Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/71V8PHI-5plUUD78eFlus00Vo-U.roa
File: 71V8PHI-5plUUD78eFlus00Vo-U.roa (raw, json)
Hash identifier: XoDy+wPzdRK4Klfz+sVi5SlYOEUX59YwALCElU06FVw=
Subject key identifier: EF:55:7C:3C:72:3E:E6:99:54:50:3E:FC:78:59:6E:B3:4D:15:A3:E5
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019E8E5A6D58BFA1E30B31DEB7147CF6A668
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/71V8PHI-5plUUD78eFlus00Vo-U.roa
Signing time: Wed 03 Jun 2026 16:39:11 +0000
ROA not before: Wed 03 Jun 2026 16:39:11 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 30058
IP address blocks: 151.244.0.0/24 maxlen: 24
151.244.172.0/24 maxlen: 24
151.246.149.0/24 maxlen: 24
151.246.150.0/24 maxlen: 24
151.246.154.0/24 maxlen: 24
151.246.170.0/24 maxlen: 24
151.246.194.0/24 maxlen: 24
151.247.243.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 06 Jun 2026 17:49:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:8e:5a:6d:58:bf:a1:e3:0b:31:de:b7:14:7c:f6:a6:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Jun 3 16:39:11 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=ef557c3c723ee69954503efc78596eb34d15a3e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:80:cf:11:f3:ed:66:88:2b:69:6d:04:4d:01:
c6:eb:5f:bc:16:84:23:bb:d3:03:18:56:21:9b:4e:
02:cc:aa:fc:6d:c3:c9:f4:af:da:cd:a8:76:c3:bf:
c2:09:89:05:41:9d:b9:39:00:c9:16:f6:31:49:13:
91:2e:ba:a1:42:03:4d:44:83:7f:f9:1f:fc:c9:cb:
89:e2:69:3e:42:c5:d1:a2:fc:f3:d5:29:86:1b:60:
27:bb:0e:d2:fa:a9:16:1c:01:a8:82:52:14:f9:a3:
51:2a:8e:39:e6:39:2c:e4:44:2a:96:f8:14:f9:7d:
be:4a:9f:a1:f3:ce:b6:45:e8:0e:5e:3e:9c:a7:f6:
43:a6:fd:87:b5:e7:47:bc:aa:97:d2:cc:6b:c0:4f:
08:e2:c2:b6:ae:9c:8a:ea:d4:86:5b:e7:fc:a7:8e:
6f:43:cf:1c:15:09:a2:f4:f0:cf:8c:89:27:41:4a:
c5:ec:a2:68:e9:50:4f:a5:5e:c0:b9:b6:d9:13:ff:
25:86:4a:15:c1:ad:c4:cc:7b:d3:fc:55:19:49:2d:
b1:84:e1:4e:24:dc:26:3a:20:5d:e6:92:ad:d2:8e:
02:bf:b8:eb:d6:13:2d:75:b7:ec:f4:7f:06:f1:2b:
f3:d3:73:02:1e:c6:0e:2f:b8:05:86:d0:1b:6d:12:
2a:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:55:7C:3C:72:3E:E6:99:54:50:3E:FC:78:59:6E:B3:4D:15:A3:E5
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/71V8PHI-5plUUD78eFlus00Vo-U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.244.0.0/24
151.244.172.0/24
151.246.149.0-151.246.150.255
151.246.154.0/24
151.246.170.0/24
151.246.194.0/24
151.247.243.0/24
Signature Algorithm: sha256WithRSAEncryption
a9:c6:17:a4:79:5e:11:d3:ca:dc:7f:be:0f:b3:83:06:98:da:
8d:0e:ce:d4:95:66:04:31:77:f6:63:f8:c9:8e:a9:3c:b5:63:
06:89:e3:c6:0f:de:dd:52:c6:1c:4d:0c:a0:3b:5a:d8:67:a9:
90:fa:71:23:97:97:cb:51:df:93:a7:34:e9:c4:b0:41:1b:60:
e2:3d:c6:38:2f:dd:6f:c6:31:09:20:10:5d:a8:23:b7:58:74:
5a:c1:4f:ab:12:a5:74:b3:6a:01:3b:20:2f:3f:23:fe:1e:9b:
46:8d:24:1e:e4:68:c8:d3:87:3a:44:fa:65:80:c0:57:d0:88:
d2:b3:06:8f:c3:c8:f7:bd:af:02:b7:10:23:9b:f6:50:e1:db:
86:bb:40:4f:48:42:0c:25:c4:bf:77:60:8e:ef:26:ed:6b:ba:
91:fc:46:dc:74:ae:12:10:61:bb:8e:cf:af:55:3f:b6:aa:95:
33:de:72:90:b0:fc:20:16:56:ab:3b:35:99:f1:57:7b:1a:1a:
39:7c:8a:9b:13:a9:85:09:ed:61:cd:e2:42:0f:33:22:f3:03:
2e:a9:46:57:fa:9d:f9:ab:47:44:5c:07:fd:24:3d:15:5e:8a:
9b:e0:51:87:b0:ad:95:52:09:72:0f:37:54:e1:ef:70:17:5c:
be:d4:4e:00
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAZ6OWm1Yv6HjCzHetxR89qZoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjYwNjAzMTYzOTExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZjU1N2MzYzcyM2VlNjk5NTQ1MDNlZmM3ODU5NmViMzRkMTVhM2U1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuIDPEfPtZograW0ETQHG61+8FoQj
u9MDGFYhm04CzKr8bcPJ9K/azah2w7/CCYkFQZ25OQDJFvYxSRORLrqhQgNNRIN/
+R/8ycuJ4mk+QsXRovzz1SmGG2Anuw7S+qkWHAGoglIU+aNRKo455jks5EQqlvgU
+X2+Sp+h8862RegOXj6cp/ZDpv2HtedHvKqX0sxrwE8I4sK2rpyK6tSGW+f8p45v
Q88cFQmi9PDPjIknQUrF7KJo6VBPpV7AubbZE/8lhkoVwa3EzHvT/FUZSS2xhOFO
JNwmOiBd5pKt0o4Cv7jr1hMtdbfs9H8G8Svz03MCHsYOL7gFhtAbbRIqwQIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFO9VfDxyPuaZVFA+/HhZbrNNFaPlMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvNzFWOFBISS01cGxVVUQ3OGVGbHVzMDBWby1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQAl/QAAwQA
l/SsMAwDBACX9pUDBACX9pYDBACX9poDBACX9qoDBACX9sIDBACX9/MwDQYJKoZI
hvcNAQELBQADggEBAKnGF6R5XhHTytx/vg+zgwaY2o0OztSVZgQxd/Zj+MmOqTy1
YwaJ48YP3t1SxhxNDKA7WthnqZD6cSOXl8tR35OnNOnEsEEbYOI9xjgv3W/GMQkg
EF2oI7dYdFrBT6sSpXSzagE7IC8/I/4em0aNJB7kaMjThzpE+mWAwFfQiNKzBo/D
yPe9rwK3ECOb9lDh24a7QE9IQgwlxL93YI7vJu1rupH8Rtx0rhIQYbuOz69VP7aq
lTPecpCw/CAWVqs7NZnxV3saGjl8ipsTqYUJ7WHN4kIPMyLzAy6pRlf6nfmrR0Rc
B/0kPRVeipvgUYewrZVSCXIPN1Th73AXXL7UTgA=
-----END CERTIFICATE-----
Generated at Fri Jun 5 23:33:13 2026 by rpki-client