Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/ThB0PH0j28uONgzJnKVvQL095UI.roa
File: ThB0PH0j28uONgzJnKVvQL095UI.roa (raw, json)
Hash identifier: +HCQgKx7b3LuCUi/5LSojvqgCoY1x915lV4OKkEv06s=
Subject key identifier: 4E:10:74:3C:7D:23:DB:CB:8E:36:0C:C9:9C:A5:6F:40:BD:3D:E5:42
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019DDEA63FEF266412ED558A8FC6A9F294C3
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/ThB0PH0j28uONgzJnKVvQL095UI.roa
Signing time: Thu 30 Apr 2026 13:48:50 +0000
ROA not before: Thu 30 Apr 2026 13:48:50 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 63199
IP address blocks: 151.244.4.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 17:04:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:de:a6:3f:ef:26:64:12:ed:55:8a:8f:c6:a9:f2:94:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Apr 30 13:48:50 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=4e10743c7d23dbcb8e360cc99ca56f40bd3de542
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:11:b7:ee:1f:f2:a6:fe:53:6d:88:2e:47:65:
ee:35:f8:1c:4e:e7:6b:d0:c7:9d:89:0f:cf:4e:59:
a5:be:89:a5:85:2b:28:4a:ee:c0:ff:4e:d1:4d:fc:
56:bb:bf:5e:7b:1d:5c:05:26:4a:a6:cd:f9:03:c3:
e2:36:08:00:33:01:e4:72:96:46:46:9f:c8:3e:dd:
51:6f:47:1c:d1:d4:6f:52:f6:d7:6d:d3:39:40:6e:
cb:f1:11:5d:5d:09:4e:bc:85:0e:e6:11:1c:ca:30:
39:01:af:14:1e:a7:d6:4c:e6:27:1f:ba:f1:7f:db:
e1:e9:5e:fc:b1:71:1d:39:ca:51:a5:cf:ed:fd:99:
4b:5f:68:02:45:4c:ec:20:b3:c4:54:a7:9c:a0:dc:
06:f2:03:48:64:49:ad:68:81:c8:c4:f5:24:60:0d:
16:5e:9a:74:a9:d1:ea:d0:63:ef:01:8f:0f:ea:05:
ea:b7:a5:ce:30:f9:4e:bf:f6:0b:f0:48:0f:c3:c1:
5d:df:e6:42:3a:8b:f3:68:1c:ba:30:8f:9a:bf:f9:
30:6b:40:cb:12:c8:f0:54:b5:e6:73:0d:0a:1e:f2:
a1:3b:e0:b3:f9:e2:1e:0c:a7:9c:cc:6c:7f:1f:76:
34:aa:0d:fe:15:39:83:1e:56:b9:0e:2c:dd:d3:21:
37:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:10:74:3C:7D:23:DB:CB:8E:36:0C:C9:9C:A5:6F:40:BD:3D:E5:42
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/ThB0PH0j28uONgzJnKVvQL095UI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.244.4.0/24
Signature Algorithm: sha256WithRSAEncryption
05:ca:52:8a:2f:32:0e:13:f0:19:05:04:61:4b:b7:94:83:19:
6f:e1:7a:73:b8:cb:d9:a9:33:20:57:33:b1:b1:bb:e7:23:18:
c1:34:76:ae:6e:8d:e0:bd:c2:ec:18:b9:68:8e:0c:55:a1:72:
de:b8:ad:c7:53:07:d0:94:e9:66:b1:ad:ac:7d:85:9c:6d:42:
a8:b8:63:ac:99:a1:72:73:61:f2:0e:f1:a6:5f:62:f6:3d:b4:
ff:46:7a:3e:60:85:8f:2a:33:54:7b:c9:fe:84:39:c6:3c:69:
03:46:33:ad:27:dd:a6:1a:cf:20:aa:36:f4:f3:4a:a5:9d:9f:
5c:1d:1f:08:02:09:82:82:a0:1d:de:61:fd:f5:74:66:a3:af:
66:07:0a:d8:c7:a7:b2:95:84:35:7b:9e:97:c4:5d:6c:2c:48:
10:15:f8:c9:a3:f0:1b:88:49:b2:b5:21:a3:3b:01:37:4d:6d:
10:32:ed:82:74:d1:48:5a:b1:45:0b:c6:a3:ce:d6:21:0e:8c:
7f:f6:29:5c:95:82:6c:b7:75:b4:47:b2:33:f1:19:33:3b:c9:
1f:3c:fc:d9:06:f6:31:ba:88:10:61:8c:c3:83:40:d6:19:78:
11:bf:9e:76:34:66:48:d3:4d:82:c2:50:d7:03:21:8c:29:d0:
d2:f0:5c:39
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ3epj/vJmQS7VWKj8ap8pTDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjYwNDMwMTM0ODUwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTEwNzQzYzdkMjNkYmNiOGUzNjBjYzk5Y2E1NmY0MGJkM2RlNTQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlBG37h/ypv5TbYguR2XuNfgcTudr
0MediQ/PTlmlvomlhSsoSu7A/07RTfxWu79eex1cBSZKps35A8PiNggAMwHkcpZG
Rp/IPt1Rb0cc0dRvUvbXbdM5QG7L8RFdXQlOvIUO5hEcyjA5Aa8UHqfWTOYnH7rx
f9vh6V78sXEdOcpRpc/t/ZlLX2gCRUzsILPEVKecoNwG8gNIZEmtaIHIxPUkYA0W
Xpp0qdHq0GPvAY8P6gXqt6XOMPlOv/YL8EgPw8Fd3+ZCOovzaBy6MI+av/kwa0DL
EsjwVLXmcw0KHvKhO+Cz+eIeDKeczGx/H3Y0qg3+FTmDHla5Dizd0yE3nwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE4QdDx9I9vLjjYMyZylb0C9PeVCMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvVGhCMFBIMGoyOHVPTmd6Sm5LVnZRTDA5NVVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAl/QEMA0G
CSqGSIb3DQEBCwUAA4IBAQAFylKKLzIOE/AZBQRhS7eUgxlv4XpzuMvZqTMgVzOx
sbvnIxjBNHaubo3gvcLsGLlojgxVoXLeuK3HUwfQlOlmsa2sfYWcbUKouGOsmaFy
c2HyDvGmX2L2PbT/Rno+YIWPKjNUe8n+hDnGPGkDRjOtJ92mGs8gqjb080qlnZ9c
HR8IAgmCgqAd3mH99XRmo69mBwrYx6eylYQ1e56XxF1sLEgQFfjJo/AbiEmytSGj
OwE3TW0QMu2CdNFIWrFFC8ajztYhDox/9ilclYJst3W0R7Iz8RkzO8kfPPzZBvYx
uogQYYzDg0DWGXgRv552NGZI002CwlDXAyGMKdDS8Fw5
-----END CERTIFICATE-----
Generated at Wed May 13 02:38:15 2026 by rpki-client