Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/160905-126b-47df-9899-1199bb979d5a/1/ajjWFLhMNU-QuF21tZ1GMQOJmmo.roa
File: ajjWFLhMNU-QuF21tZ1GMQOJmmo.roa (raw, json)
Hash identifier: HwQXBdSljqHyOy0pToc7H06Y8W7GqL4m3uBiGpV22c4=
Subject key identifier: 6A:38:D6:14:B8:4C:35:4F:90:B8:5D:B5:B5:9D:46:31:03:89:9A:6A
Certificate issuer: /CN=2c07bf3b733a5c3a71d9ca8c3626948df712705b
Certificate serial: 019C7038BED30B95D5C8F1EA24004BF4D6DD
Authority key identifier: 2C:07:BF:3B:73:3A:5C:3A:71:D9:CA:8C:36:26:94:8D:F7:12:70:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LAe_O3M6XDpx2cqMNiaUjfcScFs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/160905-126b-47df-9899-1199bb979d5a/1/ajjWFLhMNU-QuF21tZ1GMQOJmmo.roa
Signing time: Wed 18 Feb 2026 10:08:12 +0000
ROA not before: Wed 18 Feb 2026 10:08:12 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 4766
IP address blocks: 153.51.88.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/160905-126b-47df-9899-1199bb979d5a/1/LAe_O3M6XDpx2cqMNiaUjfcScFs.crl
rsync://rpki.ripe.net/repository/DEFAULT/d3/160905-126b-47df-9899-1199bb979d5a/1/LAe_O3M6XDpx2cqMNiaUjfcScFs.mft
rsync://rpki.ripe.net/repository/DEFAULT/LAe_O3M6XDpx2cqMNiaUjfcScFs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 03:01:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:70:38:be:d3:0b:95:d5:c8:f1:ea:24:00:4b:f4:d6:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2c07bf3b733a5c3a71d9ca8c3626948df712705b
Validity
Not Before: Feb 18 10:08:12 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=6a38d614b84c354f90b85db5b59d463103899a6a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:ed:cb:3e:61:25:19:76:6f:7d:10:47:16:6a:
c6:bb:27:05:c2:bc:1c:af:4d:c2:88:fb:28:2d:03:
08:02:1e:e0:f4:ea:44:3e:58:e7:a0:b4:92:75:6a:
32:d2:35:d3:db:89:26:59:3f:c1:77:60:3f:9f:6a:
1f:a4:36:82:bf:08:3c:71:be:1d:ed:85:be:c6:90:
6d:14:95:19:69:9b:44:91:c8:62:b2:c1:ee:3a:69:
f8:89:23:a9:7c:c7:ef:21:c6:74:42:37:06:d0:48:
7e:02:0c:78:fd:6d:48:c5:33:cf:e2:a2:c6:24:c8:
17:ff:7e:3e:6d:64:c9:da:6c:3f:89:e2:08:2d:5c:
36:13:cf:4f:37:f3:74:dc:5d:4c:39:5b:89:48:f9:
02:cb:21:85:4e:e1:90:a6:8d:36:cd:95:9a:b5:b1:
b2:cd:f8:2c:8a:88:99:a8:aa:9f:c2:13:6e:04:5b:
2c:14:31:21:c2:d5:60:ec:58:cf:46:4b:ca:33:91:
f7:cc:11:e8:c9:3e:16:2c:c4:de:df:af:d0:5d:f7:
e9:bf:60:17:8e:5a:d9:72:8b:20:36:2b:80:11:fb:
ca:f5:3f:7a:d7:8b:e3:ea:a1:1a:45:e0:b2:bf:b6:
ae:4f:c8:18:f8:ab:99:ea:ea:37:e5:09:a4:8b:53:
40:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:38:D6:14:B8:4C:35:4F:90:B8:5D:B5:B5:9D:46:31:03:89:9A:6A
X509v3 Authority Key Identifier:
keyid:2C:07:BF:3B:73:3A:5C:3A:71:D9:CA:8C:36:26:94:8D:F7:12:70:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LAe_O3M6XDpx2cqMNiaUjfcScFs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/160905-126b-47df-9899-1199bb979d5a/1/ajjWFLhMNU-QuF21tZ1GMQOJmmo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/160905-126b-47df-9899-1199bb979d5a/1/LAe_O3M6XDpx2cqMNiaUjfcScFs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
153.51.88.0/21
Signature Algorithm: sha256WithRSAEncryption
7e:4f:d4:65:41:f8:ad:5c:14:e0:a8:59:3c:05:eb:ed:a9:21:
16:89:54:b0:d2:02:2f:ca:89:7c:d9:89:0a:ca:ed:4e:07:73:
6d:f1:08:3e:73:6a:a1:c6:05:84:51:c1:a8:56:4e:fb:c5:02:
07:6a:aa:86:ee:71:b2:5e:17:bd:4c:d3:47:fa:fc:5a:72:64:
a3:92:86:0b:ac:9b:f0:14:4d:98:fb:d5:42:a0:4d:68:5a:48:
c7:4b:41:16:f6:19:e1:a5:2f:78:4f:5d:a2:af:e4:91:2d:48:
ab:97:79:3e:f0:22:dd:04:99:37:ca:9a:76:e9:f6:06:28:01:
a9:e5:b6:d2:ac:1b:13:1f:8f:84:d5:cc:9e:1e:99:8e:e8:55:
a8:d6:bb:a0:3b:67:1f:4e:4a:42:1b:6e:77:b9:a3:c4:72:50:
58:87:de:28:4b:ac:ab:8f:27:29:58:23:68:b2:4c:40:f1:87:
8f:00:82:cb:8f:67:42:57:0e:42:8b:22:8d:05:2a:ac:cf:cd:
3b:a0:5e:b6:2e:2b:df:ae:6c:9b:12:f6:d2:6f:92:81:3c:5c:
6e:22:0f:2a:d2:d5:dd:b0:80:44:06:56:c2:e8:61:91:fa:8f:
d9:45:b7:1d:c5:8c:e9:cb:68:58:d9:8f:b9:35:9c:1d:6b:6f:
64:86:cd:d0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZxwOL7TC5XVyPHqJABL9NbdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjMDdiZjNiNzMzYTVjM2E3MWQ5Y2E4YzM2MjY5NDhkZjcx
MjcwNWIwHhcNMjYwMjE4MTAwODEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTM4ZDYxNGI4NGMzNTRmOTBiODVkYjViNTlkNDYzMTAzODk5YTZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1+3LPmElGXZvfRBHFmrGuycFwrwc
r03CiPsoLQMIAh7g9OpEPljnoLSSdWoy0jXT24kmWT/Bd2A/n2ofpDaCvwg8cb4d
7YW+xpBtFJUZaZtEkchissHuOmn4iSOpfMfvIcZ0QjcG0Eh+Agx4/W1IxTPP4qLG
JMgX/34+bWTJ2mw/ieIILVw2E89PN/N03F1MOVuJSPkCyyGFTuGQpo02zZWatbGy
zfgsioiZqKqfwhNuBFssFDEhwtVg7FjPRkvKM5H3zBHoyT4WLMTe36/QXffpv2AX
jlrZcosgNiuAEfvK9T9614vj6qEaReCyv7auT8gY+KuZ6uo35Qmki1NABQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGo41hS4TDVPkLhdtbWdRjEDiZpqMB8GA1UdIwQY
MBaAFCwHvztzOlw6cdnKjDYmlI33EnBbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTEFlX08zTTZYRHB4MmNxTU5pYVVqZmNTY0ZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy8xNjA5MDUtMTI2Yi00N2RmLTk4OTkt
MTE5OWJiOTc5ZDVhLzEvYWpqV0ZMaE1OVS1RdUYyMXRaMUdNUU9KbW1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy8xNjA5MDUtMTI2Yi00N2RmLTk4OTktMTE5OWJiOTc5ZDVh
LzEvTEFlX08zTTZYRHB4MmNxTU5pYVVqZmNTY0ZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDmTNYMA0G
CSqGSIb3DQEBCwUAA4IBAQB+T9RlQfitXBTgqFk8BevtqSEWiVSw0gIvyol82YkK
yu1OB3Nt8Qg+c2qhxgWEUcGoVk77xQIHaqqG7nGyXhe9TNNH+vxacmSjkoYLrJvw
FE2Y+9VCoE1oWkjHS0EW9hnhpS94T12ir+SRLUirl3k+8CLdBJk3ypp26fYGKAGp
5bbSrBsTH4+E1cyeHpmO6FWo1rugO2cfTkpCG253uaPEclBYh94oS6yrjycpWCNo
skxA8YePAILLj2dCVw5CiyKNBSqsz807oF62LivfrmybEvbSb5KBPFxuIg8q0tXd
sIBEBlbC6GGR+o/ZRbcdxYzpy2hY2Y+5NZwda29khs3Q
-----END CERTIFICATE-----
Generated at Mon Mar 2 12:22:02 2026 by rpki-client