Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/yIcn0PN1iJSQo0-xMmRwmb53iPQ.roa
File: yIcn0PN1iJSQo0-xMmRwmb53iPQ.roa (raw, json)
Hash identifier: RoPMXlBywA9mN9iOQCp/ZIsNB0qGJakcOekmZXL6fqs=
Subject key identifier: C8:87:27:D0:F3:75:88:94:90:A3:4F:B1:32:64:70:99:BE:77:88:F4
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019DFDD678405714A40734A616CE7D8B07CF
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/yIcn0PN1iJSQo0-xMmRwmb53iPQ.roa
Signing time: Wed 06 May 2026 15:09:44 +0000
ROA not before: Wed 06 May 2026 15:09:44 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 198486
IP address blocks: 151.242.7.0/24 maxlen: 24
151.242.12.0/24 maxlen: 24
151.242.18.0/24 maxlen: 24
151.242.27.0/24 maxlen: 24
151.242.32.0/24 maxlen: 24
151.242.77.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 23:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:fd:d6:78:40:57:14:a4:07:34:a6:16:ce:7d:8b:07:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: May 6 15:09:44 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=c88727d0f375889490a34fb132647099be7788f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:a4:98:1c:68:dc:76:4d:c4:41:95:fb:07:f5:
97:a9:d7:3b:e9:bf:a3:f2:77:07:94:fc:2b:58:4a:
99:29:2e:26:6e:e4:e2:09:68:47:ed:25:6b:dd:8e:
30:48:af:70:1e:b7:92:c3:6b:e6:41:06:da:df:c0:
dc:7a:f9:3f:f5:3a:aa:77:c3:bb:59:3e:90:ad:04:
70:5c:6a:fd:2c:1d:91:92:76:de:c6:3a:1d:8c:ad:
29:bd:d3:6c:8f:c1:c4:8e:b6:35:57:41:ca:ac:5a:
ab:29:5a:f0:ec:81:b0:b6:ae:cb:67:95:8d:13:f1:
b7:c8:e3:3f:6d:d3:c9:c6:74:09:0c:ca:de:14:bd:
23:54:55:18:32:da:56:28:dc:9e:71:67:d9:55:c3:
ae:58:be:0c:ec:ec:0d:49:f3:ce:e8:bd:a8:a6:71:
01:53:5c:24:7c:fe:63:7a:b8:9a:b1:03:45:dc:08:
eb:46:e8:a3:26:03:71:e4:3d:3e:df:ba:fa:84:0a:
61:d2:7b:ff:3a:9b:a5:b4:d3:cc:01:1e:7b:f4:05:
62:94:b0:ed:08:df:c7:df:1c:06:94:63:bf:78:83:
83:6b:8c:a0:f4:3b:62:9c:1e:f0:92:6d:90:1d:24:
97:f6:fe:8d:a1:02:ce:84:a3:26:e1:93:b5:8d:8c:
51:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:87:27:D0:F3:75:88:94:90:A3:4F:B1:32:64:70:99:BE:77:88:F4
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/yIcn0PN1iJSQo0-xMmRwmb53iPQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.242.7.0/24
151.242.12.0/24
151.242.18.0/24
151.242.27.0/24
151.242.32.0/24
151.242.77.0/24
Signature Algorithm: sha256WithRSAEncryption
72:f7:fe:66:4e:36:b4:62:f4:e5:ba:18:68:87:65:a6:f3:0b:
ea:7a:34:ac:77:c5:cc:35:9f:d1:71:0d:b1:01:bf:18:33:fa:
c9:03:6b:ac:32:0c:5f:ff:a3:f9:2f:97:cd:a6:16:ef:a3:a5:
4c:35:05:8a:73:f9:b3:69:8f:f4:c3:85:fd:67:5e:86:6f:1b:
21:13:76:69:bd:27:53:c3:c7:c6:e3:51:c0:26:8e:2a:2a:02:
52:ea:ff:22:a7:77:88:ef:df:ba:4b:38:09:00:1a:06:bb:91:
36:9d:13:0d:8e:59:5c:a2:64:6b:16:e4:78:8d:ad:cf:bf:50:
3f:bf:fe:f2:5d:8c:f3:89:5a:6a:43:0f:68:4f:76:8e:d7:7f:
56:37:a7:06:cf:90:67:f4:23:e8:54:d4:2f:55:e6:6a:34:5f:
b7:de:1a:92:74:9f:0d:cd:30:b8:9d:a1:d7:74:5b:2c:45:6b:
3b:cd:e1:0b:9a:46:d9:4e:ab:ed:8b:68:c8:c4:57:c7:3e:62:
8d:c0:b3:be:25:5c:cf:84:0d:89:f5:60:4c:8e:aa:a9:9a:1f:
7b:fd:b8:66:d2:9c:bd:1d:10:38:b8:13:08:b9:06:26:6d:7e:
2b:9e:56:5f:cf:33:60:2c:19:db:53:88:00:ce:19:8d:85:8f:
59:8e:2f:d6
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZ391nhAVxSkBzSmFs59iwfPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjYwNTA2MTUwOTQ0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODg3MjdkMGYzNzU4ODk0OTBhMzRmYjEzMjY0NzA5OWJlNzc4OGY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA66SYHGjcdk3EQZX7B/WXqdc76b+j
8ncHlPwrWEqZKS4mbuTiCWhH7SVr3Y4wSK9wHreSw2vmQQba38Dcevk/9Tqqd8O7
WT6QrQRwXGr9LB2RknbexjodjK0pvdNsj8HEjrY1V0HKrFqrKVrw7IGwtq7LZ5WN
E/G3yOM/bdPJxnQJDMreFL0jVFUYMtpWKNyecWfZVcOuWL4M7OwNSfPO6L2opnEB
U1wkfP5jeriasQNF3AjrRuijJgNx5D0+37r6hAph0nv/OpultNPMAR579AVilLDt
CN/H3xwGlGO/eIODa4yg9DtinB7wkm2QHSSX9v6NoQLOhKMm4ZO1jYxRSwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFMiHJ9DzdYiUkKNPsTJkcJm+d4j0MB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEveUljbjBQTjFpSlNRbzAteE1tUndtYjUzaVBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAl/IHAwQA
l/IMAwQAl/ISAwQAl/IbAwQAl/IgAwQAl/JNMA0GCSqGSIb3DQEBCwUAA4IBAQBy
9/5mTja0YvTluhhoh2Wm8wvqejSsd8XMNZ/RcQ2xAb8YM/rJA2usMgxf/6P5L5fN
phbvo6VMNQWKc/mzaY/0w4X9Z16GbxshE3ZpvSdTw8fG41HAJo4qKgJS6v8ip3eI
79+6SzgJABoGu5E2nRMNjllcomRrFuR4ja3Pv1A/v/7yXYzziVpqQw9oT3aO139W
N6cGz5Bn9CPoVNQvVeZqNF+33hqSdJ8NzTC4naHXdFssRWs7zeELmkbZTqvti2jI
xFfHPmKNwLO+JVzPhA2J9WBMjqqpmh97/bhm0py9HRA4uBMIuQYmbX4rnlZfzzNg
LBnbU4gAzhmNhY9Zji/W
-----END CERTIFICATE-----
Generated at Wed May 13 03:55:38 2026 by rpki-client