Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/lfY_qXKKHwjzqPoh_q0vP_Nzpf8.roa
File: lfY_qXKKHwjzqPoh_q0vP_Nzpf8.roa (raw, json)
Hash identifier: D+2iV+J9PBjufshY+d7n9tikujXiQ87Y0koHEQaBsns=
Subject key identifier: 95:F6:3F:A9:72:8A:1F:08:F3:A8:FA:21:FE:AD:2F:3F:F3:73:A5:FF
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019DE220CAE72457966B5591EC0CE2D544A8
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/lfY_qXKKHwjzqPoh_q0vP_Nzpf8.roa
Signing time: Fri 01 May 2026 06:01:33 +0000
ROA not before: Fri 01 May 2026 06:01:33 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 6079
IP address blocks: 37.202.206.0/24 maxlen: 24
151.241.232.0/23 maxlen: 24
151.242.49.0/24 maxlen: 24
151.243.64.0/20 maxlen: 24
151.243.97.0/24 maxlen: 24
151.243.106.0/24 maxlen: 24
151.245.18.0/24 maxlen: 24
151.245.144.0/24 maxlen: 24
151.245.174.0/24 maxlen: 24
151.245.222.0/23 maxlen: 24
151.247.18.0/24 maxlen: 24
151.247.20.0/24 maxlen: 24
151.247.226.0/24 maxlen: 24
151.247.232.0/24 maxlen: 24
151.247.233.0/24 maxlen: 24
151.247.239.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 14 May 2026 06:33:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:e2:20:ca:e7:24:57:96:6b:55:91:ec:0c:e2:d5:44:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: May 1 06:01:33 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=95f63fa9728a1f08f3a8fa21fead2f3ff373a5ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:57:29:ce:26:5c:db:f2:0a:36:c8:ed:4e:8d:
c3:44:9b:87:7e:80:fd:28:34:4a:0f:47:ca:33:3d:
13:63:2f:42:ae:91:ff:1f:e5:c3:6d:2e:98:76:0a:
dc:2f:b5:e1:bc:93:cc:bb:7f:7a:25:cf:02:db:be:
ee:10:d6:41:97:c0:75:b4:96:fc:22:e3:7b:5a:71:
da:81:a6:e7:e9:c7:41:9d:b1:b3:03:93:ac:af:17:
71:38:90:49:da:41:84:c2:cc:e3:5b:66:78:53:0f:
37:1e:3a:27:67:64:49:c1:f6:3a:6b:9e:85:80:11:
9b:1e:b1:53:bf:e8:1d:05:d2:f4:93:31:29:12:07:
55:60:65:67:3e:64:1a:55:47:e0:98:f4:d3:ed:83:
c6:0f:8f:d8:34:31:6a:56:0e:8f:79:6d:78:45:4f:
4c:68:6a:fb:40:8f:11:05:ec:e9:c9:bd:80:0b:2a:
fb:e1:83:51:4f:93:33:ba:e4:7c:47:25:2a:67:82:
d1:5a:35:f5:e6:ea:01:b1:81:a2:91:3a:bc:ab:a8:
a3:f3:43:57:7f:cd:74:c8:db:65:7f:d1:45:7b:e6:
03:7a:d5:a6:3c:ee:90:ce:fb:dc:ae:d6:a4:6e:b2:
ed:37:20:97:e9:2c:63:d2:d3:86:71:00:9c:c2:8b:
0b:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:F6:3F:A9:72:8A:1F:08:F3:A8:FA:21:FE:AD:2F:3F:F3:73:A5:FF
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/lfY_qXKKHwjzqPoh_q0vP_Nzpf8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.202.206.0/24
151.241.232.0/23
151.242.49.0/24
151.243.64.0/20
151.243.97.0/24
151.243.106.0/24
151.245.18.0/24
151.245.144.0/24
151.245.174.0/24
151.245.222.0/23
151.247.18.0/24
151.247.20.0/24
151.247.226.0/24
151.247.232.0/23
151.247.239.0/24
Signature Algorithm: sha256WithRSAEncryption
a2:31:e6:19:e3:2c:4f:cc:c0:30:a7:18:fe:9a:c3:6a:c9:5e:
16:a3:80:ca:e9:bb:6b:45:40:1f:ad:a1:2b:fd:49:be:be:98:
02:f7:8e:6e:d7:72:c8:87:e4:90:e0:43:09:ef:d6:6f:4e:db:
98:be:d1:33:f1:8a:03:8a:80:90:aa:3f:68:b4:f8:e9:ff:3a:
d8:bc:e0:d4:a3:b3:b0:99:5b:08:6d:71:72:b6:b4:b8:a4:93:
d0:12:d1:0e:d7:f7:c8:6d:71:ba:cc:c9:52:0c:45:16:c6:62:
9d:34:2a:d6:d3:7e:e2:62:90:68:dd:07:82:23:cb:9c:22:27:
ba:37:c4:cd:be:94:1c:d7:5d:88:fe:ed:b1:07:80:9c:c2:c1:
26:6f:c0:ff:5e:e6:1c:30:3b:b3:89:00:89:fc:8f:18:e4:a4:
fb:bf:0b:2d:93:c5:e8:73:5b:d5:e6:27:bd:75:7c:19:9f:70:
bb:d8:a9:22:c2:c9:6b:6f:61:6a:d5:b3:9a:7c:a2:7f:2f:7b:
50:ba:4d:d4:fb:22:46:6c:4a:2d:e6:7d:66:0f:93:6c:fd:6e:
6b:36:9c:4a:1c:aa:a9:3b:f8:25:8f:a2:ea:55:18:bd:07:da:
b1:22:2e:99:eb:6b:0c:10:96:43:1e:a0:ed:16:d6:52:c3:c2:
14:02:55:00
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgISAZ3iIMrnJFeWa1WR7Azi1USoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjYwNTAxMDYwMTMzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NWY2M2ZhOTcyOGExZjA4ZjNhOGZhMjFmZWFkMmYzZmYzNzNhNWZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnVcpziZc2/IKNsjtTo3DRJuHfoD9
KDRKD0fKMz0TYy9CrpH/H+XDbS6YdgrcL7XhvJPMu396Jc8C277uENZBl8B1tJb8
IuN7WnHagabn6cdBnbGzA5OsrxdxOJBJ2kGEwszjW2Z4Uw83HjonZ2RJwfY6a56F
gBGbHrFTv+gdBdL0kzEpEgdVYGVnPmQaVUfgmPTT7YPGD4/YNDFqVg6PeW14RU9M
aGr7QI8RBezpyb2ACyr74YNRT5MzuuR8RyUqZ4LRWjX15uoBsYGikTq8q6ij80NX
f810yNtlf9FFe+YDetWmPO6QzvvcrtakbrLtNyCX6Sxj0tOGcQCcwosLhwIDAQAB
o4ICXTCCAlkwHQYDVR0OBBYEFJX2P6lyih8I86j6If6tLz/zc6X/MB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvbGZZX3FYS0tId2p6cVBvaF9xMHZQX056cGY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjBgBAIAATBaAwQAJcrOAwQB
l/HoAwQAl/IxAwQEl/NAAwQAl/NhAwQAl/NqAwQAl/USAwQAl/WQAwQAl/WuAwQB
l/XeAwQAl/cSAwQAl/cUAwQAl/fiAwQBl/foAwQAl/fvMA0GCSqGSIb3DQEBCwUA
A4IBAQCiMeYZ4yxPzMAwpxj+msNqyV4Wo4DK6btrRUAfraEr/Um+vpgC945u13LI
h+SQ4EMJ79ZvTtuYvtEz8YoDioCQqj9otPjp/zrYvODUo7OwmVsIbXFytrS4pJPQ
EtEO1/fIbXG6zMlSDEUWxmKdNCrW037iYpBo3QeCI8ucIie6N8TNvpQc112I/u2x
B4CcwsEmb8D/XuYcMDuziQCJ/I8Y5KT7vwstk8Xoc1vV5ie9dXwZn3C72Kkiwslr
b2Fq1bOafKJ/L3tQuk3U+yJGbEot5n1mD5Ns/W5rNpxKHKqpO/glj6LqVRi9B9qx
Ii6Z62sMEJZDHqDtFtZSw8IUAlUA
-----END CERTIFICATE-----
Generated at Wed May 13 13:46:14 2026 by rpki-client