Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/lGnS1UXGSEVoge_D3gssDIqeMsg.roa
File: lGnS1UXGSEVoge_D3gssDIqeMsg.roa (raw, json)
Hash identifier: 4qPv9bBF44yVynoX9HQfaDnR1vcHT33RjERfQcDj/bE=
Subject key identifier: 94:69:D2:D5:45:C6:48:45:68:81:EF:C3:DE:0B:2C:0C:8A:9E:32:C8
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019D4CCBF25EC71524E866CB8607FA977982
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/lGnS1UXGSEVoge_D3gssDIqeMsg.roa
Signing time: Thu 02 Apr 2026 06:05:27 +0000
ROA not before: Thu 02 Apr 2026 06:05:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 62068
IP address blocks: 151.246.197.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Apr 2026 00:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:4c:cb:f2:5e:c7:15:24:e8:66:cb:86:07:fa:97:79:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Apr 2 06:05:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=9469d2d545c648456881efc3de0b2c0c8a9e32c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:8d:a5:1a:b0:27:36:9f:dc:8f:57:3f:1c:79:
d2:64:4a:ab:43:0e:6c:f8:7d:55:ee:d1:84:47:04:
a3:6c:48:37:51:cf:c9:6c:f7:a5:d4:04:08:08:1c:
0e:8f:91:5c:23:49:78:ad:1b:00:cc:09:36:c7:e0:
6c:b6:4a:22:e2:44:20:8d:cd:c2:35:0c:8e:7f:d8:
ef:60:2a:4b:df:f1:cb:a5:4e:7c:0c:a5:7c:1e:b4:
a9:46:38:d2:f8:48:a4:eb:65:1f:12:a6:a9:81:1b:
58:6d:d5:31:cd:f0:f8:c8:43:ff:b6:ad:5e:16:84:
48:69:41:bc:c2:b3:1f:70:eb:2e:bd:56:08:81:eb:
ce:03:a0:bb:a1:4d:cb:d8:ff:17:62:ab:ab:a5:b6:
76:84:5c:f6:07:ee:ab:b3:b9:f1:43:2b:62:0a:ac:
9c:c0:e2:d6:5e:6e:b7:05:2a:81:79:96:67:b7:e2:
91:ab:ee:a2:55:5c:08:ec:84:bd:39:ac:2a:b6:12:
25:72:08:cd:43:f2:f6:62:52:c4:42:a5:2b:38:2e:
ae:a4:b0:86:84:a4:d4:3f:3c:2c:52:7d:e9:4e:3e:
94:c4:a0:f6:2a:a7:73:31:97:34:3e:4c:51:e7:50:
9c:74:a1:56:56:de:de:f3:6d:61:69:a5:58:fd:b3:
20:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:69:D2:D5:45:C6:48:45:68:81:EF:C3:DE:0B:2C:0C:8A:9E:32:C8
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/lGnS1UXGSEVoge_D3gssDIqeMsg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.246.197.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:cd:97:5a:e2:90:03:86:cb:27:35:ff:4c:17:9c:dd:71:68:
e3:30:06:7d:8e:8c:8d:8c:ac:a5:7c:d1:04:70:6d:86:ea:35:
b9:ae:63:a0:61:4c:1d:71:95:eb:48:e7:3f:9b:7a:57:8c:8e:
11:00:2c:ae:40:5d:bc:2a:02:d0:26:10:dd:b3:75:ba:8f:11:
b7:ea:2f:e6:6f:44:ce:96:f3:cd:8f:c4:6a:30:2c:4b:2c:9e:
6d:51:27:cd:d0:aa:fe:8b:02:68:2c:77:e1:0f:22:21:2b:67:
76:a0:d9:84:61:6e:f1:15:cd:9b:83:9e:30:a2:ab:f7:0a:34:
f3:04:75:be:cd:0d:38:83:b6:dc:0f:98:ae:5b:b3:a0:02:0a:
03:e7:98:36:0c:d5:ce:3b:22:82:a0:e2:5b:c3:c5:5f:98:bd:
d5:2d:b3:38:ad:91:b9:d2:52:37:b8:cc:9f:bd:c8:d9:05:c2:
29:93:41:4b:ad:a6:7d:d0:4c:56:26:7c:43:11:57:21:50:87:
37:53:e7:15:51:09:14:34:3b:28:3e:c5:9b:ee:40:4e:9c:27:
2c:cc:fb:0b:77:13:b6:65:07:a0:5b:e4:92:e0:05:0d:ff:96:
05:ff:7b:14:42:c3:00:87:c0:ca:fd:e5:ac:09:99:a1:a7:8e:
dc:1c:0c:2d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ1My/JexxUk6GbLhgf6l3mCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjYwNDAyMDYwNTI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDY5ZDJkNTQ1YzY0ODQ1Njg4MWVmYzNkZTBiMmMwYzhhOWUzMmM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuY2lGrAnNp/cj1c/HHnSZEqrQw5s
+H1V7tGERwSjbEg3Uc/JbPel1AQICBwOj5FcI0l4rRsAzAk2x+Bstkoi4kQgjc3C
NQyOf9jvYCpL3/HLpU58DKV8HrSpRjjS+Eik62UfEqapgRtYbdUxzfD4yEP/tq1e
FoRIaUG8wrMfcOsuvVYIgevOA6C7oU3L2P8XYqurpbZ2hFz2B+6rs7nxQytiCqyc
wOLWXm63BSqBeZZnt+KRq+6iVVwI7IS9OawqthIlcgjNQ/L2YlLEQqUrOC6upLCG
hKTUPzwsUn3pTj6UxKD2KqdzMZc0PkxR51CcdKFWVt7e821haaVY/bMgMQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJRp0tVFxkhFaIHvw94LLAyKnjLIMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvbEduUzFVWEdTRVZvZ2VfRDNnc3NESXFlTXNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAl/bFMA0G
CSqGSIb3DQEBCwUAA4IBAQBczZda4pADhssnNf9MF5zdcWjjMAZ9joyNjKylfNEE
cG2G6jW5rmOgYUwdcZXrSOc/m3pXjI4RACyuQF28KgLQJhDds3W6jxG36i/mb0TO
lvPNj8RqMCxLLJ5tUSfN0Kr+iwJoLHfhDyIhK2d2oNmEYW7xFc2bg54woqv3CjTz
BHW+zQ04g7bcD5iuW7OgAgoD55g2DNXOOyKCoOJbw8VfmL3VLbM4rZG50lI3uMyf
vcjZBcIpk0FLraZ90ExWJnxDEVchUIc3U+cVUQkUNDsoPsWb7kBOnCcszPsLdxO2
ZQegW+SS4AUN/5YF/3sUQsMAh8DK/eWsCZmhp47cHAwt
-----END CERTIFICATE-----
Generated at Sun Apr 19 11:12:21 2026 by rpki-client