Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/qCUwJUOidWI9wpQMBdMQvlNATQM.roa
File: qCUwJUOidWI9wpQMBdMQvlNATQM.roa (raw, json)
Hash identifier: SjshtGTCiWUcLcViNfhSwJDyI0XbBbeB7GInS4DCQMw=
Subject key identifier: A8:25:30:25:43:A2:75:62:3D:C2:94:0C:05:D3:10:BE:53:40:4D:03
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019E7F214D00A3BE6AF20D1D693D24C6441D
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/qCUwJUOidWI9wpQMBdMQvlNATQM.roa
Signing time: Sun 31 May 2026 17:42:29 +0000
ROA not before: Sun 31 May 2026 17:42:29 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 197234
IP address blocks: 151.244.97.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 07:13:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:7f:21:4d:00:a3:be:6a:f2:0d:1d:69:3d:24:c6:44:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: May 31 17:42:29 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=a825302543a275623dc2940c05d310be53404d03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:ee:61:38:cb:0f:9e:39:78:6d:03:36:e1:4b:
4a:2d:59:a0:b5:46:2d:5c:94:fc:13:d8:4a:1b:e0:
ac:f5:71:06:09:df:eb:72:8a:14:ff:b4:41:15:b0:
86:3e:0a:30:8f:a0:b1:ed:61:fc:14:8e:d8:f1:96:
6d:9e:f2:ef:ba:fa:cf:60:57:45:7b:ef:77:56:13:
0c:ee:11:20:0c:5d:e1:bb:74:36:8f:97:a4:7c:5f:
a1:4e:2b:94:5f:5b:0a:65:3f:be:ea:8d:9e:85:bf:
f7:97:4a:ab:fa:94:37:f4:21:ad:86:1b:4c:12:13:
cd:db:a2:21:fa:9e:b3:6e:a4:5b:35:ba:d3:9a:f2:
4b:2f:56:1e:da:7a:f9:f0:ea:f4:14:2e:41:ba:8b:
e4:76:26:4e:9f:65:aa:15:03:62:ca:69:e3:84:c4:
a2:fe:69:83:71:9e:ef:95:b6:4c:32:02:9c:74:bf:
cf:0f:04:81:5a:1e:b9:50:7d:ac:e6:a2:aa:e7:b2:
38:01:55:dd:04:19:90:4e:74:ce:de:dd:7c:f4:90:
67:98:92:9f:88:84:66:32:7e:86:16:e0:41:c5:99:
f6:c6:1f:bc:6e:46:e0:c0:a9:3b:fd:b0:20:45:85:
dc:af:76:4f:32:88:eb:6e:c1:ab:45:bb:9b:72:5c:
05:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:25:30:25:43:A2:75:62:3D:C2:94:0C:05:D3:10:BE:53:40:4D:03
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/qCUwJUOidWI9wpQMBdMQvlNATQM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.244.97.0/24
Signature Algorithm: sha256WithRSAEncryption
15:3d:0d:55:c3:ad:4e:e4:3a:5e:65:93:d9:a5:78:fb:bb:74:
70:3f:d7:7d:6b:d5:65:b6:d3:74:77:ac:65:15:41:1d:be:92:
96:91:dd:d7:fe:e1:d4:1d:40:b6:4d:02:5f:47:8d:36:e0:76:
69:7e:8c:88:72:f0:d9:e3:b8:6e:40:da:17:9d:d2:3d:aa:b1:
69:d7:42:0a:ae:4c:8c:10:c1:f3:62:75:80:4b:32:b6:4c:b6:
4e:10:64:a8:74:9a:1e:3a:c1:ca:d1:c3:24:6b:0a:e4:df:ac:
6b:c4:1a:70:63:a3:af:d1:f0:6b:78:90:94:c0:24:f1:6b:b6:
2d:c7:75:a5:8b:da:46:14:ae:c6:ae:e4:9c:de:0d:25:0e:c4:
c4:63:8f:f8:c5:ae:d4:b3:43:ee:d5:3d:4e:7a:26:1d:57:cd:
76:5c:66:97:38:39:2d:d5:bf:10:1e:95:4f:08:b6:ea:ea:71:
1a:3e:ae:05:d5:fc:3d:56:61:b7:8b:6d:b3:55:b9:9c:c9:fd:
77:5d:c2:42:54:4b:53:eb:a1:ef:16:bb:63:55:18:99:e1:60:
d7:f5:b8:27:a6:74:10:76:11:e7:bb:5f:bb:ba:23:5e:32:93:
2c:87:e6:c6:56:d4:46:d3:cd:92:b2:bd:9d:1d:6e:b9:f6:b2:
b0:4f:ab:f5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ5/IU0Ao75q8g0daT0kxkQdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjYwNTMxMTc0MjI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODI1MzAyNTQzYTI3NTYyM2RjMjk0MGMwNWQzMTBiZTUzNDA0ZDAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt+5hOMsPnjl4bQM24UtKLVmgtUYt
XJT8E9hKG+Cs9XEGCd/rcooU/7RBFbCGPgowj6Cx7WH8FI7Y8ZZtnvLvuvrPYFdF
e+93VhMM7hEgDF3hu3Q2j5ekfF+hTiuUX1sKZT++6o2ehb/3l0qr+pQ39CGthhtM
EhPN26Ih+p6zbqRbNbrTmvJLL1Ye2nr58Or0FC5BuovkdiZOn2WqFQNiymnjhMSi
/mmDcZ7vlbZMMgKcdL/PDwSBWh65UH2s5qKq57I4AVXdBBmQTnTO3t189JBnmJKf
iIRmMn6GFuBBxZn2xh+8bkbgwKk7/bAgRYXcr3ZPMojrbsGrRbubclwF7QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKglMCVDonViPcKUDAXTEL5TQE0DMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvcUNVd0pVT2lkV0k5d3BRTUJkTVF2bE5BVFFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAl/RhMA0G
CSqGSIb3DQEBCwUAA4IBAQAVPQ1Vw61O5DpeZZPZpXj7u3RwP9d9a9VlttN0d6xl
FUEdvpKWkd3X/uHUHUC2TQJfR4024HZpfoyIcvDZ47huQNoXndI9qrFp10IKrkyM
EMHzYnWASzK2TLZOEGSodJoeOsHK0cMkawrk36xrxBpwY6Ov0fBreJCUwCTxa7Yt
x3Wli9pGFK7GruSc3g0lDsTEY4/4xa7Us0Pu1T1OeiYdV812XGaXODkt1b8QHpVP
CLbq6nEaPq4F1fw9VmG3i22zVbmcyf13XcJCVEtT66HvFrtjVRiZ4WDX9bgnpnQQ
dhHnu1+7uiNeMpMsh+bGVtRG082Ssr2dHW659rKwT6v1
-----END CERTIFICATE-----
Generated at Sat Jun 13 13:38:51 2026 by rpki-client