Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS151389.roa
File: AS151389.roa (raw, json)
Hash identifier: RvMTqN8cj96wsOI0a49JtNWeUxSUtdH7NyB4KmugLbA=
Subject key identifier: 06:B1:1C:DE:C9:DF:76:0E:DE:1E:7B:B4:10:B7:78:73:C7:5D:B0:86
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 0F459A7D84308B5CAC7A0337A25D6D6E4540973D
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS151389.roa
Signing time: Fri 03 Apr 2026 13:04:41 +0000
ROA not before: Fri 03 Apr 2026 12:59:41 +0000
ROA not after: Fri 02 Apr 2027 13:04:41 +0000
asID: 151389
IP address blocks: 84.75.157.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.mft
rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 06 Apr 2026 13:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0f:45:9a:7d:84:30:8b:5c:ac:7a:03:37:a2:5d:6d:6e:45:40:97:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Apr 3 12:59:41 2026 GMT
Not After : Apr 2 13:04:41 2027 GMT
Subject: CN=06B11CDEC9DF760EDE1E7BB410B77873C75DB086
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:32:c4:9f:0b:77:a8:df:96:c4:cc:c1:a0:11:
5c:7d:26:e6:12:31:75:62:7b:7a:a6:76:46:3a:ce:
8c:ac:cc:c2:f3:35:fa:5c:02:c2:f2:8c:ec:c3:5a:
e9:88:78:2f:1d:9c:1e:2f:af:5c:09:03:32:c2:71:
76:12:a8:c6:0e:84:e0:ab:33:40:65:87:39:dd:57:
b0:de:3c:80:a8:31:77:27:b9:ba:ab:2a:30:97:4e:
6f:4d:bf:39:ee:8f:ca:3a:bc:2c:4e:57:e1:5e:89:
32:90:7f:5e:9c:34:7b:97:d9:03:e6:9a:7a:cd:a1:
e9:bf:1c:9e:b6:f7:92:cb:c5:42:96:1c:50:ea:af:
ac:2d:a6:6f:b0:59:67:1e:0d:30:f7:c7:0b:ec:8e:
fe:c6:06:2a:31:fa:a2:78:ea:50:64:7b:0a:81:e3:
7a:c7:57:38:6e:d2:d8:f7:48:e9:87:45:b1:12:41:
6b:f2:4a:29:82:7c:8a:72:d8:42:f1:e6:ec:c4:7a:
20:15:8a:23:05:42:59:be:80:7a:3a:53:d5:ea:25:
82:4f:0b:2b:04:26:34:d7:7d:6b:9d:29:2e:6a:3e:
e8:0a:f9:9d:99:6b:2b:ff:c1:86:c5:60:dc:f8:dd:
ec:ba:8b:3e:2c:b7:99:5d:ba:9b:d5:97:6a:95:7f:
0c:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:B1:1C:DE:C9:DF:76:0E:DE:1E:7B:B4:10:B7:78:73:C7:5D:B0:86
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS151389.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.75.157.0/24
Signature Algorithm: sha256WithRSAEncryption
9e:b9:d1:ab:30:1d:48:80:9e:00:1e:38:cf:2e:6c:2d:46:22:
6b:07:e9:41:e7:eb:3e:dd:ab:ab:8a:61:bb:0a:95:b2:de:67:
d9:57:08:d4:60:98:dc:43:e2:05:84:d9:5d:7c:09:dd:41:36:
5e:0c:1c:9c:25:37:da:a5:f6:07:81:04:55:db:1c:90:eb:f4:
e4:71:53:72:21:52:bb:3a:7a:73:2f:85:f1:75:dc:9b:06:d5:
8f:49:6e:e2:c5:d3:19:2f:3f:a3:0f:2d:98:47:74:64:ea:66:
1d:fc:0b:1a:f7:f3:b2:ef:32:ca:2d:2c:f7:33:0b:4a:e0:e2:
bd:03:d8:04:a4:e2:4e:da:3a:17:5e:f7:b9:2c:f5:58:31:43:
7d:43:02:3b:01:85:c4:14:59:81:77:0c:dd:93:f8:66:87:f9:
43:cd:e8:28:84:dd:ad:38:17:f5:62:54:07:3e:86:77:27:44:
11:b2:28:0e:c0:fe:bf:0c:11:e6:23:9a:ef:08:f7:70:68:a1:
a1:17:fa:b9:c0:33:6c:d6:ea:1c:0c:b7:86:bd:42:75:92:1f:
00:e8:80:4e:62:43:d4:96:69:0d:08:c1:08:64:77:fd:22:e3:
79:da:d3:e7:78:33:8f:9a:14:1a:9b:eb:d0:16:ca:7a:b0:2a:
c0:ba:91:4d
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIUD0WafYQwi1ysegM3ol1tbkVAlz0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNjA0MDMxMjU5NDFaFw0yNzA0MDIxMzA0NDFaMDMxMTAvBgNV
BAMTKDA2QjExQ0RFQzlERjc2MEVERTFFN0JCNDEwQjc3ODczQzc1REIwODYwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0MsSfC3eo35bEzMGgEVx9JuYS
MXVie3qmdkY6zoyszMLzNfpcAsLyjOzDWumIeC8dnB4vr1wJAzLCcXYSqMYOhOCr
M0BlhzndV7DePICoMXcnubqrKjCXTm9Nvznuj8o6vCxOV+FeiTKQf16cNHuX2QPm
mnrNoem/HJ6295LLxUKWHFDqr6wtpm+wWWceDTD3xwvsjv7GBiox+qJ46lBkewqB
43rHVzhu0tj3SOmHRbESQWvySimCfIpy2ELx5uzEeiAViiMFQlm+gHo6U9XqJYJP
CysEJjTXfWudKS5qPugK+Z2Zayv/wYbFYNz43ey6iz4st5ldupvVl2qVfwy9AgMB
AAGjggIKMIICBjAdBgNVHQ4EFgQUBrEc3snfdg7eHnu0ELd4c8ddsIYwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwewYIKwYBBQUHAQsEbzBtMGsGCCsGAQUFBzALhl9yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMTUxMzg5LnJvYTAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVEud
MA0GCSqGSIb3DQEBCwUAA4IBAQCeudGrMB1IgJ4AHjjPLmwtRiJrB+lB5+s+3aur
imG7CpWy3mfZVwjUYJjcQ+IFhNldfAndQTZeDBycJTfapfYHgQRV2xyQ6/TkcVNy
IVK7OnpzL4XxddybBtWPSW7ixdMZLz+jDy2YR3Rk6mYd/Asa9/Oy7zLKLSz3MwtK
4OK9A9gEpOJO2joXXve5LPVYMUN9QwI7AYXEFFmBdwzdk/hmh/lDzegohN2tOBf1
YlQHPoZ3J0QRsigOwP6/DBHmI5rvCPdwaKGhF/q5wDNs1uocDLeGvUJ1kh8A6IBO
YkPUlmkNCMEIZHf9IuN52tPneDOPmhQam+vQFsp6sCrAupFN
-----END CERTIFICATE-----
Generated at Sun Apr 5 23:46:56 2026 by rpki-client