Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/c_xqNLCewsCGrFKCVzzT3N0Pivs.roa
File: c_xqNLCewsCGrFKCVzzT3N0Pivs.roa (raw, json)
Hash identifier: sKKxHCdWquBGQZlRoZWu35wiV9nKnkAOC3mU2mmWb7g=
Subject key identifier: 73:FC:6A:34:B0:9E:C2:C0:86:AC:52:82:57:3C:D3:DC:DD:0F:8A:FB
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019D28E52A652FAD06AB72E56ECD9EDAEA77
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/c_xqNLCewsCGrFKCVzzT3N0Pivs.roa
Signing time: Thu 26 Mar 2026 06:46:40 +0000
ROA not before: Thu 26 Mar 2026 06:46:40 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 63199
IP address blocks: 151.242.77.0/24 maxlen: 24
151.243.165.0/24 maxlen: 24
151.244.4.0/24 maxlen: 24
151.247.128.0/24 maxlen: 24
151.247.150.0/24 maxlen: 24
151.247.163.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 07:56:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:28:e5:2a:65:2f:ad:06:ab:72:e5:6e:cd:9e:da:ea:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Mar 26 06:46:40 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=73fc6a34b09ec2c086ac5282573cd3dcdd0f8afb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:1c:dd:40:a4:e8:5c:30:d4:2f:66:aa:94:23:
5b:d6:0d:87:a3:69:df:29:f9:1c:13:32:bb:56:a7:
09:e5:73:e2:a2:56:2e:34:09:27:41:e6:44:c4:70:
f3:cf:ce:0d:a5:be:b8:52:bd:81:7d:07:4b:57:ab:
77:98:44:23:fe:69:fe:9a:61:65:d2:06:f9:8c:72:
e0:89:85:19:fb:b0:9d:90:37:53:5c:cb:97:66:bb:
5e:e8:1f:e5:49:fa:63:f3:74:f6:3b:37:1c:f7:40:
db:28:cd:a7:bb:a2:b1:07:33:15:8a:6a:d2:03:82:
c1:48:ce:cb:af:f7:a7:42:27:24:57:4d:76:c9:6f:
4b:89:07:1c:da:19:89:6b:21:34:b8:cd:2a:38:ca:
3a:08:ef:3a:af:00:b6:4b:fe:e7:65:83:05:97:80:
c7:cb:db:11:97:6d:e0:c8:02:d2:f4:27:d0:6d:f4:
5b:60:26:7c:55:0c:93:c8:88:31:aa:14:40:0d:61:
fc:7f:df:aa:fc:cc:88:bd:4d:02:37:03:51:34:ee:
2d:a4:47:11:6b:6b:2b:35:85:cd:92:26:b6:9c:93:
76:81:50:9f:05:8a:74:13:7e:84:4b:d2:84:b9:1c:
93:0e:5e:72:6c:27:a4:38:63:26:03:51:07:ee:07:
13:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:FC:6A:34:B0:9E:C2:C0:86:AC:52:82:57:3C:D3:DC:DD:0F:8A:FB
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/c_xqNLCewsCGrFKCVzzT3N0Pivs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.242.77.0/24
151.243.165.0/24
151.244.4.0/24
151.247.128.0/24
151.247.150.0/24
151.247.163.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:0b:84:cc:3b:70:ac:e7:59:8a:cd:44:e4:3e:7b:36:fa:c3:
db:a5:da:2f:9f:36:85:0d:a1:4c:33:87:7e:1f:db:b4:7c:ba:
ee:fa:b1:a1:11:ce:84:94:2b:c9:22:2a:4b:d4:e1:41:d5:2a:
b0:c1:d8:88:59:e4:f7:95:8f:ad:d2:1c:d8:e0:2d:1d:c9:60:
83:f7:e4:0e:a3:1e:83:66:e4:d0:e0:6b:da:a3:24:2e:e1:d1:
6b:df:7e:29:f9:94:7c:8f:96:3d:d0:4a:bd:8b:e7:d3:9a:73:
3a:6e:41:df:c5:7a:42:33:0d:8a:da:5f:7f:20:a8:da:eb:e1:
04:f4:75:bc:a5:80:28:b2:90:4d:95:0e:ab:d6:7e:63:eb:81:
87:1e:f8:b1:98:f4:2d:eb:35:ed:a1:09:02:99:03:cc:46:9a:
ef:7c:9b:fc:33:e8:00:1c:bf:e7:9d:f8:c1:5d:d5:10:cc:2b:
2f:4a:75:ea:f2:e7:0e:9f:be:a2:65:2f:f2:45:38:c6:7b:67:
02:69:34:9e:6c:c8:a9:2e:6d:e5:1b:cd:4a:b9:3c:1b:0a:cf:
52:56:b9:16:a4:06:ca:24:e8:76:0f:fe:48:d7:cd:aa:06:3d:
f8:73:5f:b9:4c:50:5f:76:b8:aa:c9:ee:62:47:03:11:8f:60:
b3:82:f7:70
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZ0o5SplL60Gq3Llbs2e2up3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjYwMzI2MDY0NjQwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3M2ZjNmEzNGIwOWVjMmMwODZhYzUyODI1NzNjZDNkY2RkMGY4YWZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArhzdQKToXDDUL2aqlCNb1g2Ho2nf
KfkcEzK7VqcJ5XPiolYuNAknQeZExHDzz84Npb64Ur2BfQdLV6t3mEQj/mn+mmFl
0gb5jHLgiYUZ+7CdkDdTXMuXZrte6B/lSfpj83T2Ozcc90DbKM2nu6KxBzMVimrS
A4LBSM7Lr/enQickV012yW9LiQcc2hmJayE0uM0qOMo6CO86rwC2S/7nZYMFl4DH
y9sRl23gyALS9CfQbfRbYCZ8VQyTyIgxqhRADWH8f9+q/MyIvU0CNwNRNO4tpEcR
a2srNYXNkia2nJN2gVCfBYp0E36ES9KEuRyTDl5ybCekOGMmA1EH7gcTwwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFHP8ajSwnsLAhqxSglc809zdD4r7MB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvY194cU5MQ2V3c0NHckZLQ1Z6elQzTjBQaXZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAl/JNAwQA
l/OlAwQAl/QEAwQAl/eAAwQAl/eWAwQAl/ejMA0GCSqGSIb3DQEBCwUAA4IBAQBr
C4TMO3Cs51mKzUTkPns2+sPbpdovnzaFDaFMM4d+H9u0fLru+rGhEc6ElCvJIipL
1OFB1SqwwdiIWeT3lY+t0hzY4C0dyWCD9+QOox6DZuTQ4GvaoyQu4dFr334p+ZR8
j5Y90Eq9i+fTmnM6bkHfxXpCMw2K2l9/IKja6+EE9HW8pYAospBNlQ6r1n5j64GH
HvixmPQt6zXtoQkCmQPMRprvfJv8M+gAHL/nnfjBXdUQzCsvSnXq8ucOn76iZS/y
RTjGe2cCaTSebMipLm3lG81KuTwbCs9SVrkWpAbKJOh2D/5I182qBj34c1+5TFBf
driqye5iRwMRj2Czgvdw
-----END CERTIFICATE-----
Generated at Thu Mar 26 16:15:49 2026 by rpki-client