Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/0nLMxoyhQfUbOU17TcyRbJHhaJ8.roa
File: 0nLMxoyhQfUbOU17TcyRbJHhaJ8.roa (raw, json)
Hash identifier: 19WaxSo6IKYY14CtO8vri+hqls3IRoEuxjHrfAsIRmM=
Subject key identifier: D2:72:CC:C6:8C:A1:41:F5:1B:39:4D:7B:4D:CC:91:6C:91:E1:68:9F
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 01990E9A4E946E2D8117524B3C553801164D
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/0nLMxoyhQfUbOU17TcyRbJHhaJ8.roa
Signing time: Wed 03 Sep 2025 08:03:37 +0000
ROA not before: Wed 03 Sep 2025 08:03:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9381
IP address blocks: 151.242.180.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 04 Sep 2025 13:03:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:0e:9a:4e:94:6e:2d:81:17:52:4b:3c:55:38:01:16:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Sep 3 08:03:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d272ccc68ca141f51b394d7b4dcc916c91e1689f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:e0:ee:47:0a:b0:b4:bb:c0:32:68:00:48:b6:
2f:46:c0:48:2a:38:8b:ce:8b:45:1b:85:c1:66:8e:
9a:e8:7a:2b:5c:ee:5c:ea:66:af:93:21:2a:b7:8c:
4d:dc:9e:6b:ce:d1:e2:28:c3:cf:ca:e5:53:fb:b7:
6b:57:28:4d:f5:03:6a:eb:ff:27:6e:ea:ba:a1:c1:
b6:6c:47:9b:73:24:85:cc:bf:ec:e1:4b:29:3e:b6:
ad:85:ba:b3:08:37:6c:cf:eb:b8:37:f5:99:74:3f:
8d:92:3d:6a:b2:a9:a2:11:8c:78:7e:53:0a:03:9c:
f9:ff:cf:d1:80:2c:02:8b:ab:d9:8c:ef:55:4a:7e:
66:30:4c:de:1e:10:bf:67:3c:49:6f:91:03:81:f7:
5b:0b:e8:95:65:6f:d0:80:70:3c:fd:34:ea:c4:1f:
95:25:d8:92:c7:ef:c2:3b:bc:12:13:95:2b:b5:d1:
0a:6a:a6:5f:b2:3b:fd:48:54:1e:64:49:64:42:df:
b2:74:f3:84:b3:61:9c:00:9e:6e:c9:43:12:3e:de:
b6:19:b4:22:5f:8b:61:c8:e1:8f:07:fb:95:07:98:
9d:14:e2:a5:0a:22:fa:74:d4:46:7b:02:e5:9e:74:
c1:84:51:25:da:6b:3b:9e:4e:a1:27:02:5b:40:95:
f3:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:72:CC:C6:8C:A1:41:F5:1B:39:4D:7B:4D:CC:91:6C:91:E1:68:9F
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/0nLMxoyhQfUbOU17TcyRbJHhaJ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.242.180.0/22
Signature Algorithm: sha256WithRSAEncryption
6c:c6:99:02:62:4c:04:4e:6c:03:67:37:33:fc:1f:cf:8c:ad:
29:a9:da:ae:ef:db:ef:4a:cb:49:c5:d1:c0:b0:b9:0e:c2:68:
46:71:4c:55:26:3e:1b:d2:bd:66:24:c8:23:9a:9a:9e:ee:d7:
d9:f5:e1:9b:32:fc:e6:d5:87:86:96:1f:21:ce:d6:fd:a2:74:
56:8e:3e:43:6d:15:2b:63:9f:3d:85:92:80:d2:65:00:d9:e0:
5e:78:e0:41:a8:bc:4e:09:8f:cf:98:76:ac:91:f0:fa:d5:54:
a9:47:6a:e7:2e:b4:ae:7a:6a:d4:74:b0:fe:7b:50:7d:25:16:
78:c1:4c:1e:cc:93:b7:ad:a8:4f:53:81:4b:7d:9a:2b:f5:55:
b0:90:cc:4c:a7:f9:d5:47:f2:c7:cb:f0:54:9c:58:d3:b5:71:
55:e0:cd:c3:f7:9f:48:68:fb:5b:ac:2f:0f:20:6f:15:e0:d2:
6a:00:cc:ff:a4:3c:7e:33:b4:d0:cb:0d:f9:29:32:88:7e:e6:
ef:33:39:e1:58:b3:c5:a9:0c:87:72:7e:ed:5e:cb:01:46:31:
1c:6f:e1:d4:62:9b:02:44:ba:aa:4d:8e:41:40:ff:56:a9:a9:
03:ba:58:4b:99:7e:f8:88:db:f7:c2:f1:37:c2:ce:cf:c8:46:
93:ab:b6:ae
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZkOmk6Ubi2BF1JLPFU4ARZNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwOTAzMDgwMzM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjcyY2NjNjhjYTE0MWY1MWIzOTRkN2I0ZGNjOTE2YzkxZTE2ODlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmODuRwqwtLvAMmgASLYvRsBIKjiL
zotFG4XBZo6a6HorXO5c6mavkyEqt4xN3J5rztHiKMPPyuVT+7drVyhN9QNq6/8n
buq6ocG2bEebcySFzL/s4UspPrathbqzCDdsz+u4N/WZdD+Nkj1qsqmiEYx4flMK
A5z5/8/RgCwCi6vZjO9VSn5mMEzeHhC/ZzxJb5EDgfdbC+iVZW/QgHA8/TTqxB+V
JdiSx+/CO7wSE5UrtdEKaqZfsjv9SFQeZElkQt+ydPOEs2GcAJ5uyUMSPt62GbQi
X4thyOGPB/uVB5idFOKlCiL6dNRGewLlnnTBhFEl2ms7nk6hJwJbQJXzIwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNJyzMaMoUH1GzlNe03MkWyR4WifMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvMG5MTXhveWhRZlViT1UxN1RjeVJiSkhoYUo4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCl/K0MA0G
CSqGSIb3DQEBCwUAA4IBAQBsxpkCYkwETmwDZzcz/B/PjK0pqdqu79vvSstJxdHA
sLkOwmhGcUxVJj4b0r1mJMgjmpqe7tfZ9eGbMvzm1YeGlh8hztb9onRWjj5DbRUr
Y589hZKA0mUA2eBeeOBBqLxOCY/PmHaskfD61VSpR2rnLrSuemrUdLD+e1B9JRZ4
wUwezJO3rahPU4FLfZor9VWwkMxMp/nVR/LHy/BUnFjTtXFV4M3D959IaPtbrC8P
IG8V4NJqAMz/pDx+M7TQyw35KTKIfubvMznhWLPFqQyHcn7tXssBRjEcb+HUYpsC
RLqqTY5BQP9WqakDulhLmX74iNv3wvE3ws7PyEaTq7au
-----END CERTIFICATE-----
Generated at Wed Sep 3 18:37:27 2025 by rpki-client