Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/kLj_jmYCQa7J0wIhqnL_ao5PjLI.roa
File: kLj_jmYCQa7J0wIhqnL_ao5PjLI.roa (raw, json)
Hash identifier: wzTm8RCOOhKqesUDCz09z4CiD3EZUbTgIXFf7BjdjBI=
Subject key identifier: 90:B8:FF:8E:66:02:41:AE:C9:D3:02:21:AA:72:FF:6A:8E:4F:8C:B2
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019D062A57808D7A6C39DE7E22EA2A37649A
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/kLj_jmYCQa7J0wIhqnL_ao5PjLI.roa
Signing time: Thu 19 Mar 2026 12:55:31 +0000
ROA not before: Thu 19 Mar 2026 12:55:31 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 23470
IP address blocks: 151.243.162.0/24 maxlen: 24
151.245.32.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 07:56:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:06:2a:57:80:8d:7a:6c:39:de:7e:22:ea:2a:37:64:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Mar 19 12:55:31 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=90b8ff8e660241aec9d30221aa72ff6a8e4f8cb2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:6d:77:1b:4e:a7:b9:05:68:8e:8b:11:2c:9b:
79:c5:1f:4d:78:8e:c3:60:fd:83:cc:1c:8a:63:9d:
ce:f0:0d:e2:fa:d4:47:7f:a2:45:27:47:95:02:a1:
ac:fe:65:40:3a:6d:e6:ab:28:9c:25:2c:b5:07:d1:
45:c8:9f:0d:9e:85:4c:2a:54:5b:ad:06:bb:43:bc:
9f:0f:9f:25:0d:89:53:95:9c:41:16:75:e9:b8:8d:
6a:a8:c5:7e:6f:8d:ab:21:f3:22:be:d0:ea:7b:3c:
2b:e9:da:85:2a:50:ad:4c:d8:aa:60:36:c4:bb:47:
f1:63:4e:a2:75:bc:35:ce:77:4e:fa:90:b4:29:14:
4e:b0:02:fe:44:30:4f:1e:a9:37:33:03:3c:b3:a5:
c6:cc:83:67:1a:ec:d4:ae:0f:39:01:02:98:e1:cc:
d5:b4:05:ad:02:5c:05:80:a3:2a:b7:0a:5e:48:d6:
f8:b4:37:cb:56:e9:42:3c:66:c2:72:51:41:92:5b:
10:fc:27:cc:82:8a:03:3c:10:60:16:70:f2:b1:05:
b1:90:74:f1:1a:4a:08:e6:5f:ae:a1:6b:ce:f2:f5:
32:d8:d2:42:c5:9b:ac:16:39:3b:75:1e:cf:06:42:
46:0b:57:e5:e8:de:1a:85:93:da:69:c9:8a:6f:fe:
27:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:B8:FF:8E:66:02:41:AE:C9:D3:02:21:AA:72:FF:6A:8E:4F:8C:B2
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/kLj_jmYCQa7J0wIhqnL_ao5PjLI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.243.162.0/24
151.245.32.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:26:f9:45:b1:1f:c7:df:73:c5:6a:9d:76:e0:62:78:9c:ee:
92:67:8f:c0:ca:5e:27:02:f7:a0:39:f3:5c:f0:9f:5d:41:e8:
e6:90:75:21:cf:cc:01:2e:36:b3:27:b5:b3:7c:a3:0e:05:12:
9a:3d:25:9a:f7:70:81:8b:98:97:76:3f:89:1c:b9:00:e2:aa:
55:c6:58:6d:1e:08:c4:1f:7a:a5:be:0e:0e:3b:fc:12:a3:04:
2d:a1:13:e9:10:0f:e9:0b:a2:de:21:26:ea:88:36:b5:18:04:
12:86:3d:b1:95:3e:32:7a:33:87:35:2a:ee:02:f3:fd:be:00:
d1:d4:74:d4:47:d4:1c:b8:45:0c:db:1b:62:d8:b8:b8:60:b3:
b8:32:94:23:ed:5a:1e:c0:f2:cd:98:8e:7f:c6:1d:c3:17:f7:
04:67:a0:bf:c4:fb:95:b5:04:db:bb:cc:17:bd:5f:31:45:09:
3d:af:eb:1a:49:05:e8:90:e5:a8:b6:f3:b6:d0:5b:8d:f7:a3:
84:b4:a7:7f:5c:d8:57:79:3e:2d:c2:73:11:1a:af:55:74:f8:
c1:dd:ae:d7:50:28:f6:24:60:82:e8:6f:2b:99:f2:94:30:de:
bf:65:51:48:a2:35:99:d7:07:a2:f0:42:f4:82:5f:fd:61:b1:
4d:32:66:6b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZ0GKleAjXpsOd5+IuoqN2SaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjYwMzE5MTI1NTMxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MGI4ZmY4ZTY2MDI0MWFlYzlkMzAyMjFhYTcyZmY2YThlNGY4Y2IyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0213G06nuQVojosRLJt5xR9NeI7D
YP2DzByKY53O8A3i+tRHf6JFJ0eVAqGs/mVAOm3mqyicJSy1B9FFyJ8NnoVMKlRb
rQa7Q7yfD58lDYlTlZxBFnXpuI1qqMV+b42rIfMivtDqezwr6dqFKlCtTNiqYDbE
u0fxY06idbw1zndO+pC0KRROsAL+RDBPHqk3MwM8s6XGzINnGuzUrg85AQKY4czV
tAWtAlwFgKMqtwpeSNb4tDfLVulCPGbCclFBklsQ/CfMgooDPBBgFnDysQWxkHTx
GkoI5l+uoWvO8vUy2NJCxZusFjk7dR7PBkJGC1fl6N4ahZPaacmKb/4nBwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJC4/45mAkGuydMCIapy/2qOT4yyMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEva0xqX2ptWUNRYTdKMHdJaHFuTF9hbzVQakxJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAl/OiAwQA
l/UgMA0GCSqGSIb3DQEBCwUAA4IBAQA8JvlFsR/H33PFap124GJ4nO6SZ4/Ayl4n
AvegOfNc8J9dQejmkHUhz8wBLjazJ7WzfKMOBRKaPSWa93CBi5iXdj+JHLkA4qpV
xlhtHgjEH3qlvg4OO/wSowQtoRPpEA/pC6LeISbqiDa1GAQShj2xlT4yejOHNSru
AvP9vgDR1HTUR9QcuEUM2xti2Li4YLO4MpQj7VoewPLNmI5/xh3DF/cEZ6C/xPuV
tQTbu8wXvV8xRQk9r+saSQXokOWotvO20FuN96OEtKd/XNhXeT4twnMRGq9VdPjB
3a7XUCj2JGCC6G8rmfKUMN6/ZVFIojWZ1wei8EL0gl/9YbFNMmZr
-----END CERTIFICATE-----
Generated at Thu Mar 26 13:14:38 2026 by rpki-client