Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/b1rx3F5_0FpY3jrYcrhG10sfYII.roa
File: b1rx3F5_0FpY3jrYcrhG10sfYII.roa (raw, json)
Hash identifier: HCDKdueFvN5yWAvEAalba4V2+3PqZZ8fegN4dbl9RYA=
Subject key identifier: 6F:5A:F1:DC:5E:7F:D0:5A:58:DE:3A:D8:72:B8:46:D7:4B:1F:60:82
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019D28E7EADCBBE0A6D29B159FD6EC04E34E
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/b1rx3F5_0FpY3jrYcrhG10sfYII.roa
Signing time: Thu 26 Mar 2026 06:49:40 +0000
ROA not before: Thu 26 Mar 2026 06:49:40 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 214025
IP address blocks: 151.240.148.0/24 maxlen: 24
151.247.128.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 07:56:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:28:e7:ea:dc:bb:e0:a6:d2:9b:15:9f:d6:ec:04:e3:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Mar 26 06:49:40 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=6f5af1dc5e7fd05a58de3ad872b846d74b1f6082
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:f8:ec:e8:ab:c9:9e:c7:af:6c:a0:b4:30:92:
34:dd:de:05:12:6b:c2:4a:18:ab:7f:d1:3f:9e:77:
14:fa:2e:50:c4:7f:4e:b8:0e:a3:97:ca:15:2f:e1:
73:b1:24:e2:8e:39:25:7b:c6:7e:bd:26:be:a1:66:
31:e7:57:9c:ff:b6:4f:fe:ac:4c:fc:aa:33:75:6f:
bf:f3:75:b5:9f:47:82:e3:75:06:bd:43:fb:54:6e:
3b:62:a0:12:f6:87:2a:17:12:5c:62:57:cd:d5:cc:
23:39:fc:00:3b:a4:70:f2:a3:e9:da:25:c6:a1:41:
83:04:34:70:46:6c:49:35:4a:ac:4c:3f:8d:31:25:
7c:5a:ed:dc:b7:c5:0f:41:23:03:a3:0e:db:53:83:
2f:5c:1a:b8:e1:6f:f3:8e:6a:77:2c:74:e0:b7:fc:
05:6f:a4:f6:36:8d:5d:59:6b:3b:bc:f9:cb:4c:2c:
8d:c1:21:2f:10:1e:bc:f5:68:8c:b1:f3:a0:e0:3f:
39:4c:b7:15:6f:ee:2a:64:55:dd:2e:74:c6:90:d5:
84:04:99:27:04:74:f7:0c:0c:e1:73:0a:0f:f0:cd:
44:bf:c6:b5:5e:84:a6:8f:e5:bc:fb:ef:fb:6f:89:
2a:9f:df:06:5e:27:00:16:48:5a:80:ea:8f:bc:1c:
0f:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:5A:F1:DC:5E:7F:D0:5A:58:DE:3A:D8:72:B8:46:D7:4B:1F:60:82
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/b1rx3F5_0FpY3jrYcrhG10sfYII.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.240.148.0/24
151.247.128.0/24
Signature Algorithm: sha256WithRSAEncryption
56:50:e6:15:9d:d1:bd:35:34:72:2d:48:ef:55:4d:f5:a6:0c:
26:45:7b:df:d4:df:5b:3b:0b:24:8d:6c:55:55:9d:9e:60:dd:
5b:ab:c1:ef:35:b5:c6:60:b8:73:86:4d:5a:bf:53:b5:83:76:
b4:d2:a0:11:60:af:a2:12:c1:4e:9c:8c:83:e3:6c:5d:fe:37:
2a:c2:0c:3c:a7:6f:f8:7a:a3:71:d6:89:d8:57:af:24:ec:41:
a9:15:64:7c:0c:b9:bd:1e:51:cf:bf:fe:22:de:47:9e:ad:9b:
45:87:28:bd:67:7e:f6:61:3e:06:4e:a7:a9:27:8a:4a:2c:89:
0a:79:f3:39:1a:43:e6:17:5a:f0:82:a2:25:3c:ef:d5:99:ad:
e0:ef:e1:37:23:dd:fb:1b:36:58:ca:7a:9b:7f:42:6d:79:82:
3e:93:3a:77:20:97:43:10:38:86:cf:21:f7:55:62:db:7f:61:
69:22:2a:5d:62:70:0e:9b:c9:0d:20:5b:f1:31:9f:d3:e7:c4:
73:40:94:f1:6d:29:32:2e:39:36:3b:06:86:7f:8c:c1:a7:ad:
95:c9:0d:c0:b3:c4:e8:05:bb:fa:42:4c:e2:42:59:5d:b0:d1:
57:97:1f:16:a6:c4:95:8c:a3:f8:11:a8:6b:b4:9d:81:23:0b:
be:80:54:ad
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZ0o5+rcu+Cm0psVn9bsBONOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjYwMzI2MDY0OTQwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjVhZjFkYzVlN2ZkMDVhNThkZTNhZDg3MmI4NDZkNzRiMWY2MDgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxPjs6KvJnsevbKC0MJI03d4FEmvC
Shirf9E/nncU+i5QxH9OuA6jl8oVL+FzsSTijjkle8Z+vSa+oWYx51ec/7ZP/qxM
/KozdW+/83W1n0eC43UGvUP7VG47YqAS9ocqFxJcYlfN1cwjOfwAO6Rw8qPp2iXG
oUGDBDRwRmxJNUqsTD+NMSV8Wu3ct8UPQSMDow7bU4MvXBq44W/zjmp3LHTgt/wF
b6T2No1dWWs7vPnLTCyNwSEvEB689WiMsfOg4D85TLcVb+4qZFXdLnTGkNWEBJkn
BHT3DAzhcwoP8M1Ev8a1XoSmj+W8++/7b4kqn98GXicAFkhagOqPvBwPUQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFG9a8dxef9BaWN462HK4RtdLH2CCMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvYjFyeDNGNV8wRnBZM2pyWWNyaEcxMHNmWUlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAl/CUAwQA
l/eAMA0GCSqGSIb3DQEBCwUAA4IBAQBWUOYVndG9NTRyLUjvVU31pgwmRXvf1N9b
OwskjWxVVZ2eYN1bq8HvNbXGYLhzhk1av1O1g3a00qARYK+iEsFOnIyD42xd/jcq
wgw8p2/4eqNx1onYV68k7EGpFWR8DLm9HlHPv/4i3keerZtFhyi9Z372YT4GTqep
J4pKLIkKefM5GkPmF1rwgqIlPO/Vma3g7+E3I937GzZYynqbf0JteYI+kzp3IJdD
EDiGzyH3VWLbf2FpIipdYnAOm8kNIFvxMZ/T58RzQJTxbSkyLjk2OwaGf4zBp62V
yQ3As8ToBbv6QkziQlldsNFXlx8WpsSVjKP4EahrtJ2BIwu+gFSt
-----END CERTIFICATE-----
Generated at Thu Mar 26 16:15:49 2026 by rpki-client