Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/ICkEa2Tl2EhcMSht6hB-uc2vBp8.roa
File: ICkEa2Tl2EhcMSht6hB-uc2vBp8.roa (raw, json)
Hash identifier: bxyuR9zjcSC0n/4vCWGoJNbZj1RW/OdRKu9mPhvQ2UE=
Subject key identifier: 20:29:04:6B:64:E5:D8:48:5C:31:28:6D:EA:10:7E:B9:CD:AF:06:9F
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019E4FBB09094E74FB10C6F9FE8308DBC148
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/ICkEa2Tl2EhcMSht6hB-uc2vBp8.roa
Signing time: Fri 22 May 2026 12:48:38 +0000
ROA not before: Fri 22 May 2026 12:48:38 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 54252
IP address blocks: 151.240.2.0/24 maxlen: 24
151.241.33.0/24 maxlen: 24
151.241.43.0/24 maxlen: 24
151.241.48.0/24 maxlen: 24
151.241.51.0/24 maxlen: 24
151.242.26.0/24 maxlen: 24
151.243.26.0/24 maxlen: 24
151.244.42.0/24 maxlen: 24
151.245.69.0/24 maxlen: 24
151.245.166.0/24 maxlen: 24
151.245.177.0/24 maxlen: 24
151.246.224.0/24 maxlen: 24
151.246.230.0/24 maxlen: 24
151.246.234.0/24 maxlen: 24
151.247.83.0/24 maxlen: 24
151.247.89.0/24 maxlen: 24
151.247.109.0/24 maxlen: 24
151.247.110.0/24 maxlen: 24
151.247.246.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 28 May 2026 13:25:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:4f:bb:09:09:4e:74:fb:10:c6:f9:fe:83:08:db:c1:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: May 22 12:48:38 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=2029046b64e5d8485c31286dea107eb9cdaf069f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:ff:cf:30:a7:0f:68:c1:8f:94:11:e9:b3:3f:
fb:ee:16:6b:6f:50:92:28:0c:f5:77:1e:f0:ec:3d:
42:3e:90:2f:87:19:01:27:1e:82:63:1b:39:59:36:
db:02:31:fd:af:d3:1a:26:6a:10:fe:ab:a9:18:c3:
a0:48:45:74:ba:97:78:8b:18:ec:ca:e9:83:97:7c:
0c:8b:58:5e:ee:aa:16:f8:68:49:4b:c9:23:b6:56:
e0:ce:29:6e:3d:04:b8:90:a2:dc:78:c0:f6:19:23:
bf:90:42:81:ae:e8:fe:6e:76:50:51:c2:ac:1c:2b:
4e:dc:1e:95:c1:d7:cc:61:56:d3:3f:1a:c2:5d:19:
4c:0b:7b:4e:ba:67:7e:4f:20:ec:ad:45:94:d2:94:
83:6f:4a:37:d6:38:97:d9:38:05:5e:ee:5a:fc:29:
98:91:5a:8e:72:3f:be:b9:7d:34:5e:7e:ea:c5:b0:
cb:d4:02:64:5f:01:1b:51:a5:96:22:c4:e2:3d:28:
27:0c:7d:d5:29:82:d6:bb:99:5d:3d:51:6d:c1:f6:
bb:f3:db:ed:b1:29:2f:9f:d7:52:cf:6a:64:6e:a9:
67:ad:fb:41:fd:78:a7:99:6d:2f:da:a1:f9:40:d0:
c5:f1:31:57:5b:19:3d:ca:6a:a3:60:f7:b1:67:32:
a1:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:29:04:6B:64:E5:D8:48:5C:31:28:6D:EA:10:7E:B9:CD:AF:06:9F
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/ICkEa2Tl2EhcMSht6hB-uc2vBp8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.240.2.0/24
151.241.33.0/24
151.241.43.0/24
151.241.48.0/24
151.241.51.0/24
151.242.26.0/24
151.243.26.0/24
151.244.42.0/24
151.245.69.0/24
151.245.166.0/24
151.245.177.0/24
151.246.224.0/24
151.246.230.0/24
151.246.234.0/24
151.247.83.0/24
151.247.89.0/24
151.247.109.0-151.247.110.255
151.247.246.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:b0:ac:99:1e:25:78:2f:08:e6:22:1b:85:16:e1:3d:86:7e:
5b:26:14:e9:03:92:da:a4:a5:4e:da:ed:81:4b:99:3a:2a:4f:
82:97:26:f4:a0:17:8c:81:2e:99:1a:92:c8:24:36:2f:31:4e:
46:2f:a1:91:e4:0c:c3:eb:e5:a3:b3:70:a4:84:ce:d5:34:ba:
a0:77:68:b2:48:1c:be:0d:2f:9b:5a:0f:71:3e:ee:b1:28:33:
2b:06:e8:d0:1e:50:2d:9d:4e:7f:03:f1:bf:56:0a:81:f5:a9:
d1:61:d0:6c:ae:80:0e:93:ca:23:cd:50:c6:d2:fd:2b:0f:3d:
67:e0:e6:e8:26:f8:6f:88:0b:03:bd:8a:aa:3f:71:8a:b2:bd:
5b:0d:52:b6:bf:0b:32:ad:03:dc:e3:16:78:49:55:b7:13:35:
d2:0b:37:14:68:40:a4:96:0b:05:b4:ac:82:9f:b6:21:20:db:
49:90:43:b4:d4:6d:61:07:27:7c:e1:1d:2b:53:86:43:61:e3:
ab:55:0f:57:a6:ad:08:36:0a:3b:1c:44:23:ec:fa:c1:ed:20:
67:57:39:38:5e:2d:c8:c0:2f:49:70:93:b1:e1:b7:c8:81:aa:
cd:15:11:ce:ae:f9:bb:9f:85:6b:00:21:31:51:bb:80:be:27:
13:f2:a4:59
-----BEGIN CERTIFICATE-----
MIIFbDCCBFSgAwIBAgISAZ5PuwkJTnT7EMb5/oMI28FIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjYwNTIyMTI0ODM4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDI5MDQ2YjY0ZTVkODQ4NWMzMTI4NmRlYTEwN2ViOWNkYWYwNjlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3P/PMKcPaMGPlBHpsz/77hZrb1CS
KAz1dx7w7D1CPpAvhxkBJx6CYxs5WTbbAjH9r9MaJmoQ/qupGMOgSEV0upd4ixjs
yumDl3wMi1he7qoW+GhJS8kjtlbgziluPQS4kKLceMD2GSO/kEKBruj+bnZQUcKs
HCtO3B6VwdfMYVbTPxrCXRlMC3tOumd+TyDsrUWU0pSDb0o31jiX2TgFXu5a/CmY
kVqOcj++uX00Xn7qxbDL1AJkXwEbUaWWIsTiPSgnDH3VKYLWu5ldPVFtwfa789vt
sSkvn9dSz2pkbqlnrftB/XinmW0v2qH5QNDF8TFXWxk9ymqjYPexZzKhPQIDAQAB
o4ICeDCCAnQwHQYDVR0OBBYEFCApBGtk5dhIXDEobeoQfrnNrwafMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvSUNrRWEyVGwyRWhjTVNodDZoQi11YzJ2QnA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGNBggrBgEFBQcBBwEB/wR+MHwwegQCAAEwdAMEAJfwAgME
AJfxIQMEAJfxKwMEAJfxMAMEAJfxMwMEAJfyGgMEAJfzGgMEAJf0KgMEAJf1RQME
AJf1pgMEAJf1sQMEAJf24AMEAJf25gMEAJf26gMEAJf3UwMEAJf3WTAMAwQAl/dt
AwQAl/duAwQAl/f2MA0GCSqGSIb3DQEBCwUAA4IBAQA8sKyZHiV4LwjmIhuFFuE9
hn5bJhTpA5LapKVO2u2BS5k6Kk+Clyb0oBeMgS6ZGpLIJDYvMU5GL6GR5AzD6+Wj
s3CkhM7VNLqgd2iySBy+DS+bWg9xPu6xKDMrBujQHlAtnU5/A/G/VgqB9anRYdBs
roAOk8ojzVDG0v0rDz1n4OboJvhviAsDvYqqP3GKsr1bDVK2vwsyrQPc4xZ4SVW3
EzXSCzcUaECklgsFtKyCn7YhINtJkEO01G1hByd84R0rU4ZDYeOrVQ9Xpq0INgo7
HEQj7PrB7SBnVzk4Xi3IwC9JcJOx4bfIgarNFRHOrvm7n4VrACExUbuAvicT8qRZ
-----END CERTIFICATE-----
Generated at Wed May 27 18:15:32 2026 by rpki-client