Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/qgTRH_bhAZXHSpXKZtXpEg7jO5o.roa
File: qgTRH_bhAZXHSpXKZtXpEg7jO5o.roa (raw, json)
Hash identifier: +d5e7I5DIYHLSLMoqHr8t+qJSPnDa9l0RhMgPBFWAh8=
Subject key identifier: AA:04:D1:1F:F6:E1:01:95:C7:4A:95:CA:66:D5:E9:12:0E:E3:3B:9A
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0199523D5F4065B87C95F823BCCE5602A52C
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/qgTRH_bhAZXHSpXKZtXpEg7jO5o.roa
Signing time: Tue 16 Sep 2025 11:16:17 +0000
ROA not before: Tue 16 Sep 2025 11:16:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 139989
IP address blocks: 151.242.80.0/24 maxlen: 24
151.243.41.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:52:3d:5f:40:65:b8:7c:95:f8:23:bc:ce:56:02:a5:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Sep 16 11:16:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=aa04d11ff6e10195c74a95ca66d5e9120ee33b9a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:c3:59:d1:b8:50:de:f6:ce:0d:36:d5:b9:93:
92:be:35:92:3d:95:5b:78:82:e5:22:1b:53:6f:a2:
ae:1d:5f:2e:84:27:fd:2f:c3:a8:e4:13:8d:d4:fd:
82:80:ef:72:4d:07:54:6e:8c:ff:71:20:9a:d0:ca:
0f:5c:09:49:55:2b:99:09:0b:c7:33:56:fe:a8:5d:
8e:33:65:34:6f:94:89:96:53:62:ea:c1:f4:1a:1f:
db:b9:2c:6c:ac:0b:f6:12:b1:af:3e:d6:96:81:84:
25:b8:ff:88:79:1a:ef:8e:86:f7:8c:12:f6:9a:4a:
25:78:60:7c:23:eb:bf:2f:6f:9b:77:15:96:3c:10:
0d:6b:3f:cc:85:d4:8a:72:52:61:ad:f5:67:fe:e5:
30:25:aa:2e:c4:e2:58:ec:a8:48:66:f8:1e:22:8d:
a6:94:e1:84:2b:df:f7:88:51:2f:2b:85:34:2e:96:
ea:3c:6e:ee:78:cf:fb:3f:a2:e8:a7:b1:ac:6e:d5:
ab:15:6a:1b:09:c3:65:4a:00:14:33:9b:94:e9:94:
5f:3b:1d:3f:80:88:d4:fa:0d:b7:b2:c5:7a:86:38:
6b:06:e7:3d:89:72:11:cf:91:5b:f7:78:67:b4:2c:
17:70:0d:33:11:14:ca:0e:10:26:a1:c9:c9:09:3d:
fd:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:04:D1:1F:F6:E1:01:95:C7:4A:95:CA:66:D5:E9:12:0E:E3:3B:9A
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/qgTRH_bhAZXHSpXKZtXpEg7jO5o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.242.80.0/24
151.243.41.0/24
Signature Algorithm: sha256WithRSAEncryption
66:6c:89:f4:33:77:43:8d:62:72:e8:ac:a4:f7:e3:59:7a:4f:
57:c6:7a:c6:e8:32:98:7f:64:a7:09:51:d6:51:f1:05:ec:d4:
f4:af:2f:04:4d:06:67:4e:e3:84:35:55:63:5e:1a:51:51:01:
7a:ea:b0:ec:1e:f7:c5:d8:4a:bb:e3:75:f5:7d:ff:19:36:a6:
7e:fc:b9:fb:45:35:13:4d:38:9c:ec:40:b3:b4:8d:1e:3c:f1:
03:ee:17:24:37:0f:9b:80:7a:87:b7:52:5e:8b:37:d0:26:2b:
b5:a2:98:e5:a6:c0:fa:50:19:94:3b:6b:9f:5f:ba:8b:00:a3:
8c:54:e6:7e:25:1b:50:f5:c2:9c:cc:6b:5c:f4:da:9f:b7:e5:
3e:ce:68:d3:6f:17:b1:e6:b6:9e:b9:81:1e:72:45:ce:5e:14:
34:5d:6b:76:c0:1d:bd:35:5f:8a:27:21:29:f1:a3:8d:d9:5d:
fe:77:7e:25:0e:f0:ef:f7:10:cb:3f:58:6b:10:43:ff:fa:41:
c7:d6:24:9f:35:15:c2:c1:0a:a6:84:97:76:1d:52:fd:7c:b9:
ef:22:5f:2d:b2:8a:e3:0d:57:13:22:b5:df:04:10:0d:2f:a0:
3f:f1:11:1e:20:62:46:12:f1:e1:f2:8e:ee:7f:dd:84:82:a3:
7b:01:89:3b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZlSPV9AZbh8lfgjvM5WAqUsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwOTE2MTExNjE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTA0ZDExZmY2ZTEwMTk1Yzc0YTk1Y2E2NmQ1ZTkxMjBlZTMzYjlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqMNZ0bhQ3vbODTbVuZOSvjWSPZVb
eILlIhtTb6KuHV8uhCf9L8Oo5BON1P2CgO9yTQdUboz/cSCa0MoPXAlJVSuZCQvH
M1b+qF2OM2U0b5SJllNi6sH0Gh/buSxsrAv2ErGvPtaWgYQluP+IeRrvjob3jBL2
mkoleGB8I+u/L2+bdxWWPBANaz/MhdSKclJhrfVn/uUwJaouxOJY7KhIZvgeIo2m
lOGEK9/3iFEvK4U0LpbqPG7ueM/7P6Lop7GsbtWrFWobCcNlSgAUM5uU6ZRfOx0/
gIjU+g23ssV6hjhrBuc9iXIRz5Fb93hntCwXcA0zERTKDhAmocnJCT39jwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKoE0R/24QGVx0qVymbV6RIO4zuaMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvcWdUUkhfYmhBWlhIU3BYS1p0WHBFZzdqTzVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAl/JQAwQA
l/MpMA0GCSqGSIb3DQEBCwUAA4IBAQBmbIn0M3dDjWJy6Kyk9+NZek9XxnrG6DKY
f2SnCVHWUfEF7NT0ry8ETQZnTuOENVVjXhpRUQF66rDsHvfF2Eq743X1ff8ZNqZ+
/Ln7RTUTTTic7ECztI0ePPED7hckNw+bgHqHt1JeizfQJiu1opjlpsD6UBmUO2uf
X7qLAKOMVOZ+JRtQ9cKczGtc9Nqft+U+zmjTbxex5raeuYEeckXOXhQ0XWt2wB29
NV+KJyEp8aON2V3+d34lDvDv9xDLP1hrEEP/+kHH1iSfNRXCwQqmhJd2HVL9fLnv
Il8tsorjDVcTIrXfBBANL6A/8REeIGJGEvHh8o7uf92EgqN7AYk7
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:05:38 2025 by rpki-client