Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/mj82DBsAytWQAR0biUZxrPXF_NY.roa
File: mj82DBsAytWQAR0biUZxrPXF_NY.roa (raw, json)
Hash identifier: hqlBKMVxIFgdLC+LT3VG4HHh6VfmEp/Ok5pHAgpBQug=
Subject key identifier: 9A:3F:36:0C:1B:00:CA:D5:90:01:1D:1B:89:46:71:AC:F5:C5:FC:D6
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019E70061A1A9D70811C6F808F02D5BBDF2D
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/mj82DBsAytWQAR0biUZxrPXF_NY.roa
Signing time: Thu 28 May 2026 19:18:28 +0000
ROA not before: Thu 28 May 2026 19:18:28 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 197537
IP address blocks: 151.242.112.0/24 maxlen: 24
151.242.236.0/22 maxlen: 24
151.244.3.0/24 maxlen: 24
151.246.130.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 03 Jun 2026 15:55:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:70:06:1a:1a:9d:70:81:1c:6f:80:8f:02:d5:bb:df:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: May 28 19:18:28 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=9a3f360c1b00cad590011d1b894671acf5c5fcd6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:0f:3f:4c:0c:97:f3:23:04:d9:c7:84:c5:90:
1b:fd:ca:f5:8f:77:c3:62:6c:48:2b:ae:00:72:3a:
7a:b3:60:b0:64:81:3f:8f:d5:a8:40:58:09:64:dd:
b4:cb:a9:76:71:9c:dc:52:6a:3a:1d:e7:e5:7b:d4:
fa:41:72:cd:6d:45:04:48:aa:48:3d:ff:97:bc:75:
b0:4a:fb:28:63:68:b0:14:25:5c:d2:a8:5a:9b:6b:
f6:d4:94:37:b7:22:25:ac:93:6f:8f:e3:ea:2f:60:
09:da:ba:3f:f1:31:89:08:f7:0f:61:e1:0a:15:18:
b9:23:55:36:31:72:62:4b:88:d9:76:0c:c3:0b:7f:
0d:c0:b4:67:af:ca:9f:bc:cd:9f:6d:5f:dc:9d:71:
c9:b4:e2:03:ec:3a:ca:71:ae:8a:ba:f4:f8:c8:7b:
4e:75:c1:a7:48:06:26:5d:bd:2f:40:df:98:77:36:
f1:c8:d1:89:4e:b7:17:bd:ef:69:38:8e:b6:2e:10:
3f:f6:45:2f:8b:e0:86:0b:0a:0c:af:39:5e:f2:5b:
b4:a3:f8:48:02:42:1d:89:16:21:c8:c8:9f:ba:de:
46:a8:c9:9b:e3:42:b6:e1:07:ed:10:6e:33:e8:2d:
6b:8b:8b:f4:5b:0a:b3:20:20:ca:b5:24:4f:be:17:
54:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:3F:36:0C:1B:00:CA:D5:90:01:1D:1B:89:46:71:AC:F5:C5:FC:D6
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/mj82DBsAytWQAR0biUZxrPXF_NY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.242.112.0/24
151.242.236.0/22
151.244.3.0/24
151.246.130.0/24
Signature Algorithm: sha256WithRSAEncryption
b6:5f:14:45:96:0f:54:8c:7f:5e:60:7c:5e:f7:c4:26:ea:34:
a1:c3:7b:17:0a:24:4c:d4:44:dd:54:34:2e:da:57:6c:17:f1:
ae:74:05:fa:b6:92:ef:9a:5f:d6:38:7c:7b:71:33:51:ad:5e:
d2:ce:9c:5c:9d:db:a4:69:d7:0b:15:eb:07:d5:73:33:ce:1f:
c9:c3:82:4f:22:75:74:d2:3a:68:2d:bd:a4:8b:25:df:51:02:
18:db:1c:83:f9:25:2f:b2:b3:0c:17:0e:12:07:80:fd:98:7b:
f8:82:43:89:70:63:bf:5b:ed:c0:de:99:ed:de:1f:35:05:7a:
d6:b1:a3:9d:d1:a2:9b:31:d9:0f:c3:57:02:ab:e9:22:05:2b:
3e:cd:35:bd:a6:e4:72:a8:21:f3:62:92:b5:bf:e6:52:c1:a8:
4f:75:eb:5a:28:84:d6:c8:7e:bb:4d:48:a1:24:9a:d4:9d:e6:
ac:52:cd:21:6a:a1:26:36:70:8e:a5:d2:1a:dc:01:5e:f1:08:
f5:2a:10:fa:11:51:c5:d0:e9:5e:1d:bb:ea:a1:8d:81:61:d9:
6d:e9:ac:23:16:74:8b:1c:d2:0f:8c:8f:f7:05:f9:21:34:89:
ac:9a:7c:b4:36:32:0f:ac:b1:d6:60:87:80:72:f8:b6:5b:f9:
a9:6d:2d:50
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZ5wBhoanXCBHG+AjwLVu98tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjYwNTI4MTkxODI4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTNmMzYwYzFiMDBjYWQ1OTAwMTFkMWI4OTQ2NzFhY2Y1YzVmY2Q2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqQ8/TAyX8yME2ceExZAb/cr1j3fD
YmxIK64Acjp6s2CwZIE/j9WoQFgJZN20y6l2cZzcUmo6Hefle9T6QXLNbUUESKpI
Pf+XvHWwSvsoY2iwFCVc0qham2v21JQ3tyIlrJNvj+PqL2AJ2ro/8TGJCPcPYeEK
FRi5I1U2MXJiS4jZdgzDC38NwLRnr8qfvM2fbV/cnXHJtOID7DrKca6KuvT4yHtO
dcGnSAYmXb0vQN+YdzbxyNGJTrcXve9pOI62LhA/9kUvi+CGCwoMrzle8lu0o/hI
AkIdiRYhyMifut5GqMmb40K24QftEG4z6C1ri4v0WwqzICDKtSRPvhdUYQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJo/NgwbAMrVkAEdG4lGcaz1xfzWMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvbWo4MkRCc0F5dFdRQVIwYmlVWnhyUFhGX05ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAl/JwAwQC
l/LsAwQAl/QDAwQAl/aCMA0GCSqGSIb3DQEBCwUAA4IBAQC2XxRFlg9UjH9eYHxe
98Qm6jShw3sXCiRM1ETdVDQu2ldsF/GudAX6tpLvml/WOHx7cTNRrV7Szpxcnduk
adcLFesH1XMzzh/Jw4JPInV00jpoLb2kiyXfUQIY2xyD+SUvsrMMFw4SB4D9mHv4
gkOJcGO/W+3A3pnt3h81BXrWsaOd0aKbMdkPw1cCq+kiBSs+zTW9puRyqCHzYpK1
v+ZSwahPdetaKITWyH67TUihJJrUneasUs0haqEmNnCOpdIa3AFe8Qj1KhD6EVHF
0OleHbvqoY2BYdlt6awjFnSLHNIPjI/3BfkhNImsmny0NjIPrLHWYIeAcvi2W/mp
bS1Q
-----END CERTIFICATE-----
Generated at Tue Jun 2 21:25:04 2026 by rpki-client