Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/7th7KQLkAbitpF-ozLbc4dQINFI.roa
File: 7th7KQLkAbitpF-ozLbc4dQINFI.roa (raw, json)
Hash identifier: ruD3xCJQ0S4prapkFSj/2SWkteToS/x+1pqX+EPDjHU=
Subject key identifier: EE:D8:7B:29:02:E4:01:B8:AD:A4:5F:A8:CC:B6:DC:E1:D4:08:34:52
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019DB07C472DCDF4C075A532C8D55E332975
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/7th7KQLkAbitpF-ozLbc4dQINFI.roa
Signing time: Tue 21 Apr 2026 14:40:27 +0000
ROA not before: Tue 21 Apr 2026 14:40:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 209104
IP address blocks: 151.240.154.0/24 maxlen: 24
151.243.157.0/24 maxlen: 24
151.245.141.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 07 May 2026 21:44:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:b0:7c:47:2d:cd:f4:c0:75:a5:32:c8:d5:5e:33:29:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Apr 21 14:40:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=eed87b2902e401b8ada45fa8ccb6dce1d4083452
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:ae:29:6a:0f:a1:ec:09:0a:aa:bf:a7:ce:4c:
4e:e5:e3:b3:8c:9c:c1:49:03:2c:aa:bf:20:be:a1:
7e:b0:8b:e2:95:a6:13:7d:5b:43:68:60:f7:e3:0a:
5d:f0:5e:0e:7a:a3:51:a6:a5:40:40:18:d5:59:2e:
8d:5a:de:f8:34:97:5f:14:9b:be:8e:c1:15:7e:98:
fe:a0:38:a4:ab:2d:e8:b4:e3:28:a1:82:98:ff:e1:
3e:a4:40:69:de:05:c6:9e:d6:f6:43:4a:39:65:10:
49:fe:cb:4e:4d:85:16:f0:98:2b:66:42:e9:41:95:
86:75:47:8d:16:31:34:cc:d4:b3:aa:40:a2:8f:51:
03:66:7d:30:48:9a:68:5c:90:db:5c:53:38:dc:11:
fc:74:4e:60:f6:02:9f:ed:18:4c:49:ae:db:fb:97:
ff:91:df:d1:f9:0e:3d:95:63:ed:41:0c:62:72:8c:
50:03:59:a7:6c:28:d0:d8:b5:9d:63:68:02:12:61:
63:ba:ed:4f:a1:b6:1c:63:48:e0:93:04:31:a6:00:
0c:f8:9c:87:ea:9d:30:ff:89:86:e6:d8:93:24:c1:
03:38:95:ec:e8:9d:b3:94:4c:84:54:b2:09:4d:f2:
46:0a:4a:e0:14:89:b0:cb:22:f7:15:4d:5e:b3:e7:
78:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:D8:7B:29:02:E4:01:B8:AD:A4:5F:A8:CC:B6:DC:E1:D4:08:34:52
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/7th7KQLkAbitpF-ozLbc4dQINFI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.240.154.0/24
151.243.157.0/24
151.245.141.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:19:bf:1c:fe:ab:aa:4a:ea:8f:b4:22:9c:b8:13:aa:4f:a5:
36:59:d3:d5:27:34:c8:1f:fd:d2:fe:06:0d:3b:eb:91:e1:44:
3e:ca:3a:a9:0d:79:ea:98:10:f5:27:6d:d1:6c:2b:1b:4b:73:
b1:01:06:b9:75:5c:73:18:67:ac:b7:59:b2:d4:c7:fe:0a:87:
00:6f:15:d5:b0:d5:b3:0b:fe:c4:ae:2c:75:5e:18:6f:86:de:
de:60:c9:ba:da:6d:5a:93:db:3d:ee:cc:ff:d2:ec:84:bf:b6:
83:2f:08:94:a9:65:02:38:04:a7:8d:86:15:2f:b8:15:77:ba:
d9:3f:6d:67:f3:dc:dc:73:0b:2b:82:35:d1:08:1c:92:aa:a4:
d0:be:e3:78:ad:81:a6:35:ea:bb:7d:73:c0:53:50:db:11:94:
28:e1:c6:25:ef:a8:92:f7:43:cc:99:b9:9b:64:c9:52:30:55:
e3:f0:50:24:27:c8:ef:37:b4:07:31:6e:34:59:47:fb:70:93:
93:55:69:b6:48:ea:69:25:b8:e1:0f:3b:3f:61:80:ac:b4:60:
8e:f0:64:90:9b:5a:8b:d3:5e:6c:09:19:ae:af:02:62:ca:bd:
00:1f:5f:51:f5:94:0d:03:bd:0c:5f:67:6f:0a:cd:8e:90:8a:
00:c0:aa:2e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZ2wfEctzfTAdaUyyNVeMyl1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjYwNDIxMTQ0MDI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZWQ4N2IyOTAyZTQwMWI4YWRhNDVmYThjY2I2ZGNlMWQ0MDgzNDUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5K4pag+h7AkKqr+nzkxO5eOzjJzB
SQMsqr8gvqF+sIvilaYTfVtDaGD34wpd8F4OeqNRpqVAQBjVWS6NWt74NJdfFJu+
jsEVfpj+oDikqy3otOMooYKY/+E+pEBp3gXGntb2Q0o5ZRBJ/stOTYUW8JgrZkLp
QZWGdUeNFjE0zNSzqkCij1EDZn0wSJpoXJDbXFM43BH8dE5g9gKf7RhMSa7b+5f/
kd/R+Q49lWPtQQxicoxQA1mnbCjQ2LWdY2gCEmFjuu1PobYcY0jgkwQxpgAM+JyH
6p0w/4mG5tiTJMEDOJXs6J2zlEyEVLIJTfJGCkrgFImwyyL3FU1es+d4ZwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFO7YeykC5AG4raRfqMy23OHUCDRSMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvN3RoN0tRTGtBYml0cEYtb3pMYmM0ZFFJTkZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAl/CaAwQA
l/OdAwQAl/WNMA0GCSqGSIb3DQEBCwUAA4IBAQBMGb8c/quqSuqPtCKcuBOqT6U2
WdPVJzTIH/3S/gYNO+uR4UQ+yjqpDXnqmBD1J23RbCsbS3OxAQa5dVxzGGest1my
1Mf+CocAbxXVsNWzC/7Erix1Xhhvht7eYMm62m1ak9s97sz/0uyEv7aDLwiUqWUC
OASnjYYVL7gVd7rZP21n89zccwsrgjXRCBySqqTQvuN4rYGmNeq7fXPAU1DbEZQo
4cYl76iS90PMmbmbZMlSMFXj8FAkJ8jvN7QHMW40WUf7cJOTVWm2SOppJbjhDzs/
YYCstGCO8GSQm1qL015sCRmurwJiyr0AH19R9ZQNA70MX2dvCs2OkIoAwKou
-----END CERTIFICATE-----
Generated at Thu May 7 05:37:57 2026 by rpki-client