Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/T7Ip1crIV-1_8qyGRt5DWiWiSuA.roa
File: T7Ip1crIV-1_8qyGRt5DWiWiSuA.roa (raw, json)
Hash identifier: XmkQYd4lKHBpXmRnI27q+CJvnmh+yAFTwNpd32OmD34=
Subject key identifier: 4F:B2:29:D5:CA:C8:57:ED:7F:F2:AC:86:46:DE:43:5A:25:A2:4A:E0
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0198EA173415D82D5CC45589EEE32A3A5275
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/T7Ip1crIV-1_8qyGRt5DWiWiSuA.roa
Signing time: Wed 27 Aug 2025 05:54:05 +0000
ROA not before: Wed 27 Aug 2025 05:54:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207821
IP address blocks: 151.240.26.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 04 Sep 2025 13:03:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:ea:17:34:15:d8:2d:5c:c4:55:89:ee:e3:2a:3a:52:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Aug 27 05:54:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4fb229d5cac857ed7ff2ac8646de435a25a24ae0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:d1:79:1b:be:15:0b:ed:1a:d8:7c:11:e4:a7:
b3:57:a7:93:54:e2:e3:52:1a:0b:5f:b4:cc:aa:87:
4c:54:17:58:ce:0f:bf:b3:7d:2b:af:62:22:91:3c:
02:8a:c8:f6:de:e6:d6:1f:b8:1f:99:ab:d1:51:bd:
c8:a0:e7:bf:31:7d:2b:31:e8:b3:f1:f2:33:97:4e:
86:6f:96:d2:81:be:74:12:d0:7a:11:cb:50:77:3c:
6b:f0:0e:ca:be:6f:9d:be:01:b7:53:4c:66:d2:f4:
fa:4a:d6:6e:37:26:28:34:24:11:1d:87:88:d5:b5:
58:e1:de:01:3b:b0:ff:bb:01:c7:5f:21:98:22:bc:
f2:b2:94:6f:8b:32:7c:88:c5:3d:b0:34:88:7c:5d:
ec:e7:69:11:58:ca:64:00:b8:7b:09:3b:79:13:9f:
1d:16:54:b1:bd:e6:01:f1:4c:84:3c:56:5a:ce:24:
ea:3a:16:09:21:66:67:97:28:75:9a:a5:af:90:cd:
6b:9f:ea:6d:6f:35:28:64:b7:7f:6a:cd:59:42:60:
ca:46:2c:58:8f:f0:32:ff:66:e9:53:02:6b:c7:cf:
51:88:23:71:da:d4:8d:af:3c:e1:8e:6c:68:aa:b3:
78:77:f7:07:88:0f:20:e4:39:d1:da:bf:63:11:85:
25:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:B2:29:D5:CA:C8:57:ED:7F:F2:AC:86:46:DE:43:5A:25:A2:4A:E0
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/T7Ip1crIV-1_8qyGRt5DWiWiSuA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.240.26.0/24
Signature Algorithm: sha256WithRSAEncryption
53:6a:a4:7e:23:0a:a4:0f:c4:8e:dd:60:60:34:bf:e7:51:0d:
9d:d4:01:44:8f:89:a9:b5:75:52:22:1c:87:2e:29:fe:2a:16:
1b:bb:87:62:e9:47:bb:2e:77:a0:6d:e4:41:58:ba:ed:25:ef:
0f:54:fc:36:22:a2:9f:40:91:e9:a4:39:42:c4:fc:6d:c8:bb:
60:f2:6b:14:dc:7e:c3:a9:fb:17:55:2b:9a:6e:8c:7e:39:5c:
d8:b5:32:8e:ca:21:87:89:6f:e5:40:7c:f9:69:b3:b5:c1:b9:
78:13:9e:b2:c3:e8:74:f0:4b:49:5a:bb:b7:58:ce:d9:fc:a1:
9c:ac:e2:37:55:1a:ee:af:c3:0e:ce:b7:d7:21:0f:64:b1:6f:
05:30:83:35:05:f2:7f:0e:54:16:f5:ea:56:c5:e8:7e:f0:19:
cf:79:8c:9a:6d:96:d5:bd:06:68:8d:04:61:23:11:cd:1d:e0:
a8:bd:59:a7:77:c7:40:e0:8f:2f:7d:31:bf:9b:10:5d:28:29:
02:95:66:e5:c2:bc:ae:be:43:0b:d1:a5:07:56:e8:b2:9d:eb:
5e:e9:bb:3c:4a:bd:ed:64:0e:cb:21:27:66:9d:bc:41:de:c6:
07:59:c4:c7:02:eb:44:36:51:6c:4b:c9:de:ea:17:86:78:9b:
de:f0:ac:53
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZjqFzQV2C1cxFWJ7uMqOlJ1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwODI3MDU1NDA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZmIyMjlkNWNhYzg1N2VkN2ZmMmFjODY0NmRlNDM1YTI1YTI0YWUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8NF5G74VC+0a2HwR5KezV6eTVOLj
UhoLX7TMqodMVBdYzg+/s30rr2IikTwCisj23ubWH7gfmavRUb3IoOe/MX0rMeiz
8fIzl06Gb5bSgb50EtB6EctQdzxr8A7Kvm+dvgG3U0xm0vT6StZuNyYoNCQRHYeI
1bVY4d4BO7D/uwHHXyGYIrzyspRvizJ8iMU9sDSIfF3s52kRWMpkALh7CTt5E58d
FlSxveYB8UyEPFZaziTqOhYJIWZnlyh1mqWvkM1rn+ptbzUoZLd/as1ZQmDKRixY
j/Ay/2bpUwJrx89RiCNx2tSNrzzhjmxoqrN4d/cHiA8g5DnR2r9jEYUlkwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE+yKdXKyFftf/KshkbeQ1olokrgMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvVDdJcDFjcklWLTFfOHF5R1J0NURXaVdpU3VBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAl/AaMA0G
CSqGSIb3DQEBCwUAA4IBAQBTaqR+IwqkD8SO3WBgNL/nUQ2d1AFEj4mptXVSIhyH
Lin+KhYbu4di6Ue7LnegbeRBWLrtJe8PVPw2IqKfQJHppDlCxPxtyLtg8msU3H7D
qfsXVSuabox+OVzYtTKOyiGHiW/lQHz5abO1wbl4E56yw+h08EtJWru3WM7Z/KGc
rOI3VRrur8MOzrfXIQ9ksW8FMIM1BfJ/DlQW9epWxeh+8BnPeYyabZbVvQZojQRh
IxHNHeCovVmnd8dA4I8vfTG/mxBdKCkClWblwryuvkML0aUHVuiynete6bs8Sr3t
ZA7LISdmnbxB3sYHWcTHAutENlFsS8ne6heGeJve8KxT
-----END CERTIFICATE-----
Generated at Wed Sep 3 18:30:28 2025 by rpki-client