Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/qlQQ1Rdrqh1zvkmESGckyC3Lm3g.roa
File: qlQQ1Rdrqh1zvkmESGckyC3Lm3g.roa (raw, json)
Hash identifier: pe3p8mVEf/lPCMkLYzQ2EFYZPq6iQJBNUbItdCJs5UI=
Subject key identifier: AA:54:10:D5:17:6B:AA:1D:73:BE:49:84:48:67:24:C8:2D:CB:9B:78
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019C7A68B7B0229032B2BBDCE52ECE621F13
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/qlQQ1Rdrqh1zvkmESGckyC3Lm3g.roa
Signing time: Fri 20 Feb 2026 09:36:48 +0000
ROA not before: Fri 20 Feb 2026 09:36:48 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 16276
IP address blocks: 151.240.1.0/24 maxlen: 24
151.240.17.0/24 maxlen: 24
151.240.24.0/24 maxlen: 24
151.241.8.0/24 maxlen: 24
151.241.68.0/24 maxlen: 24
151.242.103.0/24 maxlen: 24
151.243.6.0/24 maxlen: 24
151.243.120.0/24 maxlen: 24
151.243.160.0/22 maxlen: 22
151.243.236.0/24 maxlen: 24
151.244.78.0/24 maxlen: 24
151.245.54.0/24 maxlen: 24
151.245.111.0/24 maxlen: 24
151.245.127.0/24 maxlen: 24
151.245.238.0/24 maxlen: 24
151.246.177.0/24 maxlen: 24
151.246.190.0/24 maxlen: 24
151.247.37.0/24 maxlen: 24
151.247.76.0/24 maxlen: 24
151.247.192.0/24 maxlen: 24
151.247.217.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:7a:68:b7:b0:22:90:32:b2:bb:dc:e5:2e:ce:62:1f:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Feb 20 09:36:48 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=aa5410d5176baa1d73be4984486724c82dcb9b78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:bd:fc:b0:e8:f0:96:1f:cd:e6:40:67:9e:80:
2f:30:1f:67:aa:95:ea:ee:70:0b:d1:a5:7b:ab:83:
4f:35:17:39:c7:da:e6:ff:05:0a:f1:48:4e:0a:34:
28:b7:c7:63:b7:7c:e3:40:43:24:c8:c6:1c:e5:4f:
3c:8f:30:e7:af:53:87:fa:71:11:00:e0:ee:5c:c8:
db:12:dc:12:98:d0:ab:1e:cb:03:87:7f:d9:19:f4:
fa:07:43:90:6e:fa:85:72:0d:4f:55:4a:0f:21:c1:
40:4c:d5:5b:3e:bb:b8:ac:9f:5e:cc:fd:72:fe:50:
43:72:7f:8c:85:dd:d4:6f:c0:9b:67:49:a3:ad:6f:
ba:c2:ca:4f:20:66:03:8d:90:e4:0c:fa:36:73:87:
f7:ef:fa:e0:39:72:22:ac:3b:0c:2c:a2:9d:18:00:
d4:87:18:4b:fd:ca:94:a5:76:4f:cc:39:70:03:13:
84:4b:85:12:2b:62:73:44:a7:91:03:7f:5f:68:fd:
26:23:ed:94:7d:06:8f:ff:da:0a:0a:fc:55:74:51:
88:07:bb:91:1e:0e:7e:63:e5:34:ee:95:62:ba:d7:
f1:cd:38:64:3a:0b:6b:e4:f0:a1:40:15:72:40:38:
45:ac:9c:93:d1:2c:4d:ee:c0:f8:c4:db:c5:fc:75:
29:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:54:10:D5:17:6B:AA:1D:73:BE:49:84:48:67:24:C8:2D:CB:9B:78
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/qlQQ1Rdrqh1zvkmESGckyC3Lm3g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.240.1.0/24
151.240.17.0/24
151.240.24.0/24
151.241.8.0/24
151.241.68.0/24
151.242.103.0/24
151.243.6.0/24
151.243.120.0/24
151.243.160.0/22
151.243.236.0/24
151.244.78.0/24
151.245.54.0/24
151.245.111.0/24
151.245.127.0/24
151.245.238.0/24
151.246.177.0/24
151.246.190.0/24
151.247.37.0/24
151.247.76.0/24
151.247.192.0/24
151.247.217.0/24
Signature Algorithm: sha256WithRSAEncryption
73:b0:28:79:ce:94:ac:b4:43:51:bc:85:50:4b:a5:51:22:62:
f4:78:00:ec:7e:ea:3b:09:b7:2b:44:3c:a6:a6:0b:ab:27:36:
44:4f:1d:bc:9b:0e:82:17:3e:f7:ec:33:f0:5f:02:9d:ed:15:
63:32:a6:59:86:d7:96:0c:fe:c7:86:26:01:29:0f:f8:18:31:
a6:3d:59:0f:f3:50:a8:69:9d:aa:2a:6c:26:c7:f1:5f:94:5c:
62:f1:af:c2:28:e2:79:28:dd:55:f8:5b:55:16:c9:b4:a1:59:
d4:40:ec:ae:e3:a3:d5:4d:97:d4:ed:ce:ff:de:28:31:be:24:
8e:b0:e5:9c:04:d0:32:2a:45:d4:1e:03:16:7e:3e:17:20:fb:
42:b5:93:9f:9a:f8:07:cd:82:de:28:53:d9:4c:03:49:4f:1e:
1e:79:17:f0:a7:b0:8d:b4:05:4c:89:82:e2:8a:42:93:02:82:
a6:b8:8c:b3:0f:45:9b:0a:ce:a2:04:18:d0:51:db:9b:3c:09:
03:41:8d:fe:c0:09:2a:5a:12:ae:0f:ab:b6:b9:69:cc:9d:a5:
ad:7f:96:e9:4b:69:1b:d1:e4:77:10:c6:d3:eb:65:fd:c0:1e:
9a:13:06:34:dc:ad:91:4b:58:2b:f1:a0:7f:5f:90:92:f0:3d:
3e:27:8e:cb
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgISAZx6aLewIpAysrvc5S7OYh8TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjYwMjIwMDkzNjQ4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTU0MTBkNTE3NmJhYTFkNzNiZTQ5ODQ0ODY3MjRjODJkY2I5Yjc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwr38sOjwlh/N5kBnnoAvMB9nqpXq
7nAL0aV7q4NPNRc5x9rm/wUK8UhOCjQot8djt3zjQEMkyMYc5U88jzDnr1OH+nER
AODuXMjbEtwSmNCrHssDh3/ZGfT6B0OQbvqFcg1PVUoPIcFATNVbPru4rJ9ezP1y
/lBDcn+Mhd3Ub8CbZ0mjrW+6wspPIGYDjZDkDPo2c4f37/rgOXIirDsMLKKdGADU
hxhL/cqUpXZPzDlwAxOES4USK2JzRKeRA39faP0mI+2UfQaP/9oKCvxVdFGIB7uR
Hg5+Y+U07pViutfxzThkOgtr5PChQBVyQDhFrJyT0SxN7sD4xNvF/HUpswIDAQAB
o4IChTCCAoEwHQYDVR0OBBYEFKpUENUXa6odc75JhEhnJMgty5t4MB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvcWxRUTFSZHJxaDF6dmttRVNHY2t5QzNMbTNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGaBggrBgEFBQcBBwEB/wSBijCBhzCBhAQCAAEwfgMEAJfw
AQMEAJfwEQMEAJfwGAMEAJfxCAMEAJfxRAMEAJfyZwMEAJfzBgMEAJfzeAMEApfz
oAMEAJfz7AMEAJf0TgMEAJf1NgMEAJf1bwMEAJf1fwMEAJf17gMEAJf2sQMEAJf2
vgMEAJf3JQMEAJf3TAMEAJf3wAMEAJf32TANBgkqhkiG9w0BAQsFAAOCAQEAc7Ao
ec6UrLRDUbyFUEulUSJi9HgA7H7qOwm3K0Q8pqYLqyc2RE8dvJsOghc+9+wz8F8C
ne0VYzKmWYbXlgz+x4YmASkP+Bgxpj1ZD/NQqGmdqipsJsfxX5RcYvGvwijieSjd
VfhbVRbJtKFZ1EDsruOj1U2X1O3O/94oMb4kjrDlnATQMipF1B4DFn4+FyD7QrWT
n5r4B82C3ihT2UwDSU8eHnkX8KewjbQFTImC4opCkwKCpriMsw9FmwrOogQY0FHb
mzwJA0GN/sAJKloSrg+rtrlpzJ2lrX+W6UtpG9HkdxDG0+tl/cAemhMGNNytkUtY
K/Ggf1+QkvA9PieOyw==
-----END CERTIFICATE-----
Generated at Mon Mar 2 00:41:58 2026 by rpki-client