Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/IC7Mha_R079BHZOJdaXM_wRt8Tw.roa
File: IC7Mha_R079BHZOJdaXM_wRt8Tw.roa (raw, json)
Hash identifier: R/G6cRis2H50EenEr8Wzj9P7zEvR4qGC/SCvfrDAgM4=
Subject key identifier: 20:2E:CC:85:AF:D1:D3:BF:41:1D:93:89:75:A5:CC:FF:04:6D:F1:3C
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0198D1724C3091FEC21EDEC709F8F7B02C96
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/IC7Mha_R079BHZOJdaXM_wRt8Tw.roa
Signing time: Fri 22 Aug 2025 11:03:05 +0000
ROA not before: Fri 22 Aug 2025 11:03:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213784
IP address blocks: 151.246.40.0/22 maxlen: 22
151.246.44.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 09:25:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d1:72:4c:30:91:fe:c2:1e:de:c7:09:f8:f7:b0:2c:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Aug 22 11:03:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=202ecc85afd1d3bf411d938975a5ccff046df13c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:3a:34:09:80:9c:2d:b4:36:2e:9b:5e:fb:29:
bb:17:bc:92:fc:be:a0:cf:33:e7:55:b3:71:f2:18:
34:56:0a:7f:a8:88:ad:17:e2:69:cb:c5:80:5e:72:
f0:70:03:41:10:30:ee:39:86:73:12:fe:0a:6d:3b:
ab:3f:0c:7a:30:30:82:dc:68:ec:8d:f3:14:b9:15:
c7:6e:21:fa:3c:d3:04:49:93:be:7e:a2:6b:93:77:
16:56:19:22:c9:6d:19:08:1b:4d:e8:09:99:cb:38:
60:6e:aa:60:3e:c0:ce:79:17:2f:0a:ad:b5:ba:35:
e1:02:64:3f:01:85:e8:71:d0:0f:9f:0e:10:0e:ad:
21:e8:53:34:b9:3d:6b:2c:22:bf:5d:61:46:21:ea:
53:15:db:05:eb:49:f3:7a:47:67:2a:5f:3b:bc:38:
0d:e9:3d:2a:b6:c4:a1:fc:5e:47:e6:e3:66:2e:b0:
f6:7f:c8:d3:98:c8:02:df:98:44:a1:e0:02:93:07:
87:8f:7d:29:21:d2:da:48:6e:6a:73:cb:85:27:37:
66:29:05:05:78:73:5d:96:33:9a:ff:2f:46:1b:a8:
cb:fb:30:16:9b:ed:0c:7b:07:a2:e7:0f:0a:7e:70:
cc:9e:14:d2:0e:19:69:09:a0:80:e6:f8:8b:18:1d:
46:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:2E:CC:85:AF:D1:D3:BF:41:1D:93:89:75:A5:CC:FF:04:6D:F1:3C
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/IC7Mha_R079BHZOJdaXM_wRt8Tw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.246.40.0/21
Signature Algorithm: sha256WithRSAEncryption
1f:68:4f:8a:9d:8b:d9:09:ce:fa:e3:77:6e:b8:05:6f:d1:a6:
9b:18:78:9c:04:4c:d5:4a:3d:ff:80:34:1f:b6:49:b4:81:ff:
da:85:6e:0e:28:4e:bd:44:39:d1:bb:9b:ad:5a:08:78:42:3b:
1d:af:47:84:5b:d7:28:56:4b:8f:ec:a3:f0:9f:22:97:7f:92:
6c:c4:b6:a2:0c:8d:a7:c3:3f:10:2f:fa:71:ff:a5:0a:6d:f7:
c5:72:aa:ad:15:68:49:b5:d1:8a:6c:cc:cb:d5:16:ed:df:ff:
7e:90:26:4d:0f:a4:73:2b:ad:f5:69:7e:19:dd:30:46:8a:a6:
f8:04:5c:c9:ce:af:ac:13:78:1b:50:6c:fb:70:55:a2:66:54:
2e:49:db:8d:6d:42:d7:fe:19:60:de:1a:0a:a6:e6:f3:f2:af:
35:c9:fe:0d:4c:6e:6a:d5:6e:be:09:df:9a:36:12:fd:6a:d7:
a7:d2:87:08:19:a8:83:17:29:32:40:bf:1b:8c:41:db:c7:68:
30:64:7e:34:25:2e:e2:50:20:fa:de:17:d9:d7:c1:6e:8d:3a:
0f:e8:88:30:a8:3e:ba:9d:3c:e2:7c:1e:3a:36:95:51:6c:b9:
d6:f7:9a:3a:88:f6:66:c2:9a:c0:cd:3e:ab:ae:13:30:b2:15:
1f:10:ee:af
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZjRckwwkf7CHt7HCfj3sCyWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwODIyMTEwMzA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDJlY2M4NWFmZDFkM2JmNDExZDkzODk3NWE1Y2NmZjA0NmRmMTNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxzo0CYCcLbQ2Lpte+ym7F7yS/L6g
zzPnVbNx8hg0Vgp/qIitF+Jpy8WAXnLwcANBEDDuOYZzEv4KbTurPwx6MDCC3Gjs
jfMUuRXHbiH6PNMESZO+fqJrk3cWVhkiyW0ZCBtN6AmZyzhgbqpgPsDOeRcvCq21
ujXhAmQ/AYXocdAPnw4QDq0h6FM0uT1rLCK/XWFGIepTFdsF60nzekdnKl87vDgN
6T0qtsSh/F5H5uNmLrD2f8jTmMgC35hEoeACkweHj30pIdLaSG5qc8uFJzdmKQUF
eHNdljOa/y9GG6jL+zAWm+0Mewei5w8KfnDMnhTSDhlpCaCA5viLGB1GNwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCAuzIWv0dO/QR2TiXWlzP8EbfE8MB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvSUM3TWhhX1IwNzlCSFpPSmRhWE1fd1J0OFR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDl/YoMA0G
CSqGSIb3DQEBCwUAA4IBAQAfaE+KnYvZCc7643duuAVv0aabGHicBEzVSj3/gDQf
tkm0gf/ahW4OKE69RDnRu5utWgh4Qjsdr0eEW9coVkuP7KPwnyKXf5JsxLaiDI2n
wz8QL/px/6UKbffFcqqtFWhJtdGKbMzL1Rbt3/9+kCZND6RzK631aX4Z3TBGiqb4
BFzJzq+sE3gbUGz7cFWiZlQuSduNbULX/hlg3hoKpubz8q81yf4NTG5q1W6+Cd+a
NhL9aten0ocIGaiDFykyQL8bjEHbx2gwZH40JS7iUCD63hfZ18FujToP6IgwqD66
nTzifB46NpVRbLnW95o6iPZmwprAzT6rrhMwshUfEO6v
-----END CERTIFICATE-----
Generated at Sat Aug 23 16:27:31 2025 by rpki-client