Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/mHFkI_4mvS0qTTgmripJdU6lrRA.roa
File: mHFkI_4mvS0qTTgmripJdU6lrRA.roa (raw, json)
Hash identifier: +cPgpjHIPF2BJwPen6YMqQFS8Io/LI7PJK+tEWOF5mI=
Subject key identifier: 98:71:64:23:FE:26:BD:2D:2A:4D:38:26:AE:2A:49:75:4E:A5:AD:10
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019DC308378D623E01584474BA1236D82B2D
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/mHFkI_4mvS0qTTgmripJdU6lrRA.roa
Signing time: Sat 25 Apr 2026 05:06:28 +0000
ROA not before: Sat 25 Apr 2026 05:06:28 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 199301
IP address blocks: 151.244.132.0/24 maxlen: 24
151.244.179.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Apr 2026 04:37:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:c3:08:37:8d:62:3e:01:58:44:74:ba:12:36:d8:2b:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Apr 25 05:06:28 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=98716423fe26bd2d2a4d3826ae2a49754ea5ad10
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:a5:5c:3a:55:a5:2d:fe:03:85:13:cb:df:a0:
31:03:19:76:f5:6f:a6:10:fc:e9:c6:89:c1:19:be:
a4:45:15:a9:c7:f3:8c:95:f2:72:38:64:78:c2:03:
aa:52:5d:1b:42:8f:b3:f0:c4:bb:9e:36:f3:33:5f:
65:1b:13:1d:25:21:21:76:71:06:b1:ca:29:b5:db:
9b:17:62:38:88:24:98:06:54:57:2d:9e:34:80:bd:
18:c6:a9:b3:74:69:cb:5d:b4:66:46:ba:4c:cd:92:
74:37:d0:a6:5b:fa:e4:46:e7:6e:cf:2b:71:67:3b:
7a:88:e6:56:df:5d:af:a5:3a:ab:4c:f0:f1:b3:8d:
a6:0c:b7:b1:32:f1:e7:69:1c:d2:06:df:c9:9b:65:
4a:f9:8d:2a:82:4f:99:f8:d2:86:8c:b2:d5:58:99:
14:3f:dc:6a:0e:72:2f:14:ab:ec:d9:7a:e6:1c:c4:
9b:3d:c3:f9:2d:2b:a5:26:bc:e0:11:8f:c2:38:40:
b0:a9:8d:2b:35:02:a2:1d:ef:52:3c:1a:01:1a:4f:
cd:16:99:71:98:ad:0e:c0:d6:7c:49:62:33:50:72:
78:8a:63:a0:2b:e3:a7:7c:04:fb:32:be:dc:9e:fc:
e3:46:ac:8f:a1:42:ae:77:a6:4f:66:2d:cd:58:e9:
71:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:71:64:23:FE:26:BD:2D:2A:4D:38:26:AE:2A:49:75:4E:A5:AD:10
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/mHFkI_4mvS0qTTgmripJdU6lrRA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.244.132.0/24
151.244.179.0/24
Signature Algorithm: sha256WithRSAEncryption
05:2e:9e:17:6e:4b:d3:8b:78:97:40:33:1a:be:d2:2a:ef:ed:
53:36:2f:90:e2:e7:91:f5:dd:60:15:76:20:74:ca:14:ce:c8:
9c:07:2d:02:24:24:f0:5c:b9:b3:cf:d1:50:03:88:f1:f3:01:
c2:0c:06:fe:a0:31:98:ef:72:8d:8a:77:fa:5f:85:85:86:48:
d5:28:24:9b:3b:30:52:6a:0c:93:e0:f7:fa:77:92:1c:74:20:
0b:a2:9d:95:02:03:fd:a3:c4:04:f7:90:9a:97:c3:bd:34:32:
5c:fb:1d:af:3e:30:0b:91:1e:0c:41:58:cf:13:2f:f5:9b:6a:
64:af:70:00:b7:01:4d:80:dc:da:4b:9f:3d:f5:67:47:ee:4d:
84:3a:68:b3:11:4e:c0:9f:09:fa:d6:52:d1:27:ab:b7:35:60:
0f:2b:af:ef:ba:6f:e5:64:22:60:8b:0f:c6:d8:0b:d1:82:78:
0d:86:41:1e:7a:51:95:c3:d9:f1:82:a1:79:9e:ab:35:51:70:
aa:a5:33:ce:1f:ec:b4:d8:22:f4:81:59:90:bc:fc:84:84:0a:
df:02:bd:22:02:e3:38:fd:d5:6b:11:a4:e1:15:9f:cf:26:ca:
ee:e9:8a:1f:f7:7e:b2:ed:42:dc:84:5f:80:87:29:14:75:a4:
a1:33:8a:ce
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZ3DCDeNYj4BWER0uhI22CstMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjYwNDI1MDUwNjI4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODcxNjQyM2ZlMjZiZDJkMmE0ZDM4MjZhZTJhNDk3NTRlYTVhZDEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5KVcOlWlLf4DhRPL36AxAxl29W+m
EPzpxonBGb6kRRWpx/OMlfJyOGR4wgOqUl0bQo+z8MS7njbzM19lGxMdJSEhdnEG
scoptdubF2I4iCSYBlRXLZ40gL0YxqmzdGnLXbRmRrpMzZJ0N9CmW/rkRuduzytx
Zzt6iOZW312vpTqrTPDxs42mDLexMvHnaRzSBt/Jm2VK+Y0qgk+Z+NKGjLLVWJkU
P9xqDnIvFKvs2XrmHMSbPcP5LSulJrzgEY/COECwqY0rNQKiHe9SPBoBGk/NFplx
mK0OwNZ8SWIzUHJ4imOgK+OnfAT7Mr7cnvzjRqyPoUKud6ZPZi3NWOlxFwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJhxZCP+Jr0tKk04Jq4qSXVOpa0QMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvbUhGa0lfNG12UzBxVFRnbXJpcEpkVTZsclJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAl/SEAwQA
l/SzMA0GCSqGSIb3DQEBCwUAA4IBAQAFLp4XbkvTi3iXQDMavtIq7+1TNi+Q4ueR
9d1gFXYgdMoUzsicBy0CJCTwXLmzz9FQA4jx8wHCDAb+oDGY73KNinf6X4WFhkjV
KCSbOzBSagyT4Pf6d5IcdCALop2VAgP9o8QE95Cal8O9NDJc+x2vPjALkR4MQVjP
Ey/1m2pkr3AAtwFNgNzaS5899WdH7k2EOmizEU7Anwn61lLRJ6u3NWAPK6/vum/l
ZCJgiw/G2AvRgngNhkEeelGVw9nxgqF5nqs1UXCqpTPOH+y02CL0gVmQvPyEhArf
Ar0iAuM4/dVrEaThFZ/PJsru6Yof936y7ULchF+AhykUdaShM4rO
-----END CERTIFICATE-----
Generated at Mon Apr 27 13:23:12 2026 by rpki-client