Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/WqfNBKNz4jRpMB4_Hm4h3fSeHMw.roa
File: WqfNBKNz4jRpMB4_Hm4h3fSeHMw.roa (raw, json)
Hash identifier: qKc4H8FMF6KhrRrngmwLv592AcZPqIam8ZSSfxBj7b0=
Subject key identifier: 5A:A7:CD:04:A3:73:E2:34:69:30:1E:3F:1E:6E:21:DD:F4:9E:1C:CC
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019DF3FFF30F595934A902C54E79C1B4119B
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/WqfNBKNz4jRpMB4_Hm4h3fSeHMw.roa
Signing time: Mon 04 May 2026 17:18:50 +0000
ROA not before: Mon 04 May 2026 17:18:50 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 51082
IP address blocks: 151.240.115.0/24 maxlen: 24
151.241.140.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:f3:ff:f3:0f:59:59:34:a9:02:c5:4e:79:c1:b4:11:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: May 4 17:18:50 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=5aa7cd04a373e23469301e3f1e6e21ddf49e1ccc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:00:7b:38:f5:4b:22:b6:60:8c:b6:a4:cd:8b:
64:71:37:7a:3d:1f:1a:a2:0d:0c:fb:d8:dd:dd:76:
8b:db:f6:e3:75:e5:a5:a3:79:23:2f:a7:18:29:79:
57:41:bd:e8:5d:94:7e:9e:0f:9e:26:ac:f3:d1:b8:
3d:e5:aa:7f:94:b7:0c:da:3d:6b:28:f1:1b:2a:87:
ad:ad:52:d1:8e:0d:c9:04:34:bf:ed:5c:f8:9b:09:
33:d0:77:c3:96:c9:3f:70:3d:ea:cf:09:2f:03:eb:
c3:ff:45:b7:39:b5:ec:7c:17:38:bb:11:ac:65:df:
47:a3:d2:28:c6:7b:a2:35:34:07:c8:ab:5c:50:a1:
df:51:23:d1:6a:fc:40:c9:b3:0c:b4:1f:2d:28:36:
a5:38:8c:ad:14:c7:bf:21:1e:4c:dc:5c:09:cc:65:
93:df:e3:2f:a5:89:64:fb:03:2b:31:79:9e:55:03:
7b:41:26:1f:29:3b:37:9e:59:5f:05:9b:f5:6f:98:
b3:42:cb:c4:b9:20:10:cb:13:e4:9c:3e:1d:ca:45:
f5:c9:25:80:f9:0e:0a:40:bf:f0:52:17:ca:46:59:
24:3b:0c:6b:05:02:41:7e:6c:cc:81:07:9e:6c:ef:
a9:ec:0a:69:83:6e:44:4e:72:83:15:c5:dd:65:14:
6e:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:A7:CD:04:A3:73:E2:34:69:30:1E:3F:1E:6E:21:DD:F4:9E:1C:CC
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/WqfNBKNz4jRpMB4_Hm4h3fSeHMw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.240.115.0/24
151.241.140.0/24
Signature Algorithm: sha256WithRSAEncryption
38:4b:7a:2e:5b:67:cb:4b:d3:97:c5:37:fe:ef:14:bd:88:fb:
8a:89:e1:5a:bd:30:46:c6:40:1f:6d:04:f6:58:8a:e4:55:df:
46:21:70:fb:ce:4a:b4:63:4a:5b:5d:58:2b:93:0e:2a:be:62:
5c:12:af:a6:1b:98:ad:e1:59:57:42:e7:dc:3d:a4:9e:52:67:
bb:3f:88:17:71:c0:67:60:de:7a:9f:d0:8d:9f:36:fa:4d:aa:
c8:0f:d5:1d:67:aa:f5:3c:0b:4c:90:9e:de:85:e4:32:01:92:
29:fb:b9:27:84:02:02:f9:6f:db:e7:9c:9c:d5:a3:f6:fa:33:
0f:a5:16:de:99:28:bb:b3:27:69:83:15:23:7e:40:c6:2f:3a:
06:86:ee:c8:a1:60:ec:3f:be:b3:76:59:fd:9f:60:52:cf:4b:
f3:10:4e:02:f7:8c:bb:75:64:ee:e5:00:66:ba:ee:87:b2:f2:
e8:2d:b4:b4:7e:a7:77:ad:99:5d:be:a0:09:5a:04:54:ce:cc:
09:ae:d7:66:98:68:18:11:fb:c3:0c:f3:87:61:b8:ee:4a:50:
3f:a4:7f:41:9b:3a:68:89:10:ae:c2:31:48:13:a5:23:c4:ed:
7f:98:0a:05:56:1b:cb:e2:ed:f3:53:9b:90:c3:6b:94:88:20:
92:fc:48:53
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZ3z//MPWVk0qQLFTnnBtBGbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjYwNTA0MTcxODUwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YWE3Y2QwNGEzNzNlMjM0NjkzMDFlM2YxZTZlMjFkZGY0OWUxY2NjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApAB7OPVLIrZgjLakzYtkcTd6PR8a
og0M+9jd3XaL2/bjdeWlo3kjL6cYKXlXQb3oXZR+ng+eJqzz0bg95ap/lLcM2j1r
KPEbKoetrVLRjg3JBDS/7Vz4mwkz0HfDlsk/cD3qzwkvA+vD/0W3ObXsfBc4uxGs
Zd9Ho9IoxnuiNTQHyKtcUKHfUSPRavxAybMMtB8tKDalOIytFMe/IR5M3FwJzGWT
3+MvpYlk+wMrMXmeVQN7QSYfKTs3nllfBZv1b5izQsvEuSAQyxPknD4dykX1ySWA
+Q4KQL/wUhfKRlkkOwxrBQJBfmzMgQeebO+p7Appg25ETnKDFcXdZRRuTwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFqnzQSjc+I0aTAePx5uId30nhzMMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvV3FmTkJLTno0alJwTUI0X0htNGgzZlNlSE13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAl/BzAwQA
l/GMMA0GCSqGSIb3DQEBCwUAA4IBAQA4S3ouW2fLS9OXxTf+7xS9iPuKieFavTBG
xkAfbQT2WIrkVd9GIXD7zkq0Y0pbXVgrkw4qvmJcEq+mG5it4VlXQufcPaSeUme7
P4gXccBnYN56n9CNnzb6TarID9UdZ6r1PAtMkJ7eheQyAZIp+7knhAIC+W/b55yc
1aP2+jMPpRbemSi7sydpgxUjfkDGLzoGhu7IoWDsP76zdln9n2BSz0vzEE4C94y7
dWTu5QBmuu6HsvLoLbS0fqd3rZldvqAJWgRUzswJrtdmmGgYEfvDDPOHYbjuSlA/
pH9BmzpoiRCuwjFIE6UjxO1/mAoFVhvL4u3zU5uQw2uUiCCS/EhT
-----END CERTIFICATE-----
Generated at Tue May 12 21:38:59 2026 by rpki-client