Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/TIfcRSbDH9CVGC8gFbg85EBheJQ.roa
File: TIfcRSbDH9CVGC8gFbg85EBheJQ.roa (raw, json)
Hash identifier: 0vq7IyX64+Pp7kQWaj/LRaHNpuWqf7Lzzrtv6yFSPs4=
Subject key identifier: 4C:87:DC:45:26:C3:1F:D0:95:18:2F:20:15:B8:3C:E4:40:61:78:94
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0198E4D55EBF82C12827304FD9F49364AC35
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/TIfcRSbDH9CVGC8gFbg85EBheJQ.roa
Signing time: Tue 26 Aug 2025 05:24:05 +0000
ROA not before: Tue 26 Aug 2025 05:24:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31715
IP address blocks: 151.240.124.0/24 maxlen: 24
151.242.114.0/24 maxlen: 24
151.242.226.0/24 maxlen: 24
151.244.26.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 04 Sep 2025 13:03:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:e4:d5:5e:bf:82:c1:28:27:30:4f:d9:f4:93:64:ac:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Aug 26 05:24:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4c87dc4526c31fd095182f2015b83ce440617894
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fb:38:b2:96:99:88:df:3d:67:9b:2f:de:b1:35:
be:64:b5:c6:64:a8:27:09:51:62:eb:be:d4:91:dd:
f6:ae:5c:d4:0c:3b:73:dd:cb:aa:e7:58:37:06:57:
e5:8b:21:00:4b:3e:55:d8:e1:35:0f:75:36:0f:3d:
bc:9f:22:fd:17:b4:84:1e:41:de:14:ae:1e:f9:43:
62:38:b4:1c:cd:28:46:59:84:52:99:c0:94:48:a8:
12:41:51:ce:d4:51:c9:0b:56:e9:dc:db:64:03:34:
5a:92:99:21:db:64:ae:57:4b:9f:ff:66:95:f7:ed:
e4:cf:0e:e1:7c:b0:0a:7b:1c:a4:94:5a:8d:ad:43:
1d:ab:88:db:21:e2:c1:ea:00:0d:51:3c:c9:91:48:
c0:67:58:10:98:af:40:70:b2:c4:8f:5a:49:7e:cb:
a4:76:e4:d1:e6:7e:35:bf:dd:59:5d:b0:83:43:9f:
ce:ba:6e:29:a6:38:e1:a5:07:65:c6:65:ac:bf:62:
95:62:fa:29:63:5a:f8:07:d5:b0:46:ac:62:a2:de:
2e:98:3b:da:63:32:80:25:e9:e4:73:bf:84:77:e6:
eb:1e:41:9d:5f:94:47:9b:9a:45:72:08:87:6b:0b:
47:1b:7e:c7:73:5f:f5:35:31:7c:14:c7:7b:2c:5d:
71:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:87:DC:45:26:C3:1F:D0:95:18:2F:20:15:B8:3C:E4:40:61:78:94
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/TIfcRSbDH9CVGC8gFbg85EBheJQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.240.124.0/24
151.242.114.0/24
151.242.226.0/24
151.244.26.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:c9:73:af:9e:88:de:bc:09:8e:7c:3d:79:1d:8f:a7:30:24:
15:ae:f2:e8:2c:db:34:78:97:5a:bf:1f:76:0a:97:3a:e6:e9:
0d:e7:6e:eb:b2:b6:03:16:f7:db:d6:fc:3e:1f:07:57:56:f9:
b3:9f:56:2e:6a:28:1a:29:76:60:13:ab:af:19:31:89:a6:84:
15:01:b6:2c:df:ef:ce:f8:9d:85:8b:98:77:89:37:83:68:99:
05:e8:c8:c1:bd:0d:a9:e2:e7:76:de:c4:d6:da:ca:4c:c8:03:
a0:a1:80:40:b8:66:0c:f5:17:43:1f:7c:e1:7a:93:65:40:d2:
41:15:b2:30:b2:5a:21:e1:ec:ab:6b:87:c7:7c:cf:e0:3f:55:
42:7d:99:77:56:fe:64:0d:37:7f:c3:ac:9d:f1:34:18:de:cc:
25:a7:69:a4:1f:ac:52:79:18:06:b6:1e:03:a0:89:9b:d4:a8:
af:05:64:d1:46:4e:8a:31:a6:61:f6:08:34:dd:0f:94:40:ab:
fc:f4:cc:fb:82:68:ed:79:db:76:15:5d:9e:ba:90:bb:1a:59:
06:06:7d:2a:1e:81:eb:dd:95:63:f2:d7:f7:48:fb:08:3b:8c:
fe:bf:9e:45:7f:3e:95:fb:70:e7:fb:fd:95:1e:5d:df:bf:84:
ee:8a:15:bb
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZjk1V6/gsEoJzBP2fSTZKw1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwODI2MDUyNDA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Yzg3ZGM0NTI2YzMxZmQwOTUxODJmMjAxNWI4M2NlNDQwNjE3ODk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+ziylpmI3z1nmy/esTW+ZLXGZKgn
CVFi677Ukd32rlzUDDtz3cuq51g3BlfliyEASz5V2OE1D3U2Dz28nyL9F7SEHkHe
FK4e+UNiOLQczShGWYRSmcCUSKgSQVHO1FHJC1bp3NtkAzRakpkh22SuV0uf/2aV
9+3kzw7hfLAKexyklFqNrUMdq4jbIeLB6gANUTzJkUjAZ1gQmK9AcLLEj1pJfsuk
duTR5n41v91ZXbCDQ5/Oum4ppjjhpQdlxmWsv2KVYvopY1r4B9WwRqxiot4umDva
YzKAJenkc7+Ed+brHkGdX5RHm5pFcgiHawtHG37Hc1/1NTF8FMd7LF1xXwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFEyH3EUmwx/QlRgvIBW4PORAYXiUMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvVElmY1JTYkRIOUNWR0M4Z0ZiZzg1RUJoZUpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAl/B8AwQA
l/JyAwQAl/LiAwQAl/QaMA0GCSqGSIb3DQEBCwUAA4IBAQBNyXOvnojevAmOfD15
HY+nMCQVrvLoLNs0eJdavx92Cpc65ukN527rsrYDFvfb1vw+HwdXVvmzn1Yuaiga
KXZgE6uvGTGJpoQVAbYs3+/O+J2Fi5h3iTeDaJkF6MjBvQ2p4ud23sTW2spMyAOg
oYBAuGYM9RdDH3zhepNlQNJBFbIwsloh4eyra4fHfM/gP1VCfZl3Vv5kDTd/w6yd
8TQY3swlp2mkH6xSeRgGth4DoImb1KivBWTRRk6KMaZh9gg03Q+UQKv89Mz7gmjt
edt2FV2eupC7GlkGBn0qHoHr3ZVj8tf3SPsIO4z+v55Ffz6V+3Dn+/2VHl3fv4Tu
ihW7
-----END CERTIFICATE-----
Generated at Wed Sep 3 18:34:42 2025 by rpki-client