Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/AXysTxlRtb3277FTdXUf0kFTyFg.roa
File: AXysTxlRtb3277FTdXUf0kFTyFg.roa (raw, json)
Hash identifier: PfjXPZrPhvFUoX3kxVGI44jzf64YR9dXWVm2Fplyytg=
Subject key identifier: 01:7C:AC:4F:19:51:B5:BD:F6:EF:B1:53:75:75:1F:D2:41:53:C8:58
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019D0B3BA4AB5B3DF083175F87B636336A59
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/AXysTxlRtb3277FTdXUf0kFTyFg.roa
Signing time: Fri 20 Mar 2026 12:32:31 +0000
ROA not before: Fri 20 Mar 2026 12:32:31 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 201907
IP address blocks: 151.247.41.0/24 maxlen: 24
151.247.44.0/24 maxlen: 24
151.247.45.0/24 maxlen: 24
151.247.47.0/24 maxlen: 24
151.247.48.0/24 maxlen: 24
151.247.91.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 22 Mar 2026 11:15:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:0b:3b:a4:ab:5b:3d:f0:83:17:5f:87:b6:36:33:6a:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Mar 20 12:32:31 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=017cac4f1951b5bdf6efb15375751fd24153c858
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:d3:b7:96:a5:97:36:34:e5:bb:47:3b:67:b1:
0d:41:bb:23:18:41:b8:b2:08:1e:4b:4d:a9:d6:85:
91:7b:46:02:4d:e8:d6:6c:f8:e7:e2:e7:cd:51:ec:
e1:57:75:12:28:d3:a9:dd:78:aa:bc:9e:7b:1e:b1:
25:8e:c1:be:87:e5:d8:5c:d3:88:97:3d:41:65:f7:
3b:8b:33:5e:9c:8c:6f:54:7a:ac:bf:08:2b:b2:72:
e8:de:05:b1:54:ab:50:a1:25:9e:fe:bc:84:91:a7:
e1:53:12:14:9a:3e:4d:39:52:0a:a0:69:2b:9a:7e:
96:68:06:b5:33:dd:ba:33:3f:a5:dc:af:bf:28:37:
ca:9d:02:bf:43:b3:35:4e:c5:28:a4:fc:0a:2a:8d:
19:90:33:1c:70:95:6c:e4:06:58:0e:94:20:24:75:
ee:9d:41:0b:d4:27:f2:bb:80:21:93:de:32:ab:26:
4f:2a:b2:0e:7c:42:83:94:3c:ce:c0:4d:1f:23:75:
53:dc:50:3d:43:ed:0d:a5:83:32:40:39:cb:bc:3f:
51:da:11:f1:a5:42:cb:72:49:5f:ca:af:78:90:82:
b6:bc:5b:21:e8:44:f5:2d:28:56:6c:73:d6:58:1a:
cd:a2:e2:a3:d4:b7:70:1b:20:17:bc:c4:16:81:91:
15:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:7C:AC:4F:19:51:B5:BD:F6:EF:B1:53:75:75:1F:D2:41:53:C8:58
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/AXysTxlRtb3277FTdXUf0kFTyFg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.247.41.0/24
151.247.44.0/23
151.247.47.0-151.247.48.255
151.247.91.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:58:61:94:7f:46:6f:bf:ee:a2:8d:13:7c:d6:f0:c7:52:60:
eb:fe:64:a6:a9:17:33:55:4b:1c:84:20:7f:6f:2c:16:ca:01:
65:0a:0a:f2:9d:25:0c:bc:94:b8:7a:26:b0:51:51:de:c6:b6:
af:7b:4a:0b:a0:34:28:4a:37:d4:89:ec:c7:98:79:e0:cd:b5:
ef:b7:a7:ae:18:2c:59:7c:80:a3:a2:7d:7c:62:08:46:bc:26:
7c:e4:3d:1a:81:90:46:02:d8:8c:96:bc:bd:ee:69:6b:4e:cf:
42:1d:09:68:8b:a5:64:02:91:f1:48:ab:74:5a:54:e2:93:57:
6b:e2:31:8f:61:73:c7:3d:9e:29:59:44:25:b6:e4:34:08:98:
f7:66:00:9c:1f:72:c8:d2:90:31:22:0d:f4:2a:42:b8:16:e7:
0b:6a:58:8b:5f:e0:37:16:89:10:0d:27:a6:7b:2f:b8:9b:f2:
52:31:d4:71:fc:77:d7:03:d4:f2:49:cb:20:a6:ca:57:78:73:
40:9e:e8:7e:b6:c5:24:37:d5:af:cd:21:fd:f8:56:cf:79:aa:
bf:45:c8:c1:5b:01:07:8e:9f:ee:c9:cb:5a:0e:e7:0c:e8:21:
42:6a:6e:fd:65:c1:6d:29:37:c2:fb:ab:83:f0:0d:8f:44:27:
03:30:9b:cc
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZ0LO6SrWz3wgxdfh7Y2M2pZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjYwMzIwMTIzMjMxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTdjYWM0ZjE5NTFiNWJkZjZlZmIxNTM3NTc1MWZkMjQxNTNjODU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk9O3lqWXNjTlu0c7Z7ENQbsjGEG4
sggeS02p1oWRe0YCTejWbPjn4ufNUezhV3USKNOp3XiqvJ57HrEljsG+h+XYXNOI
lz1BZfc7izNenIxvVHqsvwgrsnLo3gWxVKtQoSWe/ryEkafhUxIUmj5NOVIKoGkr
mn6WaAa1M926Mz+l3K+/KDfKnQK/Q7M1TsUopPwKKo0ZkDMccJVs5AZYDpQgJHXu
nUEL1Cfyu4Ahk94yqyZPKrIOfEKDlDzOwE0fI3VT3FA9Q+0NpYMyQDnLvD9R2hHx
pULLcklfyq94kIK2vFsh6ET1LShWbHPWWBrNouKj1LdwGyAXvMQWgZEV7wIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFAF8rE8ZUbW99u+xU3V1H9JBU8hYMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvQVh5c1R4bFJ0YjMyNzdGVGRYVWYwa0ZUeUZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAl/cpAwQB
l/csMAwDBACX9y8DBACX9zADBACX91swDQYJKoZIhvcNAQELBQADggEBABxYYZR/
Rm+/7qKNE3zW8MdSYOv+ZKapFzNVSxyEIH9vLBbKAWUKCvKdJQy8lLh6JrBRUd7G
tq97SgugNChKN9SJ7MeYeeDNte+3p64YLFl8gKOifXxiCEa8JnzkPRqBkEYC2IyW
vL3uaWtOz0IdCWiLpWQCkfFIq3RaVOKTV2viMY9hc8c9nilZRCW25DQImPdmAJwf
csjSkDEiDfQqQrgW5wtqWItf4DcWiRANJ6Z7L7ib8lIx1HH8d9cD1PJJyyCmyld4
c0Ce6H62xSQ31a/NIf34Vs95qr9FyMFbAQeOn+7Jy1oO5wzoIUJqbv1lwW0pN8L7
q4PwDY9EJwMwm8w=
-----END CERTIFICATE-----
Generated at Sat Mar 21 17:16:04 2026 by rpki-client