Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/KJpXIzazwpCFda-Bw-LCIboszN8.roa
File: KJpXIzazwpCFda-Bw-LCIboszN8.roa (raw, json)
Hash identifier: U5kW22gj41TKfiAKtGkJz/rxnd4Rx2wjB1/93DuTMaw=
Subject key identifier: 28:9A:57:23:36:B3:C2:90:85:75:AF:81:C3:E2:C2:21:BA:2C:CC:DF
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019C5AAAE2B1D08E24D6922F3FC45963529C
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/KJpXIzazwpCFda-Bw-LCIboszN8.roa
Signing time: Sat 14 Feb 2026 05:41:14 +0000
ROA not before: Sat 14 Feb 2026 05:41:14 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 400529
IP address blocks: 151.241.18.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:5a:aa:e2:b1:d0:8e:24:d6:92:2f:3f:c4:59:63:52:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Feb 14 05:41:14 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=289a572336b3c2908575af81c3e2c221ba2cccdf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:93:72:bf:11:b0:e3:76:ff:31:95:87:14:b9:
1f:92:01:59:04:6c:57:6c:41:d5:59:0f:9e:48:ed:
a2:15:c4:5c:85:4e:41:6e:5d:de:52:f8:8c:94:67:
95:e2:1a:dc:b6:d3:5b:20:cf:df:57:eb:96:12:94:
c0:69:dc:fb:9f:38:43:f2:80:bc:94:28:2f:ff:ef:
9e:e7:9a:37:18:a5:d5:c9:69:50:13:e2:6e:79:16:
16:4f:75:36:4b:0a:a5:f9:d7:65:76:89:44:1a:94:
dc:b6:5c:78:a7:89:df:2a:2c:0b:e9:a8:3d:a1:59:
da:84:c6:d5:75:af:ff:7e:a8:e2:2b:58:13:ca:5b:
f2:1d:f8:17:a1:cb:5e:5f:27:7f:2b:b4:0c:45:2d:
e7:83:82:96:37:66:0b:70:3b:f3:77:78:27:f4:e5:
4a:64:5c:ea:a5:2e:44:a8:27:4b:dc:20:1a:1b:3b:
69:ef:47:23:96:0b:51:8f:b8:60:8d:de:70:ec:9f:
92:d4:4b:16:a8:36:aa:86:ee:d8:83:31:c2:27:8e:
b0:8a:92:c0:12:1d:35:96:3e:15:8a:67:51:95:be:
d4:45:a5:3a:ee:da:85:bf:35:1f:38:3e:a1:a6:5d:
00:6a:e7:4b:6f:eb:32:a4:ab:b5:c7:0b:92:c0:73:
4f:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:9A:57:23:36:B3:C2:90:85:75:AF:81:C3:E2:C2:21:BA:2C:CC:DF
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/KJpXIzazwpCFda-Bw-LCIboszN8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.241.18.0/24
Signature Algorithm: sha256WithRSAEncryption
31:da:3d:a5:3f:cd:7d:2a:d0:1b:5f:e0:cd:cb:10:76:89:2b:
43:79:67:9a:69:21:c8:fe:e1:74:9c:05:fb:51:ea:74:1f:31:
77:3c:8c:16:b9:48:d4:99:72:1e:fa:fc:8c:a9:fa:bc:4f:3e:
44:8f:78:3a:51:4b:be:94:ce:c9:a0:fe:52:ba:85:6e:c4:75:
98:26:0b:5a:67:3d:47:1b:ea:c3:50:1e:ad:2d:c7:1e:55:6c:
9f:ef:7c:10:ed:af:e4:a3:4a:b3:86:5d:84:5f:55:ec:af:15:
24:cd:c9:b0:01:90:de:db:c4:d7:fd:ea:fe:03:23:8f:5a:a2:
5c:7c:41:d1:e5:56:a3:ba:18:7b:15:49:7a:ad:d5:3c:1a:df:
c6:12:e5:e9:d7:58:e7:d0:fa:09:c1:37:5f:5a:1b:2a:7b:36:
70:8d:6f:0c:1b:3c:60:33:02:f7:dc:50:c7:2d:11:13:bd:ff:
d5:fd:eb:84:b9:79:da:6a:82:9e:3f:28:84:2e:fd:b9:68:35:
a4:5a:74:86:7b:f6:61:96:a7:54:db:2c:da:b5:65:47:8b:63:
b7:a0:bc:6c:ef:ca:7a:34:b6:5b:0c:17:5b:83:73:fe:07:1b:
88:65:db:2b:19:bd:4c:24:cd:93:27:98:2c:67:89:a4:72:0a:
aa:16:3b:07
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZxaquKx0I4k1pIvP8RZY1KcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjYwMjE0MDU0MTE0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODlhNTcyMzM2YjNjMjkwODU3NWFmODFjM2UyYzIyMWJhMmNjY2RmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj5NyvxGw43b/MZWHFLkfkgFZBGxX
bEHVWQ+eSO2iFcRchU5Bbl3eUviMlGeV4hrcttNbIM/fV+uWEpTAadz7nzhD8oC8
lCgv/++e55o3GKXVyWlQE+JueRYWT3U2Swql+ddldolEGpTctlx4p4nfKiwL6ag9
oVnahMbVda//fqjiK1gTylvyHfgXocteXyd/K7QMRS3ng4KWN2YLcDvzd3gn9OVK
ZFzqpS5EqCdL3CAaGztp70cjlgtRj7hgjd5w7J+S1EsWqDaqhu7YgzHCJ46wipLA
Eh01lj4VimdRlb7URaU67tqFvzUfOD6hpl0AaudLb+sypKu1xwuSwHNPfwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCiaVyM2s8KQhXWvgcPiwiG6LMzfMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvS0pwWEl6YXp3cENGZGEtQnctTENJYm9zek44LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAl/ESMA0G
CSqGSIb3DQEBCwUAA4IBAQAx2j2lP819KtAbX+DNyxB2iStDeWeaaSHI/uF0nAX7
Uep0HzF3PIwWuUjUmXIe+vyMqfq8Tz5Ej3g6UUu+lM7JoP5SuoVuxHWYJgtaZz1H
G+rDUB6tLcceVWyf73wQ7a/ko0qzhl2EX1XsrxUkzcmwAZDe28TX/er+AyOPWqJc
fEHR5Vajuhh7FUl6rdU8Gt/GEuXp11jn0PoJwTdfWhsqezZwjW8MGzxgMwL33FDH
LRETvf/V/euEuXnaaoKePyiELv25aDWkWnSGe/ZhlqdU2yzatWVHi2O3oLxs78p6
NLZbDBdbg3P+BxuIZdsrGb1MJM2TJ5gsZ4mkcgqqFjsH
-----END CERTIFICATE-----
Generated at Mon Mar 2 11:29:13 2026 by rpki-client