Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/ocn0HjpEZD2464uME6keVsflHy4.roa
File: ocn0HjpEZD2464uME6keVsflHy4.roa (raw, json)
Hash identifier: 7+tbD7dwkiGd4DRaYp1AoU1lsMjXxdSgHo2VD5Gg1Ec=
Subject key identifier: A1:C9:F4:1E:3A:44:64:3D:B8:EB:8B:8C:13:A9:1E:56:C7:E5:1F:2E
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019E963C40B76667BD17CFC081BD1F830567
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/ocn0HjpEZD2464uME6keVsflHy4.roa
Signing time: Fri 05 Jun 2026 05:23:11 +0000
ROA not before: Fri 05 Jun 2026 05:23:11 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 53356
IP address blocks: 151.243.104.0/24 maxlen: 24
151.244.250.0/24 maxlen: 24
151.245.167.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:96:3c:40:b7:66:67:bd:17:cf:c0:81:bd:1f:83:05:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Jun 5 05:23:11 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=a1c9f41e3a44643db8eb8b8c13a91e56c7e51f2e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:b1:2d:c7:d5:ca:9b:fd:b0:cc:22:51:81:a9:
d0:9c:36:97:d1:1e:e6:cd:f2:dc:fb:6b:65:7b:d3:
7e:02:cf:28:c4:40:2c:85:2f:b4:cd:a0:d5:d4:f6:
bd:7d:3c:96:d9:a3:7a:63:e4:02:5e:ed:55:18:7d:
ac:da:8e:92:e1:92:56:21:e0:98:53:5b:9e:84:40:
92:09:70:21:0e:da:53:d2:38:d2:9a:48:b9:a5:9c:
1c:08:65:b3:d0:06:93:d5:fc:9a:0c:07:3c:d7:55:
f3:2d:a5:9a:03:16:0d:65:9c:81:bb:93:fd:8b:fe:
0c:7a:0b:51:02:30:c6:05:e8:82:ed:78:52:fa:f5:
28:2e:a6:18:83:df:0f:ad:8b:af:58:89:90:a9:27:
ea:fb:85:14:e7:d6:25:31:c6:8e:c6:c7:17:9c:60:
ff:e7:95:33:38:de:26:69:73:1e:55:1f:19:84:7f:
df:6b:c8:a8:fa:25:f6:57:e6:67:60:fd:ac:84:d2:
1c:f8:c3:b3:0f:69:22:6c:5d:ce:f3:a2:7b:6f:03:
b3:c5:58:f6:3f:0f:ae:0b:05:fc:d5:d5:ad:5e:1b:
83:61:e6:8b:a7:5e:c4:ba:66:fb:1b:8f:80:c1:16:
2c:5c:86:93:4c:f4:4f:57:35:dd:7d:07:eb:c0:5c:
a1:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:C9:F4:1E:3A:44:64:3D:B8:EB:8B:8C:13:A9:1E:56:C7:E5:1F:2E
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/ocn0HjpEZD2464uME6keVsflHy4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.243.104.0/24
151.244.250.0/24
151.245.167.0/24
Signature Algorithm: sha256WithRSAEncryption
b0:56:82:48:53:7b:94:42:35:e8:f0:ea:ec:81:da:91:e1:ba:
ee:91:ca:e1:f4:36:a0:d8:fd:95:34:66:4d:af:4a:48:c5:be:
67:87:ee:94:5c:17:1b:da:03:1a:39:90:b7:fe:75:53:bf:f6:
23:09:1d:6e:14:e1:fa:c1:9a:ae:89:82:52:57:9a:17:45:c6:
76:53:f0:cd:27:0c:16:77:e1:62:33:4c:02:61:37:dd:b4:23:
4a:3a:8d:e6:4a:d0:48:31:d7:fa:12:cd:99:eb:d8:08:bd:63:
97:59:10:9c:0b:89:0f:10:eb:5d:19:f5:df:c9:bf:f3:31:8f:
19:f6:9e:17:74:da:6b:fa:cb:5d:00:e4:e9:45:59:74:b2:0b:
11:56:ff:b0:ff:39:f4:04:e2:14:5b:46:6c:62:9e:7e:26:95:
3a:59:2c:7d:d8:e8:8d:12:5c:a7:e7:4a:94:56:f2:5f:f3:29:
53:01:80:8c:2e:55:b9:17:c6:e2:cf:9b:60:1e:f6:b3:41:4b:
5e:8b:74:32:95:49:07:06:3b:cd:e3:36:e7:06:ad:f6:e1:05:
a3:b0:f8:46:47:c7:51:8f:ef:14:83:ae:d5:c4:bf:c7:dd:ac:
a4:86:18:c3:87:27:85:b9:79:9a:98:68:71:a3:b7:1b:fb:81:
d3:1e:c0:a7
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZ6WPEC3Zme9F8/Agb0fgwVnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjYwNjA1MDUyMzExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMWM5ZjQxZTNhNDQ2NDNkYjhlYjhiOGMxM2E5MWU1NmM3ZTUxZjJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmrEtx9XKm/2wzCJRganQnDaX0R7m
zfLc+2tle9N+As8oxEAshS+0zaDV1Pa9fTyW2aN6Y+QCXu1VGH2s2o6S4ZJWIeCY
U1uehECSCXAhDtpT0jjSmki5pZwcCGWz0AaT1fyaDAc811XzLaWaAxYNZZyBu5P9
i/4MegtRAjDGBeiC7XhS+vUoLqYYg98PrYuvWImQqSfq+4UU59YlMcaOxscXnGD/
55UzON4maXMeVR8ZhH/fa8io+iX2V+ZnYP2shNIc+MOzD2kibF3O86J7bwOzxVj2
Pw+uCwX81dWtXhuDYeaLp17Eumb7G4+AwRYsXIaTTPRPVzXdfQfrwFyhBwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKHJ9B46RGQ9uOuLjBOpHlbH5R8uMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvb2NuMEhqcEVaRDI0NjR1TUU2a2VWc2ZsSHk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAl/NoAwQA
l/T6AwQAl/WnMA0GCSqGSIb3DQEBCwUAA4IBAQCwVoJIU3uUQjXo8OrsgdqR4bru
kcrh9Dag2P2VNGZNr0pIxb5nh+6UXBcb2gMaOZC3/nVTv/YjCR1uFOH6wZquiYJS
V5oXRcZ2U/DNJwwWd+FiM0wCYTfdtCNKOo3mStBIMdf6Es2Z69gIvWOXWRCcC4kP
EOtdGfXfyb/zMY8Z9p4XdNpr+stdAOTpRVl0sgsRVv+w/zn0BOIUW0ZsYp5+JpU6
WSx92OiNElyn50qUVvJf8ylTAYCMLlW5F8biz5tgHvazQUtei3QylUkHBjvN4zbn
Bq324QWjsPhGR8dRj+8Ug67VxL/H3aykhhjDhyeFuXmamGhxo7cb+4HTHsCn
-----END CERTIFICATE-----
Generated at Sat Jun 13 09:05:38 2026 by rpki-client