Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/5fxMpH1i_PUT75r9GteQkallBjM.roa
File: 5fxMpH1i_PUT75r9GteQkallBjM.roa (raw, json)
Hash identifier: wCyzNX8RWQZAbOH8Q92WeCuDyvkcdo92tkrccP0pOG0=
Subject key identifier: E5:FC:4C:A4:7D:62:FC:F5:13:EF:9A:FD:1A:D7:90:91:A9:65:06:33
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019CB7AC5548CFAECA79B3975172EBDA9CF0
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/5fxMpH1i_PUT75r9GteQkallBjM.roa
Signing time: Wed 04 Mar 2026 07:07:30 +0000
ROA not before: Wed 04 Mar 2026 07:07:30 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 214025
IP address blocks: 151.244.59.0/24 maxlen: 24
151.244.90.0/24 maxlen: 24
151.244.97.0/24 maxlen: 24
151.244.105.0/24 maxlen: 24
151.244.110.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 05 Mar 2026 07:18:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:b7:ac:55:48:cf:ae:ca:79:b3:97:51:72:eb:da:9c:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Mar 4 07:07:30 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=e5fc4ca47d62fcf513ef9afd1ad79091a9650633
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:8b:80:56:44:44:0f:36:8d:73:34:e7:75:a8:
38:be:c1:1a:ac:1d:70:48:7e:d8:bb:21:da:5e:c1:
78:67:6c:99:30:6a:71:64:1b:6b:07:01:5e:92:71:
82:d1:3d:9b:45:59:63:31:7d:7f:d8:18:46:33:32:
27:29:1c:57:d2:7b:ac:e1:b5:01:79:b4:70:86:9f:
de:4d:28:1b:23:67:05:19:51:da:53:5c:b6:06:f5:
30:a6:09:6b:5d:84:be:a4:8d:14:ae:a8:3d:aa:c1:
9b:8a:ac:ad:d3:d5:bf:cb:04:f6:de:2f:70:4f:d5:
07:f0:ab:7a:aa:5e:b8:30:22:e7:7a:c5:aa:11:88:
db:69:05:97:11:b9:5f:14:cd:fe:31:14:ea:f4:c4:
f1:18:ac:d5:6c:c1:d9:85:a0:27:6b:25:62:5a:41:
9f:b3:34:95:18:77:66:15:62:8f:00:00:3f:65:99:
1c:03:37:9d:7c:fb:72:11:4b:ef:d6:0c:72:da:13:
fd:2a:7d:d2:9a:1d:e8:37:35:15:ed:1e:ab:b7:80:
c4:8e:c5:78:4b:5a:94:44:f5:a2:cc:5b:01:57:9e:
60:da:1d:f3:90:6f:fc:57:03:fe:40:23:54:b8:83:
32:5d:a4:f2:ff:99:51:40:a0:82:80:9b:1a:48:9f:
68:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:FC:4C:A4:7D:62:FC:F5:13:EF:9A:FD:1A:D7:90:91:A9:65:06:33
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/5fxMpH1i_PUT75r9GteQkallBjM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.244.59.0/24
151.244.90.0/24
151.244.97.0/24
151.244.105.0/24
151.244.110.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:b0:dd:fb:f0:8c:6f:5b:41:18:55:f6:5d:21:13:df:37:ca:
25:56:a6:77:43:89:ac:42:c7:ee:d3:b3:ef:cc:4c:bd:fd:7e:
4a:5d:59:54:f7:76:d1:9c:81:f6:0f:f4:0c:4c:13:35:04:a9:
0b:2a:97:21:9f:06:78:9e:ae:16:36:50:07:e0:c4:14:fe:40:
01:12:bc:66:18:4a:3c:3f:2b:e5:f8:7c:d0:ba:7d:5a:0a:a5:
b3:08:31:8d:b2:07:50:60:d7:80:db:95:72:fc:5e:92:47:79:
bb:1b:b3:8a:25:45:7a:6a:82:74:d2:c2:95:8a:6c:f2:00:1b:
f8:b4:29:ed:6d:4f:09:01:83:b9:89:b0:70:10:d7:8b:2a:ee:
74:86:4b:30:ed:4f:d0:ce:d2:0a:67:ef:cf:14:dd:91:f7:4d:
b1:37:56:92:33:75:66:7b:c6:8d:e6:ef:22:7f:b2:fd:ee:70:
87:b6:14:1b:4a:ec:4a:18:32:f0:c2:a3:2e:50:5e:13:97:99:
ac:27:ec:41:2d:25:5f:d3:df:4f:83:3e:4a:66:25:85:ea:9e:
db:38:e3:7a:61:29:53:15:5b:f5:d9:ec:5c:7a:e4:2f:bc:4b:
ac:ee:3e:82:6c:76:da:dc:bd:78:c4:49:52:2e:52:40:44:b7:
38:0e:ab:8f
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZy3rFVIz67KebOXUXLr2pzwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjYwMzA0MDcwNzMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNWZjNGNhNDdkNjJmY2Y1MTNlZjlhZmQxYWQ3OTA5MWE5NjUwNjMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA04uAVkREDzaNczTndag4vsEarB1w
SH7YuyHaXsF4Z2yZMGpxZBtrBwFeknGC0T2bRVljMX1/2BhGMzInKRxX0nus4bUB
ebRwhp/eTSgbI2cFGVHaU1y2BvUwpglrXYS+pI0Urqg9qsGbiqyt09W/ywT23i9w
T9UH8Kt6ql64MCLnesWqEYjbaQWXEblfFM3+MRTq9MTxGKzVbMHZhaAnayViWkGf
szSVGHdmFWKPAAA/ZZkcAzedfPtyEUvv1gxy2hP9Kn3Smh3oNzUV7R6rt4DEjsV4
S1qURPWizFsBV55g2h3zkG/8VwP+QCNUuIMyXaTy/5lRQKCCgJsaSJ9oGwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFOX8TKR9Yvz1E++a/RrXkJGpZQYzMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvNWZ4TXBIMWlfUFVUNzVyOUd0ZVFrYWxsQmpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAl/Q7AwQA
l/RaAwQAl/RhAwQAl/RpAwQAl/RuMA0GCSqGSIb3DQEBCwUAA4IBAQA9sN378Ixv
W0EYVfZdIRPfN8olVqZ3Q4msQsfu07PvzEy9/X5KXVlU93bRnIH2D/QMTBM1BKkL
KpchnwZ4nq4WNlAH4MQU/kABErxmGEo8Pyvl+HzQun1aCqWzCDGNsgdQYNeA25Vy
/F6SR3m7G7OKJUV6aoJ00sKVimzyABv4tCntbU8JAYO5ibBwENeLKu50hksw7U/Q
ztIKZ+/PFN2R902xN1aSM3Vme8aN5u8if7L97nCHthQbSuxKGDLwwqMuUF4Tl5ms
J+xBLSVf099Pgz5KZiWF6p7bOON6YSlTFVv12exceuQvvEus7j6CbHba3L14xElS
LlJARLc4DquP
-----END CERTIFICATE-----
Generated at Wed Mar 4 16:03:46 2026 by rpki-client