Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/22zxCwkLflw-5V_nyXjREwZESKA.roa
File: 22zxCwkLflw-5V_nyXjREwZESKA.roa (raw, json)
Hash identifier: PDzQ75Zis3TC+hAj05baLbwl3Nb10KIC4sGlMRlofAg=
Subject key identifier: DB:6C:F1:0B:09:0B:7E:5C:3E:E5:5F:E7:C9:78:D1:13:06:44:48:A0
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019D8CC2FB00BD0B043E074BB79854ECC112
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/22zxCwkLflw-5V_nyXjREwZESKA.roa
Signing time: Tue 14 Apr 2026 16:11:21 +0000
ROA not before: Tue 14 Apr 2026 16:11:21 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 207550
IP address blocks: 151.246.189.0/24 maxlen: 24
151.247.10.0/24 maxlen: 24
151.247.11.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:8c:c2:fb:00:bd:0b:04:3e:07:4b:b7:98:54:ec:c1:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Apr 14 16:11:21 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=db6cf10b090b7e5c3ee55fe7c978d113064448a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:f5:a2:cc:6b:7c:52:64:6b:d1:10:f0:a2:d2:
a6:b7:a6:c9:b1:86:7d:b9:e1:79:1e:3f:29:dd:0f:
63:ba:43:76:fc:24:ad:2c:c2:4b:74:b7:92:d1:a9:
77:3d:a5:eb:36:ae:7a:ff:3d:6a:b1:77:40:a0:b0:
a6:aa:67:83:3a:88:30:98:29:a4:8e:8b:62:30:c0:
3c:ec:cf:37:fc:fc:e0:2c:41:b9:1d:87:6d:5b:8b:
5f:a4:84:dc:7c:c6:99:90:35:51:f1:ac:d5:5c:a4:
21:79:ce:1d:e2:9b:93:da:ec:95:7c:07:e6:d6:77:
bd:59:fc:87:4c:53:61:a8:f5:ae:58:38:35:9a:91:
53:73:b4:8c:88:ee:3b:9f:c6:20:5b:05:ff:85:8a:
de:33:aa:9f:d8:d4:ef:f8:ca:fd:53:cf:b7:84:59:
09:eb:11:6c:02:35:6c:73:83:83:06:c8:f1:27:bf:
26:92:96:d7:9b:e4:02:e6:b3:14:92:a0:ec:a4:44:
86:89:9b:14:e0:cc:21:36:21:b4:6b:8f:39:5e:96:
f1:55:ba:cc:2f:47:1a:b9:a4:77:1e:58:26:c0:f0:
14:e8:d1:32:c5:81:c1:6d:f1:84:fe:71:85:e6:1a:
34:2a:20:20:c0:3b:91:4a:4d:16:26:f5:03:65:e4:
2d:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:6C:F1:0B:09:0B:7E:5C:3E:E5:5F:E7:C9:78:D1:13:06:44:48:A0
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/22zxCwkLflw-5V_nyXjREwZESKA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.246.189.0/24
151.247.10.0/23
Signature Algorithm: sha256WithRSAEncryption
22:51:25:00:b4:d1:e9:ad:2d:1a:07:50:a6:e7:7b:cf:09:1e:
55:24:4d:13:84:1e:0f:76:42:e6:bf:30:7d:06:19:42:74:37:
38:1a:9a:6e:4a:26:4a:ef:75:a8:fc:9d:e0:37:ea:af:a5:6e:
a0:25:bf:80:80:c9:5a:27:26:fe:aa:4b:77:ef:2b:fc:c8:28:
e6:64:4e:11:5a:b4:ea:89:88:c0:26:5a:1d:a9:b8:ff:d4:9c:
46:26:73:e2:19:c4:5e:f7:0d:0b:89:9d:73:7b:cd:fb:91:40:
d1:91:7b:56:3c:7f:e2:d8:49:a3:17:88:25:40:2d:9d:8d:5b:
83:ce:d2:9c:40:41:00:19:c1:f0:96:1f:8c:80:6d:ba:19:b3:
2c:cc:f7:f3:95:e5:a0:67:0c:15:36:fd:3c:ed:b8:db:d5:e0:
a8:16:55:9d:93:6e:21:dd:f6:ac:2e:db:c4:b4:cd:4c:53:94:
e3:e3:67:20:d5:b5:0c:2a:a5:44:ca:4c:87:cf:f8:e7:17:8e:
3b:24:26:bf:6f:87:42:13:3a:52:6a:00:b0:e0:7b:7a:d6:cf:
7c:ad:7e:94:1d:08:6c:e2:4b:24:cf:2f:fe:8b:b6:05:80:1c:
73:16:61:53:80:92:d4:60:1f:4c:eb:51:b8:c8:7f:59:64:73:
c0:99:97:5e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZ2MwvsAvQsEPgdLt5hU7MESMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjYwNDE0MTYxMTIxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjZjZjEwYjA5MGI3ZTVjM2VlNTVmZTdjOTc4ZDExMzA2NDQ0OGEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1vWizGt8UmRr0RDwotKmt6bJsYZ9
ueF5Hj8p3Q9jukN2/CStLMJLdLeS0al3PaXrNq56/z1qsXdAoLCmqmeDOogwmCmk
jotiMMA87M83/PzgLEG5HYdtW4tfpITcfMaZkDVR8azVXKQhec4d4puT2uyVfAfm
1ne9WfyHTFNhqPWuWDg1mpFTc7SMiO47n8YgWwX/hYreM6qf2NTv+Mr9U8+3hFkJ
6xFsAjVsc4ODBsjxJ78mkpbXm+QC5rMUkqDspESGiZsU4MwhNiG0a485XpbxVbrM
L0cauaR3HlgmwPAU6NEyxYHBbfGE/nGF5ho0KiAgwDuRSk0WJvUDZeQt0QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNts8QsJC35cPuVf58l40RMGREigMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvMjJ6eEN3a0xmbHctNVZfbnlYalJFd1pFU0tBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAl/a9AwQB
l/cKMA0GCSqGSIb3DQEBCwUAA4IBAQAiUSUAtNHprS0aB1Cm53vPCR5VJE0ThB4P
dkLmvzB9BhlCdDc4GppuSiZK73Wo/J3gN+qvpW6gJb+AgMlaJyb+qkt37yv8yCjm
ZE4RWrTqiYjAJlodqbj/1JxGJnPiGcRe9w0LiZ1ze837kUDRkXtWPH/i2EmjF4gl
QC2djVuDztKcQEEAGcHwlh+MgG26GbMszPfzleWgZwwVNv087bjb1eCoFlWdk24h
3fasLtvEtM1MU5Tj42cg1bUMKqVEykyHz/jnF447JCa/b4dCEzpSagCw4Ht61s98
rX6UHQhs4kskzy/+i7YFgBxzFmFTgJLUYB9M61G4yH9ZZHPAmZde
-----END CERTIFICATE-----
Generated at Fri Apr 17 16:28:44 2026 by rpki-client