Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/e7Nba4BSrUQpcrRAxJrYY1-k8GI.roa
File: e7Nba4BSrUQpcrRAxJrYY1-k8GI.roa (raw, json)
Hash identifier: veSi7GsOCVmiDRZiWrDdxssvEZVXpTIXmk7ujL0Uzvk=
Subject key identifier: 7B:B3:5B:6B:80:52:AD:44:29:72:B4:40:C4:9A:D8:63:5F:A4:F0:62
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019E64A50D086B4D569BDB37B3FA63FE391C
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/e7Nba4BSrUQpcrRAxJrYY1-k8GI.roa
Signing time: Tue 26 May 2026 14:16:38 +0000
ROA not before: Tue 26 May 2026 14:16:38 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 20648
IP address blocks: 151.241.3.0/24 maxlen: 24
151.242.13.0/24 maxlen: 24
151.245.118.0/24 maxlen: 24
151.245.133.0/24 maxlen: 24
151.247.40.0/24 maxlen: 24
151.247.252.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 28 May 2026 13:25:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:64:a5:0d:08:6b:4d:56:9b:db:37:b3:fa:63:fe:39:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: May 26 14:16:38 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=7bb35b6b8052ad442972b440c49ad8635fa4f062
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:aa:a2:14:a0:9d:38:02:35:ee:e8:b6:df:71:
ab:04:3f:ed:96:b4:4a:87:4d:dd:ba:0c:cc:06:40:
7b:68:0d:15:1c:94:2d:fe:82:7a:c7:ba:20:81:09:
68:3a:d8:6b:9e:e8:79:3d:1f:82:c2:e0:ac:07:96:
54:b1:58:cb:3f:e8:2e:6c:1a:09:d4:b8:d2:ec:ef:
e2:6e:ed:ac:36:0b:86:bf:0a:b0:6c:52:08:8c:e1:
a6:3f:4d:82:b6:8d:74:81:da:71:1f:af:8e:9d:e4:
34:d8:39:3a:f1:24:52:8a:d8:ca:59:65:ba:79:65:
1a:9f:eb:a8:d2:e0:8c:8f:66:3b:a3:2c:08:b1:ba:
1e:e7:cc:c1:52:e2:dd:8a:92:7f:d3:ff:51:a9:b7:
ef:0e:ed:38:48:d9:f3:2c:6f:29:5d:ab:7d:51:50:
0d:6a:a2:d0:5f:a8:5e:81:27:80:cd:25:84:36:5e:
27:66:87:ec:f7:d0:fc:92:23:fa:1b:49:cb:7a:51:
37:ed:86:bf:bd:12:50:c5:0f:49:f2:21:5d:ae:ee:
97:96:d8:78:bc:73:d0:dd:9b:18:77:48:71:77:bb:
2c:27:3d:8e:80:69:28:ef:0d:48:2c:a3:03:01:06:
07:de:da:34:cb:3d:08:24:a4:9a:35:ca:3e:dd:81:
6f:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:B3:5B:6B:80:52:AD:44:29:72:B4:40:C4:9A:D8:63:5F:A4:F0:62
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/e7Nba4BSrUQpcrRAxJrYY1-k8GI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.241.3.0/24
151.242.13.0/24
151.245.118.0/24
151.245.133.0/24
151.247.40.0/24
151.247.252.0/24
Signature Algorithm: sha256WithRSAEncryption
12:7c:b6:f5:db:e9:9d:95:90:c2:f3:da:af:c9:75:99:73:d0:
08:16:c5:de:4b:0f:3e:a0:fb:47:6a:d6:29:bb:7c:d0:32:67:
0f:65:33:ce:ad:a1:48:54:d9:52:e8:a1:91:e1:7b:00:a1:03:
4f:10:9a:b9:94:18:b5:11:ac:d1:eb:8d:20:a3:ea:02:61:b1:
b3:07:99:ef:f1:f9:00:95:b3:4e:bb:ae:19:bb:eb:1d:6f:38:
9d:f5:9e:bd:31:24:dc:f9:fe:88:36:a9:56:a4:44:5c:70:03:
80:40:5e:13:12:6b:54:79:07:55:6d:4d:1f:7f:ba:32:9f:06:
dd:be:52:50:ff:cf:8d:1f:f8:e9:45:a8:f8:fe:d7:32:94:ae:
8b:2b:97:8d:76:80:1f:01:7a:43:76:f7:3d:6a:3b:e4:16:89:
c0:79:43:12:c5:e3:79:82:3d:fa:e8:7e:fb:f8:af:0a:0a:cd:
ec:45:eb:de:a9:8d:3b:37:6f:5a:ed:d8:86:d1:69:f3:13:43:
1e:85:3b:07:ab:0a:90:a3:38:8a:30:f0:12:ac:e1:6e:44:e9:
5c:98:dc:09:57:40:9f:c1:a8:1a:9a:88:fb:0c:c5:37:73:07:
b3:90:55:47:94:4e:74:3d:85:db:aa:91:1a:2b:b9:a8:b0:4e:
9f:6c:ab:b4
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZ5kpQ0Ia01Wm9s3s/pj/jkcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjYwNTI2MTQxNjM4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YmIzNWI2YjgwNTJhZDQ0Mjk3MmI0NDBjNDlhZDg2MzVmYTRmMDYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmqqiFKCdOAI17ui233GrBD/tlrRK
h03dugzMBkB7aA0VHJQt/oJ6x7oggQloOthrnuh5PR+CwuCsB5ZUsVjLP+gubBoJ
1LjS7O/ibu2sNguGvwqwbFIIjOGmP02Cto10gdpxH6+OneQ02Dk68SRSitjKWWW6
eWUan+uo0uCMj2Y7oywIsboe58zBUuLdipJ/0/9RqbfvDu04SNnzLG8pXat9UVAN
aqLQX6hegSeAzSWENl4nZofs99D8kiP6G0nLelE37Ya/vRJQxQ9J8iFdru6Xlth4
vHPQ3ZsYd0hxd7ssJz2OgGko7w1ILKMDAQYH3to0yz0IJKSaNco+3YFvTwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFHuzW2uAUq1EKXK0QMSa2GNfpPBiMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvZTdOYmE0QlNyVVFwY3JSQXhKcllZMS1rOEdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAl/EDAwQA
l/INAwQAl/V2AwQAl/WFAwQAl/coAwQAl/f8MA0GCSqGSIb3DQEBCwUAA4IBAQAS
fLb12+mdlZDC89qvyXWZc9AIFsXeSw8+oPtHatYpu3zQMmcPZTPOraFIVNlS6KGR
4XsAoQNPEJq5lBi1EazR640go+oCYbGzB5nv8fkAlbNOu64Zu+sdbzid9Z69MSTc
+f6INqlWpERccAOAQF4TEmtUeQdVbU0ff7oynwbdvlJQ/8+NH/jpRaj4/tcylK6L
K5eNdoAfAXpDdvc9ajvkFonAeUMSxeN5gj366H77+K8KCs3sReveqY07N29a7diG
0WnzE0MehTsHqwqQoziKMPASrOFuROlcmNwJV0Cfwagamoj7DMU3cwezkFVHlE50
PYXbqpEaK7mosE6fbKu0
-----END CERTIFICATE-----
Generated at Wed May 27 17:31:18 2026 by rpki-client