Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/ogM9vaZ-jhIcsomDvD2F1sXlwjo.roa
File: ogM9vaZ-jhIcsomDvD2F1sXlwjo.roa (raw, json)
Hash identifier: +6jncGH6AtZBqJJlMLs+v7kHoNQw4EsAXdYFxo+Py6M=
Subject key identifier: A2:03:3D:BD:A6:7E:8E:12:1C:B2:89:83:BC:3D:85:D6:C5:E5:C2:3A
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019D869F04EED3B735776060720108CC676C
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/ogM9vaZ-jhIcsomDvD2F1sXlwjo.roa
Signing time: Mon 13 Apr 2026 11:34:21 +0000
ROA not before: Mon 13 Apr 2026 11:34:21 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 63199
IP address blocks: 151.243.165.0/24 maxlen: 24
151.244.4.0/24 maxlen: 24
151.246.131.0/24 maxlen: 24
151.247.128.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:86:9f:04:ee:d3:b7:35:77:60:60:72:01:08:cc:67:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Apr 13 11:34:21 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=a2033dbda67e8e121cb28983bc3d85d6c5e5c23a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:17:40:af:2e:0f:b0:1e:65:14:36:58:cc:c4:
f5:94:e7:67:cd:7f:95:1c:58:50:05:61:17:7c:7f:
46:5d:06:3b:3a:61:60:0e:2a:53:79:f0:59:e6:98:
99:4a:e4:ad:37:fa:dc:10:35:48:31:94:d4:fd:c7:
f1:45:44:f7:44:1f:a5:83:d5:07:fd:36:cd:61:b6:
1b:db:24:e6:e5:6e:09:f4:b1:19:a4:d0:bf:59:47:
5c:31:df:1c:0c:21:71:6a:a0:64:91:3d:23:a8:b0:
1a:57:77:ae:34:03:b4:1a:1d:41:f0:f3:75:fd:b3:
f0:66:4d:08:88:d6:ea:63:02:52:45:be:67:44:c0:
50:a9:ff:a6:8b:63:bc:44:2d:37:94:77:59:c0:db:
02:e1:ec:4b:17:54:99:95:23:59:d9:32:81:a0:7d:
e0:6d:7d:34:93:e8:81:79:1b:cc:32:5e:ad:62:fa:
b0:05:2a:6b:2a:6f:99:ab:ec:14:f8:d4:7c:bc:58:
bf:52:a0:5c:23:a0:36:f5:c0:87:96:46:e9:c9:e7:
c5:37:0c:c5:a5:c4:69:04:2e:7a:b2:dc:a5:d8:2c:
9c:5d:af:b5:6c:51:4f:63:ee:25:5c:ef:92:cf:47:
93:30:d3:3b:36:a8:38:98:49:c1:77:8b:14:67:9f:
33:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:03:3D:BD:A6:7E:8E:12:1C:B2:89:83:BC:3D:85:D6:C5:E5:C2:3A
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/ogM9vaZ-jhIcsomDvD2F1sXlwjo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.243.165.0/24
151.244.4.0/24
151.246.131.0/24
151.247.128.0/24
Signature Algorithm: sha256WithRSAEncryption
93:3a:d6:0f:e7:82:41:d4:09:55:80:e9:87:ee:7f:a6:e1:f3:
51:95:6e:c6:78:7c:32:2c:ae:09:e1:5a:22:08:14:1d:a5:5b:
c6:f3:db:9c:f8:9f:bd:c9:97:01:de:e4:63:a0:eb:62:73:cb:
d6:ee:bd:86:49:dc:29:39:b8:2a:90:bc:87:45:96:17:79:1e:
9d:6d:87:2d:e0:df:95:84:47:fa:18:9b:47:3d:41:cf:f1:86:
03:3e:df:8c:14:13:98:76:b2:26:d5:96:c6:15:ee:64:72:25:
eb:d0:91:de:7e:94:fa:5e:34:82:2f:72:b3:81:8a:59:c9:28:
dc:0e:6a:ac:9d:38:39:dd:7e:8a:90:0e:89:d7:d8:39:ad:b1:
c1:65:aa:04:96:37:6d:c0:76:83:e3:df:be:59:fa:c5:db:ae:
ef:05:10:bd:40:28:f3:36:2d:fb:de:44:5b:a3:b6:9d:f1:72:
06:15:54:34:53:04:fc:5e:47:01:73:68:7b:5c:6b:a1:ba:09:
63:93:e3:b1:93:09:dc:07:fb:c6:5c:a6:1c:8f:a1:3a:e0:a8:
51:93:11:9c:ff:1e:14:ab:4d:8f:1c:2f:9e:99:95:b2:6b:a4:
69:ed:c5:20:97:e1:c4:98:ad:8d:3e:3b:ea:3e:ea:fb:07:0f:
02:f4:20:12
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZ2GnwTu07c1d2BgcgEIzGdsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjYwNDEzMTEzNDIxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjAzM2RiZGE2N2U4ZTEyMWNiMjg5ODNiYzNkODVkNmM1ZTVjMjNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2BdAry4PsB5lFDZYzMT1lOdnzX+V
HFhQBWEXfH9GXQY7OmFgDipTefBZ5piZSuStN/rcEDVIMZTU/cfxRUT3RB+lg9UH
/TbNYbYb2yTm5W4J9LEZpNC/WUdcMd8cDCFxaqBkkT0jqLAaV3euNAO0Gh1B8PN1
/bPwZk0IiNbqYwJSRb5nRMBQqf+mi2O8RC03lHdZwNsC4exLF1SZlSNZ2TKBoH3g
bX00k+iBeRvMMl6tYvqwBSprKm+Zq+wU+NR8vFi/UqBcI6A29cCHlkbpyefFNwzF
pcRpBC56styl2CycXa+1bFFPY+4lXO+Sz0eTMNM7Nqg4mEnBd4sUZ58zcwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFKIDPb2mfo4SHLKJg7w9hdbF5cI6MB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvb2dNOXZhWi1qaEljc29tRHZEMkYxc1hsd2pvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAl/OlAwQA
l/QEAwQAl/aDAwQAl/eAMA0GCSqGSIb3DQEBCwUAA4IBAQCTOtYP54JB1AlVgOmH
7n+m4fNRlW7GeHwyLK4J4VoiCBQdpVvG89uc+J+9yZcB3uRjoOtic8vW7r2GSdwp
ObgqkLyHRZYXeR6dbYct4N+VhEf6GJtHPUHP8YYDPt+MFBOYdrIm1ZbGFe5kciXr
0JHefpT6XjSCL3KzgYpZySjcDmqsnTg53X6KkA6J19g5rbHBZaoEljdtwHaD49++
WfrF267vBRC9QCjzNi373kRbo7ad8XIGFVQ0UwT8XkcBc2h7XGuhugljk+Oxkwnc
B/vGXKYcj6E64KhRkxGc/x4Uq02PHC+emZWya6Rp7cUgl+HEmK2NPjvqPur7Bw8C
9CAS
-----END CERTIFICATE-----
Generated at Fri Apr 17 07:02:10 2026 by rpki-client