Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/jTYmUDRP9dO4PPaPgtcG9r8tudM.roa
File: jTYmUDRP9dO4PPaPgtcG9r8tudM.roa (raw, json)
Hash identifier: KB3mQKDSSyRGLg/3jPsTUdvCTdFA4S/nh0U9G/mLEto=
Subject key identifier: 8D:36:26:50:34:4F:F5:D3:B8:3C:F6:8F:82:D7:06:F6:BF:2D:B9:D3
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019E17C133CFC235007E00F28C9BC4835C61
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/jTYmUDRP9dO4PPaPgtcG9r8tudM.roa
Signing time: Mon 11 May 2026 15:56:38 +0000
ROA not before: Mon 11 May 2026 15:56:38 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 14618
IP address blocks: 151.240.128.0/21 maxlen: 24
151.240.136.0/21 maxlen: 24
151.240.145.0/24 maxlen: 24
151.240.171.0/24 maxlen: 24
151.241.105.0/24 maxlen: 24
151.241.106.0/24 maxlen: 24
151.241.107.0/24 maxlen: 24
151.241.132.0/22 maxlen: 22
151.242.56.0/24 maxlen: 24
151.242.70.0/24 maxlen: 24
151.242.71.0/24 maxlen: 24
151.242.135.0/24 maxlen: 24
151.243.8.0/23 maxlen: 23
151.243.204.0/23 maxlen: 23
151.244.56.0/24 maxlen: 24
151.245.2.0/24 maxlen: 24
151.245.22.0/24 maxlen: 24
151.245.56.0/22 maxlen: 22
151.245.185.0/24 maxlen: 24
151.245.187.0/24 maxlen: 24
151.245.188.0/24 maxlen: 24
151.246.8.0/21 maxlen: 24
151.247.48.0/24 maxlen: 24
151.247.76.0/24 maxlen: 24
151.247.77.0/24 maxlen: 24
151.247.128.0/23 maxlen: 24
151.247.131.0/24 maxlen: 24
151.247.133.0/24 maxlen: 24
151.247.134.0/24 maxlen: 24
151.247.135.0/24 maxlen: 24
151.247.143.0/24 maxlen: 24
151.247.242.0/24 maxlen: 24
151.247.248.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 17:04:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:17:c1:33:cf:c2:35:00:7e:00:f2:8c:9b:c4:83:5c:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: May 11 15:56:38 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=8d362650344ff5d3b83cf68f82d706f6bf2db9d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:d2:73:35:b4:36:8b:74:b1:e8:23:31:fc:9d:
0f:11:f3:0d:ad:49:bd:5d:31:a8:1b:c2:17:d9:c4:
d9:80:93:0d:3c:41:49:62:9e:34:77:ef:6f:8f:62:
08:83:68:1b:14:05:a3:ca:b5:7e:46:02:f3:f9:87:
6e:7f:7a:01:fd:d6:ee:73:71:95:bf:e5:78:08:6b:
7e:60:3f:e9:b5:fa:17:0b:56:a3:88:9b:bb:0d:e3:
7d:23:3c:ad:9d:4a:3c:4b:c0:01:1b:a2:30:f3:a4:
a0:8e:b7:1f:07:a4:b9:57:b5:d5:87:02:03:e3:09:
4b:fa:63:09:a1:bc:50:e7:7c:93:43:01:86:76:84:
76:10:0e:21:21:af:b1:60:22:3c:68:44:a0:1d:f8:
e3:5d:a2:24:e9:8c:14:0a:5f:38:63:15:20:8f:df:
88:3d:41:c9:87:81:5a:0c:e6:01:8c:01:2c:9e:0f:
61:1c:c8:d1:dc:fa:da:fc:10:bc:2d:44:2f:a6:dd:
ba:d2:08:bb:58:4a:f0:f6:21:79:d7:12:53:58:42:
a5:8e:06:17:c0:e9:ae:d2:ca:aa:41:74:39:e6:3b:
03:21:6b:74:d6:91:14:18:d7:24:bd:a3:7a:d7:2c:
79:a7:80:69:b6:6d:91:2a:28:98:39:f4:13:61:52:
ab:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:36:26:50:34:4F:F5:D3:B8:3C:F6:8F:82:D7:06:F6:BF:2D:B9:D3
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/jTYmUDRP9dO4PPaPgtcG9r8tudM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.240.128.0/20
151.240.145.0/24
151.240.171.0/24
151.241.105.0-151.241.107.255
151.241.132.0/22
151.242.56.0/24
151.242.70.0/23
151.242.135.0/24
151.243.8.0/23
151.243.204.0/23
151.244.56.0/24
151.245.2.0/24
151.245.22.0/24
151.245.56.0/22
151.245.185.0/24
151.245.187.0-151.245.188.255
151.246.8.0/21
151.247.48.0/24
151.247.76.0/23
151.247.128.0/23
151.247.131.0/24
151.247.133.0-151.247.135.255
151.247.143.0/24
151.247.242.0/24
151.247.248.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:17:88:d2:1a:77:7c:ed:ab:96:18:75:9c:b1:f7:ca:3e:76:
d0:f0:d4:6c:5f:f9:0d:d4:a6:a2:82:04:d3:a9:5d:e6:6d:4f:
fb:5d:48:89:00:86:90:ca:d0:f6:99:bd:ee:b5:8b:57:17:e1:
69:10:ad:9d:ba:63:59:3f:39:02:4a:01:6e:ce:3b:5d:02:ba:
fb:ca:c3:8e:7c:62:c1:95:2a:0f:62:e7:5f:c3:2a:41:cd:8c:
2f:92:3f:29:c1:f5:0c:e8:38:1e:60:7b:91:83:73:da:9a:95:
81:0d:70:6a:aa:68:98:91:c4:14:78:77:6b:33:93:34:d6:ee:
4d:9b:9c:92:0e:0f:64:c8:cf:47:78:7c:34:55:28:a7:b3:bc:
94:2d:41:2e:99:71:9e:7e:07:e5:ba:ed:64:0f:1e:a8:7b:e3:
2b:c7:76:93:d3:60:c5:84:5b:99:55:46:90:f8:0d:e8:d1:76:
ba:59:5b:e4:0a:2e:55:f9:34:b1:5b:db:a0:c6:ee:4d:77:6f:
46:f2:ed:70:08:4a:7f:12:32:04:cf:71:c8:3b:4c:c7:6e:5e:
6c:07:7f:52:1a:bd:b2:4c:1f:a0:19:a2:d7:75:39:02:51:3e:
fc:cb:ee:17:53:8c:b0:f9:8a:92:39:16:6c:ba:cf:5a:da:cd:
bd:53:76:20
-----BEGIN CERTIFICATE-----
MIIFqjCCBJKgAwIBAgISAZ4XwTPPwjUAfgDyjJvEg1xhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjYwNTExMTU1NjM4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDM2MjY1MDM0NGZmNWQzYjgzY2Y2OGY4MmQ3MDZmNmJmMmRiOWQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArtJzNbQ2i3Sx6CMx/J0PEfMNrUm9
XTGoG8IX2cTZgJMNPEFJYp40d+9vj2IIg2gbFAWjyrV+RgLz+Yduf3oB/dbuc3GV
v+V4CGt+YD/ptfoXC1ajiJu7DeN9IzytnUo8S8ABG6Iw86SgjrcfB6S5V7XVhwID
4wlL+mMJobxQ53yTQwGGdoR2EA4hIa+xYCI8aESgHfjjXaIk6YwUCl84YxUgj9+I
PUHJh4FaDOYBjAEsng9hHMjR3Pra/BC8LUQvpt260gi7WErw9iF51xJTWEKljgYX
wOmu0sqqQXQ55jsDIWt01pEUGNckvaN61yx5p4Bptm2RKiiYOfQTYVKrmQIDAQAB
o4ICtjCCArIwHQYDVR0OBBYEFI02JlA0T/XTuDz2j4LXBva/LbnTMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvalRZbVVEUlA5ZE80UFBhUGd0Y0c5cjh0dWRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHLBggrBgEFBQcBBwEB/wSBuzCBuDCBtQQCAAEwga4DBASX
8IADBACX8JEDBACX8KswDAMEAJfxaQMEApfxaAMEApfxhAMEAJfyOAMEAZfyRgME
AJfyhwMEAZfzCAMEAZfzzAMEAJf0OAMEAJf1AgMEAJf1FgMEApf1OAMEAJf1uTAM
AwQAl/W7AwQAl/W8AwQDl/YIAwQAl/cwAwQBl/dMAwQBl/eAAwQAl/eDMAwDBACX
94UDBAOX94ADBACX948DBACX9/IDBACX9/gwDQYJKoZIhvcNAQELBQADggEBAGsX
iNIad3ztq5YYdZyx98o+dtDw1Gxf+Q3UpqKCBNOpXeZtT/tdSIkAhpDK0PaZve61
i1cX4WkQrZ26Y1k/OQJKAW7OO10CuvvKw458YsGVKg9i51/DKkHNjC+SPynB9Qzo
OB5ge5GDc9qalYENcGqqaJiRxBR4d2szkzTW7k2bnJIOD2TIz0d4fDRVKKezvJQt
QS6ZcZ5+B+W67WQPHqh74yvHdpPTYMWEW5lVRpD4DejRdrpZW+QKLlX5NLFb26DG
7k13b0by7XAISn8SMgTPccg7TMduXmwHf1IavbJMH6AZotd1OQJRPvzL7hdTjLD5
ipI5Fmy6z1razb1TdiA=
-----END CERTIFICATE-----
Generated at Wed May 13 02:40:13 2026 by rpki-client