Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/RFcp3MXchqanPy7FxWN1IVIwhtg.roa
File: RFcp3MXchqanPy7FxWN1IVIwhtg.roa (raw, json)
Hash identifier: n0P4futRZP8NOCJjhlmq98E6LOYqTiyNFv0Lv3Ezk70=
Subject key identifier: 44:57:29:DC:C5:DC:86:A6:A7:3F:2E:C5:C5:63:75:21:52:30:86:D8
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019DBAC7674983E82BDD5BDDBE6A5D95A454
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/RFcp3MXchqanPy7FxWN1IVIwhtg.roa
Signing time: Thu 23 Apr 2026 14:38:43 +0000
ROA not before: Thu 23 Apr 2026 14:38:43 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 9457
IP address blocks: 151.246.129.0/24 maxlen: 24
151.246.228.0/24 maxlen: 24
151.247.79.0/24 maxlen: 24
151.247.111.0/24 maxlen: 24
151.247.180.0/24 maxlen: 24
151.247.237.0/24 maxlen: 24
151.247.251.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 14 May 2026 02:01:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:ba:c7:67:49:83:e8:2b:dd:5b:dd:be:6a:5d:95:a4:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Apr 23 14:38:43 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=445729dcc5dc86a6a73f2ec5c5637521523086d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:41:88:0f:33:02:bd:dc:cf:df:b0:00:16:48:
9b:6e:c1:0e:81:dd:dc:87:0d:4d:42:dc:ab:be:48:
84:f9:ba:a9:39:02:f1:38:2c:18:bd:a4:ae:12:5b:
63:fa:83:6a:04:ba:6c:5f:69:01:a7:c8:04:2f:dc:
cb:78:d1:7c:32:60:3e:b1:eb:80:15:0e:ee:b6:6d:
54:78:e9:f9:7f:9a:53:ad:49:96:d9:5c:13:86:14:
87:8d:92:6e:c6:97:fb:d1:06:43:98:9d:52:1f:9b:
e9:ee:8f:b7:81:30:09:5f:aa:28:0f:40:60:75:c2:
da:a0:25:77:d5:68:96:19:9d:f4:6c:93:fa:d7:f0:
87:88:28:8d:64:33:60:75:94:02:ca:8e:ca:66:d9:
71:87:c1:62:ec:6c:f3:e6:79:36:06:28:e5:70:e7:
95:25:76:61:ea:49:86:86:80:a9:bc:77:b0:72:77:
23:af:cd:1a:76:12:3e:1a:d1:78:13:75:f0:46:08:
04:75:e1:8c:b4:bb:70:a3:ee:73:11:6d:19:66:a5:
df:62:22:a6:b3:6e:af:f3:b4:7c:ef:26:27:ee:48:
f1:89:bd:28:4c:d8:ff:3b:4f:8c:81:42:40:4d:2f:
ca:51:b7:a8:dd:4d:b7:06:ac:8f:97:7d:8c:76:69:
ac:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:57:29:DC:C5:DC:86:A6:A7:3F:2E:C5:C5:63:75:21:52:30:86:D8
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/RFcp3MXchqanPy7FxWN1IVIwhtg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.246.129.0/24
151.246.228.0/24
151.247.79.0/24
151.247.111.0/24
151.247.180.0/24
151.247.237.0/24
151.247.251.0/24
Signature Algorithm: sha256WithRSAEncryption
27:b8:62:3e:ce:cb:82:33:c7:c7:ee:67:ed:63:f5:44:5b:4f:
95:96:dc:31:5c:42:e0:1a:2b:a7:40:4a:37:0d:5a:b4:94:d2:
f4:f0:fa:33:0b:4d:2f:93:0d:68:d1:e5:d9:e1:1c:a1:21:d0:
1c:70:c7:67:4e:27:58:38:07:fc:f6:90:9b:d1:21:4a:6f:bb:
6d:a6:cf:bc:50:6e:5c:92:34:8c:08:64:16:ae:50:f2:5d:6a:
0f:74:f3:29:d7:4a:3a:69:70:3c:0b:31:c9:a5:69:19:85:84:
d2:84:d3:39:b1:24:f6:89:bc:ad:ce:93:bc:20:87:99:bd:69:
70:64:30:ec:98:f7:c4:c5:92:8f:3c:ef:0c:43:ba:6f:4c:4f:
6e:6b:ca:59:48:93:9a:3e:09:fd:12:de:dd:72:71:37:dc:1c:
0c:69:23:62:6e:9f:13:ad:4c:53:06:0e:ac:ed:80:1f:a5:52:
53:7d:a9:45:54:a8:c1:02:3e:e1:70:c4:8d:be:2f:81:36:75:
b7:40:ba:a0:7f:5e:60:33:bb:cf:7c:6b:36:13:d7:42:0d:7c:
7f:f7:a1:ff:04:9d:8e:55:f4:e7:88:4a:0c:92:d3:d7:46:26:
af:24:d2:9d:0b:2b:a3:d3:c5:e7:7c:3c:0e:69:4d:c0:ea:33:
1f:02:c0:0e
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZ26x2dJg+gr3VvdvmpdlaRUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjYwNDIzMTQzODQzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDU3MjlkY2M1ZGM4NmE2YTczZjJlYzVjNTYzNzUyMTUyMzA4NmQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArEGIDzMCvdzP37AAFkibbsEOgd3c
hw1NQtyrvkiE+bqpOQLxOCwYvaSuEltj+oNqBLpsX2kBp8gEL9zLeNF8MmA+seuA
FQ7utm1UeOn5f5pTrUmW2VwThhSHjZJuxpf70QZDmJ1SH5vp7o+3gTAJX6ooD0Bg
dcLaoCV31WiWGZ30bJP61/CHiCiNZDNgdZQCyo7KZtlxh8Fi7Gzz5nk2BijlcOeV
JXZh6kmGhoCpvHewcncjr80adhI+GtF4E3XwRggEdeGMtLtwo+5zEW0ZZqXfYiKm
s26v87R87yYn7kjxib0oTNj/O0+MgUJATS/KUbeo3U23BqyPl32MdmmsuQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFERXKdzF3Iampz8uxcVjdSFSMIbYMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvUkZjcDNNWGNocWFuUHk3RnhXTjFJVkl3aHRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAl/aBAwQA
l/bkAwQAl/dPAwQAl/dvAwQAl/e0AwQAl/ftAwQAl/f7MA0GCSqGSIb3DQEBCwUA
A4IBAQAnuGI+zsuCM8fH7mftY/VEW0+VltwxXELgGiunQEo3DVq0lNL08PozC00v
kw1o0eXZ4RyhIdAccMdnTidYOAf89pCb0SFKb7ttps+8UG5ckjSMCGQWrlDyXWoP
dPMp10o6aXA8CzHJpWkZhYTShNM5sST2ibytzpO8IIeZvWlwZDDsmPfExZKPPO8M
Q7pvTE9ua8pZSJOaPgn9Et7dcnE33BwMaSNibp8TrUxTBg6s7YAfpVJTfalFVKjB
Aj7hcMSNvi+BNnW3QLqgf15gM7vPfGs2E9dCDXx/96H/BJ2OVfTniEoMktPXRiav
JNKdCyuj08XnfDwOaU3A6jMfAsAO
-----END CERTIFICATE-----
Generated at Wed May 13 10:42:33 2026 by rpki-client