Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/oqOEYL6JjLW4xs1C79TD_GfhdRI.roa
File: oqOEYL6JjLW4xs1C79TD_GfhdRI.roa (raw, json)
Hash identifier: Hcl18TUNH79wwezf87+Qned+2SYUXId+S5OFvSkGMLs=
Subject key identifier: A2:A3:84:60:BE:89:8C:B5:B8:C6:CD:42:EF:D4:C3:FC:67:E1:75:12
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019DAC5F6D3515305D6E3F575CA552DA0F63
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/oqOEYL6JjLW4xs1C79TD_GfhdRI.roa
Signing time: Mon 20 Apr 2026 19:30:28 +0000
ROA not before: Mon 20 Apr 2026 19:30:28 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 36530
IP address blocks: 151.241.128.0/22 maxlen: 24
151.245.90.0/24 maxlen: 24
151.245.108.0/24 maxlen: 24
151.246.184.0/24 maxlen: 24
151.247.162.0/24 maxlen: 24
151.247.244.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 Apr 2026 14:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:ac:5f:6d:35:15:30:5d:6e:3f:57:5c:a5:52:da:0f:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Apr 20 19:30:28 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=a2a38460be898cb5b8c6cd42efd4c3fc67e17512
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:98:6a:e6:bb:ec:9c:4b:f6:8e:db:40:27:d8:
e3:e3:42:fa:74:c8:a7:86:bd:05:57:cd:66:5d:5f:
83:64:85:15:3b:86:0d:70:d8:31:c7:20:47:ba:87:
ff:71:96:ff:54:ce:69:28:43:df:c8:3a:42:6c:2b:
03:4f:57:a0:f8:48:5e:11:f5:16:3f:2c:ca:56:00:
ae:00:fe:ba:7f:f4:b3:92:73:a4:d6:f8:a5:6b:39:
db:80:23:66:22:3b:96:a1:93:46:9e:b1:35:76:73:
23:c3:3d:d7:19:5a:4a:32:44:20:ff:c2:62:b2:d2:
d7:bb:12:7e:0a:7d:7e:91:8a:72:07:72:19:11:5d:
87:1a:a0:09:c1:a9:18:6c:33:50:e1:45:e2:62:af:
fc:2a:9c:e9:fc:eb:43:7a:cd:fc:34:04:60:5b:22:
6b:31:f3:b9:fc:76:7a:48:1d:64:a8:3b:39:3a:90:
f3:5f:ed:88:7f:b8:a0:6f:29:45:b9:48:3e:c9:ad:
38:85:7f:96:ad:df:79:01:5f:fd:3c:50:4b:4b:0c:
b5:53:83:b8:37:7c:29:ed:5f:a3:a6:9a:90:f5:1d:
97:38:fe:db:9f:c2:63:08:9a:07:a3:2c:db:7a:c1:
8c:c3:cf:fb:ab:3c:58:04:47:f9:57:dd:07:ff:3a:
87:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:A3:84:60:BE:89:8C:B5:B8:C6:CD:42:EF:D4:C3:FC:67:E1:75:12
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/oqOEYL6JjLW4xs1C79TD_GfhdRI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.241.128.0/22
151.245.90.0/24
151.245.108.0/24
151.246.184.0/24
151.247.162.0/24
151.247.244.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:60:64:a8:51:6d:5f:aa:1e:e3:ca:5b:04:fe:79:8e:21:e5:
32:6c:49:e6:6e:f1:90:2a:2e:a1:ee:36:d6:c5:f3:60:f1:41:
c7:c2:40:45:d0:a5:11:05:a3:f2:8d:02:9a:f1:fc:17:9c:81:
eb:04:70:e2:13:4d:f8:c9:1e:1d:6f:f1:22:2e:98:fc:e0:fc:
05:9a:f2:77:81:f2:ce:cf:2e:c1:43:4a:8f:95:ab:7e:bf:26:
e8:0c:74:7b:4e:3a:09:74:ac:ab:51:1f:be:a4:98:45:09:12:
1e:42:8c:7f:87:6e:70:95:47:2f:8e:9f:5c:ad:ea:18:a2:41:
18:cf:4f:88:56:30:d0:6c:b0:0d:7f:96:c3:ce:cb:f8:10:45:
92:0d:f5:a6:b9:56:8b:90:04:52:20:09:e1:37:53:d7:55:83:
8d:37:67:32:6a:6b:f7:cd:8b:28:c7:e6:69:ca:9f:2f:44:fa:
b4:4a:b2:dc:84:98:e6:96:48:7b:86:76:13:45:3b:cb:7b:4b:
33:5d:b1:66:90:a5:8b:7b:6c:18:ad:2d:04:e3:ba:90:80:b0:
61:7a:55:82:d2:a6:55:d4:00:40:6c:c7:d6:60:27:d7:51:98:
b7:dd:cf:5a:2f:00:c7:d2:24:22:1a:11:ff:a3:9e:7c:5f:e2:
16:7f:4a:4c
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZ2sX201FTBdbj9XXKVS2g9jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjYwNDIwMTkzMDI4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMmEzODQ2MGJlODk4Y2I1YjhjNmNkNDJlZmQ0YzNmYzY3ZTE3NTEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy5hq5rvsnEv2jttAJ9jj40L6dMin
hr0FV81mXV+DZIUVO4YNcNgxxyBHuof/cZb/VM5pKEPfyDpCbCsDT1eg+EheEfUW
PyzKVgCuAP66f/SzknOk1vilaznbgCNmIjuWoZNGnrE1dnMjwz3XGVpKMkQg/8Ji
stLXuxJ+Cn1+kYpyB3IZEV2HGqAJwakYbDNQ4UXiYq/8Kpzp/OtDes38NARgWyJr
MfO5/HZ6SB1kqDs5OpDzX+2If7igbylFuUg+ya04hX+Wrd95AV/9PFBLSwy1U4O4
N3wp7V+jppqQ9R2XOP7bn8JjCJoHoyzbesGMw8/7qzxYBEf5V90H/zqH5QIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFKKjhGC+iYy1uMbNQu/Uw/xn4XUSMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvb3FPRVlMNkpqTFc0eHMxQzc5VERfR2ZoZFJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCl/GAAwQA
l/VaAwQAl/VsAwQAl/a4AwQAl/eiAwQAl/f0MA0GCSqGSIb3DQEBCwUAA4IBAQBK
YGSoUW1fqh7jylsE/nmOIeUybEnmbvGQKi6h7jbWxfNg8UHHwkBF0KURBaPyjQKa
8fwXnIHrBHDiE034yR4db/EiLpj84PwFmvJ3gfLOzy7BQ0qPlat+vyboDHR7TjoJ
dKyrUR++pJhFCRIeQox/h25wlUcvjp9creoYokEYz0+IVjDQbLANf5bDzsv4EEWS
DfWmuVaLkARSIAnhN1PXVYONN2cyamv3zYsox+Zpyp8vRPq0SrLchJjmlkh7hnYT
RTvLe0szXbFmkKWLe2wYrS0E47qQgLBhelWC0qZV1ABAbMfWYCfXUZi33c9aLwDH
0iQiGhH/o558X+IWf0pM
-----END CERTIFICATE-----
Generated at Tue Apr 21 16:49:56 2026 by rpki-client