Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/itYEuetiHHud8-DF3bH_4s9dnEU.roa
File: itYEuetiHHud8-DF3bH_4s9dnEU.roa (raw, json)
Hash identifier: xRkXIujrCZwtN6cERk/FAoj8bJiyt967mfqAxzWjNq4=
Subject key identifier: 8A:D6:04:B9:EB:62:1C:7B:9D:F3:E0:C5:DD:B1:FF:E2:CF:5D:9C:45
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019CB7AC5448F0BB7FF374F6694FCF9948B1
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/itYEuetiHHud8-DF3bH_4s9dnEU.roa
Signing time: Wed 04 Mar 2026 07:07:30 +0000
ROA not before: Wed 04 Mar 2026 07:07:30 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 63199
IP address blocks: 151.240.31.0/24 maxlen: 24
151.240.72.0/24 maxlen: 24
151.242.77.0/24 maxlen: 24
151.244.4.0/24 maxlen: 24
151.245.138.0/24 maxlen: 24
151.245.254.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 05 Mar 2026 07:18:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:b7:ac:54:48:f0:bb:7f:f3:74:f6:69:4f:cf:99:48:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Mar 4 07:07:30 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=8ad604b9eb621c7b9df3e0c5ddb1ffe2cf5d9c45
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:9a:53:20:78:fc:89:08:de:22:d6:a7:2f:7b:
51:32:12:6c:36:c1:65:09:a0:5a:27:b4:2e:66:7a:
46:57:f8:7c:7c:b3:ee:fd:7e:3f:32:71:50:45:8a:
02:e0:22:d0:6f:ec:8e:97:38:e8:1e:b0:90:01:4d:
d1:dd:9c:96:86:d2:62:4c:e1:17:9c:dd:df:71:75:
07:46:73:b2:58:19:82:57:24:a9:ec:da:72:8e:64:
bc:29:98:94:20:97:02:db:3c:4f:61:ec:ba:22:c4:
9c:8e:86:99:40:9a:95:01:40:67:80:b7:66:ff:7c:
d6:fc:b1:5a:43:2e:46:14:83:a4:52:9b:45:fe:4a:
32:12:93:e1:60:c1:26:3c:b1:31:58:3a:6e:2c:28:
89:5d:70:48:80:a8:0d:b5:c1:15:3d:0f:d2:4c:b5:
91:af:54:aa:c4:9e:7f:29:06:40:ec:35:1b:87:c8:
fa:bd:52:4a:73:0d:22:74:b8:f3:0c:ce:94:b3:42:
fd:10:37:c5:bc:99:24:c9:9e:cc:a7:7f:45:51:0c:
d3:38:08:ee:21:35:6f:a9:c4:a0:f1:74:2c:bb:40:
b8:4d:5d:bb:53:c6:4f:71:05:39:6c:b1:5c:48:78:
fb:b3:14:26:4b:74:6a:c0:a0:c3:dc:14:df:8f:a7:
e8:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:D6:04:B9:EB:62:1C:7B:9D:F3:E0:C5:DD:B1:FF:E2:CF:5D:9C:45
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/itYEuetiHHud8-DF3bH_4s9dnEU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.240.31.0/24
151.240.72.0/24
151.242.77.0/24
151.244.4.0/24
151.245.138.0/24
151.245.254.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:45:63:10:5d:5e:62:c1:9e:9e:d0:9f:aa:7b:c7:82:96:f1:
d1:41:17:d5:30:c6:4b:20:95:ab:2e:fd:53:72:86:ab:2b:c6:
a7:a0:5a:83:c4:cc:5c:b8:ea:b2:b6:79:82:32:0c:af:ed:b4:
20:33:de:68:20:1f:29:60:c4:6b:ae:24:37:71:bf:c9:ec:14:
da:2c:fd:be:2c:1d:65:7a:17:9b:f9:07:c1:a8:91:fa:24:27:
76:dd:97:fd:15:f7:71:9e:be:2f:1e:d0:02:8e:ec:6d:77:93:
7d:b5:ff:29:78:0c:4e:0c:01:ca:70:aa:79:6a:e5:e2:38:a0:
75:b2:1c:b6:48:23:bf:8f:72:e3:e2:b7:dc:7f:47:50:43:46:
36:f5:f4:63:4e:3c:10:6a:df:29:28:96:29:46:63:26:7f:ef:
1a:de:62:1f:8c:0a:4e:4b:1e:07:2a:75:4f:ed:c8:76:7f:55:
bf:92:dc:7d:71:3d:ff:ff:02:92:99:74:5f:e4:e8:f7:ab:17:
12:ba:2a:03:15:e9:ab:6b:00:32:51:51:fc:fb:56:e4:18:b6:
17:69:09:e7:56:66:30:e7:07:e3:89:4a:a3:8f:87:f4:10:66:
a5:38:ec:6c:0f:90:8b:e8:1c:67:af:4a:47:76:56:17:c8:fa:
71:f0:df:da
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZy3rFRI8Lt/83T2aU/PmUixMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjYwMzA0MDcwNzMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YWQ2MDRiOWViNjIxYzdiOWRmM2UwYzVkZGIxZmZlMmNmNWQ5YzQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4ppTIHj8iQjeItanL3tRMhJsNsFl
CaBaJ7QuZnpGV/h8fLPu/X4/MnFQRYoC4CLQb+yOlzjoHrCQAU3R3ZyWhtJiTOEX
nN3fcXUHRnOyWBmCVySp7NpyjmS8KZiUIJcC2zxPYey6IsScjoaZQJqVAUBngLdm
/3zW/LFaQy5GFIOkUptF/koyEpPhYMEmPLExWDpuLCiJXXBIgKgNtcEVPQ/STLWR
r1SqxJ5/KQZA7DUbh8j6vVJKcw0idLjzDM6Us0L9EDfFvJkkyZ7Mp39FUQzTOAju
ITVvqcSg8XQsu0C4TV27U8ZPcQU5bLFcSHj7sxQmS3RqwKDD3BTfj6foMwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFIrWBLnrYhx7nfPgxd2x/+LPXZxFMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvaXRZRXVldGlISHVkOC1ERjNiSF80czlkbkVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAl/AfAwQA
l/BIAwQAl/JNAwQAl/QEAwQAl/WKAwQAl/X+MA0GCSqGSIb3DQEBCwUAA4IBAQAr
RWMQXV5iwZ6e0J+qe8eClvHRQRfVMMZLIJWrLv1TcoarK8anoFqDxMxcuOqytnmC
Mgyv7bQgM95oIB8pYMRrriQ3cb/J7BTaLP2+LB1leheb+QfBqJH6JCd23Zf9Ffdx
nr4vHtACjuxtd5N9tf8peAxODAHKcKp5auXiOKB1shy2SCO/j3Lj4rfcf0dQQ0Y2
9fRjTjwQat8pKJYpRmMmf+8a3mIfjApOSx4HKnVP7ch2f1W/ktx9cT3//wKSmXRf
5Oj3qxcSuioDFemrawAyUVH8+1bkGLYXaQnnVmYw5wfjiUqjj4f0EGalOOxsD5CL
6Bxnr0pHdlYXyPpx8N/a
-----END CERTIFICATE-----
Generated at Wed Mar 4 16:01:40 2026 by rpki-client