Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/01qtHf3VA7QNfG5bDUEI2wal1c0.roa
File: 01qtHf3VA7QNfG5bDUEI2wal1c0.roa (raw, json)
Hash identifier: 5h8tTWXcw6odlmtAqr+Da1slncHXIp7S7IhisT40mwA=
Subject key identifier: D3:5A:AD:1D:FD:D5:03:B4:0D:7C:6E:5B:0D:41:08:DB:06:A5:D5:CD
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019D731F90BF906B497763CDD3F92BB3E1D6
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/01qtHf3VA7QNfG5bDUEI2wal1c0.roa
Signing time: Thu 09 Apr 2026 16:42:21 +0000
ROA not before: Thu 09 Apr 2026 16:42:21 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 2856
IP address blocks: 151.240.180.0/22 maxlen: 24
151.240.184.0/22 maxlen: 24
151.240.188.0/22 maxlen: 24
151.240.192.0/22 maxlen: 24
151.240.196.0/22 maxlen: 24
151.240.200.0/22 maxlen: 24
151.241.52.0/22 maxlen: 24
151.241.56.0/22 maxlen: 24
151.241.60.0/22 maxlen: 24
151.241.180.0/22 maxlen: 24
151.241.184.0/22 maxlen: 24
151.241.188.0/22 maxlen: 24
151.241.192.0/22 maxlen: 24
151.241.196.0/22 maxlen: 24
151.241.200.0/22 maxlen: 24
151.242.24.0/24 maxlen: 24
151.242.42.0/24 maxlen: 24
151.243.254.0/24 maxlen: 24
151.244.80.0/22 maxlen: 24
151.244.204.0/22 maxlen: 24
151.244.208.0/22 maxlen: 24
151.245.80.0/22 maxlen: 24
151.245.204.0/22 maxlen: 24
151.245.208.0/22 maxlen: 24
151.246.145.0/24 maxlen: 24
151.246.239.0/24 maxlen: 24
151.247.220.0/24 maxlen: 24
151.247.231.0/24 maxlen: 24
151.247.245.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:73:1f:90:bf:90:6b:49:77:63:cd:d3:f9:2b:b3:e1:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Apr 9 16:42:21 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=d35aad1dfdd503b40d7c6e5b0d4108db06a5d5cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:19:16:69:58:23:ff:11:c8:a3:31:dd:78:2b:
ef:a5:01:c8:52:5c:bf:8d:a4:5c:cc:ec:af:ed:f7:
54:2a:9b:dd:93:1f:90:6a:ef:f3:ea:54:20:c4:d4:
53:25:b3:c2:7f:ac:7f:4d:b4:77:2a:a3:d4:9f:ef:
54:9b:34:be:2a:0d:39:fc:64:ef:6d:72:a8:6d:0d:
90:a7:20:df:e5:82:7a:2b:dd:de:39:c2:fe:52:6d:
3b:79:d9:d5:ba:b0:77:7a:0c:d8:f0:67:3c:af:c2:
cf:6b:56:20:4a:89:89:1d:2b:97:ea:6f:0c:ba:6c:
08:1e:18:a8:ee:32:01:cf:c2:59:83:82:5c:72:97:
e3:bc:44:34:e6:b9:2b:44:d5:07:18:bd:98:d2:30:
a1:2a:31:66:1c:35:25:ca:b4:68:ab:5f:c1:83:c1:
81:74:81:52:48:bd:96:bb:c4:98:dc:1b:17:8b:d8:
72:22:32:c7:4d:d0:df:3b:48:6d:6d:95:22:eb:21:
e2:d3:e0:fc:69:9c:cb:ba:9a:7c:87:99:59:15:c6:
67:ed:35:7a:0c:cf:1b:25:a2:86:49:55:f3:56:e4:
80:d5:ab:69:f6:1e:6c:1c:67:32:9d:a2:79:54:14:
cd:57:40:4d:0b:71:d4:0e:66:57:44:26:3c:1a:62:
54:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:5A:AD:1D:FD:D5:03:B4:0D:7C:6E:5B:0D:41:08:DB:06:A5:D5:CD
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/01qtHf3VA7QNfG5bDUEI2wal1c0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.240.180.0-151.240.203.255
151.241.52.0-151.241.63.255
151.241.180.0-151.241.203.255
151.242.24.0/24
151.242.42.0/24
151.243.254.0/24
151.244.80.0/22
151.244.204.0-151.244.211.255
151.245.80.0/22
151.245.204.0-151.245.211.255
151.246.145.0/24
151.246.239.0/24
151.247.220.0/24
151.247.231.0/24
151.247.245.0/24
Signature Algorithm: sha256WithRSAEncryption
80:f6:72:ae:80:bd:16:39:21:6b:f2:01:eb:76:58:3d:c2:a1:
a3:ef:b6:61:f4:d3:eb:09:38:03:47:fd:55:75:c8:78:0d:8d:
6f:41:12:04:fc:ce:c7:c0:c7:ee:6e:4a:24:0e:5f:9a:0d:6c:
85:55:7b:17:ae:57:2a:f1:07:8d:c0:00:db:7c:32:cb:07:3c:
43:23:5a:e8:91:80:f2:8a:eb:f0:26:d9:a8:0d:63:80:03:ba:
7e:f2:90:75:51:dd:cb:b8:83:a4:32:75:e8:34:07:35:e2:87:
89:47:7e:df:47:e6:04:97:49:da:b2:70:c7:57:27:37:b9:cb:
67:f0:a5:c0:e7:ff:88:8b:d4:f0:ad:df:0f:2c:f4:28:60:6d:
80:2c:05:a1:37:88:ba:3c:b4:9a:9a:d5:0d:b4:fe:21:18:26:
e1:5d:f3:ac:1a:d9:be:dc:d2:65:77:d8:b1:f5:d6:a2:50:ec:
e6:7e:9d:b9:c8:9c:84:92:f1:c7:1e:76:bf:3f:9c:1e:a9:3b:
6f:88:c3:55:30:01:61:54:23:f6:2c:62:3d:9c:f6:80:c1:98:
ef:8d:39:0e:6f:a5:45:20:d3:75:b2:07:77:67:e7:d6:69:9b:
76:61:30:94:4c:e1:18:c5:1c:81:5b:0b:d8:2c:e7:47:2e:46:
4f:13:7b:1c
-----BEGIN CERTIFICATE-----
MIIFfjCCBGagAwIBAgISAZ1zH5C/kGtJd2PN0/krs+HWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjYwNDA5MTY0MjIxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzVhYWQxZGZkZDUwM2I0MGQ3YzZlNWIwZDQxMDhkYjA2YTVkNWNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzBkWaVgj/xHIozHdeCvvpQHIUly/
jaRczOyv7fdUKpvdkx+Qau/z6lQgxNRTJbPCf6x/TbR3KqPUn+9UmzS+Kg05/GTv
bXKobQ2QpyDf5YJ6K93eOcL+Um07ednVurB3egzY8Gc8r8LPa1YgSomJHSuX6m8M
umwIHhio7jIBz8JZg4JccpfjvEQ05rkrRNUHGL2Y0jChKjFmHDUlyrRoq1/Bg8GB
dIFSSL2Wu8SY3BsXi9hyIjLHTdDfO0htbZUi6yHi0+D8aZzLupp8h5lZFcZn7TV6
DM8bJaKGSVXzVuSA1atp9h5sHGcynaJ5VBTNV0BNC3HUDmZXRCY8GmJUmwIDAQAB
o4ICijCCAoYwHQYDVR0OBBYEFNNarR391QO0DXxuWw1BCNsGpdXNMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvMDFxdEhmM1ZBN1FOZkc1YkRVRUkyd2FsMWMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGfBggrBgEFBQcBBwEB/wSBjzCBjDCBiQQCAAEwgYIwDAME
ApfwtAMEApfwyDAMAwQCl/E0AwQGl/EAMAwDBAKX8bQDBAKX8cgDBACX8hgDBACX
8ioDBACX8/4DBAKX9FAwDAMEApf0zAMEApf00AMEApf1UDAMAwQCl/XMAwQCl/XQ
AwQAl/aRAwQAl/bvAwQAl/fcAwQAl/fnAwQAl/f1MA0GCSqGSIb3DQEBCwUAA4IB
AQCA9nKugL0WOSFr8gHrdlg9wqGj77Zh9NPrCTgDR/1Vdch4DY1vQRIE/M7HwMfu
bkokDl+aDWyFVXsXrlcq8QeNwADbfDLLBzxDI1rokYDyiuvwJtmoDWOAA7p+8pB1
Ud3LuIOkMnXoNAc14oeJR37fR+YEl0nasnDHVyc3uctn8KXA5/+Ii9Twrd8PLPQo
YG2ALAWhN4i6PLSamtUNtP4hGCbhXfOsGtm+3NJld9ix9daiUOzmfp25yJyEkvHH
Hna/P5weqTtviMNVMAFhVCP2LGI9nPaAwZjvjTkOb6VFINN1sgd3Z+fWaZt2YTCU
TOEYxRyBWwvYLOdHLkZPE3sc
-----END CERTIFICATE-----
Generated at Fri Apr 17 07:12:34 2026 by rpki-client