Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/FNo_ZK1R-Or4rIio2utBkZ77LG4.roa
File: FNo_ZK1R-Or4rIio2utBkZ77LG4.roa (raw, json)
Hash identifier: MBLTM4jKxZdIiqyfIvTsPR9cSX8DTTYAUieWw+e/q+Q=
Subject key identifier: 14:DA:3F:64:AD:51:F8:EA:F8:AC:88:A8:DA:EB:41:91:9E:FB:2C:6E
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019EABE775502BE0B463F36CF12D8947D110
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/FNo_ZK1R-Or4rIio2utBkZ77LG4.roa
Signing time: Tue 09 Jun 2026 10:22:13 +0000
ROA not before: Tue 09 Jun 2026 10:22:13 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 16276
IP address blocks: 151.240.1.0/24 maxlen: 24
151.241.68.0/24 maxlen: 24
151.242.103.0/24 maxlen: 24
151.243.160.0/22 maxlen: 22
151.243.236.0/24 maxlen: 24
151.244.78.0/24 maxlen: 24
151.245.54.0/24 maxlen: 24
151.245.111.0/24 maxlen: 24
151.245.127.0/24 maxlen: 24
151.245.238.0/24 maxlen: 24
151.246.177.0/24 maxlen: 24
151.246.190.0/24 maxlen: 24
151.247.37.0/24 maxlen: 24
151.247.76.0/24 maxlen: 24
151.247.192.0/24 maxlen: 24
151.247.217.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 13 Jun 2026 16:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:ab:e7:75:50:2b:e0:b4:63:f3:6c:f1:2d:89:47:d1:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Jun 9 10:22:13 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=14da3f64ad51f8eaf8ac88a8daeb41919efb2c6e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:7c:70:04:d8:38:dd:f8:ad:cc:2a:db:aa:78:
42:ce:43:b3:2c:9a:ae:75:80:c1:69:f1:6a:db:e1:
d3:a1:e0:7f:91:ad:a5:d5:d2:06:af:47:c9:de:5f:
f0:76:a5:cc:af:8c:25:f0:3d:8b:c8:09:35:19:12:
73:13:c1:78:3c:5e:04:2a:35:45:11:f8:35:a8:81:
34:f2:98:7d:1e:ed:c1:20:42:51:31:e7:b6:81:39:
4c:e7:9a:2b:91:dd:09:ff:fc:65:5b:ff:b5:4a:f1:
eb:47:91:93:c7:e7:7d:5e:4b:9e:0a:89:14:a1:76:
5d:33:e3:64:7b:4e:fe:6c:5b:1a:55:72:0d:fe:e5:
e8:0d:3a:c4:4e:96:2b:6e:99:df:79:49:dd:b8:b6:
c3:0a:1b:0f:41:04:1e:57:3f:22:0a:57:18:97:cf:
bd:c3:0e:79:cc:47:eb:16:92:d6:9b:fb:ba:ce:06:
ad:67:b0:ff:fc:81:d7:53:dc:c7:69:0f:32:5a:a9:
ba:38:34:fe:cd:b5:11:5f:81:1f:4f:3f:ad:4c:8e:
cd:e9:38:b3:65:29:77:8f:13:85:de:85:58:f6:94:
3f:04:4c:37:f1:b4:ba:d2:90:a3:da:c4:b1:6f:46:
64:9c:38:0e:1e:66:a6:13:6c:9f:ef:1c:85:79:8b:
b2:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:DA:3F:64:AD:51:F8:EA:F8:AC:88:A8:DA:EB:41:91:9E:FB:2C:6E
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/FNo_ZK1R-Or4rIio2utBkZ77LG4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.240.1.0/24
151.241.68.0/24
151.242.103.0/24
151.243.160.0/22
151.243.236.0/24
151.244.78.0/24
151.245.54.0/24
151.245.111.0/24
151.245.127.0/24
151.245.238.0/24
151.246.177.0/24
151.246.190.0/24
151.247.37.0/24
151.247.76.0/24
151.247.192.0/24
151.247.217.0/24
Signature Algorithm: sha256WithRSAEncryption
b7:7f:20:86:03:9e:76:45:11:6f:4c:42:5a:b6:b5:cc:02:85:
2e:74:7a:46:ab:df:e4:1c:cb:49:31:e6:1f:6b:ce:88:36:4c:
d3:2e:c9:dc:72:0e:e1:29:d3:f4:b3:fb:f1:42:60:61:8c:ec:
50:61:f2:93:bc:eb:31:3d:db:ab:e7:94:03:b0:26:ff:0b:0c:
c8:61:6a:a4:da:9f:e0:42:33:0a:a5:ef:32:05:5f:4d:b7:d1:
5b:a7:ab:34:9d:c5:d3:8f:2f:e3:29:99:dd:ff:ee:09:19:fc:
81:08:e9:58:22:b2:6c:e1:75:c7:ed:0c:a9:f9:68:ae:e7:ac:
44:bd:a1:d4:b6:b2:61:97:83:a0:99:7b:8c:93:c7:e4:e8:60:
d2:65:d4:1b:4c:05:ef:77:a9:4e:50:5f:c5:fd:52:f5:a6:28:
d1:b2:60:57:53:05:07:0d:c8:db:4e:ce:54:81:96:68:27:24:
ae:b7:5d:83:10:e8:29:8a:62:86:1d:7a:94:82:18:c3:5c:b2:
4a:ba:d7:c5:91:83:0e:d4:de:23:80:f6:a1:fb:38:99:a3:cc:
aa:70:0e:82:69:b3:a2:f9:9f:25:55:50:ef:b9:36:ec:9c:07:
30:6e:4c:da:c2:b4:f8:74:76:af:e9:c2:94:42:c5:59:27:35:
b6:42:c0:84
-----BEGIN CERTIFICATE-----
MIIFVzCCBD+gAwIBAgISAZ6r53VQK+C0Y/Ns8S2JR9EQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjYwNjA5MTAyMjEzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNGRhM2Y2NGFkNTFmOGVhZjhhYzg4YThkYWViNDE5MTllZmIyYzZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoXxwBNg43fitzCrbqnhCzkOzLJqu
dYDBafFq2+HToeB/ka2l1dIGr0fJ3l/wdqXMr4wl8D2LyAk1GRJzE8F4PF4EKjVF
Efg1qIE08ph9Hu3BIEJRMee2gTlM55orkd0J//xlW/+1SvHrR5GTx+d9XkueCokU
oXZdM+Nke07+bFsaVXIN/uXoDTrETpYrbpnfeUnduLbDChsPQQQeVz8iClcYl8+9
ww55zEfrFpLWm/u6zgatZ7D//IHXU9zHaQ8yWqm6ODT+zbURX4EfTz+tTI7N6Tiz
ZSl3jxOF3oVY9pQ/BEw38bS60pCj2sSxb0ZknDgOHmamE2yf7xyFeYuyLwIDAQAB
o4ICYzCCAl8wHQYDVR0OBBYEFBTaP2StUfjq+KyIqNrrQZGe+yxuMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvRk5vX1pLMVItT3I0cklpbzJ1dEJrWjc3TEc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHkGCCsGAQUFBwEHAQH/BGowaDBmBAIAATBgAwQAl/ABAwQA
l/FEAwQAl/JnAwQCl/OgAwQAl/PsAwQAl/ROAwQAl/U2AwQAl/VvAwQAl/V/AwQA
l/XuAwQAl/axAwQAl/a+AwQAl/clAwQAl/dMAwQAl/fAAwQAl/fZMA0GCSqGSIb3
DQEBCwUAA4IBAQC3fyCGA552RRFvTEJatrXMAoUudHpGq9/kHMtJMeYfa86INkzT
Lsnccg7hKdP0s/vxQmBhjOxQYfKTvOsxPdur55QDsCb/CwzIYWqk2p/gQjMKpe8y
BV9Nt9Fbp6s0ncXTjy/jKZnd/+4JGfyBCOlYIrJs4XXH7Qyp+Wiu56xEvaHUtrJh
l4OgmXuMk8fk6GDSZdQbTAXvd6lOUF/F/VL1pijRsmBXUwUHDcjbTs5UgZZoJySu
t12DEOgpimKGHXqUghjDXLJKutfFkYMO1N4jgPah+ziZo8yqcA6CabOi+Z8lVVDv
uTbsnAcwbkzawrT4dHav6cKUQsVZJzW2QsCE
-----END CERTIFICATE-----
Generated at Sat Jun 13 01:01:14 2026 by rpki-client