
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/n4XiP0qiLVlMBrN7C3wQ6Eher0Y.roa
File: n4XiP0qiLVlMBrN7C3wQ6Eher0Y.roa (raw, json)
Hash identifier: 2F2kUNXf0VVddlHDqhSHmZ+LK1xStFGEQ/CfUD4JD7s=
Subject key identifier: 9F:85:E2:3F:4A:A2:2D:59:4C:06:B3:7B:0B:7C:10:E8:48:5E:AF:46
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 01994D1B94853C6F0A5D5560403C0CD36CFA
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/n4XiP0qiLVlMBrN7C3wQ6Eher0Y.roa
Signing time: Mon 15 Sep 2025 11:21:17 +0000
ROA not before: Mon 15 Sep 2025 11:21:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 133153
IP address blocks: 151.241.156.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:4d:1b:94:85:3c:6f:0a:5d:55:60:40:3c:0c:d3:6c:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Sep 15 11:21:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9f85e23f4aa22d594c06b37b0b7c10e8485eaf46
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:64:50:96:c5:48:8a:8c:bd:cf:5c:0e:4d:51:
bf:9c:2b:bc:4b:58:1c:1a:81:35:a4:19:c5:56:f5:
86:1d:99:e3:47:aa:80:1a:a0:bb:2d:2b:2d:36:48:
51:3b:a7:92:e1:90:d0:c9:c0:0c:cd:e9:05:fe:7b:
3c:32:58:a9:a6:53:86:98:4e:7b:b2:33:93:64:37:
a9:2d:08:8e:c2:dd:67:af:89:e2:3e:ea:f4:55:e7:
64:33:28:06:e4:0f:55:21:c4:ab:4f:bf:17:3a:fc:
fb:84:a5:9b:e8:eb:82:0c:44:84:4e:59:15:53:2b:
34:73:4c:53:d0:f6:fb:87:70:d7:88:a9:ae:54:cd:
54:36:00:fa:f3:60:04:e1:45:5c:b0:83:d4:89:67:
e9:1d:c8:9d:90:63:65:d0:0c:61:5c:98:86:08:7b:
d7:e0:82:b0:b4:39:3a:bc:79:20:a0:3a:00:92:08:
e7:28:9b:0c:17:b2:c3:e8:aa:ba:e0:5f:27:58:27:
2d:7a:ac:ae:1a:fb:e0:21:c3:25:f1:2f:c2:f9:70:
c6:da:f2:5d:36:ac:03:4b:66:16:eb:9a:ac:77:80:
7c:10:71:f6:73:2f:3f:7c:a3:2a:0e:64:f5:ed:ee:
e8:9e:55:7f:9c:a8:8e:da:8e:47:52:76:f7:9d:29:
97:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:85:E2:3F:4A:A2:2D:59:4C:06:B3:7B:0B:7C:10:E8:48:5E:AF:46
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/n4XiP0qiLVlMBrN7C3wQ6Eher0Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.241.156.0/22
Signature Algorithm: sha256WithRSAEncryption
07:af:c8:86:f8:d8:1f:8d:f3:d3:14:6e:35:87:8b:3a:b4:e1:
25:09:1c:c8:9a:b9:91:96:0b:8f:0e:c2:30:69:32:26:30:67:
a6:f3:de:f9:25:ba:af:41:63:fc:85:06:53:a3:97:9c:be:a5:
7d:c2:98:8f:49:e6:5b:9c:c0:b1:52:9c:ca:20:78:eb:f4:67:
23:c3:75:4c:6e:0b:a4:c7:97:a6:d8:c2:d0:e5:09:21:ae:42:
53:1c:ad:82:c1:ec:44:2c:90:b9:1a:09:99:c4:4f:52:30:5c:
57:62:2a:46:f4:ff:ca:e5:52:cc:5c:26:55:0a:14:0b:a9:6f:
b7:f5:dd:2c:82:05:ba:cc:ce:d3:54:69:9b:a2:95:26:d0:0f:
c0:9d:6d:37:44:cc:06:02:b7:2b:00:cc:4b:7b:65:6e:ef:d4:
f0:8f:2f:76:6a:39:d8:71:c8:a8:4d:b4:ae:0f:b0:27:c0:4f:
2f:b7:7a:d5:36:54:4e:be:c2:58:ab:14:5e:ba:4a:7b:85:c9:
0c:c7:0c:02:d6:e4:3e:f4:da:c4:d2:94:6f:59:9d:97:0a:d8:
e9:a9:f1:6b:a5:08:c2:c3:94:df:53:93:77:3a:2a:b5:a7:86:
4a:9f:56:03:0c:20:a5:02:33:e6:3f:a3:ca:87:83:2b:8d:f6:
df:75:d3:f3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZlNG5SFPG8KXVVgQDwM02z6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwOTE1MTEyMTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Zjg1ZTIzZjRhYTIyZDU5NGMwNmIzN2IwYjdjMTBlODQ4NWVhZjQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwmRQlsVIioy9z1wOTVG/nCu8S1gc
GoE1pBnFVvWGHZnjR6qAGqC7LSstNkhRO6eS4ZDQycAMzekF/ns8MlipplOGmE57
sjOTZDepLQiOwt1nr4niPur0VedkMygG5A9VIcSrT78XOvz7hKWb6OuCDESETlkV
Uys0c0xT0Pb7h3DXiKmuVM1UNgD682AE4UVcsIPUiWfpHcidkGNl0AxhXJiGCHvX
4IKwtDk6vHkgoDoAkgjnKJsMF7LD6Kq64F8nWCcteqyuGvvgIcMl8S/C+XDG2vJd
NqwDS2YW65qsd4B8EHH2cy8/fKMqDmT17e7onlV/nKiO2o5HUnb3nSmXxwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ+F4j9Koi1ZTAazewt8EOhIXq9GMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvbjRYaVAwcWlMVmxNQnJON0Mzd1E2RWhlcjBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCl/GcMA0G
CSqGSIb3DQEBCwUAA4IBAQAHr8iG+NgfjfPTFG41h4s6tOElCRzImrmRlguPDsIw
aTImMGem8975JbqvQWP8hQZTo5ecvqV9wpiPSeZbnMCxUpzKIHjr9Gcjw3VMbguk
x5em2MLQ5QkhrkJTHK2CwexELJC5GgmZxE9SMFxXYipG9P/K5VLMXCZVChQLqW+3
9d0sggW6zM7TVGmbopUm0A/AnW03RMwGArcrAMxLe2Vu79Twjy92ajnYccioTbSu
D7AnwE8vt3rVNlROvsJYqxReukp7hckMxwwC1uQ+9NrE0pRvWZ2XCtjpqfFrpQjC
w5TfU5N3Oiq1p4ZKn1YDDCClAjPmP6PKh4MrjfbfddPz
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:11:16 2025 by rpki-client