Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/z6OU3iXdtIh1f8eFm8H_Gu14jME.roa
File: z6OU3iXdtIh1f8eFm8H_Gu14jME.roa (raw, json)
Hash identifier: Jqbtl9zsHVs8jg7dhLPfjoVoCMpW8+N8S1Y1DuDUJXA=
Subject key identifier: CF:A3:94:DE:25:DD:B4:88:75:7F:C7:85:9B:C1:FF:1A:ED:78:8C:C1
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019E5FA9B52359351E7D4555DFCCE747D99A
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/z6OU3iXdtIh1f8eFm8H_Gu14jME.roa
Signing time: Mon 25 May 2026 15:03:37 +0000
ROA not before: Mon 25 May 2026 15:03:37 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 211440
IP address blocks: 151.240.113.0/24 maxlen: 24
151.240.117.0/24 maxlen: 24
151.241.0.0/24 maxlen: 24
151.241.143.0/24 maxlen: 24
151.241.147.0/24 maxlen: 24
151.242.78.0/24 maxlen: 24
151.244.1.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 04 Jun 2026 22:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:5f:a9:b5:23:59:35:1e:7d:45:55:df:cc:e7:47:d9:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: May 25 15:03:37 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=cfa394de25ddb488757fc7859bc1ff1aed788cc1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:1c:e6:53:ba:5d:0a:82:da:38:29:f6:c8:54:
dc:69:b7:a1:d5:bd:20:5a:30:88:47:3d:7d:7b:21:
c8:94:21:83:57:c6:06:86:5a:e0:94:96:12:dc:6f:
a7:7d:fb:b5:a3:01:2f:8a:61:36:96:b1:a3:25:04:
00:07:44:63:fe:a3:d2:b3:0f:e1:77:88:e7:0a:fb:
d6:e8:a8:bf:f1:21:3d:02:53:54:c7:8b:55:2a:e4:
81:f2:f5:36:ab:93:6c:a0:aa:81:d1:54:22:99:2d:
c8:e8:71:8e:bf:ce:07:7d:05:b9:f1:7f:6a:62:41:
8b:c9:09:aa:c1:73:fa:4d:94:ac:f2:9d:b4:d4:fe:
99:f3:8f:d6:87:ea:c7:02:9e:ce:8b:41:bd:75:a1:
cd:bd:07:f1:85:3b:a1:21:b4:94:1d:1d:3d:70:f3:
ac:95:5d:a2:80:dc:31:83:b2:da:ee:1e:50:19:34:
1c:2f:88:7e:b5:61:c9:7e:4f:74:a5:7a:f2:81:9a:
ee:94:82:99:63:c6:f2:0e:e2:99:e0:60:f2:82:ae:
17:d4:b2:74:0a:29:fa:c1:72:82:2d:c9:a7:d7:6d:
b4:d6:17:f8:c5:e6:1a:bf:db:36:22:99:4c:64:36:
26:70:93:49:9c:a7:1a:31:9a:bd:4a:39:43:b8:03:
63:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:A3:94:DE:25:DD:B4:88:75:7F:C7:85:9B:C1:FF:1A:ED:78:8C:C1
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/z6OU3iXdtIh1f8eFm8H_Gu14jME.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.240.113.0/24
151.240.117.0/24
151.241.0.0/24
151.241.143.0/24
151.241.147.0/24
151.242.78.0/24
151.244.1.0/24
Signature Algorithm: sha256WithRSAEncryption
53:a1:89:18:a1:3b:f8:59:61:ff:0a:58:e5:02:fa:1d:15:f6:
9b:ef:98:65:cd:55:a4:e0:1c:d9:b7:6a:9a:46:b0:e6:16:11:
2e:57:e2:a8:6c:d1:50:64:49:8a:f0:f5:cc:02:d1:0b:c8:43:
7b:28:66:3a:9f:08:70:75:d7:f0:23:c9:92:e5:ca:74:4a:94:
55:ee:a9:4a:92:97:07:29:d2:98:91:18:06:17:37:98:e2:f4:
a0:af:52:a6:0b:c0:58:be:ca:ab:e9:ab:c8:1b:b5:b4:fc:5e:
8f:32:a1:c4:d4:90:12:2d:42:dc:33:aa:3e:c6:45:0f:78:db:
ce:b8:aa:c0:ed:a5:5b:06:ce:e0:50:8a:0c:fc:b3:2f:04:f6:
75:c7:03:1a:09:fc:3d:6e:ba:2f:b7:b7:07:f1:0b:b1:ca:59:
37:25:e8:dd:c4:e8:79:c2:0d:0d:f1:0c:6f:50:40:45:e0:18:
4c:62:93:13:bf:1a:47:2a:8a:1f:81:b0:b6:44:d8:e0:54:c2:
f9:18:a0:b5:50:b1:9b:ba:de:5b:d5:de:fe:ee:8b:91:f8:f0:
44:ca:1e:ad:b4:01:ff:e8:8c:ee:70:82:62:e5:0f:e7:5b:bd:
78:ed:1f:e1:81:ef:e2:f4:0e:a4:0f:64:ce:c2:43:c1:81:85:
77:65:1b:b7
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZ5fqbUjWTUefUVV38znR9maMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjYwNTI1MTUwMzM3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZmEzOTRkZTI1ZGRiNDg4NzU3ZmM3ODU5YmMxZmYxYWVkNzg4Y2MxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsBzmU7pdCoLaOCn2yFTcabeh1b0g
WjCIRz19eyHIlCGDV8YGhlrglJYS3G+nffu1owEvimE2lrGjJQQAB0Rj/qPSsw/h
d4jnCvvW6Ki/8SE9AlNUx4tVKuSB8vU2q5NsoKqB0VQimS3I6HGOv84HfQW58X9q
YkGLyQmqwXP6TZSs8p201P6Z84/Wh+rHAp7Oi0G9daHNvQfxhTuhIbSUHR09cPOs
lV2igNwxg7La7h5QGTQcL4h+tWHJfk90pXrygZrulIKZY8byDuKZ4GDygq4X1LJ0
Cin6wXKCLcmn12201hf4xeYav9s2IplMZDYmcJNJnKcaMZq9SjlDuANj0QIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFM+jlN4l3bSIdX/HhZvB/xrteIzBMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvejZPVTNpWGR0SWgxZjhlRm04SF9HdTE0ak1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAl/BxAwQA
l/B1AwQAl/EAAwQAl/GPAwQAl/GTAwQAl/JOAwQAl/QBMA0GCSqGSIb3DQEBCwUA
A4IBAQBToYkYoTv4WWH/CljlAvodFfab75hlzVWk4BzZt2qaRrDmFhEuV+KobNFQ
ZEmK8PXMAtELyEN7KGY6nwhwddfwI8mS5cp0SpRV7qlKkpcHKdKYkRgGFzeY4vSg
r1KmC8BYvsqr6avIG7W0/F6PMqHE1JASLULcM6o+xkUPeNvOuKrA7aVbBs7gUIoM
/LMvBPZ1xwMaCfw9brovt7cH8Quxylk3JejdxOh5wg0N8QxvUEBF4BhMYpMTvxpH
KoofgbC2RNjgVML5GKC1ULGbut5b1d7+7ouR+PBEyh6ttAH/6IzucIJi5Q/nW714
7R/hge/i9A6kD2TOwkPBgYV3ZRu3
-----END CERTIFICATE-----
Generated at Thu Jun 4 07:56:40 2026 by rpki-client