
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/CiC1R99KckIItq4oDpusOQwMvi0.roa
File: CiC1R99KckIItq4oDpusOQwMvi0.roa (raw, json)
Hash identifier: kPm7Cj8wrYcaUdV8ovADKWIGJyDF0Y2wNTB3hy46HqY=
Subject key identifier: 0A:20:B5:47:DF:4A:72:42:08:B6:AE:28:0E:9B:AC:39:0C:0C:BE:2D
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019F2816B933C6C308D3ACD490C23056F10F
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/CiC1R99KckIItq4oDpusOQwMvi0.roa
Signing time: Fri 03 Jul 2026 13:06:45 +0000
ROA not before: Fri 03 Jul 2026 13:06:45 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 219393
IP address blocks: 151.242.29.0/24 maxlen: 24
151.242.44.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 Jul 2026 11:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9f:28:16:b9:33:c6:c3:08:d3:ac:d4:90:c2:30:56:f1:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Jul 3 13:06:45 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=0a20b547df4a724208b6ae280e9bac390c0cbe2d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:60:56:bf:ee:5f:f3:b5:92:d9:13:4e:79:88:
9c:86:55:e3:1e:92:bc:32:f6:db:a2:cf:5b:b8:0a:
e2:e7:40:5f:8b:75:b1:f9:bc:34:c6:fa:68:ce:5b:
dc:eb:0f:58:47:6c:1b:5a:99:b2:3f:ed:e5:ef:68:
ac:67:60:66:9a:cf:f9:66:6c:f9:f2:f9:7c:49:5e:
e7:25:fa:d2:a7:f8:a6:f8:fa:1d:36:ad:80:62:d9:
ac:f2:08:1c:ad:38:a6:31:d8:d0:e8:be:57:d9:6e:
d1:a9:a1:fe:95:08:5f:79:d1:b0:8c:ec:d9:00:0e:
6f:64:a2:b4:9d:7d:6d:69:64:67:04:79:56:ca:c3:
ba:ec:46:94:bf:0f:60:3a:01:17:d0:6f:35:a5:e3:
15:56:87:4b:11:75:44:00:cb:4f:d0:4c:bb:2d:a4:
2e:e0:08:6a:0b:2d:c8:15:58:c3:7b:21:0e:4a:a6:
68:84:81:a7:25:c5:2d:75:03:b4:9a:59:11:f4:e1:
86:7b:b1:53:41:65:99:40:56:bd:e3:c9:62:73:fa:
1e:47:48:ac:7b:4e:7d:ac:0f:b7:a8:58:e7:ea:e0:
26:2d:9c:5a:6c:eb:ec:0d:3f:ff:47:51:77:db:06:
01:dc:a3:c9:17:c3:67:d5:ec:18:bd:7d:96:ab:14:
2b:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:20:B5:47:DF:4A:72:42:08:B6:AE:28:0E:9B:AC:39:0C:0C:BE:2D
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/CiC1R99KckIItq4oDpusOQwMvi0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.242.29.0/24
151.242.44.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:7f:e9:9c:42:df:c3:73:5b:d6:39:e2:22:28:e4:73:cd:c6:
d6:b0:8d:34:41:98:60:8d:60:f3:3c:d9:25:c7:84:7d:f4:93:
e9:42:a1:69:6c:f9:4e:ce:a0:10:cf:a8:59:fd:bb:a9:bb:b5:
bb:b6:c1:8f:41:55:c9:b4:ca:36:58:b4:4b:76:22:28:e2:3c:
79:19:f6:e9:fd:30:4a:1d:3c:1b:52:ae:7b:0d:88:05:9f:5b:
10:64:59:7e:6b:e7:f0:4a:f9:70:c4:e3:f0:bd:c2:00:51:52:
1b:b5:f8:79:ea:67:b6:78:eb:d4:1d:43:af:83:6b:bf:2f:68:
b4:53:a8:ba:8f:4e:f6:eb:4e:fc:78:02:85:d6:b7:81:01:8c:
67:62:7e:ec:01:6a:06:db:ee:a1:f2:0d:f9:3d:48:f0:98:f4:
ad:2b:33:c4:06:44:ac:bc:6b:40:86:d0:35:0f:19:8f:c2:62:
1c:7d:f7:36:0e:6e:42:a8:08:dd:97:d7:c0:65:e8:69:7b:50:
f4:df:76:ce:eb:28:b3:1b:f3:14:87:2b:d1:77:d9:06:a3:76:
fa:4b:96:51:be:33:75:4a:d7:f1:b1:34:96:b5:36:01:88:4e:
9e:f8:7c:22:e6:09:5e:c0:22:85:b1:2b:14:0a:ec:89:56:d8:
57:16:f3:23
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZ8oFrkzxsMI06zUkMIwVvEPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjYwNzAzMTMwNjQ1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTIwYjU0N2RmNGE3MjQyMDhiNmFlMjgwZTliYWMzOTBjMGNiZTJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqmBWv+5f87WS2RNOeYichlXjHpK8
Mvbbos9buAri50Bfi3Wx+bw0xvpozlvc6w9YR2wbWpmyP+3l72isZ2Bmms/5Zmz5
8vl8SV7nJfrSp/im+PodNq2AYtms8ggcrTimMdjQ6L5X2W7RqaH+lQhfedGwjOzZ
AA5vZKK0nX1taWRnBHlWysO67EaUvw9gOgEX0G81peMVVodLEXVEAMtP0Ey7LaQu
4AhqCy3IFVjDeyEOSqZohIGnJcUtdQO0mlkR9OGGe7FTQWWZQFa948lic/oeR0is
e059rA+3qFjn6uAmLZxabOvsDT//R1F32wYB3KPJF8Nn1ewYvX2WqxQrzwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAogtUffSnJCCLauKA6brDkMDL4tMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvQ2lDMVI5OUtja0lJdHE0b0RwdXNPUXdNdmkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAl/IdAwQA
l/IsMA0GCSqGSIb3DQEBCwUAA4IBAQA/f+mcQt/Dc1vWOeIiKORzzcbWsI00QZhg
jWDzPNklx4R99JPpQqFpbPlOzqAQz6hZ/bupu7W7tsGPQVXJtMo2WLRLdiIo4jx5
Gfbp/TBKHTwbUq57DYgFn1sQZFl+a+fwSvlwxOPwvcIAUVIbtfh56me2eOvUHUOv
g2u/L2i0U6i6j0726078eAKF1reBAYxnYn7sAWoG2+6h8g35PUjwmPStKzPEBkSs
vGtAhtA1DxmPwmIcffc2Dm5CqAjdl9fAZehpe1D033bO6yizG/MUhyvRd9kGo3b6
S5ZRvjN1StfxsTSWtTYBiE6e+Hwi5glewCKFsSsUCuyJVthXFvMj
-----END CERTIFICATE-----
Generated at Fri Jul 3 19:58:11 2026 by rpki-client