Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/oZ6ljWNZy5f3o92U00N9qZ0NYMg.roa
File: oZ6ljWNZy5f3o92U00N9qZ0NYMg.roa (raw, json)
Hash identifier: Oy3Asn71qhE0pXFH9ws5YMQid1l0MGQVuceE+hFgrkY=
Subject key identifier: A1:9E:A5:8D:63:59:CB:97:F7:A3:DD:94:D3:43:7D:A9:9D:0D:60:C8
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019D71178BDD9CA0AF494A34B1803B5C0E8A
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/oZ6ljWNZy5f3o92U00N9qZ0NYMg.roa
Signing time: Thu 09 Apr 2026 07:14:21 +0000
ROA not before: Thu 09 Apr 2026 07:14:21 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 7029
IP address blocks: 151.241.232.0/23 maxlen: 24
151.243.64.0/20 maxlen: 24
151.243.97.0/24 maxlen: 24
151.245.222.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:71:17:8b:dd:9c:a0:af:49:4a:34:b1:80:3b:5c:0e:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Apr 9 07:14:21 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=a19ea58d6359cb97f7a3dd94d3437da99d0d60c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:f0:29:1f:99:55:f6:05:16:a1:96:d7:05:06:
45:74:d6:3b:1d:6d:45:3e:55:a6:8f:11:74:c4:2f:
70:61:e5:48:b1:50:0d:2b:10:99:2d:50:d7:ac:1f:
7c:a6:b1:21:ba:68:09:ed:de:d8:d6:fa:9a:27:28:
68:f7:ab:6c:2c:d5:26:83:f4:5a:99:ff:35:7b:1e:
d4:9a:ba:19:a0:91:48:7a:0d:c5:89:6b:97:73:ab:
14:11:82:0f:d0:5d:16:7e:0f:fa:7a:37:82:f1:d5:
64:ce:53:b3:bf:b9:62:dd:0f:29:3e:c5:37:f3:50:
34:1f:98:0a:b2:a9:5a:cb:fb:d8:67:10:68:25:42:
3a:57:e1:ae:69:99:d0:14:08:2d:ea:15:43:8f:0c:
68:a5:7a:fe:0a:60:3e:4e:5f:30:db:a6:e7:d3:e5:
6f:b5:fc:94:7f:f1:26:0b:ab:a0:97:f7:13:ce:15:
4b:3e:4a:52:09:e8:64:d9:48:76:aa:89:42:11:01:
66:ac:c9:53:b3:d2:fc:38:92:0e:75:06:3c:71:53:
c7:aa:9a:52:77:0c:fd:73:4f:d5:8c:ee:1f:a5:5a:
31:34:19:b4:05:a5:0a:ee:05:89:70:f9:58:a1:9e:
01:e2:de:66:27:59:74:bd:27:42:6e:ce:2a:74:40:
27:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:9E:A5:8D:63:59:CB:97:F7:A3:DD:94:D3:43:7D:A9:9D:0D:60:C8
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/oZ6ljWNZy5f3o92U00N9qZ0NYMg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.241.232.0/23
151.243.64.0/20
151.243.97.0/24
151.245.222.0/23
Signature Algorithm: sha256WithRSAEncryption
70:2c:13:ed:8d:f2:e5:f9:79:d0:32:cd:1d:74:59:96:9f:6b:
5a:d5:40:d7:bf:55:58:f8:08:c8:22:85:57:7a:4f:b6:23:8f:
74:60:6f:b0:6c:7b:20:45:0e:6a:de:18:8d:8f:5a:b0:37:de:
64:66:f3:3f:7b:c6:7a:43:4c:24:f9:b4:e3:0c:26:31:18:64:
44:3d:86:34:51:4f:b3:c2:46:4d:e8:56:a1:3e:a5:c0:44:eb:
81:91:ac:72:3f:2e:13:d8:c9:c4:22:cd:68:11:da:53:83:77:
2a:46:df:52:c3:f0:f6:2a:19:bf:46:70:a3:f9:95:70:23:a5:
fd:3e:b8:13:00:54:5e:8e:6f:ee:0d:2b:f4:0e:6c:33:90:bf:
21:c0:b1:1d:db:f5:96:a8:81:79:be:2c:27:ab:3e:10:f3:51:
5c:f2:00:60:1e:05:9b:e4:f1:7e:e7:d9:49:e6:73:b9:b8:47:
cf:87:46:ab:dc:0b:60:6b:b0:63:19:e4:c2:50:bc:e3:ae:15:
b5:cf:d0:7b:c7:c9:b5:a3:e2:3e:4e:9c:cf:a6:02:2b:15:10:
a8:e6:38:03:72:d1:97:38:89:39:ba:6a:98:16:2f:fd:f1:83:
d0:e1:8e:c6:ad:9c:65:73:cf:84:11:50:d6:b0:27:94:47:02:
c8:e8:5c:41
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZ1xF4vdnKCvSUo0sYA7XA6KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjYwNDA5MDcxNDIxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTllYTU4ZDYzNTljYjk3ZjdhM2RkOTRkMzQzN2RhOTlkMGQ2MGM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAofApH5lV9gUWoZbXBQZFdNY7HW1F
PlWmjxF0xC9wYeVIsVANKxCZLVDXrB98prEhumgJ7d7Y1vqaJyho96tsLNUmg/Ra
mf81ex7UmroZoJFIeg3FiWuXc6sUEYIP0F0Wfg/6ejeC8dVkzlOzv7li3Q8pPsU3
81A0H5gKsqlay/vYZxBoJUI6V+GuaZnQFAgt6hVDjwxopXr+CmA+Tl8w26bn0+Vv
tfyUf/EmC6ugl/cTzhVLPkpSCehk2Uh2qolCEQFmrMlTs9L8OJIOdQY8cVPHqppS
dwz9c0/VjO4fpVoxNBm0BaUK7gWJcPlYoZ4B4t5mJ1l0vSdCbs4qdEAnHwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFKGepY1jWcuX96PdlNNDfamdDWDIMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvb1o2bGpXTlp5NWYzbzkyVTAwTjlxWjBOWU1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBl/HoAwQE
l/NAAwQAl/NhAwQBl/XeMA0GCSqGSIb3DQEBCwUAA4IBAQBwLBPtjfLl+XnQMs0d
dFmWn2ta1UDXv1VY+AjIIoVXek+2I490YG+wbHsgRQ5q3hiNj1qwN95kZvM/e8Z6
Q0wk+bTjDCYxGGREPYY0UU+zwkZN6FahPqXAROuBkaxyPy4T2MnEIs1oEdpTg3cq
Rt9Sw/D2Khm/RnCj+ZVwI6X9PrgTAFRejm/uDSv0DmwzkL8hwLEd2/WWqIF5viwn
qz4Q81Fc8gBgHgWb5PF+59lJ5nO5uEfPh0ar3Atga7BjGeTCULzjrhW1z9B7x8m1
o+I+TpzPpgIrFRCo5jgDctGXOIk5umqYFi/98YPQ4Y7GrZxlc8+EEVDWsCeURwLI
6FxB
-----END CERTIFICATE-----
Generated at Fri Apr 17 17:29:20 2026 by rpki-client