Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/MI7-sojFGkLGRy5rPT8FJdYeb4Q.roa
File: MI7-sojFGkLGRy5rPT8FJdYeb4Q.roa (raw, json)
Hash identifier: WCvksHM2IzqeWXU/jNJUFy7sMPxId4Q6YS6cfkWSxmc=
Subject key identifier: 30:8E:FE:B2:88:C5:1A:42:C6:47:2E:6B:3D:3F:05:25:D6:1E:6F:84
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019DB568C24DFFA317AD0979A8CFCFFDF3A9
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/MI7-sojFGkLGRy5rPT8FJdYeb4Q.roa
Signing time: Wed 22 Apr 2026 13:37:14 +0000
ROA not before: Wed 22 Apr 2026 13:37:14 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 40676
IP address blocks: 151.242.61.0/24 maxlen: 24
151.246.157.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 25 Apr 2026 15:34:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:b5:68:c2:4d:ff:a3:17:ad:09:79:a8:cf:cf:fd:f3:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Apr 22 13:37:14 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=308efeb288c51a42c6472e6b3d3f0525d61e6f84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:61:0b:e8:5d:e0:0c:76:42:11:09:de:a5:61:
7a:17:f1:7d:8c:e4:41:90:ac:4f:41:ee:59:13:f0:
c9:ea:2e:38:3a:ff:f9:33:df:d1:dd:dd:17:b9:54:
21:e0:89:bc:3e:49:b1:3d:5d:62:ab:8c:b7:5a:9f:
2f:a2:13:04:91:e2:93:a0:a1:07:36:e6:c2:e9:32:
3d:d1:ff:96:72:6f:a2:6a:81:38:27:14:88:c8:58:
98:b2:94:dd:0e:f6:52:ff:21:24:34:ff:c8:9a:1e:
a7:fa:8a:45:b3:f2:f9:40:d4:be:4b:90:16:3c:37:
a0:21:f8:31:b9:f1:47:d3:2f:fd:22:07:c2:02:8c:
10:b2:a5:2f:67:bc:44:db:92:29:05:b6:b0:c3:cb:
88:59:bc:41:84:39:81:c2:70:d3:b4:97:4b:af:60:
8c:19:75:ac:68:db:e7:ef:8c:82:aa:59:b0:16:12:
02:ca:f0:c4:50:a0:ed:43:bc:d4:2e:93:41:67:81:
f8:41:1d:7e:30:80:ca:b5:b8:4c:a3:77:d1:65:47:
10:85:e1:e3:77:03:f9:a5:67:82:8c:a9:eb:7d:b9:
f6:d1:40:9d:8f:43:1a:a5:80:4e:17:ad:e0:2c:f9:
59:15:45:2f:e1:db:96:98:eb:23:58:f9:35:bf:1c:
28:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:8E:FE:B2:88:C5:1A:42:C6:47:2E:6B:3D:3F:05:25:D6:1E:6F:84
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/MI7-sojFGkLGRy5rPT8FJdYeb4Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.242.61.0/24
151.246.157.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:3b:06:45:2d:fe:32:0d:b7:8b:1a:5f:15:a5:20:d6:4d:7a:
1b:6f:a6:73:8f:c0:a0:ad:69:70:18:13:b4:d9:5f:b1:d8:36:
da:db:ab:8a:d2:f1:17:0c:47:7a:c5:5a:48:c2:55:d3:48:39:
5f:ad:b7:09:d9:b4:0f:93:1d:6b:38:54:f7:33:66:5c:3b:5b:
33:90:07:b5:b1:91:c5:3b:dd:1c:a9:5d:ed:ad:7f:05:34:7e:
12:fb:ec:0b:61:f5:38:04:fd:48:dc:26:99:61:ed:15:57:c8:
8d:f2:21:2a:13:25:a5:a8:78:63:ee:37:cc:4c:99:be:70:fd:
6a:6a:d0:14:d8:0f:c1:d3:a7:5e:32:75:9a:35:70:f0:54:6f:
c3:b5:ee:ff:82:57:e3:46:fa:82:31:e8:33:3f:7c:a5:79:3f:
96:38:1c:0b:01:5d:b6:15:c4:eb:22:4d:80:2d:61:e2:db:fd:
4c:7c:5d:77:2f:37:3b:12:ba:11:18:f3:af:ad:5f:f2:09:d9:
9a:b0:3e:29:2c:18:1f:1b:9a:2c:91:2d:b2:25:c0:ee:99:2b:
47:d1:52:a9:7e:29:82:f2:f8:8f:e9:4c:c3:28:fc:a1:e4:a9:
8a:5e:8f:a3:a7:1e:b5:31:39:1d:10:05:d3:fd:e4:fe:43:c3:
7c:8b:88:6e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZ21aMJN/6MXrQl5qM/P/fOpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjYwNDIyMTMzNzE0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDhlZmViMjg4YzUxYTQyYzY0NzJlNmIzZDNmMDUyNWQ2MWU2Zjg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp2EL6F3gDHZCEQnepWF6F/F9jORB
kKxPQe5ZE/DJ6i44Ov/5M9/R3d0XuVQh4Im8PkmxPV1iq4y3Wp8vohMEkeKToKEH
NubC6TI90f+Wcm+iaoE4JxSIyFiYspTdDvZS/yEkNP/Imh6n+opFs/L5QNS+S5AW
PDegIfgxufFH0y/9IgfCAowQsqUvZ7xE25IpBbaww8uIWbxBhDmBwnDTtJdLr2CM
GXWsaNvn74yCqlmwFhICyvDEUKDtQ7zULpNBZ4H4QR1+MIDKtbhMo3fRZUcQheHj
dwP5pWeCjKnrfbn20UCdj0MapYBOF63gLPlZFUUv4duWmOsjWPk1vxwo0wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDCO/rKIxRpCxkcuaz0/BSXWHm+EMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvTUk3LXNvakZHa0xHUnk1clBUOEZKZFllYjRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAl/I9AwQA
l/adMA0GCSqGSIb3DQEBCwUAA4IBAQArOwZFLf4yDbeLGl8VpSDWTXobb6Zzj8Cg
rWlwGBO02V+x2Dba26uK0vEXDEd6xVpIwlXTSDlfrbcJ2bQPkx1rOFT3M2ZcO1sz
kAe1sZHFO90cqV3trX8FNH4S++wLYfU4BP1I3CaZYe0VV8iN8iEqEyWlqHhj7jfM
TJm+cP1qatAU2A/B06deMnWaNXDwVG/Dte7/glfjRvqCMegzP3yleT+WOBwLAV22
FcTrIk2ALWHi2/1MfF13Lzc7EroRGPOvrV/yCdmasD4pLBgfG5oskS2yJcDumStH
0VKpfimC8viP6UzDKPyh5KmKXo+jpx61MTkdEAXT/eT+Q8N8i4hu
-----END CERTIFICATE-----
Generated at Fri Apr 24 23:16:08 2026 by rpki-client