Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/p2CYo-7hxaKffRPCrgJo_-lcN8E.roa
File: p2CYo-7hxaKffRPCrgJo_-lcN8E.roa (raw, json)
Hash identifier: eCkj/cy5xJF7Sb8Wc3G3cEr8mn1TvgrvP1GvngR+3aI=
Subject key identifier: A7:60:98:A3:EE:E1:C5:A2:9F:7D:13:C2:AE:02:68:FF:E9:5C:37:C1
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019D006FA98FAE185E07F0EE21A3478492A1
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/p2CYo-7hxaKffRPCrgJo_-lcN8E.roa
Signing time: Wed 18 Mar 2026 10:13:31 +0000
ROA not before: Wed 18 Mar 2026 10:13:31 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 215152
IP address blocks: 151.247.47.0/24 maxlen: 24
151.247.164.0/24 maxlen: 24
151.247.176.0/24 maxlen: 24
151.247.179.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:00:6f:a9:8f:ae:18:5e:07:f0:ee:21:a3:47:84:92:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Mar 18 10:13:31 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=a76098a3eee1c5a29f7d13c2ae0268ffe95c37c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:97:a3:71:82:c8:f4:80:d2:18:ad:87:e8:73:
13:91:dc:f1:48:a8:a2:cd:84:0c:35:ce:31:86:16:
8f:eb:af:59:9c:ce:b7:19:a5:c0:df:b7:b1:8f:5d:
09:df:02:9d:08:7e:a1:9f:e2:9c:25:f0:02:81:64:
05:43:bf:82:1e:ba:ff:bb:5c:c7:99:a2:95:27:6c:
ce:bd:ce:09:58:00:42:fa:c2:9f:0d:bd:19:4a:87:
cb:66:38:de:94:f5:bc:32:58:48:84:d8:b0:97:01:
48:9f:47:3b:99:83:4d:72:bb:3c:d2:e1:8f:d8:cb:
68:8a:0a:64:47:32:33:47:3d:cd:d6:66:04:f4:14:
4e:d0:a8:fe:6c:6d:d1:e0:06:f1:3c:5f:5b:0f:54:
d8:9a:a6:0b:6a:2d:71:7c:e1:05:b5:87:51:b4:6e:
7e:d8:b2:43:7b:ae:b4:9b:a8:de:2d:8e:08:4f:45:
3c:0e:8e:4b:1c:0a:e7:97:e3:81:e8:e9:73:41:40:
30:b2:b0:13:d0:4b:c2:02:ff:e3:78:42:ce:bd:af:
ba:30:8e:98:d4:61:8e:1b:55:db:2a:81:36:4a:ce:
c0:7f:a8:64:5c:76:fb:5f:6f:40:01:40:97:76:17:
f3:87:83:51:31:92:dd:ff:74:15:26:9e:d5:17:78:
44:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:60:98:A3:EE:E1:C5:A2:9F:7D:13:C2:AE:02:68:FF:E9:5C:37:C1
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/p2CYo-7hxaKffRPCrgJo_-lcN8E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.247.47.0/24
151.247.164.0/24
151.247.176.0/24
151.247.179.0/24
Signature Algorithm: sha256WithRSAEncryption
44:25:f8:74:90:22:66:1b:2f:dd:70:7a:5d:a9:e4:50:5b:ca:
d5:e5:8e:25:3d:be:11:a0:af:8e:70:61:e0:77:ca:84:81:23:
0d:7d:f6:14:81:70:f1:69:d4:72:a0:a6:34:89:61:8e:a5:01:
3e:d8:67:22:ed:75:c9:ba:76:0a:d3:a4:8f:48:ab:66:fe:cd:
b2:ae:08:f9:f7:53:5b:90:bd:85:11:b2:d8:dc:b9:66:b0:ad:
89:23:13:e7:98:86:82:8d:6b:75:22:42:ce:ac:5a:2d:e2:3e:
cc:05:a1:3c:aa:90:f4:13:43:78:8e:69:b1:5e:34:0d:85:59:
84:77:c3:cf:e2:53:49:46:b2:ff:2c:1b:63:e8:77:e3:4b:cb:
b7:70:a2:30:e4:55:a4:ff:e0:96:67:d7:f4:d2:19:09:e4:e7:
36:a5:61:c8:36:65:83:a3:ab:51:68:f7:9e:0f:d8:d5:1c:88:
80:66:9b:1f:4f:2f:77:4d:d1:4f:7f:fd:8e:6b:76:e4:39:ab:
ad:bc:f1:fc:3d:62:fa:76:1c:55:9d:d6:24:96:d5:a5:6a:ce:
97:01:cd:c0:52:ea:90:cb:c1:61:14:6b:7f:6a:25:12:82:a8:
08:a4:ce:2b:22:4f:43:44:77:51:79:4e:65:06:a4:22:82:12:
04:d6:ef:c9
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZ0Ab6mPrhheB/DuIaNHhJKhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjYwMzE4MTAxMzMxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzYwOThhM2VlZTFjNWEyOWY3ZDEzYzJhZTAyNjhmZmU5NWMzN2MxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1ZejcYLI9IDSGK2H6HMTkdzxSKii
zYQMNc4xhhaP669ZnM63GaXA37exj10J3wKdCH6hn+KcJfACgWQFQ7+CHrr/u1zH
maKVJ2zOvc4JWABC+sKfDb0ZSofLZjjelPW8MlhIhNiwlwFIn0c7mYNNcrs80uGP
2MtoigpkRzIzRz3N1mYE9BRO0Kj+bG3R4AbxPF9bD1TYmqYLai1xfOEFtYdRtG5+
2LJDe660m6jeLY4IT0U8Do5LHArnl+OB6OlzQUAwsrAT0EvCAv/jeELOva+6MI6Y
1GGOG1XbKoE2Ss7Af6hkXHb7X29AAUCXdhfzh4NRMZLd/3QVJp7VF3hEHwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFKdgmKPu4cWin30Twq4CaP/pXDfBMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvcDJDWW8tN2h4YUtmZlJQQ3JnSm9fLWxjTjhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAl/cvAwQA
l/ekAwQAl/ewAwQAl/ezMA0GCSqGSIb3DQEBCwUAA4IBAQBEJfh0kCJmGy/dcHpd
qeRQW8rV5Y4lPb4RoK+OcGHgd8qEgSMNffYUgXDxadRyoKY0iWGOpQE+2Gci7XXJ
unYK06SPSKtm/s2yrgj591NbkL2FEbLY3LlmsK2JIxPnmIaCjWt1IkLOrFot4j7M
BaE8qpD0E0N4jmmxXjQNhVmEd8PP4lNJRrL/LBtj6HfjS8u3cKIw5FWk/+CWZ9f0
0hkJ5Oc2pWHINmWDo6tRaPeeD9jVHIiAZpsfTy93TdFPf/2Oa3bkOautvPH8PWL6
dhxVndYkltWlas6XAc3AUuqQy8FhFGt/aiUSgqgIpM4rIk9DRHdReU5lBqQighIE
1u/J
-----END CERTIFICATE-----
Generated at Thu Mar 26 09:33:10 2026 by rpki-client