Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/N6aPZ1lzxBE_ArzOj85_tGtIbKs.roa
File: N6aPZ1lzxBE_ArzOj85_tGtIbKs.roa (raw, json)
Hash identifier: u7m2UWrRUZSPSqyb/qMUNI6OHD0Wq7F8PkzYHCbhAKU=
Subject key identifier: 37:A6:8F:67:59:73:C4:11:3F:02:BC:CE:8F:CE:7F:B4:6B:48:6C:AB
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019C2DCAD8AC29E4BE1EA236502F022A5F3E
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/N6aPZ1lzxBE_ArzOj85_tGtIbKs.roa
Signing time: Thu 05 Feb 2026 12:33:14 +0000
ROA not before: Thu 05 Feb 2026 12:33:14 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 14618
IP address blocks: 151.240.128.0/21 maxlen: 24
151.240.136.0/21 maxlen: 24
151.240.145.0/24 maxlen: 24
151.240.171.0/24 maxlen: 24
151.241.105.0/24 maxlen: 24
151.241.106.0/24 maxlen: 24
151.241.107.0/24 maxlen: 24
151.241.132.0/22 maxlen: 22
151.242.56.0/24 maxlen: 24
151.242.70.0/24 maxlen: 24
151.242.71.0/24 maxlen: 24
151.242.135.0/24 maxlen: 24
151.243.8.0/23 maxlen: 23
151.243.204.0/23 maxlen: 23
151.244.56.0/24 maxlen: 24
151.245.2.0/24 maxlen: 24
151.245.22.0/24 maxlen: 24
151.245.56.0/22 maxlen: 22
151.245.185.0/24 maxlen: 24
151.245.187.0/24 maxlen: 24
151.245.188.0/24 maxlen: 24
151.246.8.0/21 maxlen: 24
151.247.41.0/24 maxlen: 24
151.247.44.0/24 maxlen: 24
151.247.45.0/24 maxlen: 24
151.247.75.0/24 maxlen: 24
151.247.77.0/24 maxlen: 24
151.247.78.0/24 maxlen: 24
151.247.102.0/24 maxlen: 24
151.247.133.0/24 maxlen: 24
151.247.134.0/24 maxlen: 24
151.247.135.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 22 Feb 2026 00:56:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:2d:ca:d8:ac:29:e4:be:1e:a2:36:50:2f:02:2a:5f:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Feb 5 12:33:14 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=37a68f675973c4113f02bcce8fce7fb46b486cab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:35:5c:84:13:92:ac:f8:f7:5e:3a:0f:de:51:
41:7c:af:af:a4:7b:59:09:1e:e9:d5:70:53:eb:0e:
d6:29:28:2e:41:26:0c:ae:d6:78:be:dc:30:60:76:
5f:71:5b:a9:8a:1f:28:03:16:ca:76:d0:77:8d:8f:
bc:b2:dd:c2:31:42:06:f9:6c:a7:c4:9d:c7:65:20:
d4:95:5b:cd:43:8c:aa:ec:a6:7f:d3:09:9d:da:04:
24:25:1a:18:51:b3:82:81:16:ec:2a:ca:d9:ed:65:
3a:af:97:8a:91:8f:1f:f7:f9:24:b9:41:a6:5c:77:
e5:8f:ce:a4:a5:92:f2:10:17:b1:3e:f7:00:0b:db:
a3:dc:b8:a9:6e:b5:6b:d2:ad:6b:3c:b8:37:44:8b:
5e:49:35:51:8d:21:ac:81:97:a2:c9:d5:46:3f:44:
4f:18:86:b2:20:2a:f0:62:f4:5b:6a:c4:45:e3:51:
24:83:82:54:0e:79:9f:72:b5:37:d3:f7:52:9b:f3:
1f:77:7a:55:8f:52:f0:46:42:f3:eb:7d:97:5d:a9:
5d:25:61:29:a8:e1:52:14:ed:fe:bc:33:5a:64:14:
64:30:b5:92:b6:ae:4f:d4:2c:79:54:ff:a2:9e:8a:
2f:74:fd:8d:ab:16:50:9b:03:86:37:d4:87:20:e9:
a5:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:A6:8F:67:59:73:C4:11:3F:02:BC:CE:8F:CE:7F:B4:6B:48:6C:AB
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/N6aPZ1lzxBE_ArzOj85_tGtIbKs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.240.128.0/20
151.240.145.0/24
151.240.171.0/24
151.241.105.0-151.241.107.255
151.241.132.0/22
151.242.56.0/24
151.242.70.0/23
151.242.135.0/24
151.243.8.0/23
151.243.204.0/23
151.244.56.0/24
151.245.2.0/24
151.245.22.0/24
151.245.56.0/22
151.245.185.0/24
151.245.187.0-151.245.188.255
151.246.8.0/21
151.247.41.0/24
151.247.44.0/23
151.247.75.0/24
151.247.77.0-151.247.78.255
151.247.102.0/24
151.247.133.0-151.247.135.255
Signature Algorithm: sha256WithRSAEncryption
3e:78:ba:32:d3:62:60:7a:b0:c9:83:e9:fd:00:dc:94:5a:52:
cb:d7:1f:aa:f1:b1:3c:24:b2:53:03:e1:f1:87:97:89:27:31:
70:94:1f:24:73:58:eb:7e:2a:28:fb:1b:27:ba:5a:e1:22:bf:
b7:64:53:5b:88:ec:16:50:56:a7:77:7d:17:a5:b2:35:2f:bc:
b3:24:b3:0f:a6:87:3b:73:96:3b:ca:94:8d:78:c1:aa:b8:41:
41:7c:b7:82:63:76:08:55:74:5e:16:a6:62:d4:fc:bd:ee:64:
52:46:7a:4b:aa:5b:6d:df:91:00:e9:27:73:61:07:eb:92:27:
fa:a8:9a:5a:ba:cf:9f:46:ab:ea:82:f2:c3:93:af:6a:a3:e7:
52:fc:bb:ee:15:27:6a:79:6e:0b:7f:54:74:94:79:bd:3c:b6:
f2:ed:4f:65:2e:be:2e:5f:92:c0:d0:ca:4b:c3:62:cf:4b:18:
c5:c8:13:e3:1d:8d:d1:b4:23:2c:3b:db:f5:e9:62:ed:5d:f1:
4c:27:d3:34:92:09:bf:b2:5b:e7:2a:b4:ff:1d:da:52:74:74:
7d:e2:4b:48:d1:fc:eb:24:f3:1b:b4:78:f2:99:22:de:b4:79:
ec:b8:73:d6:44:c5:93:5c:de:bc:24:c9:9e:12:39:11:ff:e4:
e6:bf:8a:b2
-----BEGIN CERTIFICATE-----
MIIFpjCCBI6gAwIBAgISAZwtytisKeS+HqI2UC8CKl8+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjYwMjA1MTIzMzE0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzN2E2OGY2NzU5NzNjNDExM2YwMmJjY2U4ZmNlN2ZiNDZiNDg2Y2FiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmDVchBOSrPj3XjoP3lFBfK+vpHtZ
CR7p1XBT6w7WKSguQSYMrtZ4vtwwYHZfcVupih8oAxbKdtB3jY+8st3CMUIG+Wyn
xJ3HZSDUlVvNQ4yq7KZ/0wmd2gQkJRoYUbOCgRbsKsrZ7WU6r5eKkY8f9/kkuUGm
XHflj86kpZLyEBexPvcAC9uj3LipbrVr0q1rPLg3RIteSTVRjSGsgZeiydVGP0RP
GIayICrwYvRbasRF41Ekg4JUDnmfcrU30/dSm/Mfd3pVj1LwRkLz632XXaldJWEp
qOFSFO3+vDNaZBRkMLWStq5P1Cx5VP+inoovdP2NqxZQmwOGN9SHIOml+QIDAQAB
o4ICsjCCAq4wHQYDVR0OBBYEFDemj2dZc8QRPwK8zo/Of7RrSGyrMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvTjZhUFoxbHp4QkVfQXJ6T2o4NV90R3RJYktzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHHBggrBgEFBQcBBwEB/wSBtzCBtDCBsQQCAAEwgaoDBASX
8IADBACX8JEDBACX8KswDAMEAJfxaQMEApfxaAMEApfxhAMEAJfyOAMEAZfyRgME
AJfyhwMEAZfzCAMEAZfzzAMEAJf0OAMEAJf1AgMEAJf1FgMEApf1OAMEAJf1uTAM
AwQAl/W7AwQAl/W8AwQDl/YIAwQAl/cpAwQBl/csAwQAl/dLMAwDBACX900DBACX
904DBACX92YwDAMEAJf3hQMEA5f3gDANBgkqhkiG9w0BAQsFAAOCAQEAPni6MtNi
YHqwyYPp/QDclFpSy9cfqvGxPCSyUwPh8YeXiScxcJQfJHNY634qKPsbJ7pa4SK/
t2RTW4jsFlBWp3d9F6WyNS+8sySzD6aHO3OWO8qUjXjBqrhBQXy3gmN2CFV0Xham
YtT8ve5kUkZ6S6pbbd+RAOknc2EH65In+qiaWrrPn0ar6oLyw5OvaqPnUvy77hUn
anluC39UdJR5vTy28u1PZS6+Ll+SwNDKS8Niz0sYxcgT4x2N0bQjLDvb9eli7V3x
TCfTNJIJv7Jb5yq0/x3aUnR0feJLSNH86yTzG7R48pki3rR57Lhz1kTFk1zevCTJ
nhI5Ef/k5r+Ksg==
-----END CERTIFICATE-----
Generated at Sat Feb 21 04:51:32 2026 by rpki-client