Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/fLE14MJ3Hm-h4BS5L6wxirxre3A.roa
File: fLE14MJ3Hm-h4BS5L6wxirxre3A.roa (raw, json)
Hash identifier: EqwFmDitlofaDvn4Rsq92XGuDyacVUU1Y+EEn90+WkA=
Subject key identifier: 7C:B1:35:E0:C2:77:1E:6F:A1:E0:14:B9:2F:AC:31:8A:BC:6B:7B:70
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019D875D7EF9F2BB25172E9431EE1C255364
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/fLE14MJ3Hm-h4BS5L6wxirxre3A.roa
Signing time: Mon 13 Apr 2026 15:02:24 +0000
ROA not before: Mon 13 Apr 2026 15:02:24 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 397630
IP address blocks: 151.240.2.0/24 maxlen: 24
151.241.33.0/24 maxlen: 24
151.241.43.0/24 maxlen: 24
151.241.48.0/24 maxlen: 24
151.242.26.0/24 maxlen: 24
151.243.26.0/24 maxlen: 24
151.244.42.0/24 maxlen: 24
151.245.69.0/24 maxlen: 24
151.245.166.0/24 maxlen: 24
151.245.177.0/24 maxlen: 24
151.246.224.0/24 maxlen: 24
151.246.230.0/24 maxlen: 24
151.246.234.0/24 maxlen: 24
151.247.38.0/24 maxlen: 24
151.247.39.0/24 maxlen: 24
151.247.42.0/24 maxlen: 24
151.247.43.0/24 maxlen: 24
151.247.49.0/24 maxlen: 24
151.247.54.0/24 maxlen: 24
151.247.93.0/24 maxlen: 24
151.247.246.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:87:5d:7e:f9:f2:bb:25:17:2e:94:31:ee:1c:25:53:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Apr 13 15:02:24 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=7cb135e0c2771e6fa1e014b92fac318abc6b7b70
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:da:33:43:82:a5:bc:5d:42:48:4c:48:95:89:
8a:59:a8:4a:f3:dc:5c:0d:12:3c:bd:49:46:61:ca:
56:e8:75:44:78:11:51:1c:19:6f:0a:52:8c:44:af:
a6:2c:b7:d1:15:90:90:ea:a9:20:69:c2:43:de:10:
f9:d1:f5:71:b1:e8:a1:a4:06:73:23:a6:d0:ad:86:
a8:3b:32:6e:32:2d:46:d5:b0:65:7c:37:20:e1:f7:
6d:fa:66:be:69:f0:1a:9e:12:5c:86:31:5f:08:7a:
23:12:91:c1:e7:03:1e:10:df:cc:b8:47:66:86:6a:
0f:ad:67:ee:9b:b6:ea:d4:18:4f:16:64:95:92:84:
7a:f3:59:0f:98:b8:ad:39:e2:fc:13:f6:ee:5c:b1:
4f:0a:65:f5:d4:a3:06:29:1c:d4:73:6c:b6:91:1c:
bf:86:70:ee:ef:bf:fb:52:80:59:bd:9d:b6:bd:0d:
58:7b:57:38:81:24:2d:4c:22:e0:1f:ac:4a:48:4a:
0a:69:8f:d0:5e:7c:cd:b2:14:fc:c8:d1:7b:bc:c5:
29:66:2e:a6:e4:a6:77:36:49:38:0f:0b:a8:05:02:
bc:8b:5f:69:1f:a9:90:4d:59:c5:ea:cf:31:1e:07:
6f:34:dd:47:91:3f:d8:a5:ac:51:2a:41:c7:78:ac:
d1:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:B1:35:E0:C2:77:1E:6F:A1:E0:14:B9:2F:AC:31:8A:BC:6B:7B:70
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/fLE14MJ3Hm-h4BS5L6wxirxre3A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.240.2.0/24
151.241.33.0/24
151.241.43.0/24
151.241.48.0/24
151.242.26.0/24
151.243.26.0/24
151.244.42.0/24
151.245.69.0/24
151.245.166.0/24
151.245.177.0/24
151.246.224.0/24
151.246.230.0/24
151.246.234.0/24
151.247.38.0/23
151.247.42.0/23
151.247.49.0/24
151.247.54.0/24
151.247.93.0/24
151.247.246.0/24
Signature Algorithm: sha256WithRSAEncryption
75:0d:31:19:6f:24:dc:b5:59:66:cf:da:b0:99:f1:a5:56:97:
ad:49:fd:0e:5b:0a:e8:69:b5:6e:d9:a3:28:3e:23:2a:d2:54:
e3:e3:16:e7:8f:d6:e1:7f:3b:45:85:b6:cc:7b:4a:eb:46:4e:
54:7c:a6:52:ec:19:83:e0:de:9c:ca:d3:e3:bb:78:f1:28:c8:
0a:49:4f:8f:ca:26:81:6c:90:52:81:3c:eb:70:85:01:5c:68:
26:ac:c8:98:cc:f5:73:b4:22:7a:bc:03:1a:30:2c:4e:56:92:
06:eb:8e:88:9b:d6:f7:7a:1a:7f:5e:dc:43:63:41:16:54:a7:
5b:62:8d:d7:42:b4:95:cf:96:4b:5a:69:e6:e6:c9:da:95:51:
aa:41:23:dc:f3:6d:85:56:26:78:62:57:e1:19:02:af:f8:be:
91:79:61:a5:ca:9e:c6:60:86:ef:45:38:09:19:ad:c4:75:1f:
0d:12:c4:23:3d:bd:c9:fc:03:2f:f6:cc:c3:1c:aa:b4:1b:6d:
bd:f4:2c:ba:e5:46:6c:dc:bd:30:ea:1a:4d:f4:40:62:aa:61:
17:3a:f1:fb:36:c1:71:48:00:c7:94:04:51:45:71:34:f2:08:
ad:97:68:6b:7d:c6:3c:9f:57:21:36:cf:cb:bf:e2:67:e2:ed:
b1:9f:96:77
-----BEGIN CERTIFICATE-----
MIIFajCCBFKgAwIBAgISAZ2HXX758rslFy6UMe4cJVNkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjYwNDEzMTUwMjI0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Y2IxMzVlMGMyNzcxZTZmYTFlMDE0YjkyZmFjMzE4YWJjNmI3YjcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxdozQ4KlvF1CSExIlYmKWahK89xc
DRI8vUlGYcpW6HVEeBFRHBlvClKMRK+mLLfRFZCQ6qkgacJD3hD50fVxseihpAZz
I6bQrYaoOzJuMi1G1bBlfDcg4fdt+ma+afAanhJchjFfCHojEpHB5wMeEN/MuEdm
hmoPrWfum7bq1BhPFmSVkoR681kPmLitOeL8E/buXLFPCmX11KMGKRzUc2y2kRy/
hnDu77/7UoBZvZ22vQ1Ye1c4gSQtTCLgH6xKSEoKaY/QXnzNshT8yNF7vMUpZi6m
5KZ3Nkk4DwuoBQK8i19pH6mQTVnF6s8xHgdvNN1HkT/YpaxRKkHHeKzRtQIDAQAB
o4ICdjCCAnIwHQYDVR0OBBYEFHyxNeDCdx5voeAUuS+sMYq8a3twMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvZkxFMTRNSjNIbS1oNEJTNUw2d3hpcnhyZTNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGLBggrBgEFBQcBBwEB/wR8MHoweAQCAAEwcgMEAJfwAgME
AJfxIQMEAJfxKwMEAJfxMAMEAJfyGgMEAJfzGgMEAJf0KgMEAJf1RQMEAJf1pgME
AJf1sQMEAJf24AMEAJf25gMEAJf26gMEAZf3JgMEAZf3KgMEAJf3MQMEAJf3NgME
AJf3XQMEAJf39jANBgkqhkiG9w0BAQsFAAOCAQEAdQ0xGW8k3LVZZs/asJnxpVaX
rUn9DlsK6Gm1btmjKD4jKtJU4+MW54/W4X87RYW2zHtK60ZOVHymUuwZg+DenMrT
47t48SjICklPj8omgWyQUoE863CFAVxoJqzImMz1c7QierwDGjAsTlaSBuuOiJvW
93oaf17cQ2NBFlSnW2KN10K0lc+WS1pp5ubJ2pVRqkEj3PNthVYmeGJX4RkCr/i+
kXlhpcqexmCG70U4CRmtxHUfDRLEIz29yfwDL/bMwxyqtBttvfQsuuVGbNy9MOoa
TfRAYqphFzrx+zbBcUgAx5QEUUVxNPIIrZdoa33GPJ9XITbPy7/iZ+LtsZ+Wdw==
-----END CERTIFICATE-----
Generated at Fri Apr 17 08:14:29 2026 by rpki-client