Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/c9mcko99X20SXvGZKdBUdXiqbr0.roa
File: c9mcko99X20SXvGZKdBUdXiqbr0.roa (raw, json)
Hash identifier: r+YzBNsTApk2jxpG5xLGlpqQoztDKzGMFD2FNyg6B7I=
Subject key identifier: 73:D9:9C:92:8F:7D:5F:6D:12:5E:F1:99:29:D0:54:75:78:AA:6E:BD
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019D6E7FCA7CE539ADA9D869351394231BBC
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/c9mcko99X20SXvGZKdBUdXiqbr0.roa
Signing time: Wed 08 Apr 2026 19:09:21 +0000
ROA not before: Wed 08 Apr 2026 19:09:21 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 26769
IP address blocks: 151.240.147.0/24 maxlen: 24
151.242.139.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:6e:7f:ca:7c:e5:39:ad:a9:d8:69:35:13:94:23:1b:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Apr 8 19:09:21 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=73d99c928f7d5f6d125ef19929d0547578aa6ebd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:b1:e2:57:08:51:ff:02:0e:e0:7c:23:e8:65:
53:18:33:ed:f7:18:31:9d:3c:84:d6:df:b4:31:88:
94:77:91:4f:f7:7f:6c:ac:a4:db:bf:e7:66:64:6a:
02:6b:78:ce:d8:c0:5a:75:b1:cc:09:e0:ba:4d:a4:
e8:0f:a6:e2:52:6e:ee:7b:82:1f:d8:5c:3a:d3:fb:
4e:49:90:1b:ff:b0:b7:fd:81:42:b2:05:2f:71:77:
3e:31:db:4c:60:30:43:1c:35:65:1d:1e:3f:d1:a0:
62:7c:d6:b0:38:55:79:33:e3:f3:a4:2a:3c:d1:7e:
6f:76:1f:32:bc:66:a2:fd:dc:ca:a4:d8:24:4f:c0:
09:e9:dd:ab:4b:bf:69:98:ec:9b:d2:68:54:4a:3f:
78:e5:e9:13:35:5e:3d:f4:7e:f9:8e:3a:fc:51:c4:
a4:6b:e9:fe:6d:6f:64:52:df:21:d6:95:bc:cf:1a:
3c:6a:a6:04:0a:7c:ec:50:26:fd:be:05:9b:83:f6:
41:83:b4:51:ef:93:62:6c:1a:79:e2:ea:30:f7:ba:
98:fd:99:f9:37:2e:e1:d9:d2:ef:59:58:21:d6:f4:
36:df:d4:38:60:32:3d:7c:f0:8d:cf:b2:25:93:c2:
29:c6:1a:3b:41:5f:28:71:98:69:28:e3:0a:b6:9a:
64:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:D9:9C:92:8F:7D:5F:6D:12:5E:F1:99:29:D0:54:75:78:AA:6E:BD
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/c9mcko99X20SXvGZKdBUdXiqbr0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.240.147.0/24
151.242.139.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:46:ca:15:67:71:4c:9c:c4:80:71:4d:6e:e0:64:31:73:e8:
8b:61:4a:d1:48:63:54:dd:98:c5:7e:8e:0c:ef:b3:e8:cb:0a:
aa:30:4f:82:15:0b:ff:b8:20:d9:0b:f5:e9:41:ac:d7:37:44:
b2:a6:52:06:ab:b1:fa:37:e6:fc:3c:e3:92:46:98:c8:20:02:
6c:c0:c6:16:b1:74:c6:75:8b:1d:08:31:2f:14:b2:14:10:c9:
85:48:a6:66:7c:ee:0f:73:70:a3:44:df:d2:ec:27:03:ef:41:
2d:60:53:40:2c:8f:9b:4e:d5:2f:ea:8d:24:0c:23:8e:0f:7b:
3c:42:64:cc:1d:bc:a1:c3:64:ca:8a:11:2a:06:1b:2e:ca:5f:
08:b3:7c:69:e2:ca:71:8a:71:8c:1a:a1:63:53:8f:58:15:68:
f4:86:93:69:75:64:2f:6a:92:ac:19:b6:87:15:fa:0c:30:60:
7e:de:4f:62:cb:29:8c:fb:b2:ef:94:f1:1e:db:3b:34:50:4e:
1f:78:6f:55:0a:98:e8:3f:ff:54:2c:7b:67:f3:4a:7f:53:fb:
bf:fd:06:cc:76:89:bc:a6:c6:8b:fc:83:a0:ab:c2:c9:38:af:
7e:c2:9d:3e:d5:65:eb:49:f7:5d:7b:47:c4:82:87:d5:0d:ef:
3d:ae:c8:b4
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZ1uf8p85TmtqdhpNROUIxu8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjYwNDA4MTkwOTIxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3M2Q5OWM5MjhmN2Q1ZjZkMTI1ZWYxOTkyOWQwNTQ3NTc4YWE2ZWJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr7HiVwhR/wIO4Hwj6GVTGDPt9xgx
nTyE1t+0MYiUd5FP939srKTbv+dmZGoCa3jO2MBadbHMCeC6TaToD6biUm7ue4If
2Fw60/tOSZAb/7C3/YFCsgUvcXc+MdtMYDBDHDVlHR4/0aBifNawOFV5M+PzpCo8
0X5vdh8yvGai/dzKpNgkT8AJ6d2rS79pmOyb0mhUSj945ekTNV499H75jjr8UcSk
a+n+bW9kUt8h1pW8zxo8aqYECnzsUCb9vgWbg/ZBg7RR75NibBp54uow97qY/Zn5
Ny7h2dLvWVgh1vQ239Q4YDI9fPCNz7Ilk8Ipxho7QV8ocZhpKOMKtppkaQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHPZnJKPfV9tEl7xmSnQVHV4qm69MB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvYzltY2tvOTlYMjBTWHZHWktkQlVkWGlxYnIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAl/CTAwQA
l/KLMA0GCSqGSIb3DQEBCwUAA4IBAQAuRsoVZ3FMnMSAcU1u4GQxc+iLYUrRSGNU
3ZjFfo4M77PoywqqME+CFQv/uCDZC/XpQazXN0SyplIGq7H6N+b8POOSRpjIIAJs
wMYWsXTGdYsdCDEvFLIUEMmFSKZmfO4Pc3CjRN/S7CcD70EtYFNALI+bTtUv6o0k
DCOOD3s8QmTMHbyhw2TKihEqBhsuyl8Is3xp4spxinGMGqFjU49YFWj0hpNpdWQv
apKsGbaHFfoMMGB+3k9iyymM+7LvlPEe2zs0UE4feG9VCpjoP/9ULHtn80p/U/u/
/QbMdom8psaL/IOgq8LJOK9+wp0+1WXrSfdde0fEgofVDe89rsi0
-----END CERTIFICATE-----
Generated at Fri Apr 17 17:28:57 2026 by rpki-client