Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/cxloyx7kxDnOfvW1R_Rm_hiQf4w.roa
File: cxloyx7kxDnOfvW1R_Rm_hiQf4w.roa (raw, json)
Hash identifier: RSpjr1rBsU5gMnOln/1OYzAy1ouDLiBZ6mXcGienXUg=
Subject key identifier: 73:19:68:CB:1E:E4:C4:39:CE:7E:F5:B5:47:F4:66:FE:18:90:7F:8C
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019D3321138A3A612A8EB00EF4C521582CFC
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/cxloyx7kxDnOfvW1R_Rm_hiQf4w.roa
Signing time: Sat 28 Mar 2026 06:28:18 +0000
ROA not before: Sat 28 Mar 2026 06:28:18 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 207158
IP address blocks: 151.247.142.0/24 maxlen: 24
151.247.143.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 13:23:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:33:21:13:8a:3a:61:2a:8e:b0:0e:f4:c5:21:58:2c:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Mar 28 06:28:18 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=731968cb1ee4c439ce7ef5b547f466fe18907f8c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:3c:fa:ee:40:4b:84:fc:be:ee:be:35:c4:39:
8b:04:5c:bc:cf:67:08:38:67:1c:10:68:c3:98:82:
b3:a6:72:d5:79:27:5b:e5:68:8b:c8:31:b7:a5:0a:
9f:88:a0:66:60:72:a2:64:11:22:e6:9d:db:38:5a:
e0:79:cd:af:e4:13:cb:62:b0:d4:4f:15:da:ed:86:
2a:ce:fe:6b:cf:54:b0:6b:a8:6f:69:b2:5e:16:71:
80:8b:50:62:88:89:ab:9b:00:fe:9d:6d:08:0d:09:
a1:c6:ca:d8:64:3f:7c:c8:42:df:b3:9a:85:c9:1e:
c3:0d:ce:3a:1d:83:0a:df:5e:50:e4:c7:7e:a0:a6:
13:0e:e9:9b:19:32:03:27:12:49:80:91:81:1d:d2:
e5:40:7c:cb:0d:2e:0d:5f:de:1c:6b:37:45:c2:fd:
a8:ed:3e:c7:1c:01:4d:62:86:26:45:58:64:9d:97:
b6:45:61:4e:43:15:4f:2d:c9:63:ee:77:1b:dc:bf:
b4:0a:ef:0a:8f:6b:f6:c3:e9:c4:ef:1b:60:d1:87:
d5:0a:55:1c:1a:25:7c:41:68:2a:7f:cd:5a:f1:48:
13:b9:f3:ec:89:8d:23:78:01:3c:d8:8b:0b:2c:0d:
a4:a6:91:7e:13:b4:d7:d1:ee:f8:6f:83:fb:9f:d8:
34:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:19:68:CB:1E:E4:C4:39:CE:7E:F5:B5:47:F4:66:FE:18:90:7F:8C
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/cxloyx7kxDnOfvW1R_Rm_hiQf4w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.247.142.0/23
Signature Algorithm: sha256WithRSAEncryption
01:00:9a:d0:9b:67:53:5d:75:20:ff:89:aa:4c:3b:b7:d3:78:
cb:80:db:67:0d:3f:5c:60:c6:61:4c:ba:25:71:8a:c1:4d:e4:
75:4b:b3:f0:1d:9d:6e:23:0c:5b:66:5f:9e:e1:29:e6:35:86:
0f:c0:50:08:cc:71:5d:91:f6:6e:20:38:7a:0f:69:ce:25:b9:
ef:9a:63:ee:be:6f:16:dc:fe:77:3b:35:0e:00:11:0b:ae:45:
8b:68:14:99:41:85:ca:cd:3b:80:14:13:92:d1:c5:51:3d:fd:
10:0c:1a:b0:2a:bb:5f:e4:c7:68:4f:62:05:53:11:44:13:ab:
25:e7:30:dc:56:c7:60:2f:7a:4c:7f:0d:c2:5c:c4:31:59:09:
65:cb:24:80:c8:59:61:59:15:ba:ec:f2:11:69:1b:b1:4e:8c:
a8:71:44:bb:22:a1:4d:82:b3:48:d6:4d:96:ca:4f:eb:e5:50:
68:4d:70:12:ca:db:2c:47:73:f1:e4:e4:83:ff:f6:13:56:8e:
8e:f0:72:a5:1c:ee:4c:90:5e:90:0d:8f:12:49:5f:be:02:ce:
d9:cb:12:7d:3a:da:6e:97:d4:10:dc:87:01:a8:ca:7d:82:bd:
eb:05:ba:4c:33:db:ee:73:a8:6d:b6:e0:b2:4c:c5:6d:cf:c2:
8e:38:e4:00
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ0zIROKOmEqjrAO9MUhWCz8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjYwMzI4MDYyODE4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MzE5NjhjYjFlZTRjNDM5Y2U3ZWY1YjU0N2Y0NjZmZTE4OTA3ZjhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3Tz67kBLhPy+7r41xDmLBFy8z2cI
OGccEGjDmIKzpnLVeSdb5WiLyDG3pQqfiKBmYHKiZBEi5p3bOFrgec2v5BPLYrDU
TxXa7YYqzv5rz1Swa6hvabJeFnGAi1BiiImrmwD+nW0IDQmhxsrYZD98yELfs5qF
yR7DDc46HYMK315Q5Md+oKYTDumbGTIDJxJJgJGBHdLlQHzLDS4NX94cazdFwv2o
7T7HHAFNYoYmRVhknZe2RWFOQxVPLclj7ncb3L+0Cu8Kj2v2w+nE7xtg0YfVClUc
GiV8QWgqf81a8UgTufPsiY0jeAE82IsLLA2kppF+E7TX0e74b4P7n9g0EwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHMZaMse5MQ5zn71tUf0Zv4YkH+MMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvY3hsb3l4N2t4RG5PZnZXMVJfUm1faGlRZjR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBl/eOMA0G
CSqGSIb3DQEBCwUAA4IBAQABAJrQm2dTXXUg/4mqTDu303jLgNtnDT9cYMZhTLol
cYrBTeR1S7PwHZ1uIwxbZl+e4SnmNYYPwFAIzHFdkfZuIDh6D2nOJbnvmmPuvm8W
3P53OzUOABELrkWLaBSZQYXKzTuAFBOS0cVRPf0QDBqwKrtf5MdoT2IFUxFEE6sl
5zDcVsdgL3pMfw3CXMQxWQllyySAyFlhWRW67PIRaRuxToyocUS7IqFNgrNI1k2W
yk/r5VBoTXASytssR3Px5OSD//YTVo6O8HKlHO5MkF6QDY8SSV++As7ZyxJ9Otpu
l9QQ3IcBqMp9gr3rBbpMM9vuc6httuCyTMVtz8KOOOQA
-----END CERTIFICATE-----
Generated at Fri Apr 17 17:51:48 2026 by rpki-client