Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/cWsTvDxG61z3dR8thJayaTxxD8o.roa
File: cWsTvDxG61z3dR8thJayaTxxD8o.roa (raw, json)
Hash identifier: qGhqEqwcdl4iKvbNHgiylL2NG/+y0oHLNBzsHHG9eLQ=
Subject key identifier: 71:6B:13:BC:3C:46:EB:5C:F7:75:1F:2D:84:96:B2:69:3C:71:0F:CA
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0199398C8E41584A5AAC45C5E1BF47DA734C
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/cWsTvDxG61z3dR8thJayaTxxD8o.roa
Signing time: Thu 11 Sep 2025 16:12:16 +0000
ROA not before: Thu 11 Sep 2025 16:12:16 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 136501
IP address blocks: 151.242.180.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 14:01:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:39:8c:8e:41:58:4a:5a:ac:45:c5:e1:bf:47:da:73:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Sep 11 16:12:16 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=716b13bc3c46eb5cf7751f2d8496b2693c710fca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:ed:18:15:b3:98:95:dc:67:5a:04:e7:fe:a2:
2d:87:f2:55:a2:20:2b:61:cd:be:df:da:ec:e0:dd:
68:78:6c:b3:e8:4e:5c:2c:0d:81:55:88:14:00:23:
07:d4:c3:a5:c6:0d:d2:15:99:98:82:57:1c:73:dc:
90:50:9d:6c:55:e7:4d:29:29:38:77:ef:2e:b6:8e:
ff:c0:4c:1f:c9:0a:96:30:72:70:17:59:97:ab:c9:
df:6d:60:b6:c2:78:38:71:f7:61:ad:00:e6:90:57:
87:d8:d8:55:e6:b9:91:58:71:98:4e:86:a4:ea:33:
90:e1:73:00:8c:7f:08:7d:de:d0:88:4d:12:08:7f:
1e:3b:b3:2c:aa:f2:73:fa:38:63:35:53:25:4b:67:
9a:31:93:ab:1e:04:d3:7b:4d:f3:6e:bf:92:54:06:
f6:2f:e3:4a:ee:68:f8:77:b6:36:3f:6d:fd:2b:1b:
09:5d:f8:13:c6:07:9e:06:6c:f5:04:a6:dd:51:61:
54:c9:5d:d9:d9:20:7b:e4:56:b3:8c:97:53:4b:b3:
89:5c:02:83:4b:f4:10:b8:cc:c4:8b:35:25:1e:51:
7d:df:9e:4e:ff:a4:12:f5:f6:b0:f3:ac:5f:4d:c1:
c4:1b:ab:62:7a:e9:c5:dd:24:db:4c:7d:d8:27:da:
92:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:6B:13:BC:3C:46:EB:5C:F7:75:1F:2D:84:96:B2:69:3C:71:0F:CA
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/cWsTvDxG61z3dR8thJayaTxxD8o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.242.180.0/22
Signature Algorithm: sha256WithRSAEncryption
3e:24:fc:dc:f7:5c:8a:4b:0b:94:ed:c6:f2:eb:47:fb:41:52:
ee:4b:43:c4:40:02:aa:2e:17:0d:de:3c:ba:e6:24:0b:49:fc:
7f:00:1c:0c:f9:95:54:17:bf:e6:b7:1b:50:08:1c:29:aa:2e:
e9:1a:ef:58:b7:85:97:34:74:bc:6d:21:aa:be:66:f8:3c:2d:
a6:6f:87:69:bd:cb:ac:57:7e:ff:52:93:05:63:28:45:84:77:
eb:76:1a:ee:a2:ee:98:99:a4:15:51:30:09:42:9f:63:82:ab:
64:a4:ef:ca:91:3e:d5:c4:62:ad:3e:59:f0:72:0f:8c:d9:80:
98:dc:a5:47:8c:88:f6:c0:66:59:dc:7e:b8:7a:59:21:c1:42:
12:53:4b:65:94:74:37:2d:1e:76:4c:0d:b1:e3:45:fa:5b:d9:
1d:3d:76:79:53:f2:46:df:4d:7a:16:c3:7d:37:24:14:40:77:
0c:0f:8a:44:65:4e:b0:68:e0:53:5b:3f:4e:9a:4b:38:8a:f0:
e3:d4:8f:4e:26:49:9f:69:e3:14:51:f8:e0:7e:4e:08:85:c5:
3c:fd:20:ec:6a:83:65:42:aa:d0:24:d8:1e:28:77:e8:7f:7b:
9a:5b:01:3f:a9:44:d1:dc:12:49:78:15:80:8c:c5:a6:7e:f5:
31:24:56:0d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZk5jI5BWEparEXF4b9H2nNMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwOTExMTYxMjE2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTZiMTNiYzNjNDZlYjVjZjc3NTFmMmQ4NDk2YjI2OTNjNzEwZmNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0e0YFbOYldxnWgTn/qIth/JVoiAr
Yc2+39rs4N1oeGyz6E5cLA2BVYgUACMH1MOlxg3SFZmYglccc9yQUJ1sVedNKSk4
d+8uto7/wEwfyQqWMHJwF1mXq8nfbWC2wng4cfdhrQDmkFeH2NhV5rmRWHGYToak
6jOQ4XMAjH8Ifd7QiE0SCH8eO7MsqvJz+jhjNVMlS2eaMZOrHgTTe03zbr+SVAb2
L+NK7mj4d7Y2P239KxsJXfgTxgeeBmz1BKbdUWFUyV3Z2SB75FazjJdTS7OJXAKD
S/QQuMzEizUlHlF9355O/6QS9faw86xfTcHEG6tieunF3STbTH3YJ9qSNQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHFrE7w8Rutc93UfLYSWsmk8cQ/KMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvY1dzVHZEeEc2MXozZFI4dGhKYXlhVHh4RDhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCl/K0MA0G
CSqGSIb3DQEBCwUAA4IBAQA+JPzc91yKSwuU7cby60f7QVLuS0PEQAKqLhcN3jy6
5iQLSfx/ABwM+ZVUF7/mtxtQCBwpqi7pGu9Yt4WXNHS8bSGqvmb4PC2mb4dpvcus
V37/UpMFYyhFhHfrdhruou6YmaQVUTAJQp9jgqtkpO/KkT7VxGKtPlnwcg+M2YCY
3KVHjIj2wGZZ3H64elkhwUISU0tllHQ3LR52TA2x40X6W9kdPXZ5U/JG3016FsN9
NyQUQHcMD4pEZU6waOBTWz9Omks4ivDj1I9OJkmfaeMUUfjgfk4IhcU8/SDsaoNl
QqrQJNgeKHfof3uaWwE/qUTR3BJJeBWAjMWmfvUxJFYN
-----END CERTIFICATE-----
Generated at Sun Oct 19 22:25:18 2025 by rpki-client