Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/kZ1FeOAOdMwl0GsVPxh75FNGkf4.roa
File: kZ1FeOAOdMwl0GsVPxh75FNGkf4.roa (raw, json)
Hash identifier: NJKdqZ5PHh64AVqrwqxHodF2047hYwmUglGF8EtLDgg=
Subject key identifier: 91:9D:45:78:E0:0E:74:CC:25:D0:6B:15:3F:18:7B:E4:53:46:91:FE
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019D8543218C1BDA0E81AB778760D9B7F816
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/kZ1FeOAOdMwl0GsVPxh75FNGkf4.roa
Signing time: Mon 13 Apr 2026 05:14:22 +0000
ROA not before: Mon 13 Apr 2026 05:14:22 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 3320
IP address blocks: 151.242.17.0/24 maxlen: 24
151.242.29.0/24 maxlen: 24
151.242.44.0/24 maxlen: 24
151.242.79.0/24 maxlen: 24
151.242.90.0/24 maxlen: 24
151.242.93.0/24 maxlen: 24
151.242.94.0/24 maxlen: 24
151.242.98.0/24 maxlen: 24
151.242.100.0/24 maxlen: 24
151.242.107.0/24 maxlen: 24
151.242.109.0/24 maxlen: 24
151.242.113.0/24 maxlen: 24
151.242.115.0/24 maxlen: 24
151.242.118.0/24 maxlen: 24
151.242.196.0/22 maxlen: 22
151.243.164.0/24 maxlen: 24
151.243.185.0/24 maxlen: 24
151.245.128.0/24 maxlen: 24
151.245.129.0/24 maxlen: 24
151.245.130.0/24 maxlen: 24
151.245.131.0/24 maxlen: 24
151.245.145.0/24 maxlen: 24
151.245.150.0/24 maxlen: 24
151.245.169.0/24 maxlen: 24
151.246.153.0/24 maxlen: 24
151.246.243.0/24 maxlen: 24
151.246.247.0/24 maxlen: 24
151.246.250.0/24 maxlen: 24
151.247.24.0/24 maxlen: 24
151.247.178.0/24 maxlen: 24
151.247.218.0/24 maxlen: 24
151.247.222.0/24 maxlen: 24
151.247.255.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:85:43:21:8c:1b:da:0e:81:ab:77:87:60:d9:b7:f8:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Apr 13 05:14:22 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=919d4578e00e74cc25d06b153f187be4534691fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:0c:2f:53:0d:ed:4d:74:19:bf:62:4f:4e:93:
81:63:bd:6d:a5:96:0c:eb:77:ff:df:e3:c4:7a:c7:
54:2e:b5:50:5f:80:6f:71:d4:4b:95:6e:cd:26:bf:
64:7e:b2:d5:74:4c:aa:a2:de:2b:16:41:fc:21:6c:
67:dd:17:6e:c9:08:e3:da:af:40:d3:f5:58:fd:2e:
cd:65:1a:31:20:35:50:f5:2c:90:6d:62:21:d3:75:
b1:01:44:8d:ff:8a:6e:e8:46:ab:be:9a:cc:11:76:
e3:b9:5b:16:de:14:80:42:28:46:9c:9f:e7:10:60:
fd:6d:3b:54:25:c1:1d:da:da:e1:46:9f:52:a4:91:
e9:78:0b:d9:d4:b8:99:73:33:42:af:b2:39:3b:8d:
6d:09:06:0e:28:96:68:d4:b9:93:b2:74:fd:13:14:
03:0e:9a:07:88:08:05:7a:3f:ee:a1:cd:87:c2:50:
e2:8d:2d:66:1c:da:87:61:3b:65:3c:2e:94:64:34:
78:16:e8:35:c1:25:6c:be:8e:52:87:c2:69:99:47:
e9:4a:ad:f2:bc:66:b8:6e:db:25:c0:2e:df:12:cc:
7e:67:34:43:be:db:e1:47:97:f2:0a:4e:89:b6:73:
3c:59:02:b5:87:89:05:6d:0c:b0:1e:bd:7b:ea:84:
25:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:9D:45:78:E0:0E:74:CC:25:D0:6B:15:3F:18:7B:E4:53:46:91:FE
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/kZ1FeOAOdMwl0GsVPxh75FNGkf4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.242.17.0/24
151.242.29.0/24
151.242.44.0/24
151.242.79.0/24
151.242.90.0/24
151.242.93.0-151.242.94.255
151.242.98.0/24
151.242.100.0/24
151.242.107.0/24
151.242.109.0/24
151.242.113.0/24
151.242.115.0/24
151.242.118.0/24
151.242.196.0/22
151.243.164.0/24
151.243.185.0/24
151.245.128.0/22
151.245.145.0/24
151.245.150.0/24
151.245.169.0/24
151.246.153.0/24
151.246.243.0/24
151.246.247.0/24
151.246.250.0/24
151.247.24.0/24
151.247.178.0/24
151.247.218.0/24
151.247.222.0/24
151.247.255.0/24
Signature Algorithm: sha256WithRSAEncryption
41:92:51:0c:b1:9a:fc:cd:39:e8:d4:d6:12:e6:e2:44:bc:15:
ca:6c:df:4e:b2:26:76:76:d6:1f:4d:a7:27:22:27:62:4f:ff:
5f:6e:cb:24:83:38:a0:24:75:f8:b0:91:29:5e:62:c4:ab:b0:
e5:39:96:04:ea:1a:49:14:28:e3:35:b6:2b:0e:f2:e4:e7:dc:
a6:51:cc:1a:4c:82:33:50:53:6c:4b:85:5a:98:13:77:a0:ea:
10:6d:8b:fa:42:55:a9:91:59:f9:48:25:6f:c7:a3:b6:73:94:
bc:cf:e6:85:65:97:13:00:28:8f:76:31:5e:b9:aa:f5:0c:fe:
c7:8d:46:91:94:f8:6c:d3:92:65:15:e4:a8:f1:66:55:ba:72:
9e:6e:d7:77:48:13:c0:c0:b6:01:40:2b:b1:eb:f2:5f:07:51:
bf:3b:ed:43:85:52:d7:73:a9:c4:1f:7f:03:71:d8:9f:91:04:
de:b1:75:66:a4:fb:56:7e:2f:f8:48:08:fd:ac:3d:00:65:e1:
fb:ee:da:19:56:27:36:84:6f:8d:44:7c:cb:04:88:fe:5e:11:
97:72:bc:e6:45:59:3c:19:0f:45:9a:2e:f3:fc:bc:ee:14:e4:
2c:2a:f4:fc:1f:02:72:4d:7b:5d:d6:52:7b:d7:cc:0a:74:27:
c5:fe:cd:f3
-----BEGIN CERTIFICATE-----
MIIFsjCCBJqgAwIBAgISAZ2FQyGMG9oOgat3h2DZt/gWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjYwNDEzMDUxNDIyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTlkNDU3OGUwMGU3NGNjMjVkMDZiMTUzZjE4N2JlNDUzNDY5MWZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxwwvUw3tTXQZv2JPTpOBY71tpZYM
63f/3+PEesdULrVQX4BvcdRLlW7NJr9kfrLVdEyqot4rFkH8IWxn3RduyQjj2q9A
0/VY/S7NZRoxIDVQ9SyQbWIh03WxAUSN/4pu6EarvprMEXbjuVsW3hSAQihGnJ/n
EGD9bTtUJcEd2trhRp9SpJHpeAvZ1LiZczNCr7I5O41tCQYOKJZo1LmTsnT9ExQD
DpoHiAgFej/uoc2HwlDijS1mHNqHYTtlPC6UZDR4Fug1wSVsvo5Sh8JpmUfpSq3y
vGa4btslwC7fEsx+ZzRDvtvhR5fyCk6JtnM8WQK1h4kFbQywHr176oQlDQIDAQAB
o4ICvjCCArowHQYDVR0OBBYEFJGdRXjgDnTMJdBrFT8Ye+RTRpH+MB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEva1oxRmVPQU9kTXdsMEdzVlB4aDc1Rk5Ha2Y0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHTBggrBgEFBQcBBwEB/wSBwzCBwDCBvQQCAAEwgbYDBACX
8hEDBACX8h0DBACX8iwDBACX8k8DBACX8lowDAMEAJfyXQMEAJfyXgMEAJfyYgME
AJfyZAMEAJfyawMEAJfybQMEAJfycQMEAJfycwMEAJfydgMEApfyxAMEAJfzpAME
AJfzuQMEApf1gAMEAJf1kQMEAJf1lgMEAJf1qQMEAJf2mQMEAJf28wMEAJf29wME
AJf2+gMEAJf3GAMEAJf3sgMEAJf32gMEAJf33gMEAJf3/zANBgkqhkiG9w0BAQsF
AAOCAQEAQZJRDLGa/M056NTWEubiRLwVymzfTrImdnbWH02nJyInYk//X27LJIM4
oCR1+LCRKV5ixKuw5TmWBOoaSRQo4zW2Kw7y5OfcplHMGkyCM1BTbEuFWpgTd6Dq
EG2L+kJVqZFZ+Uglb8ejtnOUvM/mhWWXEwAoj3YxXrmq9Qz+x41GkZT4bNOSZRXk
qPFmVbpynm7Xd0gTwMC2AUArsevyXwdRvzvtQ4VS13OpxB9/A3HYn5EE3rF1ZqT7
Vn4v+EgI/aw9AGXh++7aGVYnNoRvjUR8ywSI/l4Rl3K85kVZPBkPRZou8/y87hTk
LCr0/B8Cck17XdZSe9fMCnQnxf7N8w==
-----END CERTIFICATE-----
Generated at Fri Apr 17 07:12:48 2026 by rpki-client