Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/s8N9Mr9P-BIt0OULq1ZQXWcvgvs.roa
File: s8N9Mr9P-BIt0OULq1ZQXWcvgvs.roa (raw, json)
Hash identifier: Q6uBx7QA1S8t5dMndVfMGpL/k7qEKvOGbDw3h4GJq+M=
Subject key identifier: B3:C3:7D:32:BF:4F:F8:12:2D:D0:E5:0B:AB:56:50:5D:67:2F:82:FB
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019E9180196FF0867CBC3C5CBE35A31F2384
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/s8N9Mr9P-BIt0OULq1ZQXWcvgvs.roa
Signing time: Thu 04 Jun 2026 07:19:11 +0000
ROA not before: Thu 04 Jun 2026 07:19:11 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 208905
IP address blocks: 151.245.72.0/24 maxlen: 24
151.247.90.0/24 maxlen: 24
151.247.91.0/24 maxlen: 24
151.247.195.0/24 maxlen: 24
151.247.206.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:91:80:19:6f:f0:86:7c:bc:3c:5c:be:35:a3:1f:23:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Jun 4 07:19:11 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=b3c37d32bf4ff8122dd0e50bab56505d672f82fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:44:03:c3:5d:63:fa:c9:60:91:7d:2b:1a:18:
03:d2:2c:77:12:f0:19:50:5a:a0:28:54:4e:b3:b6:
c7:33:be:a7:ef:cd:de:0c:42:93:b4:d0:db:96:3b:
2a:1c:4b:d4:fa:9c:da:59:95:77:09:62:66:f7:c5:
e2:fe:3c:c1:90:bf:0c:82:6f:d0:5f:46:de:eb:cb:
d0:38:6d:b3:ce:52:90:88:c6:e8:0d:d7:4d:12:2d:
ae:fb:f3:62:4d:a4:26:8d:e1:6c:26:75:2a:8c:a0:
2f:50:22:f8:89:d3:af:7c:5d:fe:c3:46:e5:5c:27:
2d:31:51:f1:18:22:57:83:bd:79:93:6a:5f:34:c7:
1d:a0:52:a8:5e:9e:1c:13:7f:03:33:98:1d:dd:db:
76:d9:14:ae:92:00:8f:52:95:dc:2a:e8:98:fc:45:
f0:c4:3f:14:bd:dc:ab:6b:7d:ed:01:2f:2a:e6:7b:
1a:11:77:38:09:65:b4:7a:97:04:7c:1f:be:a1:44:
d1:60:47:22:1b:09:f8:23:6c:6b:8e:f4:79:58:57:
22:2f:6c:0d:0f:97:e7:df:17:73:6a:8b:d6:b4:f9:
6a:00:44:1b:8a:dc:eb:5b:3b:29:8d:6d:73:91:ff:
f6:38:66:01:ca:05:b9:36:ad:8d:5b:ea:7d:c3:57:
75:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:C3:7D:32:BF:4F:F8:12:2D:D0:E5:0B:AB:56:50:5D:67:2F:82:FB
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/s8N9Mr9P-BIt0OULq1ZQXWcvgvs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.245.72.0/24
151.247.90.0/23
151.247.195.0/24
151.247.206.0/24
Signature Algorithm: sha256WithRSAEncryption
7c:e2:01:80:a4:55:08:26:9f:f4:95:18:93:db:a2:4c:69:47:
ab:e9:8a:ec:11:b8:59:e2:5f:9a:52:ee:61:28:fc:55:a7:9b:
2c:cb:f5:88:9d:00:41:cd:b3:ad:05:dc:cd:65:30:a0:3e:fa:
1b:6b:26:2b:4e:e9:06:ac:c6:05:be:ed:dd:e2:ad:6f:e9:3a:
64:a9:97:47:7b:85:bd:82:4e:fa:a0:fe:f6:c7:7b:eb:b3:e6:
c5:89:2b:c9:0e:21:45:95:48:96:f9:f7:ee:03:91:69:94:eb:
6f:fe:57:03:eb:de:23:90:8d:85:4a:ed:a9:c3:43:51:87:52:
4a:4a:2b:0a:0c:21:01:e4:d4:5c:07:84:4c:36:8d:16:10:73:
2d:f4:78:20:70:ca:5c:a1:32:41:7d:84:1a:29:8a:e1:3b:72:
18:b5:1d:3f:b1:f9:00:5b:2b:c4:44:df:8e:8b:28:f7:a3:2f:
65:2c:fa:99:be:1e:d1:bf:a9:20:f6:3b:0b:df:fa:01:5c:cc:
8b:1e:c8:5f:be:41:f3:f3:39:96:98:73:34:9a:ba:15:a7:4c:
0b:fb:66:a5:50:87:2f:fe:85:b9:7a:70:c5:c4:75:be:ca:dd:
fe:a2:5f:be:66:58:f7:41:46:49:87:b6:90:75:f7:fd:1e:3f:
a0:ea:df:c0
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZ6RgBlv8IZ8vDxcvjWjHyOEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjYwNjA0MDcxOTExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiM2MzN2QzMmJmNGZmODEyMmRkMGU1MGJhYjU2NTA1ZDY3MmY4MmZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnEQDw11j+slgkX0rGhgD0ix3EvAZ
UFqgKFROs7bHM76n783eDEKTtNDbljsqHEvU+pzaWZV3CWJm98Xi/jzBkL8Mgm/Q
X0be68vQOG2zzlKQiMboDddNEi2u+/NiTaQmjeFsJnUqjKAvUCL4idOvfF3+w0bl
XCctMVHxGCJXg715k2pfNMcdoFKoXp4cE38DM5gd3dt22RSukgCPUpXcKuiY/EXw
xD8Uvdyra33tAS8q5nsaEXc4CWW0epcEfB++oUTRYEciGwn4I2xrjvR5WFciL2wN
D5fn3xdzaovWtPlqAEQbitzrWzspjW1zkf/2OGYBygW5Nq2NW+p9w1d1SwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFLPDfTK/T/gSLdDlC6tWUF1nL4L7MB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvczhOOU1yOVAtQkl0ME9VTHExWlFYV2N2Z3ZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAl/VIAwQB
l/daAwQAl/fDAwQAl/fOMA0GCSqGSIb3DQEBCwUAA4IBAQB84gGApFUIJp/0lRiT
26JMaUer6YrsEbhZ4l+aUu5hKPxVp5ssy/WInQBBzbOtBdzNZTCgPvobayYrTukG
rMYFvu3d4q1v6TpkqZdHe4W9gk76oP72x3vrs+bFiSvJDiFFlUiW+ffuA5FplOtv
/lcD694jkI2FSu2pw0NRh1JKSisKDCEB5NRcB4RMNo0WEHMt9HggcMpcoTJBfYQa
KYrhO3IYtR0/sfkAWyvERN+Oiyj3oy9lLPqZvh7Rv6kg9jsL3/oBXMyLHshfvkHz
8zmWmHM0mroVp0wL+2alUIcv/oW5enDFxHW+yt3+ol++Zlj3QUZJh7aQdff9Hj+g
6t/A
-----END CERTIFICATE-----
Generated at Sat Jun 13 10:38:07 2026 by rpki-client