Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/0wLctrP7XJfZdlqDse7sp6USIRk.roa
File: 0wLctrP7XJfZdlqDse7sp6USIRk.roa (raw, json)
Hash identifier: S5M0akzurjqEHoypxekLaRrBh7pXyfZSJD4zahXz1WQ=
Subject key identifier: D3:02:DC:B6:B3:FB:5C:97:D9:76:5A:83:B1:EE:EC:A7:A5:12:21:19
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019C22838A31D39CBC86703EC1597A0BBBD0
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/0wLctrP7XJfZdlqDse7sp6USIRk.roa
Signing time: Tue 03 Feb 2026 07:59:31 +0000
ROA not before: Tue 03 Feb 2026 07:59:31 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 154410
IP address blocks: 151.247.194.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:22:83:8a:31:d3:9c:bc:86:70:3e:c1:59:7a:0b:bb:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Feb 3 07:59:31 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=d302dcb6b3fb5c97d9765a83b1eeeca7a5122119
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:2b:56:e9:b3:da:e8:82:ca:56:fa:34:f9:99:
e4:e8:e4:c1:5d:8d:f4:b8:9a:e2:0f:a7:39:c4:38:
35:14:71:87:60:5c:78:1b:04:5b:2e:ca:9f:a2:e5:
c9:bd:12:f8:4d:70:75:e8:89:e9:73:ce:05:2d:a6:
ff:a6:24:82:34:1e:29:35:f6:59:8b:4a:25:31:af:
ca:67:ac:05:b7:3c:c6:74:53:01:3d:b3:1b:86:b9:
87:69:a0:9e:97:49:c2:57:89:36:37:46:73:a0:ba:
6a:47:26:31:2b:f2:3c:de:7c:7f:34:9f:2e:8b:fd:
56:95:94:76:1a:a7:72:6f:39:84:4e:23:38:94:9e:
c5:fd:41:3c:f9:3b:9a:67:6b:e2:59:45:c9:47:cb:
c7:23:c5:8d:5d:f2:0e:63:91:74:80:fb:03:2e:d3:
fc:4f:34:d0:61:62:fd:06:17:8c:5f:68:09:a4:65:
ec:55:78:bc:5b:1b:62:c3:bb:cd:a8:62:ae:44:8b:
30:44:a0:74:4d:84:5d:bd:8e:b6:1a:fc:3c:a8:54:
b8:65:b9:b6:30:99:dd:27:24:27:8d:3d:78:8b:db:
01:a6:6f:8c:3c:95:b0:23:48:5d:d2:aa:45:fe:01:
fc:8b:d2:08:a6:8f:3a:9d:e3:ad:3f:88:77:79:7e:
bd:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:02:DC:B6:B3:FB:5C:97:D9:76:5A:83:B1:EE:EC:A7:A5:12:21:19
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/0wLctrP7XJfZdlqDse7sp6USIRk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.247.194.0/24
Signature Algorithm: sha256WithRSAEncryption
32:62:df:e8:23:e2:95:3a:5c:5a:70:d2:ae:d2:c2:23:f8:7f:
10:94:6a:3d:ae:47:17:3f:8e:59:4c:17:a6:18:ba:9c:09:68:
35:c0:e4:52:fd:29:c7:c2:48:ec:f9:52:2d:59:6d:49:d2:cf:
ae:5e:d4:6d:bf:fe:85:8a:08:8b:22:f9:41:56:6f:7f:08:a0:
79:f9:1c:bd:5e:04:22:e2:ea:3b:52:8a:49:ee:9d:34:0f:28:
be:7a:4e:ae:ec:33:5d:a7:b6:d9:d9:23:fd:d3:d7:fc:83:38:
a2:b8:ff:c6:9b:3b:7a:01:a3:18:82:bc:4a:e9:dc:3f:06:de:
ff:12:c7:58:3e:8b:c9:0c:cb:fc:74:7f:6c:67:14:ab:97:84:
a6:ba:01:71:ed:2a:17:cf:da:3d:60:52:59:2e:24:5b:8e:68:
95:01:54:1f:32:a7:2b:da:e9:78:c4:db:3c:ab:48:56:41:35:
a2:93:0a:d0:c5:42:a0:d7:d5:97:c8:f9:d3:bc:e1:be:ca:78:
f2:7f:fd:01:c2:b8:fe:ad:75:61:e0:c1:bc:e7:9b:0e:55:a6:
a1:b9:80:f1:30:d5:b4:8d:66:f1:ec:96:25:39:d1:4a:a6:d0:
2b:d6:16:d5:3f:f2:b8:ca:4a:d4:d8:45:1f:eb:58:15:0d:26:
c0:5f:8c:f6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZwig4ox05y8hnA+wVl6C7vQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjYwMjAzMDc1OTMxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzAyZGNiNmIzZmI1Yzk3ZDk3NjVhODNiMWVlZWNhN2E1MTIyMTE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtytW6bPa6ILKVvo0+Znk6OTBXY30
uJriD6c5xDg1FHGHYFx4GwRbLsqfouXJvRL4TXB16Inpc84FLab/piSCNB4pNfZZ
i0olMa/KZ6wFtzzGdFMBPbMbhrmHaaCel0nCV4k2N0ZzoLpqRyYxK/I83nx/NJ8u
i/1WlZR2GqdybzmETiM4lJ7F/UE8+TuaZ2viWUXJR8vHI8WNXfIOY5F0gPsDLtP8
TzTQYWL9BheMX2gJpGXsVXi8Wxtiw7vNqGKuRIswRKB0TYRdvY62Gvw8qFS4Zbm2
MJndJyQnjT14i9sBpm+MPJWwI0hd0qpF/gH8i9IIpo86neOtP4h3eX694wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNMC3Laz+1yX2XZag7Hu7KelEiEZMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvMHdMY3RyUDdYSmZaZGxxRHNlN3NwNlVTSVJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAl/fCMA0G
CSqGSIb3DQEBCwUAA4IBAQAyYt/oI+KVOlxacNKu0sIj+H8QlGo9rkcXP45ZTBem
GLqcCWg1wORS/SnHwkjs+VItWW1J0s+uXtRtv/6FigiLIvlBVm9/CKB5+Ry9XgQi
4uo7UopJ7p00Dyi+ek6u7DNdp7bZ2SP909f8gziiuP/Gmzt6AaMYgrxK6dw/Bt7/
EsdYPovJDMv8dH9sZxSrl4SmugFx7SoXz9o9YFJZLiRbjmiVAVQfMqcr2ul4xNs8
q0hWQTWikwrQxUKg19WXyPnTvOG+ynjyf/0Bwrj+rXVh4MG855sOVaahuYDxMNW0
jWbx7JYlOdFKptAr1hbVP/K4ykrU2EUf61gVDSbAX4z2
-----END CERTIFICATE-----
Generated at Mon Mar 2 00:58:28 2026 by rpki-client