Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/yxjQgJxLIne70ZG2GGvBSoMuoss.roa
File: yxjQgJxLIne70ZG2GGvBSoMuoss.roa (raw, json)
Hash identifier: BVOb4BOsiJq0AFI+cwTpLLzQzxJKh9t40o+b3LhpqcM=
Subject key identifier: CB:18:D0:80:9C:4B:22:77:BB:D1:91:B6:18:6B:C1:4A:83:2E:A2:CB
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019D5C3C480D50C674A555251CDF9CD5AFB3
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/yxjQgJxLIne70ZG2GGvBSoMuoss.roa
Signing time: Sun 05 Apr 2026 06:02:27 +0000
ROA not before: Sun 05 Apr 2026 06:02:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 63023
IP address blocks: 151.241.169.0/24 maxlen: 24
151.243.159.0/24 maxlen: 24
151.244.28.0/24 maxlen: 24
151.246.237.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Apr 2026 00:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:5c:3c:48:0d:50:c6:74:a5:55:25:1c:df:9c:d5:af:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Apr 5 06:02:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=cb18d0809c4b2277bbd191b6186bc14a832ea2cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:c7:08:67:95:c4:8d:f8:78:1f:be:e5:0e:91:
ef:71:e4:67:22:67:98:ae:8f:a3:0d:04:78:8d:9b:
9b:ab:8b:7f:a8:5e:27:6b:32:13:ba:0f:00:22:f3:
1a:38:06:1f:7e:19:cb:11:9e:38:c7:82:1a:08:3c:
21:1a:ae:c8:65:b9:1b:ef:47:a7:7d:4e:21:42:da:
a5:87:02:eb:2e:65:21:5f:60:7c:9f:30:b4:b0:5e:
79:03:dd:a6:18:0d:2f:21:eb:16:1d:e8:97:a6:1e:
d0:6e:6c:62:63:2e:90:4a:ce:df:2a:b0:e2:89:57:
d6:8f:87:26:66:9d:56:16:70:3e:32:4c:d2:e1:e4:
e2:6d:4c:fd:42:65:fe:0d:c2:dd:05:11:c4:43:9a:
6f:d9:82:87:c0:18:37:69:e3:22:0b:5c:2f:29:e3:
6e:83:c4:da:6c:9d:4e:bf:e8:96:0c:6c:5f:d1:34:
19:20:80:a1:24:34:6c:5f:df:57:5d:4d:cc:2d:05:
f4:60:a3:f0:17:2e:7b:b4:08:3b:f6:cd:77:cd:f1:
24:74:8f:89:c1:4f:b5:62:01:f5:4d:d6:dc:77:d8:
a1:4c:07:4e:e0:f9:76:44:4d:ff:c8:5c:ea:dd:45:
cd:14:af:c3:21:9a:3d:97:46:69:ae:90:21:40:66:
bf:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:18:D0:80:9C:4B:22:77:BB:D1:91:B6:18:6B:C1:4A:83:2E:A2:CB
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/yxjQgJxLIne70ZG2GGvBSoMuoss.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.241.169.0/24
151.243.159.0/24
151.244.28.0/24
151.246.237.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:55:44:9c:32:74:99:eb:cb:46:1a:e7:d7:b1:cc:56:59:31:
6e:a0:c4:1d:2e:d0:7a:15:16:db:be:0a:89:dc:91:37:5f:8d:
7a:e7:ab:5b:41:ca:8c:4e:1a:67:8d:36:e9:6e:86:9e:56:40:
27:6e:c6:b9:28:2b:ce:8a:3d:5f:08:c4:75:95:84:33:af:5a:
95:d5:0e:0c:19:2d:d9:0f:22:1b:4c:e0:c1:90:2b:30:be:54:
7f:fb:64:56:37:f3:c3:6f:f7:01:89:20:6a:01:a0:af:b6:c1:
71:f3:06:5f:5e:d6:ce:dd:ed:f9:10:30:ef:de:4c:5d:36:f7:
15:35:d8:47:12:d9:89:1b:da:34:9e:e6:92:11:3e:af:b2:86:
40:b1:81:4c:19:8a:aa:85:6b:e3:e3:e9:74:f5:64:7f:02:20:
e5:e9:1f:25:b6:d5:5b:7b:78:b6:91:d5:05:9e:f9:a4:30:94:
05:cd:08:7d:0b:d6:62:7d:42:0c:43:99:73:c3:ef:d3:dd:b0:
ec:85:b0:d7:2d:97:d2:97:f5:5a:14:1d:ed:79:fa:91:6d:e9:
c0:b8:8f:5b:0c:00:b1:71:32:35:eb:1b:c8:00:a0:14:aa:c5:
85:92:56:a0:d4:39:77:d1:c6:e2:9c:dd:bd:c0:65:d2:39:56:
3a:6c:45:13
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZ1cPEgNUMZ0pVUlHN+c1a+zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjYwNDA1MDYwMjI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjE4ZDA4MDljNGIyMjc3YmJkMTkxYjYxODZiYzE0YTgzMmVhMmNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnccIZ5XEjfh4H77lDpHvceRnImeY
ro+jDQR4jZubq4t/qF4nazITug8AIvMaOAYffhnLEZ44x4IaCDwhGq7IZbkb70en
fU4hQtqlhwLrLmUhX2B8nzC0sF55A92mGA0vIesWHeiXph7QbmxiYy6QSs7fKrDi
iVfWj4cmZp1WFnA+MkzS4eTibUz9QmX+DcLdBRHEQ5pv2YKHwBg3aeMiC1wvKeNu
g8TabJ1Ov+iWDGxf0TQZIIChJDRsX99XXU3MLQX0YKPwFy57tAg79s13zfEkdI+J
wU+1YgH1Tdbcd9ihTAdO4Pl2RE3/yFzq3UXNFK/DIZo9l0ZprpAhQGa/WwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFMsY0ICcSyJ3u9GRthhrwUqDLqLLMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEveXhqUWdKeExJbmU3MFpHMkdHdkJTb011b3NzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAl/GpAwQA
l/OfAwQAl/QcAwQAl/btMA0GCSqGSIb3DQEBCwUAA4IBAQBPVUScMnSZ68tGGufX
scxWWTFuoMQdLtB6FRbbvgqJ3JE3X41656tbQcqMThpnjTbpboaeVkAnbsa5KCvO
ij1fCMR1lYQzr1qV1Q4MGS3ZDyIbTODBkCswvlR/+2RWN/PDb/cBiSBqAaCvtsFx
8wZfXtbO3e35EDDv3kxdNvcVNdhHEtmJG9o0nuaSET6vsoZAsYFMGYqqhWvj4+l0
9WR/AiDl6R8lttVbe3i2kdUFnvmkMJQFzQh9C9ZifUIMQ5lzw+/T3bDshbDXLZfS
l/VaFB3tefqRbenAuI9bDACxcTI16xvIAKAUqsWFklag1Dl30cbinN29wGXSOVY6
bEUT
-----END CERTIFICATE-----
Generated at Sun Apr 19 10:20:06 2026 by rpki-client