Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/S3ogecNfSEAaXBC7Rw22R271JKM.roa
File: S3ogecNfSEAaXBC7Rw22R271JKM.roa (raw, json)
Hash identifier: Mr4jAehMP8Lyxbj0K9zpva0iPlk4IorDoxafjT4qLc8=
Subject key identifier: 4B:7A:20:79:C3:5F:48:40:1A:5C:10:BB:47:0D:B6:47:6E:F5:24:A3
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019D1016EF0C189544723384B33B0DAF5187
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/S3ogecNfSEAaXBC7Rw22R271JKM.roa
Signing time: Sat 21 Mar 2026 11:10:31 +0000
ROA not before: Sat 21 Mar 2026 11:10:31 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 20326
IP address blocks: 151.241.65.0/24 maxlen: 24
151.241.178.0/24 maxlen: 24
151.243.21.0/24 maxlen: 24
151.243.114.0/23 maxlen: 24
151.243.244.0/24 maxlen: 24
151.244.2.0/24 maxlen: 24
151.244.136.0/22 maxlen: 24
151.244.160.0/22 maxlen: 24
151.244.171.0/24 maxlen: 24
151.244.172.0/22 maxlen: 24
151.244.176.0/22 maxlen: 24
151.245.8.0/21 maxlen: 24
151.245.168.0/21 maxlen: 21
151.247.132.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 15:17:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:10:16:ef:0c:18:95:44:72:33:84:b3:3b:0d:af:51:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Mar 21 11:10:31 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=4b7a2079c35f48401a5c10bb470db6476ef524a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:a5:10:ae:11:18:f4:e8:80:a7:0e:fd:5f:2c:
88:d8:e8:30:a5:e7:e2:da:b0:32:8c:bd:6a:42:8a:
17:70:f5:3c:5a:01:d1:4c:4c:0d:23:31:e9:31:23:
42:7f:98:2d:0c:0b:e1:98:5e:a7:a9:d9:98:ed:e3:
89:19:fd:ac:09:40:e0:f8:fb:1d:44:f0:f7:e9:06:
95:e2:42:a9:79:6a:cd:61:bc:7b:81:b7:a8:2b:c2:
17:29:d2:e9:96:83:a3:8e:73:ab:5f:d7:14:69:d0:
16:74:79:0c:80:f5:5c:cc:5e:16:7c:fd:0a:c9:ca:
11:a2:7f:04:dd:1c:43:d2:02:3b:91:a6:75:6a:cc:
27:5c:e0:cc:e4:31:db:01:3c:c6:8a:35:49:85:28:
ac:d0:0e:dc:e6:f5:9c:02:af:61:53:07:f1:2e:5e:
ce:41:37:fa:1f:97:41:a8:5c:21:1c:4f:e5:a9:44:
0b:b5:4a:de:64:0f:d1:50:18:76:8d:20:77:e5:d6:
b8:53:e0:0b:71:4d:ce:73:04:b5:3f:4b:b0:a4:d8:
09:7c:5f:3b:94:29:5b:52:02:0e:c8:84:52:de:63:
ca:92:85:ce:52:93:e7:fb:d1:ad:5e:fa:fc:39:ea:
cc:21:fe:6a:94:5b:73:10:3c:b2:09:7c:e0:cc:43:
93:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:7A:20:79:C3:5F:48:40:1A:5C:10:BB:47:0D:B6:47:6E:F5:24:A3
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/S3ogecNfSEAaXBC7Rw22R271JKM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.241.65.0/24
151.241.178.0/24
151.243.21.0/24
151.243.114.0/23
151.243.244.0/24
151.244.2.0/24
151.244.136.0/22
151.244.160.0/22
151.244.171.0-151.244.179.255
151.245.8.0/21
151.245.168.0/21
151.247.132.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:69:03:fb:b7:77:70:fe:92:7a:a1:7a:83:dc:25:dc:0f:18:
70:5b:8d:7a:79:63:a0:17:bd:e5:62:81:aa:35:20:25:1a:69:
7d:06:ac:bf:1b:b0:2f:37:7b:26:76:01:fe:73:5b:e0:ba:0c:
fc:50:5d:89:a6:72:06:3d:fc:45:b2:0b:d1:d1:d2:65:48:60:
ac:a8:c0:0f:4e:e4:f8:2d:ec:53:87:3a:44:b5:21:05:4b:9b:
76:90:95:66:2a:7d:53:7b:06:9d:b2:e3:96:4e:53:8b:18:48:
35:fe:f3:d8:c0:83:87:b3:f7:68:ec:43:d4:54:dd:bf:05:89:
20:16:59:b9:56:3f:8c:df:a6:4a:12:6b:1d:60:de:dc:25:0a:
a3:5b:52:34:89:a3:2c:36:e9:f1:a6:69:6c:fa:7e:d4:4e:5b:
54:b8:0f:b1:3c:9c:1b:d0:a6:02:a9:ab:34:88:1c:b5:47:b9:
b3:82:8b:f5:e5:18:5e:e6:d8:52:90:2e:2c:7a:1f:8f:4b:0a:
c4:35:af:0e:56:5c:a1:87:d1:15:52:f9:3b:9d:62:00:af:25:
a7:86:81:5b:39:ff:5a:9e:72:0c:ff:df:59:80:14:57:7b:5a:
94:a0:13:f4:c9:aa:33:61:44:e1:22:b4:c3:85:21:d5:85:fd:
62:d4:7e:68
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgISAZ0QFu8MGJVEcjOEszsNr1GHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjYwMzIxMTExMDMxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjdhMjA3OWMzNWY0ODQwMWE1YzEwYmI0NzBkYjY0NzZlZjUyNGEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuaUQrhEY9OiApw79XyyI2Ogwpefi
2rAyjL1qQooXcPU8WgHRTEwNIzHpMSNCf5gtDAvhmF6nqdmY7eOJGf2sCUDg+Psd
RPD36QaV4kKpeWrNYbx7gbeoK8IXKdLploOjjnOrX9cUadAWdHkMgPVczF4WfP0K
ycoRon8E3RxD0gI7kaZ1aswnXODM5DHbATzGijVJhSis0A7c5vWcAq9hUwfxLl7O
QTf6H5dBqFwhHE/lqUQLtUreZA/RUBh2jSB35da4U+ALcU3OcwS1P0uwpNgJfF87
lClbUgIOyIRS3mPKkoXOUpPn+9GtXvr8OerMIf5qlFtzEDyyCXzgzEOTewIDAQAB
o4ICUzCCAk8wHQYDVR0OBBYEFEt6IHnDX0hAGlwQu0cNtkdu9SSjMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvUzNvZ2VjTmZTRUFhWEJDN1J3MjJSMjcxSktNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGkGCCsGAQUFBwEHAQH/BFowWDBWBAIAATBQAwQAl/FBAwQA
l/GyAwQAl/MVAwQBl/NyAwQAl/P0AwQAl/QCAwQCl/SIAwQCl/SgMAwDBACX9KsD
BAKX9LADBAOX9QgDBAOX9agDBACX94QwDQYJKoZIhvcNAQELBQADggEBAAxpA/u3
d3D+knqheoPcJdwPGHBbjXp5Y6AXveVigao1ICUaaX0GrL8bsC83eyZ2Af5zW+C6
DPxQXYmmcgY9/EWyC9HR0mVIYKyowA9O5Pgt7FOHOkS1IQVLm3aQlWYqfVN7Bp2y
45ZOU4sYSDX+89jAg4ez92jsQ9RU3b8FiSAWWblWP4zfpkoSax1g3twlCqNbUjSJ
oyw26fGmaWz6ftROW1S4D7E8nBvQpgKpqzSIHLVHubOCi/XlGF7m2FKQLix6H49L
CsQ1rw5WXKGH0RVS+TudYgCvJaeGgVs5/1qecgz/31mAFFd7WpSgE/TJqjNhROEi
tMOFIdWF/WLUfmg=
-----END CERTIFICATE-----
Generated at Wed Mar 25 23:01:07 2026 by rpki-client