Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/ZE4aOdsGWcoWbtX7RMbxnhX8Dpo.roa
File: ZE4aOdsGWcoWbtX7RMbxnhX8Dpo.roa (raw, json)
Hash identifier: fmRZWbbxSx9ZN/7qhPpQAxoQTo181+FMjeUPfoZGUj8=
Subject key identifier: 64:4E:1A:39:DB:06:59:CA:16:6E:D5:FB:44:C6:F1:9E:15:FC:0E:9A
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019EC6F56CD218C11D04D771408E5A87034B
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/ZE4aOdsGWcoWbtX7RMbxnhX8Dpo.roa
Signing time: Sun 14 Jun 2026 16:27:13 +0000
ROA not before: Sun 14 Jun 2026 16:27:13 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 984
IP address blocks: 151.242.54.0/24 maxlen: 24
151.243.107.0/24 maxlen: 24
151.243.108.0/24 maxlen: 24
151.244.16.0/21 maxlen: 24
151.244.168.0/23 maxlen: 24
151.244.216.0/23 maxlen: 24
151.244.218.0/24 maxlen: 24
151.246.48.0/21 maxlen: 24
151.246.56.0/21 maxlen: 24
151.246.80.0/21 maxlen: 24
151.246.88.0/21 maxlen: 24
151.246.96.0/21 maxlen: 24
151.246.108.0/24 maxlen: 24
151.246.109.0/24 maxlen: 24
151.246.110.0/24 maxlen: 24
151.246.112.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 18 Jun 2026 05:51:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:c6:f5:6c:d2:18:c1:1d:04:d7:71:40:8e:5a:87:03:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Jun 14 16:27:13 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=644e1a39db0659ca166ed5fb44c6f19e15fc0e9a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:60:86:d3:ac:b3:67:85:98:ca:d4:4b:b6:8f:
53:66:d7:23:38:94:55:06:7d:0a:b2:c5:f3:53:83:
47:76:b3:f5:0b:d1:35:f3:e3:21:fe:cf:f8:79:be:
e1:68:28:ba:fa:b6:ef:ec:de:a5:7c:6d:0b:fe:0f:
ee:99:f0:8b:63:c1:8c:a5:0c:1b:f4:9e:f6:e9:54:
53:cd:74:f6:d3:27:34:1f:0c:63:3b:8b:1e:85:39:
bd:21:82:24:58:99:7d:77:5e:b6:67:c3:12:e5:04:
5e:07:3b:6d:ea:47:0e:26:c5:77:9d:8b:9d:19:9c:
92:80:09:53:47:c5:96:0b:a4:11:69:19:77:70:7a:
e0:2b:5f:a0:30:ba:a4:34:06:ad:03:3d:dd:e1:2f:
6f:45:aa:56:4d:d0:95:8c:d8:d9:b7:32:c5:b5:65:
6c:a5:88:48:ea:59:01:48:d6:13:28:6b:9b:79:bd:
87:84:24:2d:b5:86:3c:38:c6:2f:c7:10:78:b2:6a:
64:0a:19:8a:34:03:3a:f6:91:50:a5:27:54:d7:72:
7b:3d:b0:2f:a5:65:87:7f:1e:41:40:c7:1d:06:71:
51:6a:1f:5b:42:df:6f:b8:2b:ea:94:72:0c:9b:84:
ae:b0:3a:5e:d1:fb:96:a7:69:c1:f5:82:b6:a4:be:
fd:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:4E:1A:39:DB:06:59:CA:16:6E:D5:FB:44:C6:F1:9E:15:FC:0E:9A
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/ZE4aOdsGWcoWbtX7RMbxnhX8Dpo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.242.54.0/24
151.243.107.0-151.243.108.255
151.244.16.0/21
151.244.168.0/23
151.244.216.0-151.244.218.255
151.246.48.0/20
151.246.80.0-151.246.103.255
151.246.108.0-151.246.110.255
151.246.112.0/21
Signature Algorithm: sha256WithRSAEncryption
2e:b1:e3:f8:6b:03:71:8c:6a:e9:19:cf:75:d1:09:e6:9e:bc:
2f:55:4d:82:e0:16:92:08:c2:3c:78:00:4b:87:a0:df:59:33:
1f:da:7b:13:0c:9d:cf:b6:03:d6:7d:3b:2c:e4:a7:1d:3f:7e:
f4:45:ae:53:b3:78:5d:73:fa:0a:8a:da:cf:78:ce:f7:c4:b2:
66:cc:29:f5:d3:4b:78:24:81:39:56:8a:17:d9:a1:bf:3f:cd:
fe:d3:25:41:95:ec:5e:4a:24:71:16:1d:4a:0f:3b:af:1a:cc:
c5:d8:a9:26:c0:12:c3:2e:33:08:fc:fe:91:2e:45:2b:d9:a6:
e5:81:e6:cf:b1:8b:9c:f0:59:42:34:38:1b:5e:49:2e:72:5a:
ca:75:6c:80:31:d4:0a:d6:ea:de:7d:65:07:cb:6d:94:2a:c6:
86:f0:91:d4:35:23:db:d1:89:4f:38:da:49:d7:29:ad:5d:c8:
d9:d3:e2:a9:c2:fa:04:5c:77:c8:2c:ee:1a:e8:37:32:36:a5:
84:a0:3b:ba:5f:3f:f0:a7:69:e4:b0:68:9b:ee:4c:35:59:2b:
00:3e:84:b2:69:8c:d6:02:0a:43:03:ad:d6:4d:70:65:9a:44:
0a:b5:1e:91:99:5f:3d:8b:4a:54:8f:d5:a6:ac:e0:5c:a0:6f:
3d:c3:67:8c
-----BEGIN CERTIFICATE-----
MIIFTTCCBDWgAwIBAgISAZ7G9WzSGMEdBNdxQI5ahwNLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjYwNjE0MTYyNzEzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDRlMWEzOWRiMDY1OWNhMTY2ZWQ1ZmI0NGM2ZjE5ZTE1ZmMwZTlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApWCG06yzZ4WYytRLto9TZtcjOJRV
Bn0KssXzU4NHdrP1C9E18+Mh/s/4eb7haCi6+rbv7N6lfG0L/g/umfCLY8GMpQwb
9J726VRTzXT20yc0HwxjO4sehTm9IYIkWJl9d162Z8MS5QReBztt6kcOJsV3nYud
GZySgAlTR8WWC6QRaRl3cHrgK1+gMLqkNAatAz3d4S9vRapWTdCVjNjZtzLFtWVs
pYhI6lkBSNYTKGubeb2HhCQttYY8OMYvxxB4smpkChmKNAM69pFQpSdU13J7PbAv
pWWHfx5BQMcdBnFRah9bQt9vuCvqlHIMm4SusDpe0fuWp2nB9YK2pL79HwIDAQAB
o4ICWTCCAlUwHQYDVR0OBBYEFGROGjnbBlnKFm7V+0TG8Z4V/A6aMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvWkU0YU9kc0dXY29XYnRYN1JNYnhuaFg4RHBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG8GCCsGAQUFBwEHAQH/BGAwXjBcBAIAATBWAwQAl/I2MAwD
BACX82sDBACX82wDBAOX9BADBAGX9KgwDAMEA5f02AMEAJf02gMEBJf2MDAMAwQE
l/ZQAwQDl/ZgMAwDBAKX9mwDBACX9m4DBAOX9nAwDQYJKoZIhvcNAQELBQADggEB
AC6x4/hrA3GMaukZz3XRCeaevC9VTYLgFpIIwjx4AEuHoN9ZMx/aexMMnc+2A9Z9
Oyzkpx0/fvRFrlOzeF1z+gqK2s94zvfEsmbMKfXTS3gkgTlWihfZob8/zf7TJUGV
7F5KJHEWHUoPO68azMXYqSbAEsMuMwj8/pEuRSvZpuWB5s+xi5zwWUI0OBteSS5y
Wsp1bIAx1ArW6t59ZQfLbZQqxobwkdQ1I9vRiU842knXKa1dyNnT4qnC+gRcd8gs
7hroNzI2pYSgO7pfP/CnaeSwaJvuTDVZKwA+hLJpjNYCCkMDrdZNcGWaRAq1HpGZ
Xz2LSlSP1aas4Fygbz3DZ4w=
-----END CERTIFICATE-----
Generated at Wed Jun 17 11:14:11 2026 by rpki-client