Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/1-YxIXg7HhNjwA8BGsQKlOZ0RMNE.roa
File: 1-YxIXg7HhNjwA8BGsQKlOZ0RMNE.roa (raw, json)
Hash identifier: xJtONGgPfHdXhnFqv96jLbqMx2qcV0Byrk9pm1qbP9s=
Subject key identifier: F9:8C:48:5E:0E:C7:84:D8:F0:03:C0:46:B1:02:A5:39:9D:11:30:D1
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019DD23120CC7415BD618E15D3AA8E3A46BB
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/1-YxIXg7HhNjwA8BGsQKlOZ0RMNE.roa
Signing time: Tue 28 Apr 2026 03:45:28 +0000
ROA not before: Tue 28 Apr 2026 03:45:28 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 213784
IP address blocks: 151.246.44.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 14 May 2026 02:01:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:d2:31:20:cc:74:15:bd:61:8e:15:d3:aa:8e:3a:46:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Apr 28 03:45:28 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=f98c485e0ec784d8f003c046b102a5399d1130d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:b8:c3:91:03:e8:14:6d:32:ec:0d:c4:be:c0:
88:83:5a:9e:7c:02:8d:ff:e1:14:65:c5:20:45:70:
21:fb:97:a6:10:13:dc:27:9e:29:24:89:0f:ef:df:
d5:9f:c8:c1:60:41:5f:35:aa:30:d4:f2:0f:29:3c:
83:4a:fe:c3:53:6d:89:c0:e9:a2:10:02:6a:1f:e6:
b9:78:97:fd:91:bb:94:8c:af:8f:62:79:13:e6:92:
a8:1b:07:08:b4:09:37:07:fd:1b:9a:98:a0:5e:a2:
f7:da:d6:24:92:50:3e:ed:4b:1b:c4:4a:79:14:ef:
66:6e:eb:cc:aa:fc:00:4c:ac:9c:ba:7e:27:98:67:
36:09:d6:b6:e5:20:8f:05:bd:b9:6c:e7:32:53:37:
5e:ce:ac:51:8c:cd:c5:49:81:58:8f:ef:a2:21:07:
8c:fd:39:08:a9:e4:01:46:0e:3a:1e:ae:e8:78:93:
51:71:c3:17:88:87:09:bb:1a:f3:58:3b:34:8d:4b:
76:11:db:37:e0:24:7a:2d:57:a7:56:9f:41:5f:19:
6c:e7:b6:cd:27:29:e7:a6:3f:cf:28:e9:3d:8f:e5:
ca:f3:92:a8:4d:84:8c:f7:97:00:29:35:91:f5:90:
57:d4:4d:28:7f:13:8f:72:ec:2c:46:b2:00:5a:3a:
b9:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:8C:48:5E:0E:C7:84:D8:F0:03:C0:46:B1:02:A5:39:9D:11:30:D1
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/1-YxIXg7HhNjwA8BGsQKlOZ0RMNE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.246.44.0/22
Signature Algorithm: sha256WithRSAEncryption
b4:a5:3a:2c:43:63:ae:2b:bd:9f:76:94:0b:d0:8e:09:fe:1e:
1f:5e:8f:9d:db:3c:0e:4e:1f:5d:b9:06:4e:60:b2:2e:fd:94:
f2:a2:27:e1:29:89:2b:1c:a2:46:c0:3d:10:a5:29:62:32:57:
c7:14:4d:b1:ca:78:16:b0:0d:40:e1:17:82:cf:23:95:ff:dd:
11:8b:3e:fd:04:f5:22:2c:cb:d3:c7:d5:ed:a5:ea:39:7b:03:
81:b7:7e:e8:7a:81:21:eb:2a:29:20:b2:ac:b4:13:79:f3:77:
57:df:6a:ee:69:29:84:1b:e6:30:57:9d:da:85:5f:4a:d5:1b:
26:fa:3e:a6:7c:bc:49:be:8d:5d:da:bc:54:76:b3:2d:5c:f5:
49:51:86:d3:60:94:69:49:33:20:ba:4e:ec:94:b1:3c:6d:93:
de:e6:90:97:53:04:8f:3d:60:4d:19:b5:c6:2b:4c:c9:ba:26:
5c:c5:85:46:56:da:95:c6:51:88:ab:73:05:67:35:53:63:49:
10:51:a1:ec:b1:01:27:c5:37:b6:24:87:8a:3c:a4:b5:ef:93:
7f:9d:f2:06:72:9a:1e:f7:b4:7d:96:bd:ab:1d:cd:d1:0f:8b:
01:11:55:8c:5d:1c:69:ea:d1:e5:65:19:d5:ec:ab:78:c9:e1:
ab:87:43:a9
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZ3SMSDMdBW9YY4V06qOOka7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjYwNDI4MDM0NTI4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOThjNDg1ZTBlYzc4NGQ4ZjAwM2MwNDZiMTAyYTUzOTlkMTEzMGQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoLjDkQPoFG0y7A3EvsCIg1qefAKN
/+EUZcUgRXAh+5emEBPcJ54pJIkP79/Vn8jBYEFfNaow1PIPKTyDSv7DU22JwOmi
EAJqH+a5eJf9kbuUjK+PYnkT5pKoGwcItAk3B/0bmpigXqL32tYkklA+7UsbxEp5
FO9mbuvMqvwATKycun4nmGc2Cda25SCPBb25bOcyUzdezqxRjM3FSYFYj++iIQeM
/TkIqeQBRg46Hq7oeJNRccMXiIcJuxrzWDs0jUt2Eds34CR6LVenVp9BXxls57bN
Jynnpj/PKOk9j+XK85KoTYSM95cAKTWR9ZBX1E0ofxOPcuwsRrIAWjq5SQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPmMSF4Ox4TY8APARrECpTmdETDRMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvMS1ZeElYZzdIaE5qd0E4QkdzUUtsT1owUk1ORS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOGUvZjQzYjFkLTllNTAtNDU1MS1hZTZhLTE3YjlkZTE0MTI1
Mi8xL3htSm05R2I3SkppamxGbXpOUzJpVVZHbHBNQS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEApf2LDAN
BgkqhkiG9w0BAQsFAAOCAQEAtKU6LENjriu9n3aUC9COCf4eH16Pnds8Dk4fXbkG
TmCyLv2U8qIn4SmJKxyiRsA9EKUpYjJXxxRNscp4FrANQOEXgs8jlf/dEYs+/QT1
IizL08fV7aXqOXsDgbd+6HqBIesqKSCyrLQTefN3V99q7mkphBvmMFed2oVfStUb
Jvo+pny8Sb6NXdq8VHazLVz1SVGG02CUaUkzILpO7JSxPG2T3uaQl1MEjz1gTRm1
xitMybomXMWFRlbalcZRiKtzBWc1U2NJEFGh7LEBJ8U3tiSHijykte+Tf53yBnKa
Hve0fZa9qx3N0Q+LARFVjF0caerR5WUZ1eyreMnhq4dDqQ==
-----END CERTIFICATE-----
Generated at Wed May 13 12:01:46 2026 by rpki-client