Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/1-kgjx67MS2uWM9gx7hRqJfi3ihU.roa
File: 1-kgjx67MS2uWM9gx7hRqJfi3ihU.roa (raw, json)
Hash identifier: FQir+DcEsWyZBWEebSHKgRvajJSyhxa/raMxHVrgp2k=
Subject key identifier: FA:48:23:C7:AE:CC:4B:6B:96:33:D8:31:EE:14:6A:25:F8:B7:8A:15
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019E4ACF465FFE9CC1E05BF4C9A77065F37F
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/1-kgjx67MS2uWM9gx7hRqJfi3ihU.roa
Signing time: Thu 21 May 2026 13:52:38 +0000
ROA not before: Thu 21 May 2026 13:52:38 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 216224
IP address blocks: 151.247.163.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 03 Jun 2026 15:55:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:4a:cf:46:5f:fe:9c:c1:e0:5b:f4:c9:a7:70:65:f3:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: May 21 13:52:38 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=fa4823c7aecc4b6b9633d831ee146a25f8b78a15
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:60:ba:13:c7:02:8f:eb:df:f2:6d:77:df:f0:
a3:f0:cd:8a:1e:97:93:67:df:29:ce:a0:1a:91:58:
13:06:00:b1:82:a6:da:21:0f:77:3b:a2:fe:2e:f5:
b6:34:cb:c7:53:49:47:55:e8:4a:04:e8:fd:28:63:
cb:46:bb:1e:0d:62:16:4f:78:93:98:53:25:dc:6b:
37:83:e1:a3:18:45:44:c8:30:1e:3f:de:5f:0b:07:
5f:55:fd:ba:da:37:76:e9:8a:ee:7c:78:61:40:b1:
5e:44:58:84:4d:68:31:0b:92:18:5b:40:51:a5:74:
01:c8:2b:36:b3:3e:a7:b3:c1:dc:80:59:e5:5c:be:
ff:7e:42:1a:56:d8:99:2c:ee:f7:e4:b9:96:9c:71:
8a:1e:c5:3d:82:2c:71:f9:cc:ce:d0:e6:ec:43:39:
0e:14:96:74:44:9d:39:d1:ee:94:d5:52:56:3b:b9:
fe:4f:b0:6b:90:7e:a7:dd:28:22:4b:86:e9:fe:38:
8d:1f:22:f3:40:9a:74:bd:fb:95:7e:f2:f0:fe:0e:
51:80:3d:d9:68:ee:4b:93:4a:b7:22:90:84:11:63:
ea:74:2d:08:28:6f:27:94:82:3d:d6:a0:2d:40:a5:
0d:e4:50:f5:7d:49:21:be:37:d8:75:53:a7:cc:84:
43:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:48:23:C7:AE:CC:4B:6B:96:33:D8:31:EE:14:6A:25:F8:B7:8A:15
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/1-kgjx67MS2uWM9gx7hRqJfi3ihU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.247.163.0/24
Signature Algorithm: sha256WithRSAEncryption
b3:f4:fd:d7:cb:fb:ed:ab:5c:e0:18:fa:89:82:42:05:89:a5:
28:33:a7:84:9d:bf:7b:0d:dd:86:ae:85:08:7b:49:73:50:c9:
a6:6e:6f:40:4f:df:12:5b:fe:cb:af:1b:8d:e5:20:d7:d8:a9:
9f:f1:a2:f1:18:6f:02:be:57:62:b4:87:60:e5:72:18:83:37:
0a:9f:15:3b:59:41:7f:ea:8d:5a:79:da:4c:89:63:c7:e9:2f:
e1:a7:e5:ca:65:4c:ff:c9:5f:d5:fe:40:28:da:47:97:95:7c:
2d:54:7f:18:fb:d1:de:a3:ba:75:43:bf:9c:48:05:6e:00:4b:
ea:2f:36:fc:41:c5:36:7e:b7:2a:1f:9c:28:37:b4:68:b6:f5:
41:c6:11:64:a7:c0:58:93:88:02:99:63:cd:de:ca:0b:87:14:
2c:bd:e9:bd:b1:61:20:6f:a6:95:07:d9:8f:4a:06:45:25:b1:
45:aa:eb:81:e3:2a:64:05:97:ed:39:bb:e5:e3:1f:c3:23:03:
a7:67:71:1b:07:9d:83:eb:46:20:71:2f:85:43:9d:91:65:1d:
03:d2:46:0b:b4:18:34:94:8f:42:ee:28:d5:9b:87:ad:09:5f:
5f:e7:05:e2:9a:e8:27:f3:9b:70:ea:37:ad:14:c6:ed:56:ed:
e8:8e:ff:01
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZ5Kz0Zf/pzB4Fv0yadwZfN/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjYwNTIxMTM1MjM4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTQ4MjNjN2FlY2M0YjZiOTYzM2Q4MzFlZTE0NmEyNWY4Yjc4YTE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsWC6E8cCj+vf8m133/Cj8M2KHpeT
Z98pzqAakVgTBgCxgqbaIQ93O6L+LvW2NMvHU0lHVehKBOj9KGPLRrseDWIWT3iT
mFMl3Gs3g+GjGEVEyDAeP95fCwdfVf262jd26YrufHhhQLFeRFiETWgxC5IYW0BR
pXQByCs2sz6ns8HcgFnlXL7/fkIaVtiZLO735LmWnHGKHsU9gixx+czO0ObsQzkO
FJZ0RJ050e6U1VJWO7n+T7BrkH6n3SgiS4bp/jiNHyLzQJp0vfuVfvLw/g5RgD3Z
aO5Lk0q3IpCEEWPqdC0IKG8nlII91qAtQKUN5FD1fUkhvjfYdVOnzIRDfwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPpII8euzEtrljPYMe4UaiX4t4oVMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvMS1rZ2p4NjdNUzJ1V005Z3g3aFJxSmZpM2loVS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOGUvZjQzYjFkLTllNTAtNDU1MS1hZTZhLTE3YjlkZTE0MTI1
Mi8xL3htSm05R2I3SkppamxGbXpOUzJpVVZHbHBNQS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAJf3ozAN
BgkqhkiG9w0BAQsFAAOCAQEAs/T918v77atc4Bj6iYJCBYmlKDOnhJ2/ew3dhq6F
CHtJc1DJpm5vQE/fElv+y68bjeUg19ipn/Gi8RhvAr5XYrSHYOVyGIM3Cp8VO1lB
f+qNWnnaTIljx+kv4aflymVM/8lf1f5AKNpHl5V8LVR/GPvR3qO6dUO/nEgFbgBL
6i82/EHFNn63Kh+cKDe0aLb1QcYRZKfAWJOIApljzd7KC4cULL3pvbFhIG+mlQfZ
j0oGRSWxRarrgeMqZAWX7Tm75eMfwyMDp2dxGwedg+tGIHEvhUOdkWUdA9JGC7QY
NJSPQu4o1ZuHrQlfX+cF4proJ/ObcOo3rRTG7Vbt6I7/AQ==
-----END CERTIFICATE-----
Generated at Tue Jun 2 21:24:57 2026 by rpki-client