Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/PEbiy-JIL5xOn9CrWudn-1zESNE.roa
File: PEbiy-JIL5xOn9CrWudn-1zESNE.roa (raw, json)
Hash identifier: Wv/UlkOGYZZhorvtSavS5R8ummZWYToRxaLSCeVgWTY=
Subject key identifier: 3C:46:E2:CB:E2:48:2F:9C:4E:9F:D0:AB:5A:E7:67:FB:5C:C4:48:D1
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019C40F355C09F94B9B4448C90FA3D8EDAA1
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/PEbiy-JIL5xOn9CrWudn-1zESNE.roa
Signing time: Mon 09 Feb 2026 05:50:14 +0000
ROA not before: Mon 09 Feb 2026 05:50:14 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 9009
IP address blocks: 151.241.51.0/24 maxlen: 24
151.241.205.0/24 maxlen: 24
151.243.87.0/24 maxlen: 24
151.243.174.0/24 maxlen: 24
151.247.50.0/23 maxlen: 24
151.247.52.0/23 maxlen: 24
151.247.184.0/23 maxlen: 24
151.247.186.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 12:43:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:40:f3:55:c0:9f:94:b9:b4:44:8c:90:fa:3d:8e:da:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Feb 9 05:50:14 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=3c46e2cbe2482f9c4e9fd0ab5ae767fb5cc448d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:aa:4f:3b:8a:8d:ef:ee:42:18:ec:af:2b:b0:
b1:d5:4a:04:16:18:09:02:66:0a:b6:73:56:af:05:
55:98:d1:af:b0:a6:cf:61:94:04:f8:47:d6:a5:47:
5a:34:98:7f:c4:72:e7:9b:6c:a1:7e:da:de:16:41:
a9:6c:73:86:7f:25:f5:27:df:d6:18:de:e7:c6:b8:
3d:ff:8a:35:5a:ff:55:7b:b4:80:4f:1b:88:4d:86:
c0:4d:de:d6:f8:24:30:14:f2:b8:46:00:a2:70:9b:
f0:08:25:cc:bc:29:f2:fe:0a:e4:4a:1f:ec:dc:b5:
19:1b:54:4d:d8:33:66:8f:11:af:e1:b1:0c:ca:08:
cb:0e:09:72:cc:ed:a6:a0:cd:b6:b8:43:87:5f:84:
7f:a5:91:30:58:c1:4c:27:e6:e8:7a:de:0d:a9:21:
97:f8:a5:8c:34:e8:bc:09:6d:13:e0:ce:3f:c0:c5:
15:f1:1c:6e:29:5e:2b:ed:a7:68:e2:64:03:4a:43:
d4:e5:e7:0c:b0:30:f9:91:14:30:a7:d1:a1:5f:c1:
52:bc:59:14:ee:f8:7c:7b:24:02:1f:e6:e0:05:3c:
ca:51:fc:73:18:b9:5f:7e:22:19:dd:fc:d9:4f:dd:
77:f2:c9:2b:8a:79:be:34:19:32:4c:45:7e:20:fc:
8d:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:46:E2:CB:E2:48:2F:9C:4E:9F:D0:AB:5A:E7:67:FB:5C:C4:48:D1
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/PEbiy-JIL5xOn9CrWudn-1zESNE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.241.51.0/24
151.241.205.0/24
151.243.87.0/24
151.243.174.0/24
151.247.50.0-151.247.53.255
151.247.184.0/22
Signature Algorithm: sha256WithRSAEncryption
82:86:db:f3:55:e8:d9:59:e6:57:50:9f:b2:16:02:aa:d8:e5:
5a:37:58:47:bf:3b:80:49:04:11:01:1e:dc:af:4c:ba:1d:de:
f1:72:93:32:a1:f0:8b:06:19:56:b1:2e:8c:ed:0a:4a:6e:98:
83:cd:c7:5e:21:ec:80:7f:e3:56:a9:4b:b7:a4:0a:4b:2f:11:
46:f4:22:76:ee:a3:23:5d:90:9f:a9:91:c8:46:67:64:5f:31:
84:99:ea:c4:46:ae:92:14:f5:f5:6d:69:fd:90:93:6f:50:dd:
b6:84:29:2c:c0:0e:d4:f5:3a:a7:3e:97:f6:dd:88:b2:93:e7:
08:9e:c7:d0:d2:b0:2e:53:92:53:2a:c2:9a:ff:3b:e9:89:27:
39:8d:ee:ba:3f:5e:ee:ce:11:be:dc:41:b1:90:e9:97:79:a6:
d8:18:3c:5f:9a:a4:3c:2c:90:f3:5f:64:44:c4:15:b9:b1:87:
53:75:3e:c8:06:ee:89:11:d9:b1:a2:10:6a:98:02:33:d5:cd:
f8:c3:46:f9:e2:88:7f:ab:42:eb:d9:02:81:3c:b7:8f:4b:e6:
fc:7a:84:7e:68:e5:fb:d5:95:d3:ab:fd:3e:bc:bf:cc:17:d0:
36:ab:cc:07:c8:fe:a9:da:ac:04:8e:89:be:e2:82:f0:7f:b6:
c8:91:ab:f8
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZxA81XAn5S5tESMkPo9jtqhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjYwMjA5MDU1MDE0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzQ2ZTJjYmUyNDgyZjljNGU5ZmQwYWI1YWU3NjdmYjVjYzQ0OGQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArKpPO4qN7+5CGOyvK7Cx1UoEFhgJ
AmYKtnNWrwVVmNGvsKbPYZQE+EfWpUdaNJh/xHLnm2yhftreFkGpbHOGfyX1J9/W
GN7nxrg9/4o1Wv9Ve7SATxuITYbATd7W+CQwFPK4RgCicJvwCCXMvCny/grkSh/s
3LUZG1RN2DNmjxGv4bEMygjLDglyzO2moM22uEOHX4R/pZEwWMFMJ+boet4NqSGX
+KWMNOi8CW0T4M4/wMUV8RxuKV4r7ado4mQDSkPU5ecMsDD5kRQwp9GhX8FSvFkU
7vh8eyQCH+bgBTzKUfxzGLlffiIZ3fzZT9138skrinm+NBkyTEV+IPyN4QIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFDxG4sviSC+cTp/Qq1rnZ/tcxEjRMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvUEViaXktSklMNXhPbjlDcld1ZG4tMXpFU05FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQAl/EzAwQA
l/HNAwQAl/NXAwQAl/OuMAwDBAGX9zIDBAGX9zQDBAKX97gwDQYJKoZIhvcNAQEL
BQADggEBAIKG2/NV6NlZ5ldQn7IWAqrY5Vo3WEe/O4BJBBEBHtyvTLod3vFykzKh
8IsGGVaxLoztCkpumIPNx14h7IB/41apS7ekCksvEUb0InbuoyNdkJ+pkchGZ2Rf
MYSZ6sRGrpIU9fVtaf2Qk29Q3baEKSzADtT1Oqc+l/bdiLKT5wiex9DSsC5TklMq
wpr/O+mJJzmN7ro/Xu7OEb7cQbGQ6Zd5ptgYPF+apDwskPNfZETEFbmxh1N1PsgG
7okR2bGiEGqYAjPVzfjDRvniiH+rQuvZAoE8t49L5vx6hH5o5fvVldOr/T68v8wX
0DarzAfI/qnarASOib7igvB/tsiRq/g=
-----END CERTIFICATE-----
Generated at Mon Mar 2 17:20:53 2026 by rpki-client