Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/3sLaZUwT80iYemDvrCH7TCBh73E.roa
File: 3sLaZUwT80iYemDvrCH7TCBh73E.roa (raw, json)
Hash identifier: c7on7t7RhCb2ClKTmwbIe1LIVqk0E2RJz8uQiSlv6GY=
Subject key identifier: DE:C2:DA:65:4C:13:F3:48:98:7A:60:EF:AC:21:FB:4C:20:61:EF:71
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019E73B26B52411998866BED0D05444F793A
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/3sLaZUwT80iYemDvrCH7TCBh73E.roa
Signing time: Fri 29 May 2026 12:25:33 +0000
ROA not before: Fri 29 May 2026 12:25:33 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 198475
IP address blocks: 151.246.164.0/24 maxlen: 24
151.246.176.0/24 maxlen: 24
151.246.252.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 03 Jun 2026 15:55:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:73:b2:6b:52:41:19:98:86:6b:ed:0d:05:44:4f:79:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: May 29 12:25:33 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=dec2da654c13f348987a60efac21fb4c2061ef71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:f1:fb:38:23:70:5a:b6:eb:ef:34:e5:7f:4c:
ed:1c:42:a2:7f:17:bc:bd:40:7e:a8:a6:17:09:b2:
ab:9b:2e:35:75:c1:35:4d:66:10:ae:72:c9:36:42:
9e:f8:9a:7b:d9:69:12:57:ce:b1:94:49:68:8a:9c:
44:22:40:95:b8:c3:86:2f:55:82:1c:b5:56:08:6e:
af:65:5e:f8:e9:65:cf:d1:71:18:37:fb:fd:d0:8f:
32:b3:14:63:88:9f:e6:57:ef:ce:2c:e6:81:ce:6c:
25:ae:09:0d:d1:2f:13:c0:35:8b:fa:0f:ab:1f:7c:
52:28:7c:ad:1c:a5:9c:02:14:42:c7:2e:6f:2e:d3:
ea:36:36:95:89:3e:56:25:1c:c4:ec:aa:9a:e8:8e:
02:66:03:05:ce:3a:f2:0c:fc:7b:51:d2:4b:8f:12:
7a:6b:d6:3e:00:94:54:ac:20:39:d7:7b:c1:07:6a:
fa:36:f9:aa:db:aa:98:82:ec:3f:6d:1c:8b:6b:32:
2b:d9:49:64:2d:ad:38:05:e8:63:93:38:fc:af:9a:
e7:9c:7f:40:c0:69:1c:cd:5f:2b:d9:e9:b0:b2:80:
2e:d0:6c:c7:14:7f:e9:59:74:02:65:ab:c6:21:33:
da:9b:8f:08:8d:87:1b:27:20:98:c6:bc:a2:fe:56:
62:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:C2:DA:65:4C:13:F3:48:98:7A:60:EF:AC:21:FB:4C:20:61:EF:71
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/3sLaZUwT80iYemDvrCH7TCBh73E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.246.164.0/24
151.246.176.0/24
151.246.252.0/24
Signature Algorithm: sha256WithRSAEncryption
12:5d:24:63:e9:f1:7c:fc:cf:78:06:4f:36:54:26:07:28:3f:
22:a5:dd:4e:e0:6b:c1:4b:4a:2e:07:9f:62:bf:8d:fe:28:55:
ca:07:09:fe:ac:fb:ae:68:da:b4:27:50:dd:a4:a7:73:68:ff:
59:77:ed:49:ac:d3:9d:bf:5e:34:00:4c:fb:f6:e2:0f:83:1d:
83:37:2f:78:b1:a7:60:8d:cf:1e:72:55:1a:0c:24:86:e2:87:
3b:9d:cd:5b:07:cd:3d:3a:8d:67:97:e6:b5:02:99:32:7c:aa:
f9:18:00:dc:a5:0e:51:fc:9e:49:71:f8:43:bf:ec:0d:65:7c:
9c:53:d9:2f:62:6d:6a:6f:80:63:b8:ea:fb:85:0f:16:62:0d:
e9:a0:42:c9:90:99:4e:cf:d4:6e:fb:36:df:01:18:97:e3:0f:
e6:6d:3d:fa:c1:92:ad:10:eb:83:ab:ce:e7:c6:d0:52:c7:94:
cc:6f:61:af:ef:99:2b:52:5d:8d:31:e1:24:42:40:8b:1d:13:
af:95:67:00:23:8e:6e:1d:9c:f3:ed:55:81:a9:88:b1:6a:d4:
89:68:88:7c:39:ed:08:ca:27:1b:2c:bd:ad:52:2a:87:64:19:
77:06:f9:06:5c:90:5a:f8:1d:3b:1c:c9:ba:85:54:c2:41:a7:
27:7c:e0:2f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZ5zsmtSQRmYhmvtDQVET3k6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjYwNTI5MTIyNTMzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZWMyZGE2NTRjMTNmMzQ4OTg3YTYwZWZhYzIxZmI0YzIwNjFlZjcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlfH7OCNwWrbr7zTlf0ztHEKifxe8
vUB+qKYXCbKrmy41dcE1TWYQrnLJNkKe+Jp72WkSV86xlEloipxEIkCVuMOGL1WC
HLVWCG6vZV746WXP0XEYN/v90I8ysxRjiJ/mV+/OLOaBzmwlrgkN0S8TwDWL+g+r
H3xSKHytHKWcAhRCxy5vLtPqNjaViT5WJRzE7Kqa6I4CZgMFzjryDPx7UdJLjxJ6
a9Y+AJRUrCA513vBB2r6Nvmq26qYguw/bRyLazIr2UlkLa04Behjkzj8r5rnnH9A
wGkczV8r2emwsoAu0GzHFH/pWXQCZavGITPam48IjYcbJyCYxryi/lZi7wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFN7C2mVME/NImHpg76wh+0wgYe9xMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvM3NMYVpVd1Q4MGlZZW1EdnJDSDdUQ0JoNzNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAl/akAwQA
l/awAwQAl/b8MA0GCSqGSIb3DQEBCwUAA4IBAQASXSRj6fF8/M94Bk82VCYHKD8i
pd1O4GvBS0ouB59iv43+KFXKBwn+rPuuaNq0J1DdpKdzaP9Zd+1JrNOdv140AEz7
9uIPgx2DNy94sadgjc8eclUaDCSG4oc7nc1bB809Oo1nl+a1ApkyfKr5GADcpQ5R
/J5JcfhDv+wNZXycU9kvYm1qb4BjuOr7hQ8WYg3poELJkJlOz9Ru+zbfARiX4w/m
bT36wZKtEOuDq87nxtBSx5TMb2Gv75krUl2NMeEkQkCLHROvlWcAI45uHZzz7VWB
qYixatSJaIh8Oe0IyicbLL2tUiqHZBl3BvkGXJBa+B07HMm6hVTCQacnfOAv
-----END CERTIFICATE-----
Generated at Tue Jun 2 21:24:49 2026 by rpki-client