Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/1-RSJlKGsjmZzXnYT-eBNhZezUus.roa
File: 1-RSJlKGsjmZzXnYT-eBNhZezUus.roa (raw, json)
Hash identifier: bYKVh8phnQTJ3dNxZSpPjGxKcEd+bVYLxagPPfRjPfE=
Subject key identifier: F9:14:89:94:A1:AC:8E:66:73:5E:76:13:F9:E0:4D:85:97:B3:52:EB
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019E93E1D83568C927B0BB527852E0DAAA08
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/1-RSJlKGsjmZzXnYT-eBNhZezUus.roa
Signing time: Thu 04 Jun 2026 18:25:11 +0000
ROA not before: Thu 04 Jun 2026 18:25:11 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 36530
IP address blocks: 151.241.128.0/22 maxlen: 24
151.243.179.0/24 maxlen: 24
151.245.90.0/24 maxlen: 24
151.246.184.0/24 maxlen: 24
151.246.185.0/24 maxlen: 24
151.247.244.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 06 Jun 2026 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:93:e1:d8:35:68:c9:27:b0:bb:52:78:52:e0:da:aa:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Jun 4 18:25:11 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=f9148994a1ac8e66735e7613f9e04d8597b352eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:ee:da:2d:a3:b4:73:10:bc:48:73:30:b4:5a:
2b:d2:b2:27:37:c6:bd:a2:3a:66:41:16:cd:ec:dc:
f2:a4:1d:d4:5c:26:14:85:a7:21:35:13:9b:23:a2:
de:6f:5d:8c:af:0c:ac:27:37:54:44:46:3d:96:cc:
d2:c2:20:66:ad:5b:fc:43:c8:9c:f9:75:1b:3c:d7:
f4:ca:9b:c2:02:43:24:73:7f:0d:89:9e:12:62:48:
34:86:17:df:f8:27:b3:39:b3:00:ab:5b:e4:66:50:
40:49:39:fa:e0:a8:22:a8:f0:82:f2:87:21:8c:73:
28:27:b5:90:d7:28:0e:67:91:a0:f3:2f:63:a9:d8:
a8:f0:97:15:76:82:d8:6e:e7:5a:66:aa:6a:f3:e9:
a8:ed:ef:00:53:86:9e:92:07:de:f7:30:62:db:5c:
a3:87:ff:e2:87:50:4d:12:b5:82:d7:c9:7a:21:38:
39:c4:53:63:4e:a0:28:a8:6d:16:c3:09:6f:de:80:
bf:57:b0:74:5d:4f:65:73:00:b0:a7:10:35:c9:67:
5e:9a:c6:81:37:b3:3c:99:28:d6:9e:99:41:dd:2c:
9a:ef:61:f2:1d:1d:b6:eb:2f:b0:11:8e:19:44:88:
22:9d:6d:ff:c0:4a:21:86:6e:e8:61:3a:ef:ee:2b:
47:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:14:89:94:A1:AC:8E:66:73:5E:76:13:F9:E0:4D:85:97:B3:52:EB
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/1-RSJlKGsjmZzXnYT-eBNhZezUus.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.241.128.0/22
151.243.179.0/24
151.245.90.0/24
151.246.184.0/23
151.247.244.0/24
Signature Algorithm: sha256WithRSAEncryption
9f:7c:0c:26:61:54:a0:f6:84:f6:1a:1b:5b:33:41:44:c5:5a:
c2:f4:5b:80:bc:0f:19:62:cf:46:01:8d:36:5e:c3:65:c8:47:
22:cc:93:ed:d4:09:39:15:41:e4:00:6d:60:0e:4b:d5:9e:96:
45:4d:2a:07:e7:29:74:2c:e4:43:b2:26:c2:28:81:b7:91:90:
8b:59:99:2e:62:95:2a:94:17:36:fd:46:c8:c4:1b:13:20:ef:
40:a1:f1:62:9f:7b:99:ec:31:25:70:64:35:31:f7:55:6f:cd:
7e:66:8b:f3:5c:eb:66:a5:6c:87:68:af:8f:ad:eb:2b:43:a9:
38:b6:cf:41:c7:2a:7f:4e:a6:64:db:6f:1f:15:21:3e:4f:01:
3a:70:62:b7:2a:d1:ce:1a:a8:95:5e:0e:1c:73:3e:5e:f4:dd:
fd:9f:30:ac:9d:0c:0a:ac:23:97:0b:2a:84:f3:0c:e1:aa:42:
55:e0:59:33:90:7b:d2:cd:4d:9c:da:22:21:bb:39:ce:8f:61:
a3:21:b8:14:12:95:a0:90:e7:60:72:36:41:f2:0f:11:f4:bc:
09:ee:00:9a:84:cb:1b:51:fb:76:36:95:33:e5:42:36:81:1b:
24:8a:db:db:08:02:a3:53:67:a0:41:ce:e4:c3:d2:98:10:22:
32:95:fa:70
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ6T4dg1aMknsLtSeFLg2qoIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjYwNjA0MTgyNTExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTE0ODk5NGExYWM4ZTY2NzM1ZTc2MTNmOWUwNGQ4NTk3YjM1MmViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArO7aLaO0cxC8SHMwtFor0rInN8a9
ojpmQRbN7NzypB3UXCYUhachNRObI6Leb12MrwysJzdUREY9lszSwiBmrVv8Q8ic
+XUbPNf0ypvCAkMkc38NiZ4SYkg0hhff+CezObMAq1vkZlBASTn64KgiqPCC8och
jHMoJ7WQ1ygOZ5Gg8y9jqdio8JcVdoLYbudaZqpq8+mo7e8AU4aekgfe9zBi21yj
h//ih1BNErWC18l6ITg5xFNjTqAoqG0Wwwlv3oC/V7B0XU9lcwCwpxA1yWdemsaB
N7M8mSjWnplB3Sya72HyHR226y+wEY4ZRIginW3/wEohhm7oYTrv7itHYwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPkUiZShrI5mc152E/ngTYWXs1LrMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvMS1SU0psS0dzam1aelhuWVQtZUJOaFplelV1cy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOGUvZjQzYjFkLTllNTAtNDU1MS1hZTZhLTE3YjlkZTE0MTI1
Mi8xL3htSm05R2I3SkppamxGbXpOUzJpVVZHbHBNQS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA3BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHgMEApfxgAME
AJfzswMEAJf1WgMEAZf2uAMEAJf39DANBgkqhkiG9w0BAQsFAAOCAQEAn3wMJmFU
oPaE9hobWzNBRMVawvRbgLwPGWLPRgGNNl7DZchHIsyT7dQJORVB5ABtYA5L1Z6W
RU0qB+cpdCzkQ7ImwiiBt5GQi1mZLmKVKpQXNv1GyMQbEyDvQKHxYp97mewxJXBk
NTH3VW/NfmaL81zrZqVsh2ivj63rK0OpOLbPQccqf06mZNtvHxUhPk8BOnBityrR
zhqolV4OHHM+XvTd/Z8wrJ0MCqwjlwsqhPMM4apCVeBZM5B70s1NnNoiIbs5zo9h
oyG4FBKVoJDnYHI2QfIPEfS8Ce4AmoTLG1H7djaVM+VCNoEbJIrb2wgCo1NnoEHO
5MPSmBAiMpX6cA==
-----END CERTIFICATE-----
Generated at Sat Jun 6 05:40:01 2026 by rpki-client