Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/wOOSHLxa3b3zdYzFMlE7H6oDz2I.roa
File: wOOSHLxa3b3zdYzFMlE7H6oDz2I.roa (raw, json)
Hash identifier: kydZYIbTUX53bCPtWrg1DO+E1uM9WztxlH6KjKKYNlw=
Subject key identifier: C0:E3:92:1C:BC:5A:DD:BD:F3:75:8C:C5:32:51:3B:1F:AA:03:CF:62
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019C605513EC027644F76CEF71F1D013D5E9
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/wOOSHLxa3b3zdYzFMlE7H6oDz2I.roa
Signing time: Sun 15 Feb 2026 08:05:14 +0000
ROA not before: Sun 15 Feb 2026 08:05:14 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 20326
IP address blocks: 151.241.65.0/24 maxlen: 24
151.241.178.0/24 maxlen: 24
151.241.208.0/22 maxlen: 22
151.243.21.0/24 maxlen: 24
151.243.114.0/23 maxlen: 24
151.243.244.0/24 maxlen: 24
151.244.2.0/24 maxlen: 24
151.244.136.0/22 maxlen: 24
151.244.160.0/22 maxlen: 24
151.244.171.0/24 maxlen: 24
151.244.172.0/22 maxlen: 24
151.244.176.0/22 maxlen: 24
151.245.8.0/21 maxlen: 24
151.245.168.0/21 maxlen: 21
151.247.132.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 06:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:60:55:13:ec:02:76:44:f7:6c:ef:71:f1:d0:13:d5:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Feb 15 08:05:14 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=c0e3921cbc5addbdf3758cc532513b1faa03cf62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:3f:91:75:8f:25:f3:5b:ec:84:7f:0e:b5:32:
8e:2e:78:67:78:56:16:ac:0b:0c:75:36:4d:65:10:
cd:e2:0a:0e:87:84:0a:f5:6f:ee:66:6e:79:75:7a:
10:d3:2f:46:49:b7:92:2f:55:2d:b4:43:be:ff:dd:
01:09:07:d8:27:67:97:a1:cd:05:19:1e:39:72:61:
c1:04:ac:b1:7e:58:36:07:48:bb:33:bf:06:98:bf:
44:5e:10:21:0a:55:f0:fb:66:3c:cd:04:06:1d:4e:
52:86:ab:97:1e:34:d4:cf:9f:af:2f:bb:77:ca:ef:
2c:ee:23:5d:92:bc:37:bb:97:a8:93:51:1a:7c:ad:
d7:fa:44:a4:36:ba:0c:66:d4:02:b1:f0:d8:20:53:
ce:39:10:02:57:3b:b7:7b:5a:7d:63:27:d6:8c:26:
d5:15:7f:c3:a7:33:79:4f:c2:92:09:10:d1:af:6e:
81:d0:df:e2:14:42:89:cd:0d:9b:27:d5:f6:08:30:
54:43:5a:93:c9:03:8b:c4:7f:a0:d0:b2:1b:40:72:
1b:68:31:aa:c6:96:e3:b4:21:ee:e1:88:14:38:f3:
41:59:68:91:62:66:a7:7d:5e:cb:38:8c:8f:32:0d:
a7:7b:87:02:ab:0c:cd:26:c1:1e:3e:98:26:0a:4e:
71:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:E3:92:1C:BC:5A:DD:BD:F3:75:8C:C5:32:51:3B:1F:AA:03:CF:62
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/wOOSHLxa3b3zdYzFMlE7H6oDz2I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.241.65.0/24
151.241.178.0/24
151.241.208.0/22
151.243.21.0/24
151.243.114.0/23
151.243.244.0/24
151.244.2.0/24
151.244.136.0/22
151.244.160.0/22
151.244.171.0-151.244.179.255
151.245.8.0/21
151.245.168.0/21
151.247.132.0/24
Signature Algorithm: sha256WithRSAEncryption
71:aa:bb:eb:03:c2:49:43:48:cf:ed:ad:4b:d5:4b:f0:49:2d:
4f:11:cf:e9:4f:62:06:08:45:5d:97:a9:cd:ea:93:af:d9:a2:
3a:e9:7f:88:ec:ea:09:23:22:39:3e:5e:4e:be:c7:14:af:73:
5f:21:09:fb:29:e8:91:ce:8a:b8:90:c5:80:2c:2c:80:e4:ff:
38:eb:08:59:15:ba:65:76:ce:8c:ad:75:19:39:9a:f1:1e:37:
3e:32:0d:6c:71:c3:10:fa:48:e2:f4:3d:f8:05:7a:35:6f:83:
34:82:c4:fe:ef:4c:6f:f1:92:13:68:58:31:b1:c7:a5:54:25:
46:9b:b9:5f:e8:23:68:70:e9:04:91:3e:a7:e8:32:cd:bf:64:
2d:2b:53:2a:ec:e1:c4:6b:9b:92:35:29:56:b9:42:4b:39:7f:
28:4f:19:a9:a8:55:d1:39:ad:53:f6:10:21:46:12:a9:a6:91:
a3:a4:37:d5:b6:37:22:c7:ee:4d:72:1a:44:8c:d3:fd:7b:c0:
97:f6:e8:b1:7f:fd:20:ad:75:50:c0:67:a7:12:26:29:81:27:
b4:ae:67:10:c7:88:92:9b:d3:44:78:bf:ea:c3:dc:76:ef:fb:
4d:67:a8:c4:9c:72:1d:3d:d8:9e:c9:b7:f2:ee:48:b1:f2:d0:
65:a4:c1:31
-----BEGIN CERTIFICATE-----
MIIFTTCCBDWgAwIBAgISAZxgVRPsAnZE92zvcfHQE9XpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjYwMjE1MDgwNTE0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMGUzOTIxY2JjNWFkZGJkZjM3NThjYzUzMjUxM2IxZmFhMDNjZjYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvT+RdY8l81vshH8OtTKOLnhneFYW
rAsMdTZNZRDN4goOh4QK9W/uZm55dXoQ0y9GSbeSL1UttEO+/90BCQfYJ2eXoc0F
GR45cmHBBKyxflg2B0i7M78GmL9EXhAhClXw+2Y8zQQGHU5ShquXHjTUz5+vL7t3
yu8s7iNdkrw3u5eok1EafK3X+kSkNroMZtQCsfDYIFPOORACVzu3e1p9YyfWjCbV
FX/DpzN5T8KSCRDRr26B0N/iFEKJzQ2bJ9X2CDBUQ1qTyQOLxH+g0LIbQHIbaDGq
xpbjtCHu4YgUOPNBWWiRYmanfV7LOIyPMg2ne4cCqwzNJsEePpgmCk5x8QIDAQAB
o4ICWTCCAlUwHQYDVR0OBBYEFMDjkhy8Wt2983WMxTJROx+qA89iMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvd09PU0hMeGEzYjN6ZFl6Rk1sRTdINm9EejJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG8GCCsGAQUFBwEHAQH/BGAwXjBcBAIAATBWAwQAl/FBAwQA
l/GyAwQCl/HQAwQAl/MVAwQBl/NyAwQAl/P0AwQAl/QCAwQCl/SIAwQCl/SgMAwD
BACX9KsDBAKX9LADBAOX9QgDBAOX9agDBACX94QwDQYJKoZIhvcNAQELBQADggEB
AHGqu+sDwklDSM/trUvVS/BJLU8Rz+lPYgYIRV2Xqc3qk6/Zojrpf4js6gkjIjk+
Xk6+xxSvc18hCfsp6JHOiriQxYAsLIDk/zjrCFkVumV2zoytdRk5mvEeNz4yDWxx
wxD6SOL0PfgFejVvgzSCxP7vTG/xkhNoWDGxx6VUJUabuV/oI2hw6QSRPqfoMs2/
ZC0rUyrs4cRrm5I1KVa5Qks5fyhPGamoVdE5rVP2ECFGEqmmkaOkN9W2NyLH7k1y
GkSM0/17wJf26LF//SCtdVDAZ6cSJimBJ7SuZxDHiJKb00R4v+rD3Hbv+01nqMSc
ch092J7Jt/LuSLHy0GWkwTE=
-----END CERTIFICATE-----
Generated at Sun Mar 1 16:22:45 2026 by rpki-client