Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/cZMX3SFrN3P82RrwbvXcOPoX--M.roa
File: cZMX3SFrN3P82RrwbvXcOPoX--M.roa (raw, json)
Hash identifier: wdmnlKifU6egSZTBr6GmumtoyFkqVQLJVnkH7fZQaJ0=
Subject key identifier: 71:93:17:DD:21:6B:37:73:FC:D9:1A:F0:6E:F5:DC:38:FA:17:FB:E3
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019EAAB5ABAE97B4FB2B52CC5AABE5B59B34
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/cZMX3SFrN3P82RrwbvXcOPoX--M.roa
Signing time: Tue 09 Jun 2026 04:48:13 +0000
ROA not before: Tue 09 Jun 2026 04:48:13 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 211484
IP address blocks: 151.240.4.0/24 maxlen: 24
151.244.173.0/24 maxlen: 24
151.245.221.0/24 maxlen: 24
151.246.128.0/17 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:aa:b5:ab:ae:97:b4:fb:2b:52:cc:5a:ab:e5:b5:9b:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Jun 9 04:48:13 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=719317dd216b3773fcd91af06ef5dc38fa17fbe3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:c0:54:e8:db:e7:79:e4:f8:ca:9e:ee:f8:98:
15:04:6b:1c:d5:90:23:24:48:57:aa:5d:10:74:0d:
f5:e5:ae:a1:f9:7d:d2:75:a2:09:7a:ed:32:45:42:
c9:00:cc:1c:17:8e:ef:fa:26:05:ff:a1:fd:07:0c:
5f:4d:e5:98:ca:fd:eb:89:42:47:2b:3a:f6:c3:ef:
68:5c:47:f3:6d:02:45:0e:41:e9:80:76:47:28:2c:
3f:ff:94:eb:a3:4a:8a:0b:3e:6d:35:19:8b:f4:7e:
97:6e:65:44:92:5f:08:85:ae:81:1a:98:49:20:ff:
57:8b:36:d1:1d:cf:83:db:00:1c:c5:25:28:15:82:
c7:f3:0c:b9:f1:c0:f6:75:77:03:6a:e2:d6:28:dc:
d1:37:99:72:42:1f:2a:7b:44:c1:0c:e5:26:42:f1:
84:9c:b4:45:49:02:5e:dc:c8:01:ca:9d:79:e3:9d:
18:c3:70:77:f1:36:80:97:48:bb:69:93:07:f1:dc:
af:61:c4:07:b7:8c:71:99:74:50:db:e7:fb:ac:0c:
5e:e2:23:fa:97:c1:af:56:66:1a:43:3e:0c:b1:59:
8f:3a:0f:c0:67:0b:67:4f:44:d9:de:ef:73:64:c7:
87:fd:db:52:eb:28:ea:19:ae:31:a6:56:0f:61:56:
8d:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:93:17:DD:21:6B:37:73:FC:D9:1A:F0:6E:F5:DC:38:FA:17:FB:E3
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/cZMX3SFrN3P82RrwbvXcOPoX--M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.240.4.0/24
151.244.173.0/24
151.245.221.0/24
151.246.128.0/17
Signature Algorithm: sha256WithRSAEncryption
5d:7a:7f:47:60:69:62:55:69:cf:06:9f:f1:6b:0b:3f:91:6b:
2f:d3:b2:40:5e:9b:53:c4:88:2d:cc:80:ec:ca:3d:75:c6:c6:
ed:88:36:d0:7f:63:57:b2:dc:42:e8:54:f8:d4:59:a9:ae:ae:
ad:58:99:5b:01:d8:c6:44:a0:c6:e9:b4:0b:c5:4f:ef:1e:c0:
22:6d:4e:f5:d4:f8:88:31:d0:21:0e:72:5f:51:43:d1:66:e7:
c0:fc:b9:a6:65:fe:29:ce:ee:02:9e:3b:f2:6e:2e:75:36:72:
26:16:fc:b7:7e:2a:0e:9c:ea:16:94:36:9a:f8:8d:31:12:46:
48:28:47:42:1a:c3:c9:5b:76:1c:f5:15:bc:10:f3:21:7a:28:
83:3b:4e:18:5d:8e:98:8b:ca:85:a2:82:46:95:49:61:c9:d2:
e9:83:63:94:c0:0b:60:4b:ba:3d:6d:f9:56:6f:de:5c:5d:fb:
3e:2e:2b:a3:cd:e0:b6:c4:ae:76:14:dd:d1:f2:a4:33:77:c6:
70:fe:f5:e6:f7:21:5e:c0:9c:1b:46:bf:9d:18:06:42:52:9b:
06:05:00:84:6a:ed:6a:9a:37:a0:9e:1e:4d:ef:6e:a8:4b:d3:
ea:02:47:80:9e:98:0c:71:92:ae:5c:a2:52:30:66:d6:62:f0:
cf:ee:ab:6e
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZ6qtauul7T7K1LMWqvltZs0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjYwNjA5MDQ0ODEzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTkzMTdkZDIxNmIzNzczZmNkOTFhZjA2ZWY1ZGMzOGZhMTdmYmUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApsBU6NvneeT4yp7u+JgVBGsc1ZAj
JEhXql0QdA315a6h+X3SdaIJeu0yRULJAMwcF47v+iYF/6H9BwxfTeWYyv3riUJH
Kzr2w+9oXEfzbQJFDkHpgHZHKCw//5Tro0qKCz5tNRmL9H6XbmVEkl8Iha6BGphJ
IP9XizbRHc+D2wAcxSUoFYLH8wy58cD2dXcDauLWKNzRN5lyQh8qe0TBDOUmQvGE
nLRFSQJe3MgByp15450Yw3B38TaAl0i7aZMH8dyvYcQHt4xxmXRQ2+f7rAxe4iP6
l8GvVmYaQz4MsVmPOg/AZwtnT0TZ3u9zZMeH/dtS6yjqGa4xplYPYVaNxQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFHGTF90hazdz/Nka8G713Dj6F/vjMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvY1pNWDNTRnJOM1A4MlJyd2J2WGNPUG9YLS1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAl/AEAwQA
l/StAwQAl/XdAwQHl/aAMA0GCSqGSIb3DQEBCwUAA4IBAQBden9HYGliVWnPBp/x
aws/kWsv07JAXptTxIgtzIDsyj11xsbtiDbQf2NXstxC6FT41Fmprq6tWJlbAdjG
RKDG6bQLxU/vHsAibU711PiIMdAhDnJfUUPRZufA/LmmZf4pzu4Cnjvybi51NnIm
Fvy3fioOnOoWlDaa+I0xEkZIKEdCGsPJW3Yc9RW8EPMheiiDO04YXY6Yi8qFooJG
lUlhydLpg2OUwAtgS7o9bflWb95cXfs+LiujzeC2xK52FN3R8qQzd8Zw/vXm9yFe
wJwbRr+dGAZCUpsGBQCEau1qmjegnh5N726oS9PqAkeAnpgMcZKuXKJSMGbWYvDP
7qtu
-----END CERTIFICATE-----
Generated at Sat Jun 13 09:06:10 2026 by rpki-client