Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xgHY5GAcFTCmmGp9k0_h7y7U4OQ.roa
File: xgHY5GAcFTCmmGp9k0_h7y7U4OQ.roa (raw, json)
Hash identifier: JQsKHFgnWHNpLUq64ZfDQqa5p6OahqgZscxoSDoskJ8=
Subject key identifier: C6:01:D8:E4:60:1C:15:30:A6:98:6A:7D:93:4F:E1:EF:2E:D4:E0:E4
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019D869D31DB214519B2E8F84E2F7252E264
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xgHY5GAcFTCmmGp9k0_h7y7U4OQ.roa
Signing time: Mon 13 Apr 2026 11:32:22 +0000
ROA not before: Mon 13 Apr 2026 11:32:22 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 209104
IP address blocks: 151.240.154.0/24 maxlen: 24
151.245.141.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 13:23:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:86:9d:31:db:21:45:19:b2:e8:f8:4e:2f:72:52:e2:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Apr 13 11:32:22 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=c601d8e4601c1530a6986a7d934fe1ef2ed4e0e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:3e:33:bf:45:87:fb:6d:8b:f1:ff:37:20:01:
26:dc:ea:53:2d:c1:4b:5f:c7:c8:22:a6:2c:80:d1:
08:08:d4:b0:9a:ae:8c:7c:34:ac:26:61:53:d6:61:
4d:f2:88:6a:ff:25:8d:aa:d2:5b:bf:38:4c:7b:f5:
bd:42:d4:c1:d3:a1:2a:aa:0e:a8:20:d6:48:35:a2:
be:fe:ae:01:60:bb:84:a0:6a:e4:fd:61:f4:a6:b0:
3e:e9:b6:d5:26:c9:76:fa:14:92:21:0f:2a:51:5a:
fa:38:44:77:14:73:f9:db:18:02:59:24:02:b1:af:
4c:cf:5f:0c:e8:0c:7a:d6:4b:ad:86:ea:df:70:fc:
a0:ad:36:d8:be:68:b2:75:24:6e:45:fc:3f:fb:21:
ec:30:89:d3:e4:b7:c3:04:08:ca:57:00:9a:2b:01:
8b:86:c7:5b:06:b4:6e:30:23:1d:d3:60:93:d7:08:
8e:33:37:d6:64:ea:0a:c9:bb:e1:af:73:b3:be:b1:
d8:9e:f4:f1:a3:fc:15:e9:f7:67:71:11:95:fc:2e:
70:0a:5f:3b:88:72:65:75:ea:47:2c:eb:e7:55:14:
17:6e:d6:b4:15:af:80:56:93:fd:8b:d2:cb:c5:7e:
7a:cb:00:d3:7a:f1:be:06:2e:1b:7b:c2:2e:23:4b:
a6:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:01:D8:E4:60:1C:15:30:A6:98:6A:7D:93:4F:E1:EF:2E:D4:E0:E4
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xgHY5GAcFTCmmGp9k0_h7y7U4OQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.240.154.0/24
151.245.141.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:f8:8c:b0:33:20:df:f7:fa:0d:6d:f9:7b:30:b8:e1:48:e4:
97:ab:6f:09:0e:04:8a:ea:8b:25:b5:aa:69:71:cf:56:94:9c:
0e:fe:3c:76:5e:94:59:3c:fa:01:d3:04:34:61:4d:0c:de:c8:
d4:a6:01:15:b6:af:6b:78:8a:47:00:2d:eb:db:51:cf:3e:c7:
67:de:6b:9f:09:f5:3b:14:33:65:d2:c6:a0:23:cd:54:81:6d:
9f:b0:fa:a2:45:7c:6b:91:50:e2:cd:38:ee:21:a1:dd:aa:76:
7c:c9:73:c1:c8:1f:d0:f9:17:38:c6:a0:09:e4:a0:71:4f:47:
9d:d2:7b:4e:27:af:c8:8c:2a:36:a7:e5:c1:2b:ad:d8:72:c5:
fa:f1:bc:0b:27:ac:8f:c7:b3:2c:5a:fe:59:c7:09:70:24:17:
92:ef:12:ec:38:98:40:ad:f1:30:e9:fd:5b:5a:41:9b:16:cf:
09:d4:32:90:16:c9:46:54:6e:8e:be:2d:82:52:21:78:f4:c6:
ec:5d:7c:4f:d9:c5:ef:22:02:91:52:07:1f:48:a0:0f:b9:0b:
51:2f:1e:ad:71:9e:92:f7:ff:11:27:bf:1a:00:af:70:fb:1c:
f2:cb:bf:13:49:99:30:92:5a:94:63:04:67:ca:5e:68:51:9b:
4d:bf:88:09
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZ2GnTHbIUUZsuj4Ti9yUuJkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjYwNDEzMTEzMjIyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjAxZDhlNDYwMWMxNTMwYTY5ODZhN2Q5MzRmZTFlZjJlZDRlMGU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzT4zv0WH+22L8f83IAEm3OpTLcFL
X8fIIqYsgNEICNSwmq6MfDSsJmFT1mFN8ohq/yWNqtJbvzhMe/W9QtTB06Eqqg6o
INZINaK+/q4BYLuEoGrk/WH0prA+6bbVJsl2+hSSIQ8qUVr6OER3FHP52xgCWSQC
sa9Mz18M6Ax61kuthurfcPygrTbYvmiydSRuRfw/+yHsMInT5LfDBAjKVwCaKwGL
hsdbBrRuMCMd02CT1wiOMzfWZOoKybvhr3OzvrHYnvTxo/wV6fdncRGV/C5wCl87
iHJldepHLOvnVRQXbta0Fa+AVpP9i9LLxX56ywDTevG+Bi4be8IuI0um0QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMYB2ORgHBUwpphqfZNP4e8u1ODkMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEveGdIWTVHQWNGVENtbUdwOWswX2g3eTdVNE9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAl/CaAwQA
l/WNMA0GCSqGSIb3DQEBCwUAA4IBAQBP+IywMyDf9/oNbfl7MLjhSOSXq28JDgSK
6osltappcc9WlJwO/jx2XpRZPPoB0wQ0YU0M3sjUpgEVtq9reIpHAC3r21HPPsdn
3mufCfU7FDNl0sagI81UgW2fsPqiRXxrkVDizTjuIaHdqnZ8yXPByB/Q+Rc4xqAJ
5KBxT0ed0ntOJ6/IjCo2p+XBK63YcsX68bwLJ6yPx7MsWv5ZxwlwJBeS7xLsOJhA
rfEw6f1bWkGbFs8J1DKQFslGVG6Ovi2CUiF49MbsXXxP2cXvIgKRUgcfSKAPuQtR
Lx6tcZ6S9/8RJ78aAK9w+xzyy78TSZkwklqUYwRnyl5oUZtNv4gJ
-----END CERTIFICATE-----
Generated at Fri Apr 17 18:49:25 2026 by rpki-client