Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/f0dd5f-b972-410b-9907-166fb9db6db3/1/chjNAC8nAY_1idgxZ4cutOeVbAY.roa
File: chjNAC8nAY_1idgxZ4cutOeVbAY.roa (raw, json)
Hash identifier: jS+FDp72Ee84TtCvWXMWI7/kBBph6ZyKnK6dpccqwmo=
Subject key identifier: 72:18:CD:00:2F:27:01:8F:F5:89:D8:31:67:87:2E:B4:E7:95:6C:06
Certificate issuer: /CN=4d302a2dd517a61a3b952746f2ee9fbe436d6349
Certificate serial: 019EF06F213899F3509F5E91142311E411E8
Authority key identifier: 4D:30:2A:2D:D5:17:A6:1A:3B:95:27:46:F2:EE:9F:BE:43:6D:63:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TTAqLdUXpho7lSdG8u6fvkNtY0k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/f0dd5f-b972-410b-9907-166fb9db6db3/1/chjNAC8nAY_1idgxZ4cutOeVbAY.roa
Signing time: Mon 22 Jun 2026 17:44:35 +0000
ROA not before: Mon 22 Jun 2026 17:44:35 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 219377
IP address blocks: 5.252.158.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fb/f0dd5f-b972-410b-9907-166fb9db6db3/1/TTAqLdUXpho7lSdG8u6fvkNtY0k.crl
rsync://rpki.ripe.net/repository/DEFAULT/fb/f0dd5f-b972-410b-9907-166fb9db6db3/1/TTAqLdUXpho7lSdG8u6fvkNtY0k.mft
rsync://rpki.ripe.net/repository/DEFAULT/TTAqLdUXpho7lSdG8u6fvkNtY0k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 30 Jun 2026 10:50:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:f0:6f:21:38:99:f3:50:9f:5e:91:14:23:11:e4:11:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4d302a2dd517a61a3b952746f2ee9fbe436d6349
Validity
Not Before: Jun 22 17:44:35 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=7218cd002f27018ff589d83167872eb4e7956c06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:1a:f7:7f:97:15:75:fe:94:db:79:8e:a2:91:
68:25:bc:81:ce:33:a3:e1:2a:da:ec:07:86:49:07:
4d:24:e9:4e:08:fd:16:99:5b:61:77:6b:ef:07:58:
9d:50:da:e0:c7:61:97:fa:1b:2a:89:1a:21:b2:22:
d9:1c:e5:b6:66:b7:9e:0d:20:63:f5:0b:e2:4d:5c:
df:7c:24:58:c8:ce:9d:c5:0e:aa:73:3a:ca:f3:12:
df:aa:e5:0f:2b:54:70:a2:03:f4:bc:e2:04:67:9a:
09:8e:a7:d2:da:78:50:97:d9:4c:3d:3f:0a:b2:2e:
21:02:67:83:f3:97:61:fb:3b:34:ba:2d:7d:76:b5:
53:b1:4e:74:a1:28:21:f8:50:22:d0:56:76:71:dd:
fb:b6:69:1d:f4:10:d6:c0:14:23:da:ff:3c:69:68:
f9:24:96:1a:f5:2e:21:a0:45:ad:89:8b:a3:13:7d:
f1:0d:02:8d:89:9c:e5:13:34:c9:f4:1e:b8:cc:11:
70:ba:78:45:a7:09:3f:fe:a9:7e:ee:56:17:b9:19:
6b:5e:a7:89:de:b6:1a:4f:17:16:bb:37:af:51:55:
77:81:b4:0e:3c:9d:c6:8b:6e:65:90:6e:45:c6:4c:
9d:76:41:7d:80:64:56:78:82:1f:ff:09:dd:54:54:
75:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:18:CD:00:2F:27:01:8F:F5:89:D8:31:67:87:2E:B4:E7:95:6C:06
X509v3 Authority Key Identifier:
keyid:4D:30:2A:2D:D5:17:A6:1A:3B:95:27:46:F2:EE:9F:BE:43:6D:63:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TTAqLdUXpho7lSdG8u6fvkNtY0k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/f0dd5f-b972-410b-9907-166fb9db6db3/1/chjNAC8nAY_1idgxZ4cutOeVbAY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/f0dd5f-b972-410b-9907-166fb9db6db3/1/TTAqLdUXpho7lSdG8u6fvkNtY0k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.252.158.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:47:d8:da:1d:a7:6b:96:bb:f6:f1:ce:31:69:a2:d1:f5:eb:
01:d2:3f:ef:96:5d:96:08:67:a7:69:bd:18:83:4f:17:cf:41:
7c:67:d5:a9:60:e3:ac:fd:ef:db:69:61:fc:9a:08:a3:fb:60:
f7:22:e8:f1:21:74:bb:22:2d:1c:8f:0b:02:bd:0a:9a:88:3f:
b8:e0:c3:1d:bc:5b:46:0f:ca:f8:4e:be:47:18:3d:c0:d3:dc:
e1:53:36:fe:33:bd:25:2f:7c:69:00:75:17:ed:22:38:c4:48:
80:da:b7:89:26:82:09:00:10:18:b7:d0:80:7f:e4:e0:aa:58:
4d:5f:7b:12:56:f2:c5:c4:5f:a0:37:f2:53:1a:53:e1:38:94:
b7:33:24:b7:4c:c3:bf:41:f4:d9:bb:0a:73:30:00:f2:06:7c:
b5:f3:81:05:32:e3:7c:4e:24:90:91:81:77:f8:b9:fe:2e:ea:
4f:82:d5:54:c7:93:58:40:bf:4b:e0:56:31:dd:de:2b:fa:f6:
4f:7e:b2:da:0b:07:1d:1a:40:3a:6f:5a:cc:75:c9:73:5b:8e:
af:07:b1:20:ca:87:df:33:a8:ff:b7:23:13:55:fb:24:f7:01:
c4:e9:6c:f7:83:c6:3f:24:69:97:8c:f0:d0:73:af:21:d5:ad:
a9:d4:06:59
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ7wbyE4mfNQn16RFCMR5BHoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkMzAyYTJkZDUxN2E2MWEzYjk1Mjc0NmYyZWU5ZmJlNDM2
ZDYzNDkwHhcNMjYwNjIyMTc0NDM1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjE4Y2QwMDJmMjcwMThmZjU4OWQ4MzE2Nzg3MmViNGU3OTU2YzA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvBr3f5cVdf6U23mOopFoJbyBzjOj
4Sra7AeGSQdNJOlOCP0WmVthd2vvB1idUNrgx2GX+hsqiRohsiLZHOW2ZreeDSBj
9QviTVzffCRYyM6dxQ6qczrK8xLfquUPK1RwogP0vOIEZ5oJjqfS2nhQl9lMPT8K
si4hAmeD85dh+zs0ui19drVTsU50oSgh+FAi0FZ2cd37tmkd9BDWwBQj2v88aWj5
JJYa9S4hoEWtiYujE33xDQKNiZzlEzTJ9B64zBFwunhFpwk//ql+7lYXuRlrXqeJ
3rYaTxcWuzevUVV3gbQOPJ3Gi25lkG5FxkyddkF9gGRWeIIf/wndVFR1KQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHIYzQAvJwGP9YnYMWeHLrTnlWwGMB8GA1UdIwQY
MBaAFE0wKi3VF6YaO5UnRvLun75DbWNJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFRBcUxkVVhwaG83bFNkRzh1NmZ2a050WTBrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi9mMGRkNWYtYjk3Mi00MTBiLTk5MDct
MTY2ZmI5ZGI2ZGIzLzEvY2hqTkFDOG5BWV8xaWRneFo0Y3V0T2VWYkFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi9mMGRkNWYtYjk3Mi00MTBiLTk5MDctMTY2ZmI5ZGI2ZGIz
LzEvVFRBcUxkVVhwaG83bFNkRzh1NmZ2a050WTBrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABfyeMA0G
CSqGSIb3DQEBCwUAA4IBAQBsR9jaHadrlrv28c4xaaLR9esB0j/vll2WCGenab0Y
g08Xz0F8Z9WpYOOs/e/baWH8mgij+2D3IujxIXS7Ii0cjwsCvQqaiD+44MMdvFtG
D8r4Tr5HGD3A09zhUzb+M70lL3xpAHUX7SI4xEiA2reJJoIJABAYt9CAf+TgqlhN
X3sSVvLFxF+gN/JTGlPhOJS3MyS3TMO/QfTZuwpzMADyBny184EFMuN8TiSQkYF3
+Ln+LupPgtVUx5NYQL9L4FYx3d4r+vZPfrLaCwcdGkA6b1rMdclzW46vB7Egyoff
M6j/tyMTVfsk9wHE6Wz3g8Y/JGmXjPDQc68h1a2p1AZZ
-----END CERTIFICATE-----
Generated at Mon Jun 29 12:24:25 2026 by rpki-client