Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/MCtS3G39B6Oh5gx19ICLRJ_acQw.roa
File: MCtS3G39B6Oh5gx19ICLRJ_acQw.roa (raw, json)
Hash identifier: d9xec8hTtd9/IMq+Xk4gfE3D9hh3DYq/Rz7tGyLQ/pw=
Subject key identifier: 30:2B:52:DC:6D:FD:07:A3:A1:E6:0C:75:F4:80:8B:44:9F:DA:71:0C
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019DAE752EC3439796503480372D765F0B78
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/MCtS3G39B6Oh5gx19ICLRJ_acQw.roa
Signing time: Tue 21 Apr 2026 05:13:28 +0000
ROA not before: Tue 21 Apr 2026 05:13:28 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 63023
IP address blocks: 151.241.169.0/24 maxlen: 24
151.243.159.0/24 maxlen: 24
151.244.28.0/24 maxlen: 24
151.246.237.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 23:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:ae:75:2e:c3:43:97:96:50:34:80:37:2d:76:5f:0b:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Apr 21 05:13:28 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=302b52dc6dfd07a3a1e60c75f4808b449fda710c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:00:d9:6d:e9:1f:3a:36:ab:cc:c8:3e:dd:c5:
0d:32:c0:53:c0:a3:da:9d:3e:12:6c:cb:c6:8d:62:
3e:25:06:cd:84:a2:69:ee:15:66:fc:4d:49:28:f7:
76:ef:e9:c9:7b:29:1d:ec:da:4e:32:1f:19:e5:22:
44:44:0e:dd:21:8c:2b:be:cd:02:d6:09:45:f9:9b:
cd:42:ea:a0:2c:db:cd:62:2b:c6:8b:be:e1:dd:9a:
2c:d2:56:9a:ea:3d:2e:04:c7:7f:7c:36:98:98:e2:
19:6e:8c:ab:c4:ed:6f:57:0d:f4:6f:61:c4:b0:ee:
a1:65:a6:76:f4:a9:85:ad:3a:7f:d7:2f:27:66:17:
8c:97:d1:64:85:e2:20:11:d0:74:be:57:17:47:98:
10:0e:12:be:31:f0:84:e5:7d:52:2d:f7:67:fb:27:
15:58:7e:8d:17:7e:1d:a1:ed:99:b4:e2:ea:22:42:
11:4d:ea:c2:71:68:f1:79:d4:d7:78:ac:2b:cd:25:
8a:98:d5:8e:5a:0c:b6:77:e8:3c:b5:b7:10:ea:a8:
70:82:d7:32:ef:07:24:9a:c4:26:5c:ec:4b:25:98:
c8:68:fa:31:de:cf:33:e7:0a:d5:6b:04:fa:a2:6c:
73:69:db:c3:eb:94:b5:16:2b:75:e6:bf:a6:02:77:
43:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:2B:52:DC:6D:FD:07:A3:A1:E6:0C:75:F4:80:8B:44:9F:DA:71:0C
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/MCtS3G39B6Oh5gx19ICLRJ_acQw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.241.169.0/24
151.243.159.0/24
151.244.28.0/24
151.246.237.0/24
Signature Algorithm: sha256WithRSAEncryption
60:da:11:14:25:e0:35:77:5f:04:ac:a4:b2:ce:10:50:a9:da:
33:88:f3:2e:1d:e1:ae:81:f8:0c:29:9d:49:e8:f0:5a:6f:29:
4a:59:8c:a7:ac:4d:98:7a:29:71:f4:59:c2:8a:51:a3:07:56:
01:aa:9b:ee:fd:2c:aa:fe:ce:53:87:02:7e:4a:e7:96:92:a6:
b0:ea:17:63:e6:bc:f4:3b:89:23:f3:53:40:de:74:61:c5:95:
18:4c:25:99:fe:82:24:b7:82:7f:a3:60:80:29:4b:4c:07:47:
bd:f9:d4:fd:48:95:91:0f:12:15:53:fa:e3:8f:f4:8c:2a:04:
2a:7f:13:66:ee:ca:9f:60:93:f4:8d:49:79:0f:98:bb:63:06:
5b:b8:58:64:98:99:30:36:6a:5a:65:13:76:77:12:48:d8:fc:
85:47:b2:17:31:66:a8:14:49:08:27:4c:fa:c8:30:68:1c:5d:
9c:1a:56:30:77:36:87:67:fe:d5:15:04:02:01:7f:7d:c3:9c:
2e:fb:2c:11:06:32:9f:c8:5d:3a:56:a6:7c:95:a7:13:25:89:
d5:3c:98:1f:69:fb:84:6b:63:6f:bb:c3:19:73:65:70:01:b1:
70:a2:59:9e:04:39:4e:fb:ce:7c:c0:11:e9:5d:cf:ce:4e:9e:
ff:d8:bd:c3
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZ2udS7DQ5eWUDSANy12Xwt4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjYwNDIxMDUxMzI4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDJiNTJkYzZkZmQwN2EzYTFlNjBjNzVmNDgwOGI0NDlmZGE3MTBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtADZbekfOjarzMg+3cUNMsBTwKPa
nT4SbMvGjWI+JQbNhKJp7hVm/E1JKPd27+nJeykd7NpOMh8Z5SJERA7dIYwrvs0C
1glF+ZvNQuqgLNvNYivGi77h3Zos0laa6j0uBMd/fDaYmOIZboyrxO1vVw30b2HE
sO6hZaZ29KmFrTp/1y8nZheMl9FkheIgEdB0vlcXR5gQDhK+MfCE5X1SLfdn+ycV
WH6NF34doe2ZtOLqIkIRTerCcWjxedTXeKwrzSWKmNWOWgy2d+g8tbcQ6qhwgtcy
7wckmsQmXOxLJZjIaPox3s8z5wrVawT6omxzadvD65S1Fit15r+mAndDNQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFDArUtxt/QejoeYMdfSAi0Sf2nEMMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvTUN0UzNHMzlCNk9oNWd4MTlJQ0xSSl9hY1F3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAl/GpAwQA
l/OfAwQAl/QcAwQAl/btMA0GCSqGSIb3DQEBCwUAA4IBAQBg2hEUJeA1d18ErKSy
zhBQqdoziPMuHeGugfgMKZ1J6PBabylKWYynrE2Yeilx9FnCilGjB1YBqpvu/Syq
/s5ThwJ+SueWkqaw6hdj5rz0O4kj81NA3nRhxZUYTCWZ/oIkt4J/o2CAKUtMB0e9
+dT9SJWRDxIVU/rjj/SMKgQqfxNm7sqfYJP0jUl5D5i7YwZbuFhkmJkwNmpaZRN2
dxJI2PyFR7IXMWaoFEkIJ0z6yDBoHF2cGlYwdzaHZ/7VFQQCAX99w5wu+ywRBjKf
yF06VqZ8lacTJYnVPJgfafuEa2Nvu8MZc2VwAbFwolmeBDlO+858wBHpXc/OTp7/
2L3D
-----END CERTIFICATE-----
Generated at Wed May 13 06:58:45 2026 by rpki-client