Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/84bf54-09c3-4324-a11c-e4ddfa32e52e/1/C_8ZJTyNvSRdSrcMB1h6NMWurAU.roa
File: C_8ZJTyNvSRdSrcMB1h6NMWurAU.roa (raw, json)
Hash identifier: ZLk+V2N06Qw0Noo/WtokMKF+p0Gjo1uyGxURWhRlXwY=
Subject key identifier: 0B:FF:19:25:3C:8D:BD:24:5D:4A:B7:0C:07:58:7A:34:C5:AE:AC:05
Certificate issuer: /CN=5cfe8d72526e4e73a3b57d9360f3a51beb59a45f
Certificate serial: 019E9D215D5B823731E772B9CFF38B6E5785
Authority key identifier: 5C:FE:8D:72:52:6E:4E:73:A3:B5:7D:93:60:F3:A5:1B:EB:59:A4:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XP6NclJuTnOjtX2TYPOlG-tZpF8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/84bf54-09c3-4324-a11c-e4ddfa32e52e/1/C_8ZJTyNvSRdSrcMB1h6NMWurAU.roa
Signing time: Sat 06 Jun 2026 13:31:09 +0000
ROA not before: Sat 06 Jun 2026 13:31:09 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 204805
IP address blocks: 150.251.246.0/24 maxlen: 24
150.251.247.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cd/84bf54-09c3-4324-a11c-e4ddfa32e52e/1/XP6NclJuTnOjtX2TYPOlG-tZpF8.crl
rsync://rpki.ripe.net/repository/DEFAULT/cd/84bf54-09c3-4324-a11c-e4ddfa32e52e/1/XP6NclJuTnOjtX2TYPOlG-tZpF8.mft
rsync://rpki.ripe.net/repository/DEFAULT/XP6NclJuTnOjtX2TYPOlG-tZpF8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 15 Jun 2026 01:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:9d:21:5d:5b:82:37:31:e7:72:b9:cf:f3:8b:6e:57:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5cfe8d72526e4e73a3b57d9360f3a51beb59a45f
Validity
Not Before: Jun 6 13:31:09 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=0bff19253c8dbd245d4ab70c07587a34c5aeac05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:ff:87:9a:65:b6:ee:9c:1f:49:a2:4c:81:99:
3e:c3:37:ea:11:b3:9f:12:f7:33:e0:77:86:5c:ce:
e6:6c:5d:ab:7c:2e:2e:8a:16:9b:a0:96:70:59:5d:
26:3c:3b:8c:f3:87:91:92:72:37:34:8e:13:20:dc:
30:be:cd:b5:62:f1:53:25:e2:0d:13:f1:73:25:00:
4b:ca:26:65:ce:54:96:90:df:93:c1:76:80:e1:fb:
2c:26:a9:28:51:85:c0:53:66:01:3c:22:46:1e:48:
c6:1c:fe:9a:d2:6d:a7:9a:94:25:c2:80:b3:32:de:
73:ae:4b:c8:10:4a:ba:78:54:06:e1:c3:33:df:9f:
63:c9:2d:a1:20:07:b2:62:e0:3e:7d:9f:14:12:55:
10:fb:fe:84:6c:aa:b0:40:39:de:8c:fc:cc:a1:d6:
d5:65:09:19:89:a6:af:02:c1:00:b0:b7:24:65:9d:
ec:85:4f:85:dd:bd:0e:07:7e:84:25:38:4d:71:64:
83:b5:39:e6:13:ca:e8:0f:dc:69:f6:16:05:55:88:
f1:6e:5c:67:58:c6:bc:0e:8f:35:d9:5a:d4:ad:39:
21:15:1b:77:2f:27:a5:6b:55:b9:d3:e8:55:03:55:
c9:6f:90:2e:da:51:33:fb:5e:35:36:57:93:3c:fc:
48:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:FF:19:25:3C:8D:BD:24:5D:4A:B7:0C:07:58:7A:34:C5:AE:AC:05
X509v3 Authority Key Identifier:
keyid:5C:FE:8D:72:52:6E:4E:73:A3:B5:7D:93:60:F3:A5:1B:EB:59:A4:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XP6NclJuTnOjtX2TYPOlG-tZpF8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/84bf54-09c3-4324-a11c-e4ddfa32e52e/1/C_8ZJTyNvSRdSrcMB1h6NMWurAU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/84bf54-09c3-4324-a11c-e4ddfa32e52e/1/XP6NclJuTnOjtX2TYPOlG-tZpF8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
150.251.246.0/23
Signature Algorithm: sha256WithRSAEncryption
55:35:cb:6e:63:1d:8c:aa:74:8c:65:60:1b:60:39:fa:a9:b4:
4d:7f:30:65:e3:67:5b:2d:23:b5:c9:cc:d8:64:35:20:03:84:
3e:3b:5d:11:89:f4:2e:88:4f:e8:ac:8b:52:d6:a5:34:f8:bf:
b7:67:3c:ce:a3:07:ef:c5:00:2c:23:fd:18:21:65:43:f8:97:
ab:46:ab:79:4f:92:90:19:53:95:91:b3:34:8d:ff:40:cf:be:
b9:eb:64:af:9e:95:01:a6:79:30:95:a9:0e:df:ed:91:f0:e3:
c1:47:e0:68:0c:31:0a:ff:d5:a0:6a:60:b6:9e:d4:20:0a:60:
b0:af:8e:5d:83:b7:68:6b:d8:38:e3:5a:3c:e8:dd:fc:30:4b:
d0:9a:69:63:c2:0f:c3:02:6c:24:96:c5:3e:48:0d:a0:4b:88:
04:3d:70:51:56:a4:26:95:1b:64:07:46:3f:4a:3a:21:4c:83:
7c:20:43:f4:c4:2e:f9:f6:86:60:34:78:1c:1a:34:5c:cd:c4:
07:00:37:3c:b5:6b:1c:a5:42:69:16:cf:f4:3c:44:1d:97:76:
05:5f:f7:e5:b8:d3:cb:21:c1:66:44:8b:01:32:d3:8a:3e:d8:
01:60:50:27:ac:7e:37:0b:7e:a7:bb:42:df:fe:3a:b0:d8:ca:
2f:58:72:05
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ6dIV1bgjcx53K5z/OLbleFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjZmU4ZDcyNTI2ZTRlNzNhM2I1N2Q5MzYwZjNhNTFiZWI1
OWE0NWYwHhcNMjYwNjA2MTMzMTA5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYmZmMTkyNTNjOGRiZDI0NWQ0YWI3MGMwNzU4N2EzNGM1YWVhYzA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAov+HmmW27pwfSaJMgZk+wzfqEbOf
Evcz4HeGXM7mbF2rfC4uihaboJZwWV0mPDuM84eRknI3NI4TINwwvs21YvFTJeIN
E/FzJQBLyiZlzlSWkN+TwXaA4fssJqkoUYXAU2YBPCJGHkjGHP6a0m2nmpQlwoCz
Mt5zrkvIEEq6eFQG4cMz359jyS2hIAeyYuA+fZ8UElUQ+/6EbKqwQDnejPzModbV
ZQkZiaavAsEAsLckZZ3shU+F3b0OB36EJThNcWSDtTnmE8roD9xp9hYFVYjxblxn
WMa8Do812VrUrTkhFRt3Lyela1W50+hVA1XJb5Au2lEz+141NleTPPxIDwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAv/GSU8jb0kXUq3DAdYejTFrqwFMB8GA1UdIwQY
MBaAFFz+jXJSbk5zo7V9k2DzpRvrWaRfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFA2TmNsSnVUbk9qdFgyVFlQT2xHLXRacEY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC84NGJmNTQtMDljMy00MzI0LWExMWMt
ZTRkZGZhMzJlNTJlLzEvQ184WkpUeU52U1JkU3JjTUIxaDZOTVd1ckFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC84NGJmNTQtMDljMy00MzI0LWExMWMtZTRkZGZhMzJlNTJl
LzEvWFA2TmNsSnVUbk9qdFgyVFlQT2xHLXRacEY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBlvv2MA0G
CSqGSIb3DQEBCwUAA4IBAQBVNctuYx2MqnSMZWAbYDn6qbRNfzBl42dbLSO1yczY
ZDUgA4Q+O10RifQuiE/orItS1qU0+L+3ZzzOowfvxQAsI/0YIWVD+JerRqt5T5KQ
GVOVkbM0jf9Az76562SvnpUBpnkwlakO3+2R8OPBR+BoDDEK/9WgamC2ntQgCmCw
r45dg7doa9g441o86N38MEvQmmljwg/DAmwklsU+SA2gS4gEPXBRVqQmlRtkB0Y/
SjohTIN8IEP0xC759oZgNHgcGjRczcQHADc8tWscpUJpFs/0PEQdl3YFX/fluNPL
IcFmRIsBMtOKPtgBYFAnrH43C36nu0Lf/jqw2MovWHIF
-----END CERTIFICATE-----
Generated at Sun Jun 14 10:42:40 2026 by rpki-client