:69:28:e0:22:cf:ba:18:66:38:72:79:05:
e1:76:b0:8e:ea:4b:ca:74:70:d8:6e:c1:90:da:8d:b1:c4:12:
2f:77:65:5b:3d:43:5a:c2:97:1f:e7:a1:01:82:e6:e4:7c:bf:
e7:2e:c7:f4:d0:d4:86:d7:0d:4a:d8:9b:41:58:8b:6b:df:d7:
3d:9a:96:5c:dd:ea:0e:58:c4:52:89:ae:b1:2b:f6:19:b0:85:
a7:d0:96:0b:cf:0c:82:1d:c2:d0:c7:d4:c6:b3:87:d0:60:a1:
fe:26:d5:dd:23:78:05:e0:2e:46:00:96:0f:95:ce:f1:28:aa:
cd:bd:08:0b:09:4a:16:90:24:ee:86:ae:27:72:8a:54:33:bc:
e8:30:3e:80:95:ec:cb:0e:88:42:79:49:ae:a7:b1:2b:c3:d7:
cc:0a:4d:26
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZmuFMtcZQMA60HzatFlDaToMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUxMDA0MDcxNzAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZmZkMWFmMjlhNjg3YjRkMTMyZDc0N2QxNDJjYjQ2YTAxNmM4MDVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwO6CraJ11iogrQXV+JNKriFNXedS
5NRs/JM5tyYccxOhnU51kMiS/esgCS2Q1lYCnXmq7d/1fZ/9THd6xFPPS3EVCMQK
b8TsC5+BrZZ9iKHAuo/zopAF01jF56UEKrGMwT4OLmjVa67caOokfuCCco9es+1g
CcGrZmVkkkFDlhM0oDaWsItNWthb2KGRfC83RTq4T+0kSPBvmG/2FYSHUXmTe0O6
tpMQZKZHT3TV0NVpHu4nU/iyjOhVbfnkBV0k7+yu4d0wrm4EiLhRQV1XB2e783Oi
DgA2h/B/Ll7xeVAWwK66uhUGNcYjvtcTZ2E2GYRKO8uZgaGewggr/BHrXQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN/9GvKaaHtNEy10fRQstGoBbIBcMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvM18wYThwcG9lMDBUTFhSOUZDeTBhZ0ZzZ0Z3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAl/QcMA0G
CSqGSIb3DQEBCwUAA4IBAQA+yreki9dvF5AeAKN4HcMDL276G5YF2pJ0HcA0R/r1
3u8wDbYpJNPHcLAicwqqNiyOzAeNE4qd7AIisHVWUOlADaW1Ffe/LXJqOwCAWiOx
IPGv7po0kxam+ZDTIV4wRRppKOAiz7oYZjhyeQXhdrCO6kvKdHDYbsGQ2o2xxBIv
d2VbPUNawpcf56EBgubkfL/nLsf00NSG1w1K2JtBWItr39c9mpZc3eoOWMRSia6x
K/YZsIWn0JYLzwyCHcLQx9TGs4fQYKH+JtXdI3gF4C5GAJYPlc7xKKrNvQgLCUoW
kCTuhq4ncopUM7zoMD6AlezLDohCeUmup7Erw9fMCk0m
-----END CERTIFICATE-----
Generated at Mon Oct 20 09:08:21 2025 by rpki-client