Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/y1Boz5gBqJO2woC1B2DmqJHC8gE.roa
File: y1Boz5gBqJO2woC1B2DmqJHC8gE.roa (raw, json)
Hash identifier: S18f7PQ3Diitpw8l3axoeuJqNSAKp+e9gxRtNLvIxyA=
Subject key identifier: CB:50:68:CF:98:01:A8:93:B6:C2:80:B5:07:60:E6:A8:91:C2:F2:01
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019E6EDC8DE128EF8DF7DD74DCE3D1DA3A58
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/y1Boz5gBqJO2woC1B2DmqJHC8gE.roa
Signing time: Thu 28 May 2026 13:53:28 +0000
ROA not before: Thu 28 May 2026 13:53:28 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 397423
IP address blocks: 151.242.97.0/24 maxlen: 24
151.243.215.0/24 maxlen: 24
151.244.99.0/24 maxlen: 24
151.245.173.0/24 maxlen: 24
151.245.175.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:6e:dc:8d:e1:28:ef:8d:f7:dd:74:dc:e3:d1:da:3a:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: May 28 13:53:28 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=cb5068cf9801a893b6c280b50760e6a891c2f201
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:07:ec:59:92:9f:9c:27:02:18:de:4e:6a:48:
e5:bb:9f:48:02:74:e8:fa:e0:44:77:49:ed:c2:2f:
f2:79:2f:de:90:74:eb:f0:e4:a9:8e:e9:50:16:1a:
0b:02:42:5f:2e:9d:15:f9:dd:ed:bb:7f:b9:7c:25:
79:76:ba:2b:f5:02:e8:98:13:b7:bc:01:12:cf:96:
a0:23:2c:dc:ee:53:f8:5a:fc:7c:f6:92:5c:f2:6c:
03:fa:3f:93:bb:d7:f8:32:8c:b5:8a:37:ed:2c:62:
f1:dc:14:6a:a3:61:ce:0f:46:67:88:75:19:d0:06:
5f:38:b8:2d:90:f4:0c:1b:35:8e:ee:61:ee:a4:66:
a3:b8:dc:0c:e4:a4:a0:0b:ba:29:3e:5b:0a:5b:0c:
79:2b:59:76:52:e0:2e:b6:61:4a:ae:c2:e4:15:70:
6e:64:df:6c:a1:3b:e8:31:ac:3c:01:aa:e6:4f:66:
68:b7:cf:50:7c:ee:cd:75:b8:dc:95:d7:18:78:3a:
29:ab:c9:87:4f:b8:c2:33:c5:12:d8:11:10:77:d8:
3a:60:85:6e:3c:f6:c1:4f:4c:9f:44:40:8d:31:5a:
0c:b2:66:80:49:b8:0e:a7:45:ce:f9:c7:b7:e8:26:
be:4d:c5:6e:fa:95:cf:47:4e:fd:9c:18:09:2d:4f:
78:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:50:68:CF:98:01:A8:93:B6:C2:80:B5:07:60:E6:A8:91:C2:F2:01
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/y1Boz5gBqJO2woC1B2DmqJHC8gE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.242.97.0/24
151.243.215.0/24
151.244.99.0/24
151.245.173.0/24
151.245.175.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:0b:99:a1:f1:fd:d9:fd:96:7b:88:c6:67:3a:c0:b6:14:f0:
f1:b5:4c:c8:18:2c:53:2b:ec:82:c6:c3:c5:b5:64:ed:4c:c2:
08:d5:bf:af:9b:21:ad:aa:5f:78:e5:b0:79:6b:74:41:d0:c9:
fb:be:d2:16:19:3a:81:0a:60:ed:4b:3c:79:2c:3d:c8:d7:1c:
26:72:c7:1b:de:a9:70:06:b6:6d:80:2f:41:6d:66:8a:0f:60:
c6:56:e6:9b:56:3b:15:06:d7:a3:a8:fc:d4:91:79:7d:69:b7:
36:cc:cd:7b:f7:8d:99:89:10:53:41:cb:8d:b3:63:c5:5f:8c:
f2:f1:54:d1:ba:69:37:71:e7:a9:c5:4b:ea:df:b7:2a:60:ae:
82:42:6d:fa:b5:1c:d2:ab:5a:df:86:2c:99:85:1b:7a:08:f7:
b1:ac:41:04:c1:9a:a4:0d:b1:fd:f7:5e:d6:7b:e5:6c:51:e9:
2b:c9:18:66:c1:fd:25:6c:8e:a4:47:b3:14:09:e9:df:e2:c5:
e1:2d:6e:fa:8b:a6:8c:a9:c1:4d:84:88:80:6e:83:19:b3:36:
6d:b4:11:1d:46:11:5f:bd:59:48:9f:61:92:ee:eb:41:57:85:
bc:0c:c6:9c:9f:b7:3d:63:fd:54:53:7b:bd:d0:1a:05:dc:96:
07:b4:d8:87
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZ5u3I3hKO+N99103OPR2jpYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjYwNTI4MTM1MzI4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjUwNjhjZjk4MDFhODkzYjZjMjgwYjUwNzYwZTZhODkxYzJmMjAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAywfsWZKfnCcCGN5Oakjlu59IAnTo
+uBEd0ntwi/yeS/ekHTr8OSpjulQFhoLAkJfLp0V+d3tu3+5fCV5dror9QLomBO3
vAESz5agIyzc7lP4Wvx89pJc8mwD+j+Tu9f4Moy1ijftLGLx3BRqo2HOD0ZniHUZ
0AZfOLgtkPQMGzWO7mHupGajuNwM5KSgC7opPlsKWwx5K1l2UuAutmFKrsLkFXBu
ZN9soTvoMaw8AarmT2Zot89QfO7NdbjcldcYeDopq8mHT7jCM8US2BEQd9g6YIVu
PPbBT0yfRECNMVoMsmaASbgOp0XO+ce36Ca+TcVu+pXPR079nBgJLU948QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFMtQaM+YAaiTtsKAtQdg5qiRwvIBMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEveTFCb3o1Z0JxSk8yd29DMUIyRG1xSkhDOGdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAl/JhAwQA
l/PXAwQAl/RjAwQAl/WtAwQAl/WvMA0GCSqGSIb3DQEBCwUAA4IBAQAfC5mh8f3Z
/ZZ7iMZnOsC2FPDxtUzIGCxTK+yCxsPFtWTtTMII1b+vmyGtql945bB5a3RB0Mn7
vtIWGTqBCmDtSzx5LD3I1xwmcscb3qlwBrZtgC9BbWaKD2DGVuabVjsVBtejqPzU
kXl9abc2zM17942ZiRBTQcuNs2PFX4zy8VTRumk3ceepxUvq37cqYK6CQm36tRzS
q1rfhiyZhRt6CPexrEEEwZqkDbH9917We+VsUekryRhmwf0lbI6kR7MUCenf4sXh
LW76i6aMqcFNhIiAboMZszZttBEdRhFfvVlIn2GS7utBV4W8DMacn7c9Y/1UU3u9
0BoF3JYHtNiH
-----END CERTIFICATE-----
Generated at Sat Jun 13 09:02:35 2026 by rpki-client