Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/zja9jO7anQa2jJU3m6eJwKWUS9U.roa
File: zja9jO7anQa2jJU3m6eJwKWUS9U.roa (raw, json)
Hash identifier: znwfqZ5h/c8rxPzb+ee5ijxY98blk9UBc+Wdgr67Zjc=
Subject key identifier: CE:36:BD:8C:EE:DA:9D:06:B6:8C:95:37:9B:A7:89:C0:A5:94:4B:D5
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019C60E4D41DF06C134D63BF973981459C74
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/zja9jO7anQa2jJU3m6eJwKWUS9U.roa
Signing time: Sun 15 Feb 2026 10:42:15 +0000
ROA not before: Sun 15 Feb 2026 10:42:15 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 205886
IP address blocks: 151.241.25.0/24 maxlen: 24
151.245.0.0/17 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 22:01:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:60:e4:d4:1d:f0:6c:13:4d:63:bf:97:39:81:45:9c:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Feb 15 10:42:15 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=ce36bd8ceeda9d06b68c95379ba789c0a5944bd5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:5f:74:28:e3:55:40:70:e8:2a:2a:09:37:05:
19:ef:0a:5a:28:fc:19:45:ea:55:1e:70:4f:40:7c:
79:96:54:17:8f:94:5d:1e:5e:a2:66:1d:46:3f:a4:
4e:24:2a:77:9b:81:20:38:f5:77:02:1f:73:fe:aa:
4f:87:80:35:d8:3e:2b:5a:41:52:67:85:0e:84:81:
a0:f3:2f:53:52:2f:c8:db:bc:f7:7a:a2:8e:b4:d7:
9f:61:01:f9:04:64:53:c5:ce:82:01:ee:b7:21:c3:
ba:57:59:64:85:1f:46:af:f5:75:95:ad:19:09:f2:
72:ff:b8:3d:d0:56:bd:f2:fe:2e:7f:4d:61:de:1b:
80:a8:ed:24:c2:35:97:6e:38:29:4a:ea:71:72:c8:
62:0d:a8:de:b5:22:43:ad:66:81:d6:22:e6:a0:8f:
ff:3e:10:45:31:ad:51:9a:47:2e:83:e0:e2:f5:86:
d8:2c:91:40:d7:50:30:6f:d4:81:fb:2f:ff:78:1f:
da:34:6c:d3:fb:a7:2c:69:2e:ab:f9:4a:64:89:99:
db:e7:45:3b:dd:60:2a:89:55:f7:68:6a:f2:93:ca:
8a:6f:a2:be:aa:fb:c9:bd:29:3a:d1:91:5e:4a:1f:
3d:f2:0c:98:39:3c:16:b5:37:8f:a2:83:9a:3a:50:
79:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:36:BD:8C:EE:DA:9D:06:B6:8C:95:37:9B:A7:89:C0:A5:94:4B:D5
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/zja9jO7anQa2jJU3m6eJwKWUS9U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.241.25.0/24
151.245.0.0/17
Signature Algorithm: sha256WithRSAEncryption
45:5b:34:67:fa:83:7d:05:f4:9f:e2:9e:20:af:7c:9d:0f:09:
b9:3a:d4:b0:6d:50:49:73:b6:b6:d5:76:39:d5:79:55:be:34:
7c:d6:49:b2:bc:07:2d:07:c1:bb:23:61:c3:1d:14:26:c5:c4:
a4:7d:a7:74:c4:51:82:bf:79:76:50:30:f1:6f:b4:e4:6a:9e:
50:1f:14:56:63:d1:30:99:76:44:20:e0:b3:ac:74:87:c6:d8:
f2:32:e5:86:d3:0c:56:00:1e:9b:55:e3:b8:8b:a8:cf:be:30:
d4:90:d4:b1:4e:8f:22:4c:b4:4c:70:e7:5c:6a:6c:b8:50:48:
42:d9:31:21:bf:5e:f6:22:aa:60:b6:ad:a2:67:2f:74:3f:52:
b6:8f:37:95:d5:0f:5e:d5:ef:f1:ca:8a:63:97:23:49:c3:8c:
49:8d:e9:31:36:52:69:60:c2:1b:f0:91:d3:7c:89:b7:5e:51:
30:08:65:e7:c7:62:a5:85:fc:8b:e8:8a:10:8c:27:56:71:4e:
b5:6b:91:3c:6a:e5:da:a1:aa:af:00:1c:15:f0:5a:fc:00:1f:
25:59:c0:65:3f:ff:fc:85:91:69:27:5b:f0:79:e7:92:d1:d9:
2f:41:30:ec:8a:02:ec:33:ab:b7:47:0d:74:2b:c9:9b:a1:35:
ef:fa:92:aa
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZxg5NQd8GwTTWO/lzmBRZx0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjYwMjE1MTA0MjE1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTM2YmQ4Y2VlZGE5ZDA2YjY4Yzk1Mzc5YmE3ODljMGE1OTQ0YmQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2l90KONVQHDoKioJNwUZ7wpaKPwZ
RepVHnBPQHx5llQXj5RdHl6iZh1GP6ROJCp3m4EgOPV3Ah9z/qpPh4A12D4rWkFS
Z4UOhIGg8y9TUi/I27z3eqKOtNefYQH5BGRTxc6CAe63IcO6V1lkhR9Gr/V1la0Z
CfJy/7g90Fa98v4uf01h3huAqO0kwjWXbjgpSupxcshiDajetSJDrWaB1iLmoI//
PhBFMa1Rmkcug+Di9YbYLJFA11Awb9SB+y//eB/aNGzT+6csaS6r+UpkiZnb50U7
3WAqiVX3aGryk8qKb6K+qvvJvSk60ZFeSh898gyYOTwWtTePooOaOlB5fwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFM42vYzu2p0GtoyVN5unicCllEvVMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvemphOWpPN2FuUWEyakpVM202ZUp3S1dVUzlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAl/EZAwQH
l/UAMA0GCSqGSIb3DQEBCwUAA4IBAQBFWzRn+oN9BfSf4p4gr3ydDwm5OtSwbVBJ
c7a21XY51XlVvjR81kmyvActB8G7I2HDHRQmxcSkfad0xFGCv3l2UDDxb7Tkap5Q
HxRWY9EwmXZEIOCzrHSHxtjyMuWG0wxWAB6bVeO4i6jPvjDUkNSxTo8iTLRMcOdc
amy4UEhC2TEhv172Iqpgtq2iZy90P1K2jzeV1Q9e1e/xyopjlyNJw4xJjekxNlJp
YMIb8JHTfIm3XlEwCGXnx2KlhfyL6IoQjCdWcU61a5E8auXaoaqvABwV8Fr8AB8l
WcBlP//8hZFpJ1vweeeS0dkvQTDsigLsM6u3Rw10K8mboTXv+pKq
-----END CERTIFICATE-----
Generated at Mon Mar 2 08:42:38 2026 by rpki-client