Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/qy4pgaiyy5Vha3IEh3y1w1FdB9o.roa
File: qy4pgaiyy5Vha3IEh3y1w1FdB9o.roa (raw, json)
Hash identifier: tSJuvzuU1mGw1vxeAlL8qvra2ZneWHsuZa/RB4pEHk0=
Subject key identifier: AB:2E:29:81:A8:B2:CB:95:61:6B:72:04:87:7C:B5:C3:51:5D:07:DA
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019CAE10A6B06C6412B3C8991546A24320B1
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/qy4pgaiyy5Vha3IEh3y1w1FdB9o.roa
Signing time: Mon 02 Mar 2026 10:20:52 +0000
ROA not before: Mon 02 Mar 2026 10:20:52 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 3320
IP address blocks: 151.242.93.0/24 maxlen: 24
151.242.94.0/24 maxlen: 24
151.242.98.0/24 maxlen: 24
151.242.100.0/24 maxlen: 24
151.242.107.0/24 maxlen: 24
151.242.109.0/24 maxlen: 24
151.242.113.0/24 maxlen: 24
151.242.115.0/24 maxlen: 24
151.242.196.0/22 maxlen: 22
151.245.128.0/24 maxlen: 24
151.245.129.0/24 maxlen: 24
151.245.130.0/24 maxlen: 24
151.245.131.0/24 maxlen: 24
151.247.24.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 05 Mar 2026 07:18:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ae:10:a6:b0:6c:64:12:b3:c8:99:15:46:a2:43:20:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Mar 2 10:20:52 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=ab2e2981a8b2cb95616b7204877cb5c3515d07da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:d0:a0:15:f6:37:ff:4e:1e:8b:a8:71:5e:3a:
b8:bb:ee:f7:19:9e:39:89:06:2b:e4:72:63:17:99:
6e:3d:e3:72:75:20:70:9d:57:07:c7:24:fd:06:bf:
9e:97:15:f5:08:ab:61:9d:fe:82:b6:f1:cb:e6:ce:
59:6e:98:64:19:e1:de:6d:7f:ac:2d:a1:2a:90:18:
47:12:81:4c:68:05:dd:56:5f:8b:f0:a7:69:a4:af:
95:66:88:ab:4e:f8:39:89:c4:b9:1a:9c:e1:95:83:
e9:59:ec:44:fe:c2:bb:25:42:15:2d:48:50:e0:33:
36:d9:0b:79:93:ec:4c:36:1d:9e:f5:bf:ee:a9:95:
7d:13:7e:2b:7e:33:84:3f:e0:0f:15:e0:d7:55:ee:
43:a6:d0:41:00:d2:66:c6:d5:59:43:32:8a:f3:6d:
f4:50:79:fb:ec:6e:f3:d7:17:b3:aa:cd:5b:18:aa:
e4:2d:07:b4:21:5d:09:04:be:0d:e3:6d:f7:d8:cf:
4e:81:8a:6b:a2:da:a1:cd:54:4d:81:d3:65:f4:0c:
f8:9a:0b:2e:60:95:89:78:fe:43:92:a7:ca:2f:4d:
74:8a:32:dd:2c:1b:7f:ba:f5:c8:26:64:6b:d9:6a:
b9:2d:8d:1e:0c:29:c9:55:95:54:ca:d1:e7:e4:42:
03:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:2E:29:81:A8:B2:CB:95:61:6B:72:04:87:7C:B5:C3:51:5D:07:DA
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/qy4pgaiyy5Vha3IEh3y1w1FdB9o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.242.93.0-151.242.94.255
151.242.98.0/24
151.242.100.0/24
151.242.107.0/24
151.242.109.0/24
151.242.113.0/24
151.242.115.0/24
151.242.196.0/22
151.245.128.0/22
151.247.24.0/24
Signature Algorithm: sha256WithRSAEncryption
a3:c8:35:e8:b0:22:23:79:6e:41:53:e1:5b:39:3e:5f:31:88:
5c:9c:86:20:b1:31:69:97:ea:f4:e6:83:ec:31:d9:c9:2b:71:
0b:6b:d3:79:23:60:70:1c:93:5b:38:b4:4e:6c:cf:f2:f8:a2:
cb:ee:8a:80:ce:26:53:72:9f:62:60:af:3d:99:b4:cc:35:a3:
f9:f4:c3:98:98:f7:9d:0d:6f:87:7f:ac:6f:70:02:16:16:96:
de:05:a2:3e:79:36:c5:d2:23:76:8e:e0:ec:e9:34:db:9b:50:
ef:6b:9d:05:d7:6b:e2:56:30:06:ea:9d:e6:e6:d5:62:db:61:
13:8a:0b:f1:66:2a:88:ea:e0:c6:c9:45:51:f7:0c:a5:b2:5b:
0d:ff:04:ac:7c:bc:ad:90:38:a0:48:d6:52:de:a6:46:04:45:
e4:a7:2c:10:37:93:97:d7:7c:b0:5e:7c:31:9d:b2:a7:b0:db:
91:df:3d:3d:c1:9b:fc:3b:a5:58:32:8e:ec:15:59:cd:55:65:
59:b4:58:37:ef:26:33:b7:7a:81:c2:cc:53:f3:30:fb:f1:2e:
ee:f3:11:9f:d5:8c:ac:9b:a5:5c:b7:5d:bb:b9:6b:bc:21:8e:
77:2f:fc:f8:fc:65:8d:1c:04:6e:18:81:60:90:c1:48:54:3f:
3c:0c:fa:f1
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAZyuEKawbGQSs8iZFUaiQyCxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjYwMzAyMTAyMDUyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjJlMjk4MWE4YjJjYjk1NjE2YjcyMDQ4NzdjYjVjMzUxNWQwN2RhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9NCgFfY3/04ei6hxXjq4u+73GZ45
iQYr5HJjF5luPeNydSBwnVcHxyT9Br+elxX1CKthnf6CtvHL5s5ZbphkGeHebX+s
LaEqkBhHEoFMaAXdVl+L8KdppK+VZoirTvg5icS5GpzhlYPpWexE/sK7JUIVLUhQ
4DM22Qt5k+xMNh2e9b/uqZV9E34rfjOEP+APFeDXVe5DptBBANJmxtVZQzKK8230
UHn77G7z1xezqs1bGKrkLQe0IV0JBL4N42332M9OgYprotqhzVRNgdNl9Az4mgsu
YJWJeP5DkqfKL010ijLdLBt/uvXIJmRr2Wq5LY0eDCnJVZVUytHn5EIDpQIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFKsuKYGossuVYWtyBId8tcNRXQfaMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvcXk0cGdhaXl5NVZoYTNJRWgzeTF3MUZkQjlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDBKBAIAATBEMAwDBACX8l0D
BACX8l4DBACX8mIDBACX8mQDBACX8msDBACX8m0DBACX8nEDBACX8nMDBAKX8sQD
BAKX9YADBACX9xgwDQYJKoZIhvcNAQELBQADggEBAKPINeiwIiN5bkFT4Vs5Pl8x
iFychiCxMWmX6vTmg+wx2ckrcQtr03kjYHAck1s4tE5sz/L4osvuioDOJlNyn2Jg
rz2ZtMw1o/n0w5iY950Nb4d/rG9wAhYWlt4Foj55NsXSI3aO4OzpNNubUO9rnQXX
a+JWMAbqnebm1WLbYROKC/FmKojq4MbJRVH3DKWyWw3/BKx8vK2QOKBI1lLepkYE
ReSnLBA3k5fXfLBefDGdsqew25HfPT3Bm/w7pVgyjuwVWc1VZVm0WDfvJjO3eoHC
zFPzMPvxLu7zEZ/VjKybpVy3Xbu5a7whjncv/Pj8ZY0cBG4YgWCQwUhUPzwM+vE=
-----END CERTIFICATE-----
Generated at Wed Mar 4 16:03:44 2026 by rpki-client