Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/160905-126b-47df-9899-1199bb979d5a/1/bul7cCcye0_fiMBW8T26IrKEaFo.roa
File: bul7cCcye0_fiMBW8T26IrKEaFo.roa (raw, json)
Hash identifier: XlTvQLT/KDoOAuR6qKvRF2F8gE5XGVYLYkgvKcwffcg=
Subject key identifier: 6E:E9:7B:70:27:32:7B:4F:DF:88:C0:56:F1:3D:BA:22:B2:84:68:5A
Certificate issuer: /CN=2c07bf3b733a5c3a71d9ca8c3626948df712705b
Certificate serial: 019C70C03DCFE2998A1A77C188A5DDF3CF12
Authority key identifier: 2C:07:BF:3B:73:3A:5C:3A:71:D9:CA:8C:36:26:94:8D:F7:12:70:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LAe_O3M6XDpx2cqMNiaUjfcScFs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/160905-126b-47df-9899-1199bb979d5a/1/bul7cCcye0_fiMBW8T26IrKEaFo.roa
Signing time: Wed 18 Feb 2026 12:36:12 +0000
ROA not before: Wed 18 Feb 2026 12:36:12 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 213705
IP address blocks: 153.51.52.0/22 maxlen: 24
153.51.56.0/22 maxlen: 24
153.51.60.0/22 maxlen: 24
153.51.96.0/22 maxlen: 22
153.51.100.0/22 maxlen: 22
153.51.104.0/22 maxlen: 22
153.51.108.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/160905-126b-47df-9899-1199bb979d5a/1/LAe_O3M6XDpx2cqMNiaUjfcScFs.crl
rsync://rpki.ripe.net/repository/DEFAULT/d3/160905-126b-47df-9899-1199bb979d5a/1/LAe_O3M6XDpx2cqMNiaUjfcScFs.mft
rsync://rpki.ripe.net/repository/DEFAULT/LAe_O3M6XDpx2cqMNiaUjfcScFs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 18:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:70:c0:3d:cf:e2:99:8a:1a:77:c1:88:a5:dd:f3:cf:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2c07bf3b733a5c3a71d9ca8c3626948df712705b
Validity
Not Before: Feb 18 12:36:12 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=6ee97b7027327b4fdf88c056f13dba22b284685a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:8f:b5:8d:44:fb:1b:2f:67:c8:6a:1e:f7:47:
ba:65:ca:0d:3d:2d:91:88:d9:d8:35:73:ac:7a:f2:
fb:a8:01:91:5b:bd:50:db:cb:01:50:04:fa:87:af:
c0:ec:a4:90:f4:48:5c:03:67:84:fc:7a:a3:7a:3a:
31:ec:25:30:6a:eb:2e:74:2d:13:a7:04:9c:6f:99:
56:00:d2:66:b9:6e:7a:28:5b:71:3c:17:2f:b3:cd:
b0:57:15:c6:d6:41:57:12:c2:b6:7d:69:94:82:45:
41:c8:e9:6b:b5:0c:a5:45:a2:2a:fb:f1:72:28:ce:
a0:1a:35:70:13:19:a7:24:84:a2:2d:ab:a3:dc:60:
8f:c0:48:28:c2:ea:b6:49:34:74:73:ef:5b:d1:75:
7d:0a:e1:0d:28:21:e8:9c:63:b7:b6:91:41:9b:4b:
72:90:6b:dc:f9:6a:a2:d2:a7:42:31:09:1d:c6:ae:
40:63:5b:56:9f:2d:4c:cb:b9:fd:b1:58:97:6e:41:
23:d6:07:41:34:3a:1d:48:97:0d:23:96:d3:e3:db:
f5:ac:14:2a:d4:76:62:13:47:f6:88:59:d0:74:92:
b8:ba:71:24:ca:21:81:a3:19:35:4a:b6:70:c0:a7:
ec:bc:f7:d4:7d:3c:90:55:65:54:8c:ce:ed:ba:e9:
cd:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:E9:7B:70:27:32:7B:4F:DF:88:C0:56:F1:3D:BA:22:B2:84:68:5A
X509v3 Authority Key Identifier:
keyid:2C:07:BF:3B:73:3A:5C:3A:71:D9:CA:8C:36:26:94:8D:F7:12:70:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LAe_O3M6XDpx2cqMNiaUjfcScFs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/160905-126b-47df-9899-1199bb979d5a/1/bul7cCcye0_fiMBW8T26IrKEaFo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/160905-126b-47df-9899-1199bb979d5a/1/LAe_O3M6XDpx2cqMNiaUjfcScFs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
153.51.52.0-153.51.63.255
153.51.96.0/20
Signature Algorithm: sha256WithRSAEncryption
18:c3:9f:e5:cc:7f:7f:1e:c3:66:a2:e1:86:09:d4:58:0c:54:
33:2c:2f:b0:47:86:8a:c7:46:c5:84:b8:f0:d3:26:38:b7:2c:
2f:34:a6:ed:1d:6a:3c:9a:3f:e5:23:dc:9f:0c:bf:e7:5a:d3:
54:b2:30:dd:7c:cb:91:00:a7:c3:6a:f5:95:35:2a:e1:9c:b4:
95:5c:c2:55:32:62:b3:15:a8:1b:3c:c6:4d:72:9d:02:f5:02:
df:d5:f4:cf:6b:97:32:a6:dd:27:09:9d:8b:b2:47:9d:8d:96:
9e:89:c1:60:69:e4:60:aa:a1:3e:51:42:02:88:87:b5:14:e8:
25:56:98:84:e7:a0:55:67:03:47:33:db:94:f5:7f:c8:a6:54:
23:7c:04:ce:92:18:41:fa:a2:82:13:09:d1:72:9f:09:96:a9:
6c:90:22:2d:32:43:61:22:34:63:8f:cc:af:07:76:74:88:f7:
8a:8e:15:e6:2c:b1:db:2b:f0:3f:7b:37:d2:8d:a9:d6:9b:13:
37:db:6e:f6:96:d8:5f:62:63:72:b8:e5:b7:f5:7a:3d:0c:b9:
b7:01:21:0d:4f:4c:e4:16:37:44:07:e5:35:45:0b:4c:7d:8b:
b4:e8:c5:86:b9:4a:a9:24:83:b9:06:8a:96:16:59:1f:f3:cf:
15:58:8e:98
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZxwwD3P4pmKGnfBiKXd888SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjMDdiZjNiNzMzYTVjM2E3MWQ5Y2E4YzM2MjY5NDhkZjcx
MjcwNWIwHhcNMjYwMjE4MTIzNjEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZWU5N2I3MDI3MzI3YjRmZGY4OGMwNTZmMTNkYmEyMmIyODQ2ODVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvY+1jUT7Gy9nyGoe90e6ZcoNPS2R
iNnYNXOsevL7qAGRW71Q28sBUAT6h6/A7KSQ9EhcA2eE/Hqjejox7CUwausudC0T
pwScb5lWANJmuW56KFtxPBcvs82wVxXG1kFXEsK2fWmUgkVByOlrtQylRaIq+/Fy
KM6gGjVwExmnJISiLauj3GCPwEgowuq2STR0c+9b0XV9CuENKCHonGO3tpFBm0ty
kGvc+Wqi0qdCMQkdxq5AY1tWny1My7n9sViXbkEj1gdBNDodSJcNI5bT49v1rBQq
1HZiE0f2iFnQdJK4unEkyiGBoxk1SrZwwKfsvPfUfTyQVWVUjM7tuunNUQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFG7pe3AnMntP34jAVvE9uiKyhGhaMB8GA1UdIwQY
MBaAFCwHvztzOlw6cdnKjDYmlI33EnBbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTEFlX08zTTZYRHB4MmNxTU5pYVVqZmNTY0ZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy8xNjA5MDUtMTI2Yi00N2RmLTk4OTkt
MTE5OWJiOTc5ZDVhLzEvYnVsN2NDY3llMF9maU1CVzhUMjZJcktFYUZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy8xNjA5MDUtMTI2Yi00N2RmLTk4OTktMTE5OWJiOTc5ZDVh
LzEvTEFlX08zTTZYRHB4MmNxTU5pYVVqZmNTY0ZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAKZMzQD
BAaZMwADBASZM2AwDQYJKoZIhvcNAQELBQADggEBABjDn+XMf38ew2ai4YYJ1FgM
VDMsL7BHhorHRsWEuPDTJji3LC80pu0dajyaP+Uj3J8Mv+da01SyMN18y5EAp8Nq
9ZU1KuGctJVcwlUyYrMVqBs8xk1ynQL1At/V9M9rlzKm3ScJnYuyR52Nlp6JwWBp
5GCqoT5RQgKIh7UU6CVWmITnoFVnA0cz25T1f8imVCN8BM6SGEH6ooITCdFynwmW
qWyQIi0yQ2EiNGOPzK8HdnSI94qOFeYssdsr8D97N9KNqdabEzfbbvaW2F9iY3K4
5bf1ej0MubcBIQ1PTOQWN0QH5TVFC0x9i7ToxYa5Sqkkg7kGipYWWR/zzxVYjpg=
-----END CERTIFICATE-----
Generated at Mon Mar 2 02:44:45 2026 by rpki-client