Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/01a6ec-7941-4022-9075-1b2b64f1068e/1/rw8AnmfBrlp3jOSkrgC9C17nxBo.roa
File: rw8AnmfBrlp3jOSkrgC9C17nxBo.roa (raw, json)
Hash identifier: OK8OWeXxU7tIvmB8eXKXvQcrdDWHQEXMBP/bmt8Irc8=
Subject key identifier: AF:0F:00:9E:67:C1:AE:5A:77:8C:E4:A4:AE:00:BD:0B:5E:E7:C4:1A
Certificate issuer: /CN=17fda1a1a09fded7a29adaa0375245a4ced23c68
Certificate serial: 019E91EA454740DFFEEBB6B8724D1DD82815
Authority key identifier: 17:FD:A1:A1:A0:9F:DE:D7:A2:9A:DA:A0:37:52:45:A4:CE:D2:3C:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F_2hoaCf3teimtqgN1JFpM7SPGg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/01a6ec-7941-4022-9075-1b2b64f1068e/1/rw8AnmfBrlp3jOSkrgC9C17nxBo.roa
Signing time: Thu 04 Jun 2026 09:15:09 +0000
ROA not before: Thu 04 Jun 2026 09:15:09 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 14956
IP address blocks: 153.75.80.0/24 maxlen: 24
153.75.81.0/24 maxlen: 24
153.75.82.0/24 maxlen: 24
153.75.83.0/24 maxlen: 24
153.75.84.0/24 maxlen: 24
153.75.85.0/24 maxlen: 24
153.75.86.0/24 maxlen: 24
153.75.87.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/38/01a6ec-7941-4022-9075-1b2b64f1068e/1/F_2hoaCf3teimtqgN1JFpM7SPGg.crl
rsync://rpki.ripe.net/repository/DEFAULT/38/01a6ec-7941-4022-9075-1b2b64f1068e/1/F_2hoaCf3teimtqgN1JFpM7SPGg.mft
rsync://rpki.ripe.net/repository/DEFAULT/F_2hoaCf3teimtqgN1JFpM7SPGg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 10:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:91:ea:45:47:40:df:fe:eb:b6:b8:72:4d:1d:d8:28:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17fda1a1a09fded7a29adaa0375245a4ced23c68
Validity
Not Before: Jun 4 09:15:09 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=af0f009e67c1ae5a778ce4a4ae00bd0b5ee7c41a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:23:16:92:57:e1:84:ac:7f:c5:f5:a6:69:e3:
68:d6:b5:21:73:85:a3:4f:d4:50:d6:6b:fc:6d:72:
35:e4:54:54:4a:fd:7d:89:d6:7f:ac:eb:1c:eb:15:
24:90:01:13:22:c3:2f:57:f7:6d:6d:69:8f:78:f2:
57:6c:39:80:9e:ab:12:3d:b4:fb:38:17:e7:da:73:
be:c0:93:8b:3e:44:94:dd:15:d4:ea:2c:29:7e:ff:
b6:87:a6:88:fc:27:7f:92:0e:e3:4e:87:28:05:ee:
d0:6f:fb:c2:2a:d3:4f:79:55:b3:e6:9f:8a:d1:e2:
68:da:8b:0b:be:fc:4c:ea:d9:7a:d0:2f:3d:12:00:
dc:90:fe:3e:3b:02:c7:22:36:d5:dc:66:cf:ba:e3:
39:33:a1:32:77:46:de:0d:a9:3b:1f:1c:f5:04:f7:
2f:42:97:f0:2b:d0:fb:a1:4a:71:ce:f2:eb:ca:92:
b0:f7:d2:09:ca:06:2f:b9:15:ae:e8:a1:8c:be:de:
7f:1d:16:38:ab:b6:77:d2:3e:fe:0e:1e:58:f0:01:
0c:8c:32:35:5c:05:0b:f1:0d:09:10:cf:8e:39:48:
70:e2:ba:57:1d:5e:c5:c2:23:e9:f3:11:6f:32:30:
74:f7:f2:f4:7a:47:65:21:70:6a:40:b9:7f:86:41:
bb:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:0F:00:9E:67:C1:AE:5A:77:8C:E4:A4:AE:00:BD:0B:5E:E7:C4:1A
X509v3 Authority Key Identifier:
keyid:17:FD:A1:A1:A0:9F:DE:D7:A2:9A:DA:A0:37:52:45:A4:CE:D2:3C:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F_2hoaCf3teimtqgN1JFpM7SPGg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/01a6ec-7941-4022-9075-1b2b64f1068e/1/rw8AnmfBrlp3jOSkrgC9C17nxBo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/01a6ec-7941-4022-9075-1b2b64f1068e/1/F_2hoaCf3teimtqgN1JFpM7SPGg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
153.75.80.0/21
Signature Algorithm: sha256WithRSAEncryption
ba:11:63:05:ab:15:45:81:9b:e6:02:f4:1e:01:42:71:c3:81:
e4:9d:d6:37:2e:d1:a4:92:a6:26:46:3d:88:48:5a:72:aa:02:
88:e7:bf:e6:be:88:9f:a8:fb:af:fa:b4:aa:e7:5f:81:05:55:
fb:d3:da:66:b0:03:ae:a8:0d:98:fb:1e:39:61:b9:c5:dc:3c:
49:9f:17:d3:1c:8f:73:98:ed:38:b8:fd:6c:c7:ee:0a:43:94:
fb:05:30:84:3f:dc:32:0e:d3:7c:9c:94:2b:ac:12:3b:56:ca:
11:ca:12:98:9e:ba:a7:91:ad:4e:44:d7:73:71:1a:10:9b:9a:
a3:dc:35:17:ae:35:17:f9:83:c6:15:8d:d6:f9:26:fb:8a:23:
d9:a8:3f:1c:cc:fa:11:87:30:07:80:2f:3b:df:1c:8e:bc:db:
ce:d5:3d:3b:64:1e:c7:be:0e:60:31:c1:58:50:d4:fd:8b:9a:
b5:18:c3:2b:29:a5:3f:e3:96:54:e7:05:e7:13:b4:1e:e3:b2:
c0:73:b2:4f:39:9b:cf:11:2b:aa:87:5d:84:54:80:b7:e4:ca:
42:90:4f:b1:34:e3:cb:ca:f6:97:ac:7f:a0:07:50:c2:2e:da:
17:3d:19:a5:e8:65:65:eb:a0:6c:6c:9a:20:5b:a4:b0:a3:d7:
da:94:ee:a5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ6R6kVHQN/+67a4ck0d2CgVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3ZmRhMWExYTA5ZmRlZDdhMjlhZGFhMDM3NTI0NWE0Y2Vk
MjNjNjgwHhcNMjYwNjA0MDkxNTA5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjBmMDA5ZTY3YzFhZTVhNzc4Y2U0YTRhZTAwYmQwYjVlZTdjNDFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0SMWklfhhKx/xfWmaeNo1rUhc4Wj
T9RQ1mv8bXI15FRUSv19idZ/rOsc6xUkkAETIsMvV/dtbWmPePJXbDmAnqsSPbT7
OBfn2nO+wJOLPkSU3RXU6iwpfv+2h6aI/Cd/kg7jTocoBe7Qb/vCKtNPeVWz5p+K
0eJo2osLvvxM6tl60C89EgDckP4+OwLHIjbV3GbPuuM5M6Eyd0beDak7Hxz1BPcv
QpfwK9D7oUpxzvLrypKw99IJygYvuRWu6KGMvt5/HRY4q7Z30j7+Dh5Y8AEMjDI1
XAUL8Q0JEM+OOUhw4rpXHV7FwiPp8xFvMjB09/L0ekdlIXBqQLl/hkG7CQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK8PAJ5nwa5ad4zkpK4AvQte58QaMB8GA1UdIwQY
MBaAFBf9oaGgn97XopraoDdSRaTO0jxoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRl8yaG9hQ2YzdGVpbXRxZ04xSkZwTTdTUEdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8wMWE2ZWMtNzk0MS00MDIyLTkwNzUt
MWIyYjY0ZjEwNjhlLzEvcnc4QW5tZkJybHAzak9Ta3JnQzlDMTdueEJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC8wMWE2ZWMtNzk0MS00MDIyLTkwNzUtMWIyYjY0ZjEwNjhl
LzEvRl8yaG9hQ2YzdGVpbXRxZ04xSkZwTTdTUEdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDmUtQMA0G
CSqGSIb3DQEBCwUAA4IBAQC6EWMFqxVFgZvmAvQeAUJxw4HkndY3LtGkkqYmRj2I
SFpyqgKI57/mvoifqPuv+rSq51+BBVX709pmsAOuqA2Y+x45YbnF3DxJnxfTHI9z
mO04uP1sx+4KQ5T7BTCEP9wyDtN8nJQrrBI7VsoRyhKYnrqnka1ORNdzcRoQm5qj
3DUXrjUX+YPGFY3W+Sb7iiPZqD8czPoRhzAHgC873xyOvNvO1T07ZB7Hvg5gMcFY
UNT9i5q1GMMrKaU/45ZU5wXnE7Qe47LAc7JPOZvPESuqh12EVIC35MpCkE+xNOPL
yvaXrH+gB1DCLtoXPRml6GVl66BsbJogW6Swo9falO6l
-----END CERTIFICATE-----
Generated at Sat Jun 13 21:06:16 2026 by rpki-client