Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/fmHX1f-fvFW9Z5jwtup5NH6kT8U.roa
File: fmHX1f-fvFW9Z5jwtup5NH6kT8U.roa (raw, json)
Hash identifier: FEJ8K7KR8SpMOywQs5NENdKIdgtU4/0HABG6ATYXjq4=
Subject key identifier: 7E:61:D7:D5:FF:9F:BC:55:BD:67:98:F0:B6:EA:79:34:7E:A4:4F:C5
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0198406E949214BE6E3B4C1EF9D77B8A3086
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/fmHX1f-fvFW9Z5jwtup5NH6kT8U.roa
Signing time: Fri 25 Jul 2025 07:14:05 +0000
ROA not before: Fri 25 Jul 2025 07:14:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214025
IP address blocks: 151.242.40.0/24 maxlen: 24
151.243.115.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 10 Aug 2025 23:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:40:6e:94:92:14:be:6e:3b:4c:1e:f9:d7:7b:8a:30:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Jul 25 07:14:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7e61d7d5ff9fbc55bd6798f0b6ea79347ea44fc5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:75:14:38:45:87:77:5c:06:80:88:bf:30:8a:
cf:8d:95:00:06:a8:79:5f:d6:6f:db:cf:0c:53:ce:
59:eb:da:a4:1f:4f:f9:d2:f6:90:fa:55:1a:f3:c5:
a2:b8:4b:f5:01:78:5a:58:81:0b:79:19:dd:9d:2d:
bc:31:40:2d:f8:20:bb:6a:65:ff:32:d7:74:22:2b:
b3:37:13:71:74:78:df:04:61:fe:c4:7e:84:b2:d4:
38:a8:b7:d8:a3:83:a7:1e:f1:71:a4:e2:2d:51:90:
8b:ba:b1:23:18:5a:9d:03:eb:e0:23:31:f7:05:67:
67:a6:47:61:57:70:d1:69:e6:a0:ab:1a:24:08:39:
5b:8b:66:c1:48:81:e1:d4:42:b8:a5:bc:0a:56:2a:
b9:9b:8f:0d:a0:89:dc:b7:40:8b:ec:b5:93:46:77:
35:72:6d:b0:c3:9d:65:9f:72:da:b0:e0:d7:73:ee:
eb:b7:73:f1:b3:fd:94:b7:09:b2:a2:57:8a:0d:db:
90:1a:24:e8:58:28:ae:eb:52:d2:26:d0:2c:2f:b2:
e0:48:c6:0b:44:72:cf:08:a5:46:6a:d9:4a:e7:c3:
c8:cd:4d:74:2a:ff:d3:b6:03:1f:5a:be:bc:b0:57:
4d:b2:54:00:ae:e4:f8:e1:90:35:0b:1d:26:7c:3e:
a9:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:61:D7:D5:FF:9F:BC:55:BD:67:98:F0:B6:EA:79:34:7E:A4:4F:C5
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/fmHX1f-fvFW9Z5jwtup5NH6kT8U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.242.40.0/24
151.243.115.0/24
Signature Algorithm: sha256WithRSAEncryption
11:3e:1c:b1:8a:6a:b5:da:47:b6:39:9c:68:50:b1:bb:1d:ac:
f7:59:32:0f:ef:a6:36:2d:9b:4c:17:de:a4:ae:d3:ea:3d:7a:
66:4c:67:d8:ef:65:9d:d3:ad:0f:0e:f3:1c:50:36:92:e6:e4:
76:5a:48:98:f3:62:44:9d:23:d1:3a:90:0a:e8:e6:18:12:a7:
62:16:10:b4:5a:98:ec:34:37:75:a7:66:97:da:5a:89:2c:57:
e7:26:39:28:6f:60:d9:75:48:65:f7:d4:86:f8:ad:6e:c5:c1:
61:bd:5f:d0:71:f9:07:ed:a8:32:a7:d4:2d:ec:58:3c:6f:ec:
5a:73:35:31:85:65:85:e7:e7:58:ab:17:0a:16:cd:2d:dd:c1:
90:67:4f:85:f5:a4:b6:8a:75:b6:57:82:3d:4a:54:c1:ef:b9:
cf:57:2f:99:ca:a7:f1:e2:c0:9e:57:16:5c:c6:c6:a8:68:1d:
c3:fa:6b:aa:4e:77:c0:63:3a:2b:72:8f:c3:60:49:ac:28:82:
00:52:d0:8c:da:41:f9:c8:71:18:d4:69:f4:2f:9f:db:3f:12:
0c:2b:56:e7:5f:22:f0:cc:83:29:8a:bb:fb:1c:48:fd:b2:89:
46:6b:9a:47:bd:39:3b:63:cc:6b:a0:5e:03:49:24:c3:41:97:
1d:3b:5d:50
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZhAbpSSFL5uO0we+dd7ijCGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNzI1MDcxNDA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTYxZDdkNWZmOWZiYzU1YmQ2Nzk4ZjBiNmVhNzkzNDdlYTQ0ZmM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlXUUOEWHd1wGgIi/MIrPjZUABqh5
X9Zv288MU85Z69qkH0/50vaQ+lUa88WiuEv1AXhaWIELeRndnS28MUAt+CC7amX/
Mtd0IiuzNxNxdHjfBGH+xH6EstQ4qLfYo4OnHvFxpOItUZCLurEjGFqdA+vgIzH3
BWdnpkdhV3DRaeagqxokCDlbi2bBSIHh1EK4pbwKViq5m48NoInct0CL7LWTRnc1
cm2ww51ln3LasODXc+7rt3Pxs/2UtwmyoleKDduQGiToWCiu61LSJtAsL7LgSMYL
RHLPCKVGatlK58PIzU10Kv/TtgMfWr68sFdNslQAruT44ZA1Cx0mfD6p9wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFH5h19X/n7xVvWeY8LbqeTR+pE/FMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvZm1IWDFmLWZ2Rlc5WjVqd3R1cDVOSDZrVDhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAl/IoAwQA
l/NzMA0GCSqGSIb3DQEBCwUAA4IBAQARPhyximq12ke2OZxoULG7Haz3WTIP76Y2
LZtMF96krtPqPXpmTGfY72Wd060PDvMcUDaS5uR2WkiY82JEnSPROpAK6OYYEqdi
FhC0WpjsNDd1p2aX2lqJLFfnJjkob2DZdUhl99SG+K1uxcFhvV/QcfkH7agyp9Qt
7Fg8b+xaczUxhWWF5+dYqxcKFs0t3cGQZ0+F9aS2inW2V4I9SlTB77nPVy+Zyqfx
4sCeVxZcxsaoaB3D+muqTnfAYzorco/DYEmsKIIAUtCM2kH5yHEY1Gn0L5/bPxIM
K1bnXyLwzIMpirv7HEj9solGa5pHvTk7Y8xroF4DSSTDQZcdO11Q
-----END CERTIFICATE-----
Generated at Sun Aug 10 04:58:41 2025 by rpki-client