Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/91WVZqUPcE380XaMevVSD4o6JJA.roa
File: 91WVZqUPcE380XaMevVSD4o6JJA.roa (raw, json)
Hash identifier: g9XoQlMfGzkf82ipcLUpxrNH076PQL8miUfnMqEjnu8=
Subject key identifier: F7:55:95:66:A5:0F:70:4D:FC:D1:76:8C:7A:F5:52:0F:8A:3A:24:90
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019CD759CD84AB8B164B05383706260F44D7
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/91WVZqUPcE380XaMevVSD4o6JJA.roa
Signing time: Tue 10 Mar 2026 10:45:12 +0000
ROA not before: Tue 10 Mar 2026 10:45:12 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 50338
IP address blocks: 151.243.10.0/24 maxlen: 24
151.243.136.0/24 maxlen: 24
151.243.146.0/24 maxlen: 24
151.247.36.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:d7:59:cd:84:ab:8b:16:4b:05:38:37:06:26:0f:44:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Mar 10 10:45:12 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=f7559566a50f704dfcd1768c7af5520f8a3a2490
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:b7:cf:af:fb:1e:01:3d:ed:27:23:13:8e:bd:
1a:a3:e9:32:39:1c:3e:9c:e8:b8:e3:44:dd:23:80:
1b:44:94:0f:e7:e4:ee:ee:85:0f:3d:a0:c7:5c:fa:
a9:59:e0:b0:7d:ca:96:cd:91:ad:f3:ce:84:b5:c8:
18:4b:93:f4:d9:76:0b:20:5a:f1:22:8b:dd:5a:f1:
db:7c:e5:65:e4:0e:65:a4:db:05:85:a0:5d:bd:db:
8e:5f:54:f0:a5:67:25:d9:61:3c:b6:24:c7:11:65:
fa:54:bf:ba:e1:ce:d8:c6:9a:ae:29:5c:ad:4f:68:
46:c0:af:25:bf:1a:90:34:16:da:44:df:09:3f:46:
88:d7:38:f5:a8:cb:ca:3b:d5:c3:94:5a:e2:78:0e:
fa:66:97:05:eb:ad:80:97:d7:9c:0a:05:ac:67:2f:
19:d9:a2:96:8c:d3:72:c9:28:1b:6b:06:12:ff:91:
48:36:11:69:b6:b4:11:87:ba:c4:d0:2e:3f:0e:ea:
42:56:1e:eb:61:38:f2:da:8a:be:c4:bb:33:c6:65:
7c:17:f2:87:0e:19:6e:fd:89:d7:4e:e6:f1:f3:2e:
12:71:87:bb:e6:c9:bc:e2:56:45:3c:a2:c0:f8:c5:
7c:eb:29:a8:ea:d1:f7:25:0a:98:6c:7f:fa:96:f7:
c9:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:55:95:66:A5:0F:70:4D:FC:D1:76:8C:7A:F5:52:0F:8A:3A:24:90
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/91WVZqUPcE380XaMevVSD4o6JJA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.243.10.0/24
151.243.136.0/24
151.243.146.0/24
151.247.36.0/24
Signature Algorithm: sha256WithRSAEncryption
ae:32:40:d7:20:2e:3d:22:b2:fc:b4:e8:8e:80:86:f7:8e:bf:
8f:55:00:19:1c:a1:9c:08:d8:80:5a:f2:32:93:14:55:5e:03:
17:31:12:cc:21:b1:71:35:7e:c1:7e:57:5a:93:80:a3:78:20:
d9:11:e7:8a:31:c1:1d:c5:90:94:fd:c2:16:90:9f:e1:97:ff:
65:39:ad:46:9f:88:26:9d:32:93:e1:02:a6:5b:9b:d5:2e:de:
a0:43:d1:b5:19:27:29:b1:59:67:54:70:e8:a2:96:69:45:a9:
b5:cb:40:6b:1d:74:8a:4e:08:f3:89:cc:99:8d:a4:39:cd:82:
09:ec:56:56:1c:61:67:36:34:3d:b8:7c:42:60:4b:82:6d:3a:
c7:ba:42:1e:24:02:72:17:68:ee:87:c6:ed:25:28:b5:a6:75:
13:f4:e5:fb:60:87:94:df:cc:bc:4c:d2:72:b1:ac:6a:c8:5b:
91:ee:f4:cf:d9:10:04:b3:24:d3:5a:8a:66:8d:63:4c:a4:ab:
f5:ef:89:0f:c0:9b:a6:3e:40:9d:7e:6c:b9:78:31:8c:3a:46:
47:aa:eb:6e:4a:4f:b5:10:0d:12:05:6a:fc:c4:25:2c:0e:4f:
85:78:22:e8:dd:0d:4b:42:06:af:06:c2:bc:30:aa:35:fa:e8:
ca:02:27:80
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZzXWc2Eq4sWSwU4NwYmD0TXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjYwMzEwMTA0NTEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzU1OTU2NmE1MGY3MDRkZmNkMTc2OGM3YWY1NTIwZjhhM2EyNDkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy7fPr/seAT3tJyMTjr0ao+kyORw+
nOi440TdI4AbRJQP5+Tu7oUPPaDHXPqpWeCwfcqWzZGt886EtcgYS5P02XYLIFrx
IovdWvHbfOVl5A5lpNsFhaBdvduOX1TwpWcl2WE8tiTHEWX6VL+64c7YxpquKVyt
T2hGwK8lvxqQNBbaRN8JP0aI1zj1qMvKO9XDlFrieA76ZpcF662Al9ecCgWsZy8Z
2aKWjNNyySgbawYS/5FINhFptrQRh7rE0C4/DupCVh7rYTjy2oq+xLszxmV8F/KH
Dhlu/YnXTubx8y4ScYe75sm84lZFPKLA+MV86ymo6tH3JQqYbH/6lvfJmwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPdVlWalD3BN/NF2jHr1Ug+KOiSQMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvOTFXVlpxVVBjRTM4MFhhTWV2VlNENG82SkpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAl/MKAwQA
l/OIAwQAl/OSAwQAl/ckMA0GCSqGSIb3DQEBCwUAA4IBAQCuMkDXIC49IrL8tOiO
gIb3jr+PVQAZHKGcCNiAWvIykxRVXgMXMRLMIbFxNX7Bfldak4CjeCDZEeeKMcEd
xZCU/cIWkJ/hl/9lOa1Gn4gmnTKT4QKmW5vVLt6gQ9G1GScpsVlnVHDoopZpRam1
y0BrHXSKTgjzicyZjaQ5zYIJ7FZWHGFnNjQ9uHxCYEuCbTrHukIeJAJyF2juh8bt
JSi1pnUT9OX7YIeU38y8TNJysaxqyFuR7vTP2RAEsyTTWopmjWNMpKv174kPwJum
PkCdfmy5eDGMOkZHqutuSk+1EA0SBWr8xCUsDk+FeCLo3Q1LQgavBsK8MKo1+ujK
AieA
-----END CERTIFICATE-----
Generated at Wed Mar 25 23:01:22 2026 by rpki-client