Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/SY9CTrDjGrV9MFW_VBSKg7pknrs.roa
File: SY9CTrDjGrV9MFW_VBSKg7pknrs.roa (raw, json)
Hash identifier: zEuI0oyqY8hafZC1wKjfuVcuwlUFK8ephfb2EQ/PI98=
Subject key identifier: 49:8F:42:4E:B0:E3:1A:B5:7D:30:55:BF:54:14:8A:83:BA:64:9E:BB
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019E6EDBA324FC8446C842D332DDAF0993C4
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/SY9CTrDjGrV9MFW_VBSKg7pknrs.roa
Signing time: Thu 28 May 2026 13:52:28 +0000
ROA not before: Thu 28 May 2026 13:52:28 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 984
IP address blocks: 151.242.54.0/24 maxlen: 24
151.243.107.0/24 maxlen: 24
151.243.108.0/24 maxlen: 24
151.243.139.0/24 maxlen: 24
151.244.16.0/21 maxlen: 24
151.244.168.0/23 maxlen: 24
151.244.216.0/23 maxlen: 24
151.244.218.0/24 maxlen: 24
151.246.48.0/21 maxlen: 24
151.246.56.0/21 maxlen: 24
151.246.80.0/21 maxlen: 24
151.246.88.0/21 maxlen: 24
151.246.96.0/21 maxlen: 24
151.246.108.0/24 maxlen: 24
151.246.109.0/24 maxlen: 24
151.246.110.0/24 maxlen: 24
151.246.112.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 03 Jun 2026 15:55:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:6e:db:a3:24:fc:84:46:c8:42:d3:32:dd:af:09:93:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: May 28 13:52:28 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=498f424eb0e31ab57d3055bf54148a83ba649ebb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:1b:f0:6e:2f:b3:4c:04:e1:f4:60:33:47:06:
68:fe:85:c0:a8:1f:85:b5:65:d1:ee:55:83:9b:24:
c8:62:28:ab:f4:71:50:d0:23:9e:25:0c:d7:6f:73:
1f:31:5f:be:4c:94:1e:d1:68:78:d1:0c:96:17:32:
65:54:fe:2a:43:fb:22:58:a5:3a:91:71:b8:af:38:
2f:6d:1f:b9:53:dc:2b:29:65:11:a6:7c:82:59:98:
0f:e2:59:5c:4b:7a:f9:28:0b:c4:7d:a0:ec:60:3b:
2f:40:43:c9:69:34:4b:9b:17:ca:47:3d:b8:a2:6d:
f9:71:48:84:48:ae:dc:79:14:41:07:ae:9c:fc:5e:
a1:d7:04:13:5d:05:d1:e0:46:cd:d4:3e:33:17:d6:
c4:f6:92:f4:b0:4d:0d:90:2b:c3:03:0c:60:ac:e9:
21:51:73:7a:e0:85:61:9e:0a:73:95:8c:84:7f:79:
56:37:c6:0b:12:22:65:b1:72:ca:a8:ed:56:17:ec:
5d:fe:97:59:76:6e:d9:00:a1:0b:74:7e:c3:4e:83:
d2:19:44:29:16:e2:36:77:a6:94:8a:fb:0f:25:83:
c1:1f:fb:90:ae:8d:7b:77:08:17:b4:67:db:1d:0c:
6b:6d:5e:b7:99:16:4a:17:d5:d4:23:14:02:2b:1b:
77:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:8F:42:4E:B0:E3:1A:B5:7D:30:55:BF:54:14:8A:83:BA:64:9E:BB
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/SY9CTrDjGrV9MFW_VBSKg7pknrs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.242.54.0/24
151.243.107.0-151.243.108.255
151.243.139.0/24
151.244.16.0/21
151.244.168.0/23
151.244.216.0-151.244.218.255
151.246.48.0/20
151.246.80.0-151.246.103.255
151.246.108.0-151.246.110.255
151.246.112.0/21
Signature Algorithm: sha256WithRSAEncryption
30:00:26:92:ff:bd:c0:32:c0:74:a4:82:16:4a:84:92:17:69:
3c:29:60:0b:e9:e8:3d:38:a3:12:75:20:2a:36:ba:f9:a1:1f:
2b:1d:b7:3a:9f:cb:07:04:68:9e:0b:a4:29:3e:22:cc:d7:14:
d6:3e:19:4b:95:c3:8b:c6:34:80:16:3d:f1:c7:69:17:46:35:
ba:4b:d0:8a:da:0a:46:41:45:54:0c:54:41:cf:5d:47:2d:0e:
7c:0b:52:e1:7b:f0:da:c2:2c:b1:ce:1e:7a:10:c8:9a:98:bb:
61:94:b4:14:f4:a8:01:3f:6c:1a:2c:6e:65:ae:d4:52:79:cf:
68:6d:5a:27:28:3a:d6:4f:ab:c8:af:f0:62:56:19:1a:71:9f:
fa:29:1f:ec:08:87:db:04:bb:c0:20:d0:91:48:bc:ee:1a:7e:
e3:e9:3d:39:6c:c8:50:82:f9:74:62:d6:d6:5a:75:df:3d:fa:
f0:6f:6a:c5:ff:0a:bc:09:f6:c8:e5:54:ba:cb:01:1a:58:94:
29:27:8d:a7:fb:d3:28:76:cb:b1:6f:e7:e0:cb:63:cd:69:14:
b1:f2:8a:ac:12:f8:9e:b8:d6:28:c3:6c:ef:fa:1b:a0:6c:c1:
04:b6:c8:00:3f:91:c8:4b:95:45:68:12:89:69:80:27:f2:66:
88:73:2b:dc
-----BEGIN CERTIFICATE-----
MIIFUzCCBDugAwIBAgISAZ5u26Mk/IRGyELTMt2vCZPEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjYwNTI4MTM1MjI4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OThmNDI0ZWIwZTMxYWI1N2QzMDU1YmY1NDE0OGE4M2JhNjQ5ZWJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxhvwbi+zTATh9GAzRwZo/oXAqB+F
tWXR7lWDmyTIYiir9HFQ0COeJQzXb3MfMV++TJQe0Wh40QyWFzJlVP4qQ/siWKU6
kXG4rzgvbR+5U9wrKWURpnyCWZgP4llcS3r5KAvEfaDsYDsvQEPJaTRLmxfKRz24
om35cUiESK7ceRRBB66c/F6h1wQTXQXR4EbN1D4zF9bE9pL0sE0NkCvDAwxgrOkh
UXN64IVhngpzlYyEf3lWN8YLEiJlsXLKqO1WF+xd/pdZdm7ZAKELdH7DToPSGUQp
FuI2d6aUivsPJYPBH/uQro17dwgXtGfbHQxrbV63mRZKF9XUIxQCKxt38wIDAQAB
o4ICXzCCAlswHQYDVR0OBBYEFEmPQk6w4xq1fTBVv1QUioO6ZJ67MB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvU1k5Q1RyRGpHclY5TUZXX1ZCU0tnN3BrbnJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHUGCCsGAQUFBwEHAQH/BGYwZDBiBAIAATBcAwQAl/I2MAwD
BACX82sDBACX82wDBACX84sDBAOX9BADBAGX9KgwDAMEA5f02AMEAJf02gMEBJf2
MDAMAwQEl/ZQAwQDl/ZgMAwDBAKX9mwDBACX9m4DBAOX9nAwDQYJKoZIhvcNAQEL
BQADggEBADAAJpL/vcAywHSkghZKhJIXaTwpYAvp6D04oxJ1ICo2uvmhHysdtzqf
ywcEaJ4LpCk+IszXFNY+GUuVw4vGNIAWPfHHaRdGNbpL0IraCkZBRVQMVEHPXUct
DnwLUuF78NrCLLHOHnoQyJqYu2GUtBT0qAE/bBosbmWu1FJ5z2htWicoOtZPq8iv
8GJWGRpxn/opH+wIh9sEu8Ag0JFIvO4afuPpPTlsyFCC+XRi1tZadd89+vBvasX/
CrwJ9sjlVLrLARpYlCknjaf70yh2y7Fv5+DLY81pFLHyiqwS+J641ijDbO/6G6Bs
wQS2yAA/kchLlUVoEolpgCfyZohzK9w=
-----END CERTIFICATE-----
Generated at Tue Jun 2 21:21:24 2026 by rpki-client