Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/WR9bmaIe98gF9i07vJXmHyOraWk.roa
File: WR9bmaIe98gF9i07vJXmHyOraWk.roa (raw, json)
Hash identifier: ZZcOLx2NYky5elbaPHVlqiEoXRI9LSyoqNkVQI1Hjmo=
Subject key identifier: 59:1F:5B:99:A2:1E:F7:C8:05:F6:2D:3B:BC:95:E6:1F:23:AB:69:69
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019D101B81D6F50E6D1AB6822A858D22C21B
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/WR9bmaIe98gF9i07vJXmHyOraWk.roa
Signing time: Sat 21 Mar 2026 11:15:31 +0000
ROA not before: Sat 21 Mar 2026 11:15:31 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 49608
IP address blocks: 151.245.30.0/24 maxlen: 24
151.247.214.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:10:1b:81:d6:f5:0e:6d:1a:b6:82:2a:85:8d:22:c2:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Mar 21 11:15:31 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=591f5b99a21ef7c805f62d3bbc95e61f23ab6969
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:45:54:13:19:b9:c5:a5:43:2c:ba:0b:c4:ae:
bf:13:de:ad:13:bf:78:aa:d5:6d:36:98:25:b1:eb:
33:f8:65:b1:89:51:4a:c7:e6:1a:86:d7:e6:7d:39:
91:40:91:1d:06:ef:d3:e6:65:23:cd:62:53:aa:d3:
dd:91:73:bf:bc:c6:87:3c:2d:3e:97:38:2c:87:89:
4c:47:e1:6d:05:9e:47:5c:44:8f:12:17:b8:76:9d:
2e:b2:7d:44:b5:47:d9:70:95:fb:43:0f:fd:af:5e:
9c:6e:23:a5:88:73:ff:96:46:0f:e3:2a:58:4c:20:
0e:b4:bf:7d:c6:70:b2:90:84:eb:2a:44:9c:df:e8:
6f:10:fa:fa:99:42:70:f5:4d:39:45:bb:5b:f6:62:
82:20:4f:2d:a6:89:9a:f1:b0:21:cc:a0:6d:5c:09:
b7:97:ec:ef:33:f0:cb:0b:44:aa:ad:6c:bc:3f:6c:
3d:17:09:6d:33:26:9a:82:79:30:38:34:93:52:a4:
1b:16:b5:38:a2:9e:64:ff:69:72:7d:35:6f:91:75:
6c:ce:23:0f:a9:f7:5d:6b:ab:3a:f9:0a:36:73:ca:
8e:31:f5:d0:9b:a2:1b:3d:8d:cf:a8:f1:ea:af:3e:
6d:a4:c4:18:67:71:99:eb:15:96:c1:c4:88:c7:94:
5c:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:1F:5B:99:A2:1E:F7:C8:05:F6:2D:3B:BC:95:E6:1F:23:AB:69:69
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/WR9bmaIe98gF9i07vJXmHyOraWk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.245.30.0/24
151.247.214.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:e7:60:ad:60:bf:36:6f:2f:42:6e:ea:9b:d7:2d:68:33:e3:
3b:35:fc:c5:57:b8:37:22:0a:e3:24:00:df:32:08:12:cb:8a:
05:91:78:22:ab:2a:08:fc:bd:87:10:15:34:a6:37:39:99:45:
66:51:ae:31:50:6e:3d:3d:fb:f1:ec:31:4b:6d:72:1c:13:f2:
05:52:79:40:4b:25:7b:0a:09:d1:dd:8d:7e:9b:01:99:ec:68:
0e:e0:e5:bb:13:d7:d2:2b:11:db:3d:de:40:d9:20:85:39:3e:
14:5a:18:76:68:e2:b7:c9:2d:88:06:14:9d:91:a1:2a:35:28:
41:e6:f3:36:68:f0:8d:cf:7e:1c:ba:4b:da:23:ba:91:a6:4b:
23:e0:e0:3b:05:da:17:7a:ad:c2:11:c7:55:4d:80:15:e0:ed:
da:74:b5:74:de:6f:1b:f4:b3:ce:eb:de:6e:47:fc:3f:08:e9:
d5:ae:aa:24:da:47:9e:52:fb:61:99:ec:11:df:78:f8:97:01:
f5:9a:4d:cb:37:68:6f:59:18:4c:36:f7:24:30:f3:5c:5a:68:
ea:95:56:6f:92:e3:da:99:40:31:dc:53:09:32:3d:cb:82:99:
0b:18:b0:b3:b4:a9:0a:01:1a:74:b9:8b:af:94:43:7b:34:74:
5a:ca:23:b4
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZ0QG4HW9Q5tGraCKoWNIsIbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjYwMzIxMTExNTMxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OTFmNWI5OWEyMWVmN2M4MDVmNjJkM2JiYzk1ZTYxZjIzYWI2OTY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAskVUExm5xaVDLLoLxK6/E96tE794
qtVtNpglsesz+GWxiVFKx+YahtfmfTmRQJEdBu/T5mUjzWJTqtPdkXO/vMaHPC0+
lzgsh4lMR+FtBZ5HXESPEhe4dp0usn1EtUfZcJX7Qw/9r16cbiOliHP/lkYP4ypY
TCAOtL99xnCykITrKkSc3+hvEPr6mUJw9U05Rbtb9mKCIE8tpoma8bAhzKBtXAm3
l+zvM/DLC0SqrWy8P2w9FwltMyaagnkwODSTUqQbFrU4op5k/2lyfTVvkXVsziMP
qfdda6s6+Qo2c8qOMfXQm6IbPY3PqPHqrz5tpMQYZ3GZ6xWWwcSIx5RcSQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFkfW5miHvfIBfYtO7yV5h8jq2lpMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvV1I5Ym1hSWU5OGdGOWkwN3ZKWG1IeU9yYVdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAl/UeAwQA
l/fWMA0GCSqGSIb3DQEBCwUAA4IBAQAe52CtYL82by9Cbuqb1y1oM+M7NfzFV7g3
IgrjJADfMggSy4oFkXgiqyoI/L2HEBU0pjc5mUVmUa4xUG49Pfvx7DFLbXIcE/IF
UnlASyV7CgnR3Y1+mwGZ7GgO4OW7E9fSKxHbPd5A2SCFOT4UWhh2aOK3yS2IBhSd
kaEqNShB5vM2aPCNz34cukvaI7qRpksj4OA7BdoXeq3CEcdVTYAV4O3adLV03m8b
9LPO695uR/w/COnVrqok2keeUvthmewR33j4lwH1mk3LN2hvWRhMNvckMPNcWmjq
lVZvkuPamUAx3FMJMj3LgpkLGLCztKkKARp0uYuvlEN7NHRayiO0
-----END CERTIFICATE-----
Generated at Thu Mar 26 09:33:09 2026 by rpki-client