Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/fdj3sUjF_Jv3HGlWWPy1ateUbeg.roa
File: fdj3sUjF_Jv3HGlWWPy1ateUbeg.roa (raw, json)
Hash identifier: TCUrIPya31KpwB0Yk24zjWuFpUiMpr0J5N4nOipxNQw=
Subject key identifier: 7D:D8:F7:B1:48:C5:FC:9B:F7:1C:69:56:58:FC:B5:6A:D7:94:6D:E8
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019A0B3F39A0CADDFDC4FEC304DDC42609F0
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/fdj3sUjF_Jv3HGlWWPy1ateUbeg.roa
Signing time: Wed 22 Oct 2025 09:28:04 +0000
ROA not before: Wed 22 Oct 2025 09:28:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214024
IP address blocks: 151.241.128.0/22 maxlen: 24
151.242.4.0/24 maxlen: 24
151.242.14.0/24 maxlen: 24
151.242.17.0/24 maxlen: 24
151.242.32.0/24 maxlen: 24
151.242.139.0/24 maxlen: 24
151.243.44.0/24 maxlen: 24
151.244.128.0/24 maxlen: 24
151.244.129.0/24 maxlen: 24
151.244.130.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 23 Oct 2025 12:36:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:0b:3f:39:a0:ca:dd:fd:c4:fe:c3:04:dd:c4:26:09:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Oct 22 09:28:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7dd8f7b148c5fc9bf71c695658fcb56ad7946de8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:83:34:85:1e:1c:07:e4:64:9c:eb:f5:d1:d9:
eb:04:1c:ce:c1:e1:02:2f:67:b2:8f:58:fa:79:41:
ab:3f:c2:29:58:d3:76:9d:52:b7:58:1c:3a:bc:08:
4c:46:59:3d:a8:45:27:98:43:df:e7:e0:de:ee:a0:
c0:4d:bd:5d:32:67:20:12:0d:35:d0:f5:2c:48:c9:
e1:a3:b5:b5:8d:b0:91:3c:9a:35:3e:8b:66:60:60:
25:eb:46:1d:a1:df:ff:21:ba:a6:15:4c:1e:1d:b1:
8f:5f:0f:a5:ce:ea:2f:0c:b6:2b:dd:51:3a:ae:2c:
34:c3:48:73:39:96:8b:af:11:02:42:a0:c5:62:b9:
f6:d0:f5:f3:7b:2b:4c:23:ea:a0:73:ee:84:36:17:
8c:04:60:46:65:ac:b2:82:c1:2f:70:e9:a3:8a:f8:
cd:61:ef:8b:97:f0:73:71:83:db:65:ae:b3:9a:38:
e2:df:5f:ee:ad:4b:f6:94:86:28:41:d8:ee:04:86:
2b:e5:2c:ae:01:4b:c2:6c:c4:4f:c9:b7:b1:f8:d0:
88:ba:c3:9a:2e:98:be:d7:46:33:d9:5f:5c:e5:e1:
89:ac:0b:f6:d9:6d:82:00:a9:65:c7:94:67:e4:b1:
be:09:97:bb:3b:5b:28:0d:2e:11:d4:c7:11:f3:f6:
a5:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:D8:F7:B1:48:C5:FC:9B:F7:1C:69:56:58:FC:B5:6A:D7:94:6D:E8
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/fdj3sUjF_Jv3HGlWWPy1ateUbeg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.241.128.0/22
151.242.4.0/24
151.242.14.0/24
151.242.17.0/24
151.242.32.0/24
151.242.139.0/24
151.243.44.0/24
151.244.128.0-151.244.130.255
Signature Algorithm: sha256WithRSAEncryption
8b:c1:e4:54:97:1e:74:42:b1:8a:25:aa:05:96:d5:34:cb:28:
5a:8f:f9:71:36:2f:96:d7:4a:5d:81:1a:ba:ed:7e:a9:69:48:
9d:08:13:24:5a:89:01:1c:0d:e6:97:83:1a:cf:18:41:4d:d7:
3c:9d:46:db:e9:5e:43:49:ff:59:f7:77:8b:47:b7:25:be:09:
02:97:6f:71:0c:71:27:89:97:33:0b:63:36:cf:51:ee:f7:2e:
28:8c:cf:6b:ba:7f:75:b6:35:b7:e5:c3:7d:67:ca:54:8c:5f:
9b:c0:db:66:47:48:87:cf:d1:2d:7a:b3:e8:21:7a:97:43:d5:
1a:d3:bc:18:6d:94:10:04:b0:fc:d2:37:9b:41:b8:74:1c:a1:
b1:89:d7:5b:70:99:f5:81:a7:73:af:cf:8d:b8:a1:16:dc:b0:
cc:06:14:9b:06:80:35:bd:71:28:00:2e:7c:a6:44:eb:ef:ed:
77:b5:1c:4f:a1:23:a0:60:5b:7a:d5:e8:64:17:38:4f:46:51:
76:d4:39:2f:42:1a:15:7d:00:e9:17:e3:f2:85:27:dd:82:e9:
7c:33:53:f5:3f:71:78:a5:60:1d:83:9a:d6:10:23:71:a5:f3:
fa:bf:62:ff:d4:b6:77:ea:f6:12:fa:52:c3:bc:94:66:b6:12:
8e:b8:0a:f6
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAZoLPzmgyt39xP7DBN3EJgnwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUxMDIyMDkyODA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZGQ4ZjdiMTQ4YzVmYzliZjcxYzY5NTY1OGZjYjU2YWQ3OTQ2ZGU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnIM0hR4cB+RknOv10dnrBBzOweEC
L2eyj1j6eUGrP8IpWNN2nVK3WBw6vAhMRlk9qEUnmEPf5+De7qDATb1dMmcgEg01
0PUsSMnho7W1jbCRPJo1PotmYGAl60Ydod//IbqmFUweHbGPXw+lzuovDLYr3VE6
riw0w0hzOZaLrxECQqDFYrn20PXzeytMI+qgc+6ENheMBGBGZayygsEvcOmjivjN
Ye+Ll/BzcYPbZa6zmjji31/urUv2lIYoQdjuBIYr5SyuAUvCbMRPybex+NCIusOa
Lpi+10Yz2V9c5eGJrAv22W2CAKllx5Rn5LG+CZe7O1soDS4R1McR8/alYwIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFH3Y97FIxfyb9xxpVlj8tWrXlG3oMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvZmRqM3NVakZfSnYzSEdsV1dQeTFhdGVVYmVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQCl/GAAwQA
l/IEAwQAl/IOAwQAl/IRAwQAl/IgAwQAl/KLAwQAl/MsMAwDBAeX9IADBACX9IIw
DQYJKoZIhvcNAQELBQADggEBAIvB5FSXHnRCsYolqgWW1TTLKFqP+XE2L5bXSl2B
GrrtfqlpSJ0IEyRaiQEcDeaXgxrPGEFN1zydRtvpXkNJ/1n3d4tHtyW+CQKXb3EM
cSeJlzMLYzbPUe73LiiMz2u6f3W2Nbflw31nylSMX5vA22ZHSIfP0S16s+ghepdD
1RrTvBhtlBAEsPzSN5tBuHQcobGJ11twmfWBp3Ovz424oRbcsMwGFJsGgDW9cSgA
LnymROvv7Xe1HE+hI6BgW3rV6GQXOE9GUXbUOS9CGhV9AOkX4/KFJ92C6XwzU/U/
cXilYB2DmtYQI3Gl8/q/Yv/Utnfq9hL6UsO8lGa2Eo64CvY=
-----END CERTIFICATE-----
Generated at Wed Oct 22 19:23:33 2025 by rpki-client