Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/7sRe-Xue6RuLjmIASVjTaYfwyF0.roa
File: 7sRe-Xue6RuLjmIASVjTaYfwyF0.roa (raw, json)
Hash identifier: rcHdSU/RTUIEWM5hxivHn4XwvcDY19vLsWlauZID+xY=
Subject key identifier: EE:C4:5E:F9:7B:9E:E9:1B:8B:8E:62:00:49:58:D3:69:87:F0:C8:5D
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019C8478B2BAB1A509E26960C2D35B8D73E4
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/7sRe-Xue6RuLjmIASVjTaYfwyF0.roa
Signing time: Sun 22 Feb 2026 08:30:28 +0000
ROA not before: Sun 22 Feb 2026 08:30:28 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 207043
IP address blocks: 151.240.151.0/24 maxlen: 24
151.243.18.0/24 maxlen: 24
151.243.28.0/24 maxlen: 24
151.243.113.0/24 maxlen: 24
151.243.150.0/24 maxlen: 24
151.247.228.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:84:78:b2:ba:b1:a5:09:e2:69:60:c2:d3:5b:8d:73:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Feb 22 08:30:28 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=eec45ef97b9ee91b8b8e62004958d36987f0c85d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:01:55:f7:12:35:dc:96:b2:a8:60:68:f3:f5:
41:91:be:0e:f0:95:30:26:19:4e:50:de:41:74:dd:
31:d4:aa:a4:9a:8e:50:c9:52:15:9c:07:41:ab:cf:
a0:b1:81:b5:49:b2:3d:bb:53:1d:eb:a1:17:67:5e:
1d:c4:e2:54:30:21:77:88:8a:34:de:09:c5:c0:0c:
f3:07:7a:48:16:79:a9:16:24:f8:a9:56:da:b0:1c:
3a:b3:8e:f9:69:09:d6:e3:2e:43:0d:51:72:4e:70:
66:96:86:1a:de:cc:1b:f1:5c:6e:23:22:c1:b0:32:
d1:fa:1b:19:84:2e:80:56:ff:e8:25:29:ac:df:dd:
f4:70:62:df:93:40:0e:94:f6:a8:25:b9:fb:ee:86:
fe:fd:c6:b4:0c:8c:70:2c:a0:e4:3f:ba:8c:81:ab:
f2:4c:c0:ac:57:d7:fa:8e:7d:44:ff:ab:e9:47:ed:
95:31:d3:1d:b6:a1:0f:97:6d:38:00:78:a5:42:85:
f5:13:cc:43:33:21:14:75:39:85:03:93:b1:00:ef:
e3:02:af:f6:6f:0d:63:e1:15:fd:4f:f8:f0:3c:22:
a9:de:4b:b2:d2:5d:84:73:53:8b:9a:4b:17:1a:25:
fe:0c:3d:a1:80:91:cc:58:35:98:76:27:12:76:99:
6c:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:C4:5E:F9:7B:9E:E9:1B:8B:8E:62:00:49:58:D3:69:87:F0:C8:5D
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/7sRe-Xue6RuLjmIASVjTaYfwyF0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.240.151.0/24
151.243.18.0/24
151.243.28.0/24
151.243.113.0/24
151.243.150.0/24
151.247.228.0/24
Signature Algorithm: sha256WithRSAEncryption
62:7a:b0:46:56:7e:8e:43:7e:fd:14:d8:27:e1:8b:ff:36:58:
4f:1e:25:3c:2b:b2:2d:5b:71:5a:e6:3b:9c:28:7f:fa:cd:46:
40:5d:ae:d8:dd:00:e4:fe:44:d5:1d:42:e1:39:3b:87:d6:b1:
c6:a7:9b:5b:5e:d6:fd:56:0a:a7:b0:99:9b:30:44:f9:fb:c9:
1b:5d:3b:6b:b6:8c:0a:34:69:02:5c:76:3a:96:a6:8c:e5:e5:
d5:d2:77:5c:eb:a5:47:6a:b0:89:7a:7a:9b:d9:81:b4:99:c1:
64:5e:93:3e:b2:30:ca:3d:2a:78:86:41:bf:b7:25:a1:f4:49:
aa:9a:67:a3:28:b0:dc:c9:88:ca:1f:98:1a:c2:19:85:c2:44:
f0:62:27:b9:52:f5:17:79:6b:f4:bc:21:0b:79:b1:9f:47:8c:
23:41:37:17:58:c6:af:72:d2:ab:4f:75:75:85:a9:7d:1b:26:
fd:26:79:ee:13:2a:ce:83:d4:97:e7:47:f9:ed:9b:f1:ce:0f:
4d:a0:55:83:01:a3:1e:5d:61:ec:1f:c8:e1:44:75:8e:e1:6d:
d5:96:22:c7:06:a3:34:59:8c:0c:d0:37:af:80:9a:05:c0:0b:
25:f0:1a:65:4d:bf:82:3a:ab:39:06:b7:53:73:61:2c:ad:b8:
95:3a:f0:6d
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZyEeLK6saUJ4mlgwtNbjXPkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjYwMjIyMDgzMDI4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZWM0NWVmOTdiOWVlOTFiOGI4ZTYyMDA0OTU4ZDM2OTg3ZjBjODVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtQFV9xI13JayqGBo8/VBkb4O8JUw
JhlOUN5BdN0x1Kqkmo5QyVIVnAdBq8+gsYG1SbI9u1Md66EXZ14dxOJUMCF3iIo0
3gnFwAzzB3pIFnmpFiT4qVbasBw6s475aQnW4y5DDVFyTnBmloYa3swb8VxuIyLB
sDLR+hsZhC6AVv/oJSms3930cGLfk0AOlPaoJbn77ob+/ca0DIxwLKDkP7qMgavy
TMCsV9f6jn1E/6vpR+2VMdMdtqEPl204AHilQoX1E8xDMyEUdTmFA5OxAO/jAq/2
bw1j4RX9T/jwPCKp3kuy0l2Ec1OLmksXGiX+DD2hgJHMWDWYdicSdplsPwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFO7EXvl7nukbi45iAElY02mH8MhdMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvN3NSZS1YdWU2UnVMam1JQVNWalRhWWZ3eUYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAl/CXAwQA
l/MSAwQAl/McAwQAl/NxAwQAl/OWAwQAl/fkMA0GCSqGSIb3DQEBCwUAA4IBAQBi
erBGVn6OQ379FNgn4Yv/NlhPHiU8K7ItW3Fa5jucKH/6zUZAXa7Y3QDk/kTVHULh
OTuH1rHGp5tbXtb9VgqnsJmbMET5+8kbXTtrtowKNGkCXHY6lqaM5eXV0ndc66VH
arCJenqb2YG0mcFkXpM+sjDKPSp4hkG/tyWh9EmqmmejKLDcyYjKH5gawhmFwkTw
Yie5UvUXeWv0vCELebGfR4wjQTcXWMavctKrT3V1hal9Gyb9JnnuEyrOg9SX50f5
7Zvxzg9NoFWDAaMeXWHsH8jhRHWO4W3VliLHBqM0WYwM0DevgJoFwAsl8BplTb+C
Oqs5BrdTc2EsrbiVOvBt
-----END CERTIFICATE-----
Generated at Mon Mar 2 11:30:08 2026 by rpki-client