Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/Azhrinyf1VEd61bs0pYskkHGJXA.roa
File: Azhrinyf1VEd61bs0pYskkHGJXA.roa (raw, json)
Hash identifier: MUFO8ORZcXU0ZBaohJd2ZxeS46VHGZd0vnNkJag1NwI=
Subject key identifier: 03:38:6B:8A:7C:9F:D5:51:1D:EB:56:EC:D2:96:2C:92:41:C6:25:70
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019DCF4C784FBADE70C1B554B1D3831B47A1
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/Azhrinyf1VEd61bs0pYskkHGJXA.roa
Signing time: Mon 27 Apr 2026 14:16:28 +0000
ROA not before: Mon 27 Apr 2026 14:16:28 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 30058
IP address blocks: 151.244.0.0/24 maxlen: 24
151.244.172.0/24 maxlen: 24
151.246.149.0/24 maxlen: 24
151.246.150.0/24 maxlen: 24
151.246.154.0/24 maxlen: 24
151.246.170.0/24 maxlen: 24
151.246.194.0/24 maxlen: 24
151.247.243.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:cf:4c:78:4f:ba:de:70:c1:b5:54:b1:d3:83:1b:47:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Apr 27 14:16:28 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=03386b8a7c9fd5511deb56ecd2962c9241c62570
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:65:62:21:3b:0b:54:25:70:9b:7b:6b:11:7a:
c2:df:a7:29:47:e0:ed:8f:7d:b3:73:86:ef:ff:10:
bf:57:c5:d2:a6:3c:e2:a9:8c:85:25:44:8e:e0:9a:
20:64:a6:01:82:6e:13:20:cb:0b:36:8e:3a:7c:10:
28:d9:b1:00:1d:68:ca:9b:f6:b3:3c:c7:6c:42:de:
7c:1d:a0:7c:c9:eb:fc:dd:45:00:48:ec:b7:03:fb:
21:a6:01:89:64:a1:f0:84:c5:d7:21:6b:6f:33:83:
6a:fb:4c:60:42:61:d8:1b:9b:a0:ee:79:bc:49:6d:
6b:8c:37:92:76:0b:ef:fa:cf:f9:58:9f:7b:e1:51:
e9:32:dc:ca:21:42:b6:04:98:cf:ad:ee:58:41:3f:
e2:ef:c8:bd:9a:ca:e1:6c:67:9c:97:c7:fe:27:7d:
b8:9d:2f:7d:40:aa:be:15:1a:da:de:58:2d:28:a6:
65:f9:b5:e6:10:de:bd:23:63:b5:c1:ea:24:4b:98:
eb:2b:0e:e3:b4:f3:cc:69:f1:9f:0b:4f:9d:70:a4:
a4:3b:9b:32:70:93:45:04:8b:0b:7d:24:4d:f1:8d:
34:89:55:b6:a1:52:14:00:10:7d:02:da:6c:36:88:
7c:d2:d6:50:46:cc:f8:48:7d:0e:24:96:d9:f4:d2:
a2:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:38:6B:8A:7C:9F:D5:51:1D:EB:56:EC:D2:96:2C:92:41:C6:25:70
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/Azhrinyf1VEd61bs0pYskkHGJXA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.244.0.0/24
151.244.172.0/24
151.246.149.0-151.246.150.255
151.246.154.0/24
151.246.170.0/24
151.246.194.0/24
151.247.243.0/24
Signature Algorithm: sha256WithRSAEncryption
b7:c9:ed:95:6a:02:cf:48:20:27:bb:8e:f8:59:2c:3c:75:74:
01:52:1e:a5:4d:87:f1:97:25:f9:cd:11:ae:a6:c1:3c:dc:dc:
1d:a0:73:5d:58:40:4f:84:c3:3d:5f:ed:82:85:27:1b:32:c5:
36:38:6e:5d:e0:38:b4:a4:5d:9b:42:33:f0:39:ad:64:2e:34:
b1:53:84:c3:f0:d4:c4:2b:a7:60:9b:66:1d:d8:70:5a:bd:5f:
f5:90:86:bb:70:21:8e:8c:37:8e:b8:e2:cc:9a:6f:a2:9b:de:
32:ea:09:8a:50:24:ee:11:63:6b:29:ed:27:67:4f:7e:6c:b9:
36:d0:fb:16:8b:f8:bb:c8:cb:d3:70:ab:6f:a3:e5:d4:bd:8c:
a9:3e:c8:8f:45:f1:2a:b9:8f:96:50:8e:02:04:b8:dd:5e:3f:
6d:71:0d:23:0d:fc:25:dc:43:ab:db:6a:c8:75:32:4c:6f:be:
5e:69:cd:a1:b0:c6:92:81:2f:ab:16:c4:6f:1f:0f:49:4c:fc:
6a:32:69:e6:c6:f3:ae:30:13:bd:1a:ea:e5:84:34:64:80:09:
d6:16:8e:9f:39:8a:97:bc:60:a5:d6:9b:2b:14:f0:07:ea:e0:
db:c4:67:77:0e:16:41:51:68:75:56:e0:4e:80:67:2c:f5:1a:
da:ff:66:b0
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAZ3PTHhPut5wwbVUsdODG0ehMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjYwNDI3MTQxNjI4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzM4NmI4YTdjOWZkNTUxMWRlYjU2ZWNkMjk2MmM5MjQxYzYyNTcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1GViITsLVCVwm3trEXrC36cpR+Dt
j32zc4bv/xC/V8XSpjziqYyFJUSO4JogZKYBgm4TIMsLNo46fBAo2bEAHWjKm/az
PMdsQt58HaB8yev83UUASOy3A/shpgGJZKHwhMXXIWtvM4Nq+0xgQmHYG5ug7nm8
SW1rjDeSdgvv+s/5WJ974VHpMtzKIUK2BJjPre5YQT/i78i9msrhbGecl8f+J324
nS99QKq+FRra3lgtKKZl+bXmEN69I2O1weokS5jrKw7jtPPMafGfC0+dcKSkO5sy
cJNFBIsLfSRN8Y00iVW2oVIUABB9AtpsNoh80tZQRsz4SH0OJJbZ9NKiIwIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFAM4a4p8n9VRHetW7NKWLJJBxiVwMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvQXpocmlueWYxVkVkNjFiczBwWXNra0hHSlhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQAl/QAAwQA
l/SsMAwDBACX9pUDBACX9pYDBACX9poDBACX9qoDBACX9sIDBACX9/MwDQYJKoZI
hvcNAQELBQADggEBALfJ7ZVqAs9IICe7jvhZLDx1dAFSHqVNh/GXJfnNEa6mwTzc
3B2gc11YQE+Ewz1f7YKFJxsyxTY4bl3gOLSkXZtCM/A5rWQuNLFThMPw1MQrp2Cb
Zh3YcFq9X/WQhrtwIY6MN4644syab6Kb3jLqCYpQJO4RY2sp7SdnT35suTbQ+xaL
+LvIy9Nwq2+j5dS9jKk+yI9F8Sq5j5ZQjgIEuN1eP21xDSMN/CXcQ6vbash1Mkxv
vl5pzaGwxpKBL6sWxG8fD0lM/GoyaebG864wE70a6uWENGSACdYWjp85ipe8YKXW
mysU8Afq4NvEZ3cOFkFRaHVW4E6AZyz1Gtr/ZrA=
-----END CERTIFICATE-----
Generated at Tue May 12 22:16:44 2026 by rpki-client