Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/FEST18sHoFr3uH0KkANtrjHj6J4.roa
File: FEST18sHoFr3uH0KkANtrjHj6J4.roa (raw, json)
Hash identifier: Dsfnfc0y9Nf7K1/5eiGUL7XiVOpWl9gPHfYbN6actxw=
Subject key identifier: 14:44:93:D7:CB:07:A0:5A:F7:B8:7D:0A:90:03:6D:AE:31:E3:E8:9E
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019CDB96B1E5D3DE61F925F07EE82CCD5E69
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/FEST18sHoFr3uH0KkANtrjHj6J4.roa
Signing time: Wed 11 Mar 2026 06:30:12 +0000
ROA not before: Wed 11 Mar 2026 06:30:12 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 16276
IP address blocks: 151.240.1.0/24 maxlen: 24
151.240.24.0/24 maxlen: 24
151.241.68.0/24 maxlen: 24
151.242.103.0/24 maxlen: 24
151.243.6.0/24 maxlen: 24
151.243.120.0/24 maxlen: 24
151.243.160.0/22 maxlen: 22
151.243.236.0/24 maxlen: 24
151.244.78.0/24 maxlen: 24
151.245.54.0/24 maxlen: 24
151.245.111.0/24 maxlen: 24
151.245.127.0/24 maxlen: 24
151.245.238.0/24 maxlen: 24
151.246.177.0/24 maxlen: 24
151.246.190.0/24 maxlen: 24
151.247.37.0/24 maxlen: 24
151.247.76.0/24 maxlen: 24
151.247.192.0/24 maxlen: 24
151.247.217.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Mar 2026 01:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:db:96:b1:e5:d3:de:61:f9:25:f0:7e:e8:2c:cd:5e:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Mar 11 06:30:12 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=144493d7cb07a05af7b87d0a90036dae31e3e89e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:ca:a1:a8:1b:d5:3a:77:d8:a0:9e:6b:9e:6c:
7c:30:92:b9:fe:78:c7:32:85:f6:e1:82:de:a7:09:
fe:0e:14:6c:16:37:af:1d:32:0e:14:be:71:ed:8d:
43:0c:4d:25:19:f1:d1:b3:5e:5f:bb:68:22:e4:f3:
ee:8e:6f:c1:cb:b7:63:b1:f7:d6:70:e1:2a:82:7f:
dc:9b:3a:92:3a:66:7d:7e:30:25:86:2f:64:d8:78:
3a:c9:10:88:0c:7e:e1:41:25:2f:81:ff:94:a5:e9:
5a:b6:fa:a6:22:e3:da:00:a6:78:ab:21:c1:c6:db:
29:87:c0:2f:63:aa:4a:6b:9e:d9:f6:b4:d3:61:35:
7e:41:73:fc:15:91:99:04:b9:fd:eb:94:8d:b2:6b:
10:b8:22:51:03:a0:1f:03:a3:5a:26:c8:7c:b7:38:
9b:d2:11:2b:15:0d:48:2e:2b:2d:4e:68:01:ca:cc:
25:1a:90:a1:33:e0:66:98:80:99:39:b8:fb:58:6e:
d8:14:1b:65:32:fe:06:a4:78:2d:bc:69:c1:e5:2b:
47:31:51:9e:34:72:c5:4b:7c:32:79:d8:7f:7c:70:
88:64:93:bd:77:8d:b3:90:2a:4e:e1:89:a7:6b:17:
2b:8f:32:62:ca:d7:0b:c3:4f:fc:cb:d8:21:7b:61:
38:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:44:93:D7:CB:07:A0:5A:F7:B8:7D:0A:90:03:6D:AE:31:E3:E8:9E
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/FEST18sHoFr3uH0KkANtrjHj6J4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.240.1.0/24
151.240.24.0/24
151.241.68.0/24
151.242.103.0/24
151.243.6.0/24
151.243.120.0/24
151.243.160.0/22
151.243.236.0/24
151.244.78.0/24
151.245.54.0/24
151.245.111.0/24
151.245.127.0/24
151.245.238.0/24
151.246.177.0/24
151.246.190.0/24
151.247.37.0/24
151.247.76.0/24
151.247.192.0/24
151.247.217.0/24
Signature Algorithm: sha256WithRSAEncryption
ae:67:fa:05:6d:ad:c2:67:e2:83:ab:3c:fa:22:61:5c:9d:0d:
bc:34:0d:d7:44:0f:a3:a7:2f:2f:87:0b:5e:29:97:97:8d:a9:
86:76:bf:93:7c:8e:ef:e3:2c:ba:b6:2a:e7:d7:86:31:c1:b8:
c7:4b:1c:45:1b:f2:5f:54:80:4c:62:de:ec:ac:73:64:d0:57:
01:43:80:34:e3:9a:6d:1f:d8:f3:12:30:cd:1e:40:9c:10:c8:
94:f9:bd:6c:5d:cb:6e:48:b0:25:53:b6:2e:e2:fd:e8:ec:5e:
a1:9f:67:c6:59:02:20:32:8c:05:96:c3:13:af:3e:ba:6d:e4:
ae:b9:42:ec:2a:57:31:eb:f0:7c:c9:6e:c1:e0:07:a7:f6:ee:
62:ab:11:61:ca:5f:f5:8c:e2:b5:1d:9a:65:87:0e:5c:51:a3:
45:1c:5e:e7:cc:b7:5c:df:f9:fd:34:f8:16:05:b4:52:da:70:
71:38:a2:3b:af:a3:60:99:fb:a8:5c:b1:ad:3e:29:32:5a:11:
22:28:a6:b2:02:29:20:a3:dd:e6:d3:b3:9e:35:ca:a8:be:c5:
9e:6b:5b:6c:52:b0:b4:9c:e9:ef:6f:59:30:f5:4c:bd:af:7e:
9e:d1:da:a6:2b:d0:0d:20:eb:58:e6:39:fb:5f:8a:bd:a7:f0:
24:1a:6d:f9
-----BEGIN CERTIFICATE-----
MIIFajCCBFKgAwIBAgISAZzblrHl095h+SXwfugszV5pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjYwMzExMDYzMDEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNDQ0OTNkN2NiMDdhMDVhZjdiODdkMGE5MDAzNmRhZTMxZTNlODllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAocqhqBvVOnfYoJ5rnmx8MJK5/njH
MoX24YLepwn+DhRsFjevHTIOFL5x7Y1DDE0lGfHRs15fu2gi5PPujm/By7djsffW
cOEqgn/cmzqSOmZ9fjAlhi9k2Hg6yRCIDH7hQSUvgf+UpelatvqmIuPaAKZ4qyHB
xtsph8AvY6pKa57Z9rTTYTV+QXP8FZGZBLn965SNsmsQuCJRA6AfA6NaJsh8tzib
0hErFQ1IListTmgByswlGpChM+BmmICZObj7WG7YFBtlMv4GpHgtvGnB5StHMVGe
NHLFS3wyedh/fHCIZJO9d42zkCpO4YmnaxcrjzJiytcLw0/8y9ghe2E4gQIDAQAB
o4ICdjCCAnIwHQYDVR0OBBYEFBREk9fLB6Ba97h9CpADba4x4+ieMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvRkVTVDE4c0hvRnIzdUgwS2tBTnRyakhqNko0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGLBggrBgEFBQcBBwEB/wR8MHoweAQCAAEwcgMEAJfwAQME
AJfwGAMEAJfxRAMEAJfyZwMEAJfzBgMEAJfzeAMEApfzoAMEAJfz7AMEAJf0TgME
AJf1NgMEAJf1bwMEAJf1fwMEAJf17gMEAJf2sQMEAJf2vgMEAJf3JQMEAJf3TAME
AJf3wAMEAJf32TANBgkqhkiG9w0BAQsFAAOCAQEArmf6BW2twmfig6s8+iJhXJ0N
vDQN10QPo6cvL4cLXimXl42phna/k3yO7+MsurYq59eGMcG4x0scRRvyX1SATGLe
7KxzZNBXAUOANOOabR/Y8xIwzR5AnBDIlPm9bF3LbkiwJVO2LuL96OxeoZ9nxlkC
IDKMBZbDE68+um3krrlC7CpXMevwfMluweAHp/buYqsRYcpf9YzitR2aZYcOXFGj
RRxe58y3XN/5/TT4FgW0UtpwcTiiO6+jYJn7qFyxrT4pMloRIiimsgIpIKPd5tOz
njXKqL7FnmtbbFKwtJzp729ZMPVMva9+ntHapivQDSDrWOY5+1+KvafwJBpt+Q==
-----END CERTIFICATE-----
Generated at Sat Mar 14 06:14:09 2026 by rpki-client