Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/1AqxQXvSvZhL7LRp86M4PbzdDnw.roa
File: 1AqxQXvSvZhL7LRp86M4PbzdDnw.roa (raw, json)
Hash identifier: tVP//GR8VpacNBBi09Jnzdz1WPBMxtcOj7DoCVkeqJQ=
Subject key identifier: D4:0A:B1:41:7B:D2:BD:98:4B:EC:B4:69:F3:A3:38:3D:BC:DD:0E:7C
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019D875D7CF75343F59D74486914A1BA15D1
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/1AqxQXvSvZhL7LRp86M4PbzdDnw.roa
Signing time: Mon 13 Apr 2026 15:02:24 +0000
ROA not before: Mon 13 Apr 2026 15:02:24 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 54252
IP address blocks: 151.240.2.0/24 maxlen: 24
151.241.33.0/24 maxlen: 24
151.241.43.0/24 maxlen: 24
151.241.48.0/24 maxlen: 24
151.241.51.0/24 maxlen: 24
151.242.26.0/24 maxlen: 24
151.243.26.0/24 maxlen: 24
151.244.42.0/24 maxlen: 24
151.245.69.0/24 maxlen: 24
151.245.166.0/24 maxlen: 24
151.245.177.0/24 maxlen: 24
151.246.224.0/24 maxlen: 24
151.246.230.0/24 maxlen: 24
151.246.234.0/24 maxlen: 24
151.247.83.0/24 maxlen: 24
151.247.89.0/24 maxlen: 24
151.247.109.0/24 maxlen: 24
151.247.110.0/24 maxlen: 24
151.247.246.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:87:5d:7c:f7:53:43:f5:9d:74:48:69:14:a1:ba:15:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Apr 13 15:02:24 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=d40ab1417bd2bd984becb469f3a3383dbcdd0e7c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:69:86:82:3c:cf:a1:6b:59:15:2b:10:eb:00:
d3:c9:10:fa:3b:36:b9:f3:19:f5:5c:bb:9c:2b:a1:
ee:5d:ea:5e:55:86:a6:4a:fe:e3:fd:a8:d5:05:68:
8f:9f:74:c4:23:b5:b5:1b:43:3e:3a:92:7a:f3:bc:
19:b3:3a:76:13:d5:57:07:06:6b:fc:d3:24:63:ac:
7e:59:4e:cd:5a:de:cc:94:f8:1d:a4:2b:cf:74:2a:
33:21:41:80:07:fa:66:1b:c0:8a:59:89:ca:dc:e2:
d9:10:b3:04:2f:29:e4:2d:dc:9a:f6:ac:85:f6:04:
42:1a:cd:53:b9:c5:dd:20:37:d6:b9:34:61:79:3a:
64:02:41:92:9d:54:8b:85:a2:af:a9:d9:cd:a3:88:
8f:99:d4:19:a8:c9:fb:94:80:ea:38:4d:5e:b5:30:
7b:aa:d3:2d:da:be:4b:25:23:96:3d:7f:c2:60:12:
0e:b5:38:99:ae:99:1a:6d:63:8c:fb:af:0e:35:b5:
d3:47:86:64:ef:9b:85:1f:1f:77:27:91:34:b0:2f:
d9:30:30:39:b8:9b:65:cc:7a:e2:06:23:c3:f4:8a:
e7:8a:52:03:f9:a5:f1:98:46:6a:1a:7e:04:51:ee:
86:3f:96:52:7f:43:1a:f4:f7:b7:93:96:62:57:f2:
87:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:0A:B1:41:7B:D2:BD:98:4B:EC:B4:69:F3:A3:38:3D:BC:DD:0E:7C
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/1AqxQXvSvZhL7LRp86M4PbzdDnw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.240.2.0/24
151.241.33.0/24
151.241.43.0/24
151.241.48.0/24
151.241.51.0/24
151.242.26.0/24
151.243.26.0/24
151.244.42.0/24
151.245.69.0/24
151.245.166.0/24
151.245.177.0/24
151.246.224.0/24
151.246.230.0/24
151.246.234.0/24
151.247.83.0/24
151.247.89.0/24
151.247.109.0-151.247.110.255
151.247.246.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:0c:e5:b9:c5:02:78:e4:07:d7:a8:a0:0a:7f:8c:71:14:5d:
02:bb:bb:22:7d:cb:3d:1a:b2:2d:56:a8:4c:0a:b9:cc:bf:17:
cb:c0:90:3d:5b:f2:76:13:7a:b0:93:f4:35:39:4f:1d:36:e4:
1b:fb:74:31:e8:c5:fd:ed:0d:56:56:0c:72:5f:5b:5d:58:dc:
ed:22:61:f6:63:09:98:1a:bd:b7:4a:79:a4:b1:76:6a:64:5b:
6a:7e:ea:b8:e5:02:00:8e:ab:bf:62:55:26:d6:a3:df:9a:b9:
a6:2b:af:6c:8c:61:08:5c:4e:0b:76:fc:36:8c:a9:bd:f1:1e:
0c:11:30:35:9a:ea:29:66:17:b1:ba:42:3e:f7:07:62:0b:f9:
8c:ad:1f:7c:e7:fa:2a:3a:32:9b:45:d8:7c:85:fb:8e:3c:1b:
73:54:b3:dd:0e:6a:56:ee:16:a2:e7:c4:ba:11:2c:d4:2f:1c:
b6:64:b0:39:e3:9f:b3:26:89:d6:e9:2e:3e:24:88:25:6e:33:
78:81:24:af:50:65:55:f3:5d:fc:f9:4d:61:61:c0:4a:5b:a2:
48:f2:a6:8f:5b:c9:2e:25:6b:90:b8:22:64:ca:58:9b:7a:65:
75:a0:f1:d6:d2:13:da:62:9a:f2:b5:60:89:cf:18:92:fe:46:
ce:26:74:7f
-----BEGIN CERTIFICATE-----
MIIFbDCCBFSgAwIBAgISAZ2HXXz3U0P1nXRIaRShuhXRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjYwNDEzMTUwMjI0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDBhYjE0MTdiZDJiZDk4NGJlY2I0NjlmM2EzMzgzZGJjZGQwZTdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqmmGgjzPoWtZFSsQ6wDTyRD6Oza5
8xn1XLucK6HuXepeVYamSv7j/ajVBWiPn3TEI7W1G0M+OpJ687wZszp2E9VXBwZr
/NMkY6x+WU7NWt7MlPgdpCvPdCozIUGAB/pmG8CKWYnK3OLZELMELynkLdya9qyF
9gRCGs1TucXdIDfWuTRheTpkAkGSnVSLhaKvqdnNo4iPmdQZqMn7lIDqOE1etTB7
qtMt2r5LJSOWPX/CYBIOtTiZrpkabWOM+68ONbXTR4Zk75uFHx93J5E0sC/ZMDA5
uJtlzHriBiPD9IrnilID+aXxmEZqGn4EUe6GP5ZSf0Ma9Pe3k5ZiV/KHCwIDAQAB
o4ICeDCCAnQwHQYDVR0OBBYEFNQKsUF70r2YS+y0afOjOD283Q58MB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvMUFxeFFYdlN2WmhMN0xScDg2TTRQYnpkRG53LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGNBggrBgEFBQcBBwEB/wR+MHwwegQCAAEwdAMEAJfwAgME
AJfxIQMEAJfxKwMEAJfxMAMEAJfxMwMEAJfyGgMEAJfzGgMEAJf0KgMEAJf1RQME
AJf1pgMEAJf1sQMEAJf24AMEAJf25gMEAJf26gMEAJf3UwMEAJf3WTAMAwQAl/dt
AwQAl/duAwQAl/f2MA0GCSqGSIb3DQEBCwUAA4IBAQAODOW5xQJ45AfXqKAKf4xx
FF0Cu7sifcs9GrItVqhMCrnMvxfLwJA9W/J2E3qwk/Q1OU8dNuQb+3Qx6MX97Q1W
VgxyX1tdWNztImH2YwmYGr23SnmksXZqZFtqfuq45QIAjqu/YlUm1qPfmrmmK69s
jGEIXE4Ldvw2jKm98R4META1muopZhexukI+9wdiC/mMrR985/oqOjKbRdh8hfuO
PBtzVLPdDmpW7hai58S6ESzULxy2ZLA545+zJonW6S4+JIglbjN4gSSvUGVV8138
+U1hYcBKW6JI8qaPW8kuJWuQuCJkylibemV1oPHW0hPaYprytWCJzxiS/kbOJnR/
-----END CERTIFICATE-----
Generated at Fri Apr 17 14:39:39 2026 by rpki-client