Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/yLpUu-VqRBpeomfueKO-R9aHHF4.roa
File: yLpUu-VqRBpeomfueKO-R9aHHF4.roa (raw, json)
Hash identifier: Q9NqTG8ZL9lVmrt2ASox+CTTSVB8y5OC9T2JKXgJffg=
Subject key identifier: C8:BA:54:BB:E5:6A:44:1A:5E:A2:67:EE:78:A3:BE:47:D6:87:1C:5E
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019D7D50D1513E8951B99BF00DBEB8B7AA7E
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/yLpUu-VqRBpeomfueKO-R9aHHF4.roa
Signing time: Sat 11 Apr 2026 16:12:21 +0000
ROA not before: Sat 11 Apr 2026 16:12:21 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 16509
IP address blocks: 151.240.128.0/21 maxlen: 24
151.240.136.0/21 maxlen: 24
151.240.145.0/24 maxlen: 24
151.240.171.0/24 maxlen: 24
151.241.105.0/24 maxlen: 24
151.241.106.0/24 maxlen: 24
151.241.107.0/24 maxlen: 24
151.241.132.0/22 maxlen: 22
151.242.56.0/24 maxlen: 24
151.242.70.0/24 maxlen: 24
151.242.71.0/24 maxlen: 24
151.242.135.0/24 maxlen: 24
151.243.8.0/23 maxlen: 23
151.243.204.0/23 maxlen: 23
151.244.56.0/24 maxlen: 24
151.245.2.0/24 maxlen: 24
151.245.22.0/24 maxlen: 24
151.245.56.0/22 maxlen: 22
151.245.185.0/24 maxlen: 24
151.245.187.0/24 maxlen: 24
151.245.188.0/24 maxlen: 24
151.246.8.0/21 maxlen: 24
151.246.144.0/24 maxlen: 24
151.247.48.0/24 maxlen: 24
151.247.76.0/24 maxlen: 24
151.247.77.0/24 maxlen: 24
151.247.131.0/24 maxlen: 24
151.247.133.0/24 maxlen: 24
151.247.134.0/24 maxlen: 24
151.247.135.0/24 maxlen: 24
151.247.242.0/24 maxlen: 24
151.247.248.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 18:24:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:7d:50:d1:51:3e:89:51:b9:9b:f0:0d:be:b8:b7:aa:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Apr 11 16:12:21 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=c8ba54bbe56a441a5ea267ee78a3be47d6871c5e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:47:43:2b:c2:b1:4c:5c:b5:80:86:1e:6a:e5:
25:aa:47:ed:a5:52:af:ed:d7:9e:a6:e7:9e:a2:e6:
1e:ff:6d:01:c6:77:d1:ee:2e:ac:77:a7:e5:eb:ad:
f1:40:6b:16:5b:10:9b:70:e4:a2:cc:82:d1:a0:8c:
cc:47:3a:6e:b7:3e:cf:24:19:1a:f4:57:f7:43:0f:
8e:9c:61:c8:f1:04:1a:19:6b:29:84:eb:f7:4b:87:
a9:e5:30:49:c3:97:61:cb:ae:27:1e:ab:10:23:80:
9d:c6:3e:77:f9:73:8a:ff:fc:d1:b9:9a:71:17:62:
ca:89:12:2a:7d:f8:ae:39:b6:f1:95:d4:6f:cb:90:
b3:55:ff:bf:d3:fe:67:41:fc:e9:e6:fd:e9:46:77:
03:5b:40:f4:23:a3:66:1f:c0:2c:d1:32:16:b6:a1:
7a:6a:f3:8c:b8:c1:78:a6:ee:83:5c:81:81:68:58:
5d:2f:5a:7a:7e:e1:b7:6d:41:12:9a:c8:8d:8d:5f:
96:55:4b:17:b7:52:fe:a0:59:00:b1:7a:bf:11:d3:
66:24:97:24:69:7b:c1:8f:15:1c:a0:07:27:3d:1f:
72:56:99:7e:2f:29:d4:58:32:4f:ea:85:4d:0c:c2:
ec:ea:fc:32:f1:1e:f3:0c:d2:c2:43:44:d9:c1:e3:
25:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:BA:54:BB:E5:6A:44:1A:5E:A2:67:EE:78:A3:BE:47:D6:87:1C:5E
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/yLpUu-VqRBpeomfueKO-R9aHHF4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.240.128.0/20
151.240.145.0/24
151.240.171.0/24
151.241.105.0-151.241.107.255
151.241.132.0/22
151.242.56.0/24
151.242.70.0/23
151.242.135.0/24
151.243.8.0/23
151.243.204.0/23
151.244.56.0/24
151.245.2.0/24
151.245.22.0/24
151.245.56.0/22
151.245.185.0/24
151.245.187.0-151.245.188.255
151.246.8.0/21
151.246.144.0/24
151.247.48.0/24
151.247.76.0/23
151.247.131.0/24
151.247.133.0-151.247.135.255
151.247.242.0/24
151.247.248.0/24
Signature Algorithm: sha256WithRSAEncryption
24:fe:8c:1a:8e:8a:ad:30:07:d8:59:c1:56:9e:d4:62:f4:56:
df:5b:1e:b7:78:81:45:d3:03:a5:f5:bb:d9:14:6b:64:7d:56:
d2:37:5d:43:aa:fd:7c:b0:9f:41:c7:c5:7a:e9:53:b2:37:ee:
f6:cb:ff:41:36:8b:47:b9:a9:4e:4d:43:99:10:98:19:1b:a7:
e6:63:29:c9:f3:bc:55:a9:19:b1:af:9b:38:6b:52:09:d5:ff:
4e:2d:83:a3:61:72:d1:3e:1d:9f:04:74:19:c0:b5:7f:9d:3f:
74:d2:80:cb:03:48:56:af:b3:14:6b:10:2d:64:dd:1d:44:8f:
ec:c2:f1:8c:e0:4f:8d:e0:27:7b:a9:b0:61:4a:56:79:cb:e5:
c5:82:c0:cd:b0:f9:a5:16:70:25:03:ac:74:a7:c5:58:8a:ca:
38:5b:51:a5:e8:28:b5:1a:b0:51:11:5c:06:14:4e:72:f1:56:
c9:10:4a:db:73:9b:58:e8:6d:5f:17:aa:d0:e0:ef:32:67:74:
66:f6:79:f2:7c:5e:56:82:d4:1b:15:2b:96:17:ea:20:ad:0d:
0a:08:c1:bc:de:a0:5d:fa:5b:c4:b6:82:c8:7f:72:55:0d:47:
d7:99:76:99:a6:55:76:9d:44:ae:1d:3d:bc:3b:92:9b:ed:98:
28:e0:bc:5d
-----BEGIN CERTIFICATE-----
MIIFpDCCBIygAwIBAgISAZ19UNFRPolRuZvwDb64t6p+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjYwNDExMTYxMjIxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOGJhNTRiYmU1NmE0NDFhNWVhMjY3ZWU3OGEzYmU0N2Q2ODcxYzVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm0dDK8KxTFy1gIYeauUlqkftpVKv
7deepueeouYe/20BxnfR7i6sd6fl663xQGsWWxCbcOSizILRoIzMRzputz7PJBka
9Ff3Qw+OnGHI8QQaGWsphOv3S4ep5TBJw5dhy64nHqsQI4Cdxj53+XOK//zRuZpx
F2LKiRIqffiuObbxldRvy5CzVf+/0/5nQfzp5v3pRncDW0D0I6NmH8As0TIWtqF6
avOMuMF4pu6DXIGBaFhdL1p6fuG3bUESmsiNjV+WVUsXt1L+oFkAsXq/EdNmJJck
aXvBjxUcoAcnPR9yVpl+LynUWDJP6oVNDMLs6vwy8R7zDNLCQ0TZweMlTwIDAQAB
o4ICsDCCAqwwHQYDVR0OBBYEFMi6VLvlakQaXqJn7nijvkfWhxxeMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEveUxwVXUtVnFSQnBlb21mdWVLTy1SOWFISEY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHFBggrBgEFBQcBBwEB/wSBtTCBsjCBrwQCAAEwgagDBASX
8IADBACX8JEDBACX8KswDAMEAJfxaQMEApfxaAMEApfxhAMEAJfyOAMEAZfyRgME
AJfyhwMEAZfzCAMEAZfzzAMEAJf0OAMEAJf1AgMEAJf1FgMEApf1OAMEAJf1uTAM
AwQAl/W7AwQAl/W8AwQDl/YIAwQAl/aQAwQAl/cwAwQBl/dMAwQAl/eDMAwDBACX
94UDBAOX94ADBACX9/IDBACX9/gwDQYJKoZIhvcNAQELBQADggEBACT+jBqOiq0w
B9hZwVae1GL0Vt9bHrd4gUXTA6X1u9kUa2R9VtI3XUOq/Xywn0HHxXrpU7I37vbL
/0E2i0e5qU5NQ5kQmBkbp+ZjKcnzvFWpGbGvmzhrUgnV/04tg6NhctE+HZ8EdBnA
tX+dP3TSgMsDSFavsxRrEC1k3R1Ej+zC8YzgT43gJ3upsGFKVnnL5cWCwM2w+aUW
cCUDrHSnxViKyjhbUaXoKLUasFERXAYUTnLxVskQSttzm1jobV8XqtDg7zJndGb2
efJ8XlaC1BsVK5YX6iCtDQoIwbzeoF36W8S2gsh/clUNR9eZdpmmVXadRK4dPbw7
kpvtmCjgvF0=
-----END CERTIFICATE-----
Generated at Fri Apr 17 04:35:30 2026 by rpki-client