Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/w6j_CfYs_erqqKPJPU8YOJrBVUo.roa
File: w6j_CfYs_erqqKPJPU8YOJrBVUo.roa (raw, json)
Hash identifier: 2WbaU72j9Ha9fy6LMrsM6orcFETvWFEMtEut5EQmVqg=
Subject key identifier: C3:A8:FF:09:F6:2C:FD:EA:EA:A8:A3:C9:3D:4F:18:38:9A:C1:55:4A
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019CAE10A8D3E1C945360A11148BB49B7474
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/w6j_CfYs_erqqKPJPU8YOJrBVUo.roa
Signing time: Mon 02 Mar 2026 10:20:53 +0000
ROA not before: Mon 02 Mar 2026 10:20:53 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 137517
IP address blocks: 151.240.120.0/24 maxlen: 24
151.241.20.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 05 Mar 2026 07:18:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ae:10:a8:d3:e1:c9:45:36:0a:11:14:8b:b4:9b:74:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Mar 2 10:20:53 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=c3a8ff09f62cfdeaeaa8a3c93d4f18389ac1554a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:50:ba:6d:8b:1f:4d:90:69:f3:0c:cb:fe:f9:
22:51:fe:96:63:81:30:e0:04:1f:37:dc:4d:de:94:
5b:73:52:fb:97:93:9f:dc:91:ae:b0:8a:95:5f:c3:
87:8a:79:7c:da:9f:06:65:2d:46:3c:96:03:b6:ec:
db:20:04:9c:82:20:f2:bd:5c:b6:95:b9:2c:e2:c4:
05:04:ed:55:bf:7d:da:87:47:e2:70:2c:9d:ae:cd:
58:c0:20:bf:69:01:87:08:a6:c6:e7:44:3d:c0:f4:
10:c8:c9:bf:37:c0:8a:73:0b:ae:5f:49:f1:4b:82:
78:d2:b0:90:1b:1d:88:cc:18:45:6c:83:1f:27:8c:
fc:3f:54:32:ae:64:f1:56:db:d9:7c:c5:71:c8:ee:
51:f9:fe:8a:ee:0d:75:2f:00:aa:f9:da:1c:15:9d:
c8:56:58:0d:97:7f:53:06:b2:81:21:49:15:b3:d3:
fb:99:f3:14:0c:4e:64:e3:14:fb:59:4d:9b:53:c5:
e0:ca:16:e5:e5:c6:e2:06:0a:0c:c2:87:e7:90:88:
ff:36:0c:16:f4:e4:64:20:c8:ec:36:82:e3:64:78:
6c:5d:d6:cb:2d:c6:4c:5b:d0:09:be:41:f0:1f:ed:
0e:1f:ba:e8:d6:8d:fb:aa:96:3b:51:ec:24:72:d3:
93:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:A8:FF:09:F6:2C:FD:EA:EA:A8:A3:C9:3D:4F:18:38:9A:C1:55:4A
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/w6j_CfYs_erqqKPJPU8YOJrBVUo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.240.120.0/24
151.241.20.0/24
Signature Algorithm: sha256WithRSAEncryption
52:58:3c:21:8c:72:d2:67:d8:ec:cd:21:36:5a:3c:0f:6c:1e:
e9:d5:70:c9:d6:96:f7:06:33:5b:4b:db:f1:20:eb:a1:ca:47:
4d:f9:3d:49:c1:8c:8a:e4:4b:64:54:bd:4d:40:09:45:71:14:
f4:8e:29:62:a8:0c:17:f8:70:76:2e:60:0f:1c:1c:86:b0:f1:
88:15:55:0f:57:1a:82:2b:a3:cf:15:f4:79:c7:df:6a:8d:bb:
6d:9f:d4:75:35:4f:d7:99:af:4c:04:78:81:38:a4:c3:8c:50:
c2:5d:99:0a:04:62:45:a1:97:3e:e4:76:8f:3d:fc:04:d3:80:
a0:26:2f:77:f8:bb:49:74:83:48:74:db:03:d0:e8:b8:04:fb:
9f:dd:02:27:80:68:5a:b3:66:fd:10:31:d4:6f:31:34:97:5f:
90:20:85:65:11:c7:7a:cb:7a:c5:8b:a2:33:c1:20:92:66:ce:
31:80:87:c8:99:9b:35:b0:46:84:a9:87:4e:41:fd:15:74:a7:
75:63:42:29:25:87:2b:0d:35:dc:dd:dd:16:00:40:13:8b:da:
eb:43:75:d4:2c:63:b4:48:65:06:ef:d9:4c:8e:3f:b7:f9:2f:
1e:fe:23:44:5b:6a:2d:a1:30:cd:b2:e1:fd:14:42:68:c7:e4:
50:db:b1:df
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZyuEKjT4clFNgoRFIu0m3R0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjYwMzAyMTAyMDUzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjM2E4ZmYwOWY2MmNmZGVhZWFhOGEzYzkzZDRmMTgzODlhYzE1NTRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtFC6bYsfTZBp8wzL/vkiUf6WY4Ew
4AQfN9xN3pRbc1L7l5Of3JGusIqVX8OHinl82p8GZS1GPJYDtuzbIAScgiDyvVy2
lbks4sQFBO1Vv33ah0ficCydrs1YwCC/aQGHCKbG50Q9wPQQyMm/N8CKcwuuX0nx
S4J40rCQGx2IzBhFbIMfJ4z8P1QyrmTxVtvZfMVxyO5R+f6K7g11LwCq+docFZ3I
VlgNl39TBrKBIUkVs9P7mfMUDE5k4xT7WU2bU8Xgyhbl5cbiBgoMwofnkIj/NgwW
9ORkIMjsNoLjZHhsXdbLLcZMW9AJvkHwH+0OH7ro1o37qpY7UewkctOTFwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMOo/wn2LP3q6qijyT1PGDiawVVKMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvdzZqX0NmWXNfZXJxcUtQSlBVOFlPSnJCVlVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAl/B4AwQA
l/EUMA0GCSqGSIb3DQEBCwUAA4IBAQBSWDwhjHLSZ9jszSE2WjwPbB7p1XDJ1pb3
BjNbS9vxIOuhykdN+T1JwYyK5EtkVL1NQAlFcRT0jiliqAwX+HB2LmAPHByGsPGI
FVUPVxqCK6PPFfR5x99qjbttn9R1NU/Xma9MBHiBOKTDjFDCXZkKBGJFoZc+5HaP
PfwE04CgJi93+LtJdINIdNsD0Oi4BPuf3QIngGhas2b9EDHUbzE0l1+QIIVlEcd6
y3rFi6IzwSCSZs4xgIfImZs1sEaEqYdOQf0VdKd1Y0IpJYcrDTXc3d0WAEATi9rr
Q3XULGO0SGUG79lMjj+3+S8e/iNEW2otoTDNsuH9FEJox+RQ27Hf
-----END CERTIFICATE-----
Generated at Wed Mar 4 16:03:43 2026 by rpki-client