Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/tAYyOTd3SCTWvlS-S0e0rKKQLz8.roa
File: tAYyOTd3SCTWvlS-S0e0rKKQLz8.roa (raw, json)
Hash identifier: oKYf6VmQYwvAaGUYOvni/kcsLzlkUQHEorCSkyFmT+Y=
Subject key identifier: B4:06:32:39:37:77:48:24:D6:BE:54:BE:4B:47:B4:AC:A2:90:2F:3F
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019DCF4E4C0FE1EB19FA19B10C01BC0F341C
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/tAYyOTd3SCTWvlS-S0e0rKKQLz8.roa
Signing time: Mon 27 Apr 2026 14:18:28 +0000
ROA not before: Mon 27 Apr 2026 14:18:28 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 50338
IP address blocks: 151.243.10.0/24 maxlen: 24
151.243.136.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:cf:4e:4c:0f:e1:eb:19:fa:19:b1:0c:01:bc:0f:34:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Apr 27 14:18:28 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=b406323937774824d6be54be4b47b4aca2902f3f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:37:5c:6d:ca:aa:cb:7e:e1:c1:fd:fc:7e:fa:
b3:5f:80:33:ad:da:d2:5b:9e:6f:66:9f:cc:c7:ca:
57:85:51:df:61:40:a3:e4:4f:eb:3e:ae:ee:7a:f1:
e6:db:76:bc:f4:be:55:52:27:40:a5:3c:0e:20:af:
72:3a:f6:b2:f7:9e:22:0f:e9:a6:0f:e7:98:b4:a7:
a2:6a:6b:1d:54:a8:83:5d:f9:02:00:5c:81:c2:fe:
23:6e:71:0f:4f:32:6f:3c:dd:9e:44:62:4e:65:58:
89:56:2f:69:cb:55:d8:8b:d2:c2:c8:6f:02:f1:be:
0b:d4:9b:d6:c3:e8:12:07:e6:c3:1c:3b:f9:65:3e:
00:39:4f:50:15:9f:ef:12:2d:8a:72:57:1f:c9:3f:
7a:19:8c:3c:7f:86:0e:88:61:33:61:24:9f:3e:6c:
88:8e:99:56:b8:07:49:10:3d:2a:bc:aa:d3:3e:26:
a8:22:6e:bc:e8:45:2c:83:af:5a:48:2e:80:4e:f3:
02:d6:69:70:cb:df:d0:ca:57:59:98:e8:0a:a6:ba:
e0:84:44:e9:2a:9f:a1:20:09:ab:07:ec:f1:21:20:
d6:84:95:c5:85:7b:24:96:d8:aa:9c:34:ce:df:22:
77:22:e7:fc:47:4c:11:98:af:bf:2d:98:4e:eb:f7:
a6:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:06:32:39:37:77:48:24:D6:BE:54:BE:4B:47:B4:AC:A2:90:2F:3F
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/tAYyOTd3SCTWvlS-S0e0rKKQLz8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.243.10.0/24
151.243.136.0/24
Signature Algorithm: sha256WithRSAEncryption
44:38:40:6b:64:8b:5b:fa:08:ed:8f:9e:af:d3:51:84:c2:12:
0b:5e:db:b5:99:a6:2b:13:48:89:db:eb:e4:da:5b:04:e2:ce:
2d:a8:10:14:e4:ac:ca:df:37:12:cd:d4:ad:a8:e5:a3:a6:21:
89:45:ae:ee:f9:a2:ec:9d:94:06:3d:c6:66:50:d0:25:05:4b:
6d:01:47:86:11:58:3f:cc:d1:1b:24:4a:8a:84:85:2a:ef:d9:
3c:cb:77:c1:62:7c:f2:74:c2:15:5a:bb:f2:59:a4:1f:47:e9:
b2:4a:34:87:e5:bc:8b:75:98:17:c9:44:f1:59:9d:2a:8e:de:
c7:bc:56:4f:cb:8b:79:1a:77:16:03:51:66:9d:68:c8:30:3c:
be:39:a8:f7:23:05:24:54:50:5e:29:e1:21:9e:60:90:27:fe:
56:4b:58:a7:73:32:93:a0:b5:75:97:b2:29:84:1c:13:e7:11:
37:b5:cd:5a:72:cb:9b:b3:8f:d7:5d:2d:b6:73:9a:c7:e6:5e:
68:49:dc:81:b8:67:89:f3:e1:d2:ba:b3:92:35:0a:89:21:73:
25:46:80:67:bf:32:5f:00:1c:73:5c:49:53:87:b8:08:20:b5:
d0:7e:3f:3c:49:cc:e6:68:61:ed:46:e6:3b:b1:b0:62:7f:da:
c0:eb:55:b1
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZ3PTkwP4esZ+hmxDAG8DzQcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjYwNDI3MTQxODI4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDA2MzIzOTM3Nzc0ODI0ZDZiZTU0YmU0YjQ3YjRhY2EyOTAyZjNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuDdcbcqqy37hwf38fvqzX4AzrdrS
W55vZp/Mx8pXhVHfYUCj5E/rPq7uevHm23a89L5VUidApTwOIK9yOvay954iD+mm
D+eYtKeiamsdVKiDXfkCAFyBwv4jbnEPTzJvPN2eRGJOZViJVi9py1XYi9LCyG8C
8b4L1JvWw+gSB+bDHDv5ZT4AOU9QFZ/vEi2KclcfyT96GYw8f4YOiGEzYSSfPmyI
jplWuAdJED0qvKrTPiaoIm686EUsg69aSC6ATvMC1mlwy9/QyldZmOgKprrghETp
Kp+hIAmrB+zxISDWhJXFhXskltiqnDTO3yJ3Iuf8R0wRmK+/LZhO6/em2wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLQGMjk3d0gk1r5UvktHtKyikC8/MB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvdEFZeU9UZDNTQ1RXdmxTLVMwZTByS0tRTHo4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAl/MKAwQA
l/OIMA0GCSqGSIb3DQEBCwUAA4IBAQBEOEBrZItb+gjtj56v01GEwhILXtu1maYr
E0iJ2+vk2lsE4s4tqBAU5KzK3zcSzdStqOWjpiGJRa7u+aLsnZQGPcZmUNAlBUtt
AUeGEVg/zNEbJEqKhIUq79k8y3fBYnzydMIVWrvyWaQfR+mySjSH5byLdZgXyUTx
WZ0qjt7HvFZPy4t5GncWA1FmnWjIMDy+Oaj3IwUkVFBeKeEhnmCQJ/5WS1inczKT
oLV1l7IphBwT5xE3tc1acsubs4/XXS22c5rH5l5oSdyBuGeJ8+HSurOSNQqJIXMl
RoBnvzJfABxzXElTh7gIILXQfj88SczmaGHtRuY7sbBif9rA61Wx
-----END CERTIFICATE-----
Generated at Tue May 12 21:38:18 2026 by rpki-client