Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/5e23ae-6338-48dd-a304-c2a43b080d6f/1/9svF7XV_8rFyGg_nZWGhuxLsBGo.roa
File: 9svF7XV_8rFyGg_nZWGhuxLsBGo.roa (raw, json)
Hash identifier: HYZcH7ciR/GKsfvNl9giR0/lMm/wD2BnMycPbF+v6tY=
Subject key identifier: F6:CB:C5:ED:75:7F:F2:B1:72:1A:0F:E7:65:61:A1:BB:12:EC:04:6A
Certificate issuer: /CN=a8b31004df135aa1a8b943033db14691b11a63dd
Certificate serial: 019C55E93588A9500044FDE5A902853EAF3C
Authority key identifier: A8:B3:10:04:DF:13:5A:A1:A8:B9:43:03:3D:B1:46:91:B1:1A:63:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qLMQBN8TWqGouUMDPbFGkbEaY90.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/5e23ae-6338-48dd-a304-c2a43b080d6f/1/9svF7XV_8rFyGg_nZWGhuxLsBGo.roa
Signing time: Fri 13 Feb 2026 07:31:12 +0000
ROA not before: Fri 13 Feb 2026 07:31:12 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 3242
IP address blocks: 151.1.0.0/18 maxlen: 18
151.1.0.0/23 maxlen: 23
151.1.0.0/24 maxlen: 24
151.1.1.0/24 maxlen: 24
151.1.2.0/23 maxlen: 23
151.1.4.0/22 maxlen: 22
151.1.7.0/24 maxlen: 24
151.1.8.0/21 maxlen: 21
151.1.16.0/20 maxlen: 20
151.1.24.0/21 maxlen: 21
151.1.32.0/19 maxlen: 19
151.1.32.0/21 maxlen: 21
151.1.40.0/23 maxlen: 23
151.1.42.0/23 maxlen: 23
151.1.44.0/23 maxlen: 23
151.1.46.0/23 maxlen: 23
151.1.48.0/24 maxlen: 24
151.1.49.0/24 maxlen: 24
151.1.50.0/24 maxlen: 24
151.1.62.0/24 maxlen: 24
151.1.66.0/23 maxlen: 23
151.1.68.0/22 maxlen: 22
151.1.72.0/24 maxlen: 24
151.1.74.0/23 maxlen: 23
151.1.76.0/22 maxlen: 22
151.1.80.0/20 maxlen: 20
151.1.84.0/24 maxlen: 24
151.1.96.0/22 maxlen: 22
151.1.104.0/21 maxlen: 21
151.1.112.0/20 maxlen: 20
151.1.128.0/18 maxlen: 18
151.1.192.0/18 maxlen: 18
151.1.192.0/22 maxlen: 22
151.1.192.0/24 maxlen: 24
151.1.194.0/24 maxlen: 24
151.1.195.0/24 maxlen: 24
151.1.196.0/22 maxlen: 22
151.1.200.0/21 maxlen: 21
151.1.203.0/24 maxlen: 24
151.1.208.0/21 maxlen: 21
151.1.212.0/24 maxlen: 24
151.1.216.0/21 maxlen: 21
151.1.224.0/19 maxlen: 19
151.1.227.0/24 maxlen: 24
151.1.232.0/21 maxlen: 21
151.1.244.0/24 maxlen: 24
151.2.0.0/20 maxlen: 20
151.2.32.0/19 maxlen: 19
151.2.36.0/24 maxlen: 24
151.2.96.0/20 maxlen: 20
151.2.102.0/24 maxlen: 24
2a01:65c0::/32 maxlen: 32
2a01:65c0:100::/48 maxlen: 48
2a01:65c0:101::/48 maxlen: 48
2a01:65c0:200::/40 maxlen: 40
2a01:65c0:e00::/48 maxlen: 48
2a01:65c0:e01::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1e/5e23ae-6338-48dd-a304-c2a43b080d6f/1/qLMQBN8TWqGouUMDPbFGkbEaY90.crl
rsync://rpki.ripe.net/repository/DEFAULT/1e/5e23ae-6338-48dd-a304-c2a43b080d6f/1/qLMQBN8TWqGouUMDPbFGkbEaY90.mft
rsync://rpki.ripe.net/repository/DEFAULT/qLMQBN8TWqGouUMDPbFGkbEaY90.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:55:e9:35:88:a9:50:00:44:fd:e5:a9:02:85:3e:af:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a8b31004df135aa1a8b943033db14691b11a63dd
Validity
Not Before: Feb 13 07:31:12 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=f6cbc5ed757ff2b1721a0fe76561a1bb12ec046a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:51:ab:68:29:ca:a4:f5:20:e5:d7:d4:86:16:
1f:6f:41:29:c9:82:c6:d5:0d:27:b4:42:aa:0c:cb:
fc:5c:ff:17:d2:de:57:96:de:e3:0c:68:fc:b8:44:
c3:31:47:a6:0f:f2:69:92:ad:7d:18:56:a3:26:2c:
7e:c2:75:09:b2:71:d4:e2:f8:be:ac:ea:7e:59:83:
2f:4f:52:1e:08:c8:81:79:9e:9d:95:e3:00:e2:24:
64:b7:b7:83:ae:84:c1:af:7a:7f:70:ae:d9:52:17:
08:fb:94:41:d1:c2:2b:9d:fc:ee:88:cf:80:4b:65:
54:23:4a:79:bc:34:72:1c:cf:61:ca:ed:90:e3:02:
0c:23:f8:59:8e:a5:5b:a0:f9:0c:ae:2a:0c:a7:f1:
ba:46:1f:b0:32:83:a9:78:b2:be:e5:8d:de:5a:07:
39:ce:84:d8:7e:aa:42:43:81:36:33:92:3c:c4:31:
c8:84:be:b2:0a:23:4d:bf:e4:1a:58:62:38:45:c4:
8b:c2:4c:0a:93:76:a7:be:78:9c:f1:a5:2d:76:a5:
9d:b8:a0:e2:83:38:bf:d5:df:a4:2e:ce:a5:09:ef:
b5:31:8f:a4:c5:6a:b9:63:11:d4:4e:8e:6f:66:ce:
03:f7:78:2f:21:f1:27:7b:c9:fd:2e:3f:f7:b2:48:
ff:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:CB:C5:ED:75:7F:F2:B1:72:1A:0F:E7:65:61:A1:BB:12:EC:04:6A
X509v3 Authority Key Identifier:
keyid:A8:B3:10:04:DF:13:5A:A1:A8:B9:43:03:3D:B1:46:91:B1:1A:63:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qLMQBN8TWqGouUMDPbFGkbEaY90.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/5e23ae-6338-48dd-a304-c2a43b080d6f/1/9svF7XV_8rFyGg_nZWGhuxLsBGo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/5e23ae-6338-48dd-a304-c2a43b080d6f/1/qLMQBN8TWqGouUMDPbFGkbEaY90.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.1.0.0/18
151.1.66.0-151.1.72.255
151.1.74.0-151.1.99.255
151.1.104.0-151.2.15.255
151.2.32.0/19
151.2.96.0/20
IPv6:
2a01:65c0::/32
Signature Algorithm: sha256WithRSAEncryption
02:c5:50:75:8f:31:49:49:2d:e5:2e:3a:19:dd:24:5a:9c:e7:
5b:ef:16:f8:d9:9c:7c:77:17:08:dd:f0:40:bd:27:14:b8:2b:
a8:a4:cf:15:7c:30:50:97:e7:60:92:69:99:4e:3b:b4:87:4e:
fd:bb:b9:eb:c7:00:eb:e1:8b:4b:fe:19:05:d3:79:7c:1a:e1:
d3:8c:89:59:44:27:e0:95:5e:7b:8d:66:a7:ab:ea:ff:7a:41:
94:37:06:79:54:de:8a:78:48:38:55:b3:5a:f8:b1:f3:41:6c:
15:8b:47:92:cc:6a:7d:39:e5:5f:b9:c5:90:55:31:21:4b:78:
0f:2b:ce:0e:45:04:a1:6a:a0:8e:d5:4c:12:8b:1e:75:6d:60:
dc:52:33:ae:f7:a3:38:69:a6:62:6d:76:b5:61:86:14:21:f9:
49:4d:4c:89:70:e0:89:c9:22:67:95:54:4b:fd:e3:bd:c2:62:
17:dd:04:4f:da:8b:d0:6e:b3:8c:71:d9:f2:1c:a9:67:7c:30:
f3:12:63:60:a5:cf:1d:7f:e0:13:73:4d:d4:0a:48:e7:37:d6:
6e:26:d5:54:09:b2:76:b0:10:3d:da:c9:f9:0f:46:c1:29:d6:
11:27:28:5f:4e:b9:44:83:d0:73:61:33:56:2e:c9:dc:19:2d:
dd:07:83:df
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgISAZxV6TWIqVAARP3lqQKFPq88MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4YjMxMDA0ZGYxMzVhYTFhOGI5NDMwMzNkYjE0NjkxYjEx
YTYzZGQwHhcNMjYwMjEzMDczMTEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNmNiYzVlZDc1N2ZmMmIxNzIxYTBmZTc2NTYxYTFiYjEyZWMwNDZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAylGraCnKpPUg5dfUhhYfb0EpyYLG
1Q0ntEKqDMv8XP8X0t5Xlt7jDGj8uETDMUemD/Jpkq19GFajJix+wnUJsnHU4vi+
rOp+WYMvT1IeCMiBeZ6dleMA4iRkt7eDroTBr3p/cK7ZUhcI+5RB0cIrnfzuiM+A
S2VUI0p5vDRyHM9hyu2Q4wIMI/hZjqVboPkMrioMp/G6Rh+wMoOpeLK+5Y3eWgc5
zoTYfqpCQ4E2M5I8xDHIhL6yCiNNv+QaWGI4RcSLwkwKk3anvnic8aUtdqWduKDi
gzi/1d+kLs6lCe+1MY+kxWq5YxHUTo5vZs4D93gvIfEne8n9Lj/3skj/QQIDAQAB
o4ICTjCCAkowHQYDVR0OBBYEFPbLxe11f/KxchoP52VhobsS7ARqMB8GA1UdIwQY
MBaAFKizEATfE1qhqLlDAz2xRpGxGmPdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUxNUUJOOFRXcUdvdVVNRFBiRkdrYkVhWTkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS81ZTIzYWUtNjMzOC00OGRkLWEzMDQt
YzJhNDNiMDgwZDZmLzEvOXN2RjdYVl84ckZ5R2dfblpXR2h1eExzQkdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS81ZTIzYWUtNjMzOC00OGRkLWEzMDQtYzJhNDNiMDgwZDZm
LzEvcUxNUUJOOFRXcUdvdVVNRFBiRkdrYkVhWTkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGQGCCsGAQUFBwEHAQH/BFUwUzBCBAIAATA8AwQGlwEAMAwD
BAGXAUIDBACXAUgwDAMEAZcBSgMEApcBYDAMAwQDlwFoAwQElwIAAwQFlwIgAwQE
lwJgMA0EAgACMAcDBQAqAWXAMA0GCSqGSIb3DQEBCwUAA4IBAQACxVB1jzFJSS3l
LjoZ3SRanOdb7xb42Zx8dxcI3fBAvScUuCuopM8VfDBQl+dgkmmZTju0h079u7nr
xwDr4YtL/hkF03l8GuHTjIlZRCfglV57jWanq+r/ekGUNwZ5VN6KeEg4VbNa+LHz
QWwVi0eSzGp9OeVfucWQVTEhS3gPK84ORQShaqCO1UwSix51bWDcUjOu96M4aaZi
bXa1YYYUIflJTUyJcOCJySJnlVRL/eO9wmIX3QRP2ovQbrOMcdnyHKlnfDDzEmNg
pc8df+ATc03UCkjnN9ZuJtVUCbJ2sBA92sn5D0bBKdYRJyhfTrlEg9BzYTNWLsnc
GS3dB4Pf
-----END CERTIFICATE-----
Generated at Mon Mar 2 10:18:28 2026 by rpki-client