Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/B8VcvlzrwIO4vx___xDYAv5fb28.roa
File: B8VcvlzrwIO4vx___xDYAv5fb28.roa (raw, json)
Hash identifier: XC6LlsLt7gjDTrJPTWCPCe0bp+NMJSeFZfCuaRR6m1Y=
Subject key identifier: 07:C5:5C:BE:5C:EB:C0:83:B8:BF:1F:FF:FF:10:D8:02:FE:5F:6F:6F
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019EA0C0D2D0FB19E7450BA940B6C8DD4FB4
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/B8VcvlzrwIO4vx___xDYAv5fb28.roa
Signing time: Sun 07 Jun 2026 06:24:11 +0000
ROA not before: Sun 07 Jun 2026 06:24:11 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 203156
IP address blocks: 151.243.138.0/24 maxlen: 24
151.243.149.0/24 maxlen: 24
151.247.144.0/24 maxlen: 24
151.247.224.0/24 maxlen: 24
151.247.229.0/24 maxlen: 24
151.247.230.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 17 Jun 2026 23:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:a0:c0:d2:d0:fb:19:e7:45:0b:a9:40:b6:c8:dd:4f:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Jun 7 06:24:11 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=07c55cbe5cebc083b8bf1fffff10d802fe5f6f6f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:6b:dd:27:46:e0:9b:8b:47:df:81:20:fd:1d:
4b:60:ff:d4:eb:15:53:37:2c:d6:d4:97:86:bc:98:
96:41:7f:b0:2b:a5:00:cf:6a:c4:09:cc:7a:3b:34:
ee:a2:3e:02:72:66:f5:8b:c2:e5:8e:2d:c7:83:ac:
cc:36:bb:a8:55:6c:22:8d:28:f7:6e:71:dc:57:fa:
67:4b:ac:db:0c:ed:3e:01:2b:6b:ba:03:48:32:f8:
03:92:09:91:b1:35:76:ed:f7:b3:2d:2d:10:d9:69:
13:af:7f:55:ce:a7:12:c7:6b:0e:ac:c6:07:01:12:
f0:b0:70:99:c4:e3:f7:1c:71:93:e0:ab:f7:e0:74:
80:b2:06:8a:03:c4:5c:60:a1:c6:0c:84:aa:04:ee:
33:fb:e0:ae:89:f8:40:c6:37:2c:8d:a3:e8:aa:ec:
9a:e6:64:dc:36:0a:cf:44:fb:d4:76:9f:63:12:86:
a6:31:e9:29:15:2b:8a:3f:7c:4c:ec:8e:d8:33:59:
6b:ae:6e:7e:a7:03:72:09:47:f8:72:e0:f1:53:76:
e0:47:c0:48:7f:7e:b0:95:ec:e9:5a:80:e2:f4:6f:
ae:87:82:00:89:d8:40:5c:3c:70:0d:c8:13:f6:b0:
2f:8a:04:a5:0e:3e:4b:37:ff:2e:9f:bc:cc:a2:be:
9a:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:C5:5C:BE:5C:EB:C0:83:B8:BF:1F:FF:FF:10:D8:02:FE:5F:6F:6F
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/B8VcvlzrwIO4vx___xDYAv5fb28.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.243.138.0/24
151.243.149.0/24
151.247.144.0/24
151.247.224.0/24
151.247.229.0-151.247.230.255
Signature Algorithm: sha256WithRSAEncryption
66:3d:5a:d4:fe:11:c0:53:a9:43:43:42:8e:8a:cf:b3:d4:ce:
ff:42:82:59:b0:fd:dc:cc:f9:ab:9d:87:56:bf:ff:96:b6:55:
5d:21:0a:3c:d7:aa:7a:3f:59:86:be:41:b6:96:20:d8:a9:96:
b6:17:79:84:ae:47:bc:e2:6d:c7:57:3a:c5:77:92:e0:d0:63:
eb:8e:d4:8d:f2:61:16:fd:43:8a:52:6e:09:bf:c8:6e:5c:e7:
e0:e0:09:2c:a0:12:e5:a8:e5:29:af:27:8b:53:23:9d:09:c6:
be:df:f5:7c:14:39:0a:fb:75:9d:4c:40:84:67:00:84:59:3e:
92:1a:5e:e1:0a:ca:29:dc:3d:cf:7d:b4:fb:d0:36:c5:4c:f4:
35:43:9c:fc:16:c2:6b:a8:cf:ff:2a:a4:49:24:10:32:20:40:
82:85:34:dc:5b:e3:3f:e1:ee:c7:9c:1a:8f:a7:d3:45:0d:e2:
0f:af:70:d1:40:f5:18:b7:73:0a:96:1f:bd:47:54:a4:0f:cc:
22:3c:d6:ed:15:49:1d:61:27:07:ef:a9:c7:a4:2b:d9:07:83:
a3:92:cb:36:c5:2c:14:a9:70:ee:f7:6f:93:9a:b3:05:2f:b0:
1c:d0:5e:ae:ca:b0:ba:c6:f4:ac:bc:c4:89:e2:20:89:4f:00:
28:8e:bf:16
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZ6gwNLQ+xnnRQupQLbI3U+0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjYwNjA3MDYyNDExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwN2M1NWNiZTVjZWJjMDgzYjhiZjFmZmZmZjEwZDgwMmZlNWY2ZjZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvWvdJ0bgm4tH34Eg/R1LYP/U6xVT
NyzW1JeGvJiWQX+wK6UAz2rECcx6OzTuoj4Ccmb1i8Llji3Hg6zMNruoVWwijSj3
bnHcV/pnS6zbDO0+AStrugNIMvgDkgmRsTV27fezLS0Q2WkTr39VzqcSx2sOrMYH
ARLwsHCZxOP3HHGT4Kv34HSAsgaKA8RcYKHGDISqBO4z++CuifhAxjcsjaPoquya
5mTcNgrPRPvUdp9jEoamMekpFSuKP3xM7I7YM1lrrm5+pwNyCUf4cuDxU3bgR8BI
f36wlezpWoDi9G+uh4IAidhAXDxwDcgT9rAvigSlDj5LN/8un7zMor6afwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFAfFXL5c68CDuL8f//8Q2AL+X29vMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvQjhWY3ZsenJ3SU80dnhfX194RFlBdjVmYjI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQAl/OKAwQA
l/OVAwQAl/eQAwQAl/fgMAwDBACX9+UDBACX9+YwDQYJKoZIhvcNAQELBQADggEB
AGY9WtT+EcBTqUNDQo6Kz7PUzv9Cglmw/dzM+audh1a//5a2VV0hCjzXqno/WYa+
QbaWINiplrYXeYSuR7zibcdXOsV3kuDQY+uO1I3yYRb9Q4pSbgm/yG5c5+DgCSyg
EuWo5SmvJ4tTI50Jxr7f9XwUOQr7dZ1MQIRnAIRZPpIaXuEKyincPc99tPvQNsVM
9DVDnPwWwmuoz/8qpEkkEDIgQIKFNNxb4z/h7secGo+n00UN4g+vcNFA9Ri3cwqW
H71HVKQPzCI81u0VSR1hJwfvqcekK9kHg6OSyzbFLBSpcO73b5OaswUvsBzQXq7K
sLrG9Ky8xIniIIlPACiOvxY=
-----END CERTIFICATE-----
Generated at Wed Jun 17 09:28:10 2026 by rpki-client