Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/Sd7kyZwmZkpD5lJtdxI_aEo2Q-s.roa
File: Sd7kyZwmZkpD5lJtdxI_aEo2Q-s.roa (raw, json)
Hash identifier: tDghavlQLRPvf1cGcw1udfgnDRJrsmdIKO1FIOa9CY8=
Subject key identifier: 49:DE:E4:C9:9C:26:66:4A:43:E6:52:6D:77:12:3F:68:4A:36:43:EB
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019CCA014D5357D4F8157A0808016E039C72
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/Sd7kyZwmZkpD5lJtdxI_aEo2Q-s.roa
Signing time: Sat 07 Mar 2026 20:33:28 +0000
ROA not before: Sat 07 Mar 2026 20:33:28 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 211440
IP address blocks: 151.240.113.0/24 maxlen: 24
151.240.117.0/24 maxlen: 24
151.241.0.0/24 maxlen: 24
151.242.78.0/24 maxlen: 24
151.244.1.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ca:01:4d:53:57:d4:f8:15:7a:08:08:01:6e:03:9c:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Mar 7 20:33:28 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=49dee4c99c26664a43e6526d77123f684a3643eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:53:58:23:11:71:7b:27:53:83:62:be:c2:6f:
58:1d:dc:47:d5:22:b3:c2:f4:bf:78:56:db:77:35:
cb:8d:fb:e1:5c:9b:fc:29:ce:5b:8f:1c:03:81:37:
bc:47:b2:67:23:74:5b:35:17:f7:84:29:fb:61:1e:
d0:3e:d5:b5:5b:0f:bd:88:42:f7:ca:d0:3d:64:78:
1b:fe:f1:9d:ec:f4:ee:e2:08:93:56:be:11:da:d9:
f3:bc:2d:84:4f:7e:2e:a2:ea:ba:13:35:f1:c9:2e:
bc:e0:c3:9d:9c:78:02:7d:09:62:07:65:ef:35:a1:
9e:d9:11:14:91:69:5c:71:65:e1:ef:b2:40:e0:db:
d7:2c:09:f0:e1:f2:e2:ca:50:03:7e:77:6a:e9:70:
41:cc:69:c3:e5:76:cc:8b:4d:b4:a7:ae:17:6c:d3:
00:d1:b6:26:f5:ea:d0:28:51:5b:4e:36:70:0f:81:
ab:e6:5c:8f:c8:08:71:f6:ec:51:6f:47:3d:c8:16:
c1:d9:77:6b:a8:70:ce:9b:50:65:98:9d:bb:73:04:
18:57:c9:74:f4:85:85:04:c4:50:aa:ee:fe:ee:e1:
6a:0f:a3:80:0c:79:60:08:06:49:b9:05:88:25:16:
31:92:ac:7b:3c:ce:56:d2:53:e7:4e:3f:c6:c4:80:
04:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:DE:E4:C9:9C:26:66:4A:43:E6:52:6D:77:12:3F:68:4A:36:43:EB
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/Sd7kyZwmZkpD5lJtdxI_aEo2Q-s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.240.113.0/24
151.240.117.0/24
151.241.0.0/24
151.242.78.0/24
151.244.1.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:4f:b9:cd:30:8d:0c:2d:e3:b8:b3:a0:13:a3:9f:c1:95:f0:
6e:2d:9a:bf:bd:8b:09:2d:53:2f:a2:9a:a4:91:15:49:29:9a:
07:a9:0e:58:ae:3c:f0:3e:f2:0c:d4:15:e1:3a:05:23:f2:3b:
03:6f:c9:27:43:c5:b3:66:7e:60:cc:80:96:23:94:5b:75:f9:
58:f6:e3:59:54:94:b5:3c:c9:02:37:ad:da:ce:65:74:9d:43:
26:87:f3:88:ae:04:15:e1:87:82:cd:3a:54:23:03:e8:af:33:
a8:12:93:c0:40:04:f7:34:cf:09:de:12:fc:cf:98:80:1f:03:
67:cd:12:20:8f:2a:ff:86:25:34:37:8b:ac:d5:91:f9:2c:cd:
31:87:44:d6:c2:a6:7f:27:21:cd:76:d5:64:90:71:8b:4c:13:
0e:3c:89:7f:61:db:d5:a9:07:7d:fd:80:20:b6:74:4b:43:18:
34:30:49:88:a7:f6:0d:5e:b4:64:03:fd:3c:9d:e0:3e:ca:84:
11:f2:86:3e:4e:b8:35:d5:14:55:22:26:70:a1:9a:f9:93:d0:
4d:f8:b9:cf:11:0d:9d:01:90:63:19:39:03:7f:84:b0:ba:76:
73:fb:64:da:03:76:2d:b8:28:dd:12:1c:0a:75:c4:63:7a:cf:
8c:1a:1c:3f
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZzKAU1TV9T4FXoICAFuA5xyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjYwMzA3MjAzMzI4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OWRlZTRjOTljMjY2NjRhNDNlNjUyNmQ3NzEyM2Y2ODRhMzY0M2ViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt1NYIxFxeydTg2K+wm9YHdxH1SKz
wvS/eFbbdzXLjfvhXJv8Kc5bjxwDgTe8R7JnI3RbNRf3hCn7YR7QPtW1Ww+9iEL3
ytA9ZHgb/vGd7PTu4giTVr4R2tnzvC2ET34uouq6EzXxyS684MOdnHgCfQliB2Xv
NaGe2REUkWlccWXh77JA4NvXLAnw4fLiylADfndq6XBBzGnD5XbMi020p64XbNMA
0bYm9erQKFFbTjZwD4Gr5lyPyAhx9uxRb0c9yBbB2XdrqHDOm1BlmJ27cwQYV8l0
9IWFBMRQqu7+7uFqD6OADHlgCAZJuQWIJRYxkqx7PM5W0lPnTj/GxIAEtwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFEne5MmcJmZKQ+ZSbXcSP2hKNkPrMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvU2Q3a3lad21aa3BENWxKdGR4SV9hRW8yUS1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAl/BxAwQA
l/B1AwQAl/EAAwQAl/JOAwQAl/QBMA0GCSqGSIb3DQEBCwUAA4IBAQAdT7nNMI0M
LeO4s6ATo5/BlfBuLZq/vYsJLVMvopqkkRVJKZoHqQ5YrjzwPvIM1BXhOgUj8jsD
b8knQ8WzZn5gzICWI5RbdflY9uNZVJS1PMkCN63azmV0nUMmh/OIrgQV4YeCzTpU
IwPorzOoEpPAQAT3NM8J3hL8z5iAHwNnzRIgjyr/hiU0N4us1ZH5LM0xh0TWwqZ/
JyHNdtVkkHGLTBMOPIl/YdvVqQd9/YAgtnRLQxg0MEmIp/YNXrRkA/08neA+yoQR
8oY+Trg11RRVIiZwoZr5k9BN+LnPEQ2dAZBjGTkDf4SwunZz+2TaA3YtuCjdEhwK
dcRjes+MGhw/
-----END CERTIFICATE-----
Generated at Thu Mar 26 11:08:25 2026 by rpki-client