Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/_HE0sdybz-fTSSZc6Ns5t9tqr9I.roa
File: _HE0sdybz-fTSSZc6Ns5t9tqr9I.roa (raw, json)
Hash identifier: 3dcbxSvl65Eae7QVwiHu8ILqD6MerlLYk+UIW+ZUUV4=
Subject key identifier: FC:71:34:B1:DC:9B:CF:E7:D3:49:26:5C:E8:DB:39:B7:DB:6A:AF:D2
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0198EA17338ACD97DC02F4A91400D885C403
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/_HE0sdybz-fTSSZc6Ns5t9tqr9I.roa
Signing time: Wed 27 Aug 2025 05:54:05 +0000
ROA not before: Wed 27 Aug 2025 05:54:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 140171
IP address blocks: 151.243.146.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 04 Sep 2025 13:03:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:ea:17:33:8a:cd:97:dc:02:f4:a9:14:00:d8:85:c4:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Aug 27 05:54:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fc7134b1dc9bcfe7d349265ce8db39b7db6aafd2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:d3:a8:8d:a2:6a:cb:21:78:66:4e:9b:e0:fd:
29:9d:c3:30:a3:76:dc:e6:e5:5b:1c:14:f4:c1:0c:
d3:4b:c9:fb:6d:62:c8:07:bc:72:56:24:a3:1a:a7:
b0:4a:49:45:09:1d:1a:2e:ba:9f:d9:5d:55:91:e6:
11:79:68:97:30:04:b1:56:9f:c9:77:49:09:af:98:
11:39:40:09:c2:cc:18:23:6b:5a:64:2e:5d:da:bf:
69:0c:60:6b:d5:21:ef:1b:f8:78:cb:58:13:68:5e:
3a:2e:cc:c1:d0:d4:96:a0:cc:27:f7:c5:c4:84:41:
4a:a1:6f:16:74:14:3f:cc:b4:a2:99:c2:2a:ba:67:
35:27:f2:bb:a9:7b:08:15:5b:d7:57:cb:7b:8b:a5:
ac:e1:14:78:71:88:b7:74:73:3c:1a:0e:91:de:09:
aa:c2:6e:c5:b0:a2:9f:e0:a4:a4:70:f3:b4:29:4a:
36:66:58:53:7b:a0:48:96:48:0e:21:5a:d4:f3:58:
1b:ef:01:22:fa:61:1b:64:91:f0:d1:a3:33:1c:a8:
57:bb:ed:c4:e0:f9:90:06:40:52:1f:26:56:11:a3:
1d:49:0c:95:fa:66:de:59:f3:26:15:e7:54:0a:4d:
3c:f0:8b:e6:f5:64:0c:61:25:49:cc:ac:94:d9:d8:
db:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:71:34:B1:DC:9B:CF:E7:D3:49:26:5C:E8:DB:39:B7:DB:6A:AF:D2
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/_HE0sdybz-fTSSZc6Ns5t9tqr9I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.243.146.0/24
Signature Algorithm: sha256WithRSAEncryption
13:b5:ba:5b:e6:05:53:07:c1:e2:e0:93:b8:4f:f8:48:ae:53:
22:cf:4f:f7:1a:12:19:d8:a0:ee:a2:21:dd:1d:20:7f:97:c8:
9f:ae:34:ba:15:3e:44:de:46:99:91:a6:6e:2b:9a:4d:11:99:
56:65:4e:ea:0c:b8:ad:31:12:6c:c7:6b:2e:71:3b:58:4f:ce:
47:22:12:fe:c9:b8:30:bb:20:9c:08:c6:39:d9:33:89:cc:77:
9b:24:82:79:00:8c:4f:c6:c3:5b:7e:10:09:be:30:90:a5:d4:
ee:9d:74:da:a2:b2:f5:32:49:59:97:4a:08:df:51:b3:fb:be:
fa:c8:6e:3a:03:e2:a4:66:45:68:17:5d:8e:52:37:4c:f5:2a:
79:79:6e:1b:20:5b:be:e8:d4:64:ab:8f:6f:6e:f0:b6:31:8b:
61:9f:c1:a6:80:e5:23:09:fd:24:89:0f:3f:dc:b3:b6:62:01:
8f:59:ac:b9:32:2f:84:a2:13:32:a8:c0:60:a5:a5:51:60:e6:
15:65:86:54:e4:55:43:6f:ce:53:96:50:30:62:38:79:93:1c:
7d:af:ab:32:c1:d4:31:89:3a:70:b3:65:e7:2e:ab:58:b3:b9:
e9:cc:57:27:40:20:17:b1:cd:0a:72:d0:3f:24:fb:17:6d:02:
40:6c:ac:5e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZjqFzOKzZfcAvSpFADYhcQDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwODI3MDU1NDA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYzcxMzRiMWRjOWJjZmU3ZDM0OTI2NWNlOGRiMzliN2RiNmFhZmQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6NOojaJqyyF4Zk6b4P0pncMwo3bc
5uVbHBT0wQzTS8n7bWLIB7xyViSjGqewSklFCR0aLrqf2V1VkeYReWiXMASxVp/J
d0kJr5gROUAJwswYI2taZC5d2r9pDGBr1SHvG/h4y1gTaF46LszB0NSWoMwn98XE
hEFKoW8WdBQ/zLSimcIqumc1J/K7qXsIFVvXV8t7i6Ws4RR4cYi3dHM8Gg6R3gmq
wm7FsKKf4KSkcPO0KUo2ZlhTe6BIlkgOIVrU81gb7wEi+mEbZJHw0aMzHKhXu+3E
4PmQBkBSHyZWEaMdSQyV+mbeWfMmFedUCk088Ivm9WQMYSVJzKyU2djbYQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPxxNLHcm8/n00kmXOjbObfbaq/SMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvX0hFMHNkeWJ6LWZUU1NaYzZOczV0OXRxcjlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAl/OSMA0G
CSqGSIb3DQEBCwUAA4IBAQATtbpb5gVTB8Hi4JO4T/hIrlMiz0/3GhIZ2KDuoiHd
HSB/l8ifrjS6FT5E3kaZkaZuK5pNEZlWZU7qDLitMRJsx2sucTtYT85HIhL+ybgw
uyCcCMY52TOJzHebJIJ5AIxPxsNbfhAJvjCQpdTunXTaorL1MklZl0oI31Gz+776
yG46A+KkZkVoF12OUjdM9Sp5eW4bIFu+6NRkq49vbvC2MYthn8GmgOUjCf0kiQ8/
3LO2YgGPWay5Mi+EohMyqMBgpaVRYOYVZYZU5FVDb85TllAwYjh5kxx9r6sywdQx
iTpws2XnLqtYs7npzFcnQCAXsc0KctA/JPsXbQJAbKxe
-----END CERTIFICATE-----
Generated at Wed Sep 3 18:40:21 2025 by rpki-client