Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/m0tQSXqRbmvs83vZlPSNwKaHJtk.roa
File: m0tQSXqRbmvs83vZlPSNwKaHJtk.roa (raw, json)
Hash identifier: OnaxE3BwiwY6OjwuS9gLpYxnvyn2HHO3Z4aX3wzc91A=
Subject key identifier: 9B:4B:50:49:7A:91:6E:6B:EC:F3:7B:D9:94:F4:8D:C0:A6:87:26:D9
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019CAE1E21877B68329E22DEFA1C398F0546
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/m0tQSXqRbmvs83vZlPSNwKaHJtk.roa
Signing time: Mon 02 Mar 2026 10:35:36 +0000
ROA not before: Mon 02 Mar 2026 10:35:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 9304
IP address blocks: 151.242.101.0/24 maxlen: 24
151.242.105.0/24 maxlen: 24
151.242.143.0/24 maxlen: 24
151.243.138.0/23 maxlen: 24
151.243.144.0/23 maxlen: 24
151.243.178.0/23 maxlen: 24
151.245.226.0/23 maxlen: 24
151.246.164.0/23 maxlen: 24
151.246.246.0/23 maxlen: 24
151.246.250.0/23 maxlen: 24
151.247.137.0/24 maxlen: 24
151.247.161.0/24 maxlen: 24
151.247.165.0/24 maxlen: 24
151.247.177.0/24 maxlen: 24
151.247.250.0/24 maxlen: 24
151.247.253.0/24 maxlen: 24
151.247.254.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 05 Mar 2026 07:18:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ae:1e:21:87:7b:68:32:9e:22:de:fa:1c:39:8f:05:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Mar 2 10:35:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=9b4b50497a916e6becf37bd994f48dc0a68726d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:1d:86:0e:0a:9c:07:5a:2e:56:c1:6d:ce:9d:
7b:eb:7e:a5:12:47:dd:e7:5c:f1:1d:10:e2:f9:48:
37:18:5b:b9:77:be:d3:43:fa:7d:4f:4a:bd:38:5c:
14:c5:17:c9:cb:6c:25:9f:ef:3a:e1:ea:e5:ca:6f:
1a:3c:86:39:30:6e:68:02:86:7b:a8:40:f6:a4:59:
83:cf:33:8f:d1:25:4e:bc:38:4b:53:9f:f8:63:b9:
c5:cd:ca:e4:3e:e7:06:8e:09:47:ed:84:55:e4:b8:
2b:07:3c:bc:e7:25:a0:23:25:74:f5:c4:a3:ee:45:
e9:19:db:79:1e:34:e9:7f:73:4c:1e:63:c4:8e:0a:
df:42:a4:cb:52:b0:e0:e4:12:7a:50:4c:a5:dc:6c:
64:cc:30:5c:62:ca:08:20:e0:da:9c:1c:c9:17:c0:
38:5e:39:7c:fb:7f:d9:f7:4a:80:f5:39:97:29:03:
a2:5d:18:da:89:80:8d:db:0f:20:b7:7a:49:58:5c:
7b:5f:53:2a:cb:75:a1:55:37:0a:dc:63:cc:7e:df:
bf:ea:0d:fa:e1:3e:e9:83:22:3d:98:25:46:3c:73:
11:9f:77:a6:63:66:1c:8d:26:b8:43:8a:bb:5b:6a:
38:a5:3b:33:c1:33:0a:ad:39:26:15:58:98:17:58:
63:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:4B:50:49:7A:91:6E:6B:EC:F3:7B:D9:94:F4:8D:C0:A6:87:26:D9
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/m0tQSXqRbmvs83vZlPSNwKaHJtk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.242.101.0/24
151.242.105.0/24
151.242.143.0/24
151.243.138.0/23
151.243.144.0/23
151.243.178.0/23
151.245.226.0/23
151.246.164.0/23
151.246.246.0/23
151.246.250.0/23
151.247.137.0/24
151.247.161.0/24
151.247.165.0/24
151.247.177.0/24
151.247.250.0/24
151.247.253.0-151.247.254.255
Signature Algorithm: sha256WithRSAEncryption
08:ce:de:75:c0:02:c7:25:5f:21:96:9f:49:6d:96:6e:6f:71:
93:62:83:54:a5:92:25:72:b5:34:36:03:a6:c0:f1:86:40:50:
49:37:ca:d8:b4:66:52:3a:d9:95:bc:ee:18:c1:87:4b:ea:8e:
a1:46:2c:43:bf:d7:2c:d0:e5:05:d8:84:29:47:a7:cf:b6:fb:
86:e3:ea:e0:f6:31:21:5b:de:21:24:56:39:7b:5d:c1:4b:0f:
c7:85:8e:72:d0:db:64:c4:f3:26:42:93:77:aa:ad:2b:6a:58:
2a:6f:b9:ad:14:05:f3:17:00:18:8c:e3:a9:c2:68:b0:34:02:
e3:5e:06:3f:56:e5:30:ad:7c:a7:5a:17:88:cc:f2:b6:1e:01:
cc:1d:49:65:23:3e:0d:b5:3b:72:b9:50:97:aa:45:66:9d:22:
f4:c3:d5:ae:c0:2d:e3:e9:78:4c:4c:49:b4:ec:7b:f0:a1:b5:
47:ed:81:9d:0d:3c:98:0b:69:6f:17:18:69:16:83:74:45:0a:
b8:db:88:98:84:98:29:63:fa:97:42:7a:42:2c:57:fb:8b:66:
bf:8e:82:1e:ed:cd:15:01:e2:ec:45:08:4a:de:5f:05:3c:46:
3f:f3:d0:4a:38:a0:52:d1:44:74:e4:98:22:70:8a:15:18:88:
e5:6f:4e:4e
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgISAZyuHiGHe2gyniLe+hw5jwVGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjYwMzAyMTAzNTM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YjRiNTA0OTdhOTE2ZTZiZWNmMzdiZDk5NGY0OGRjMGE2ODcyNmQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvx2GDgqcB1ouVsFtzp17636lEkfd
51zxHRDi+Ug3GFu5d77TQ/p9T0q9OFwUxRfJy2wln+864erlym8aPIY5MG5oAoZ7
qED2pFmDzzOP0SVOvDhLU5/4Y7nFzcrkPucGjglH7YRV5LgrBzy85yWgIyV09cSj
7kXpGdt5HjTpf3NMHmPEjgrfQqTLUrDg5BJ6UEyl3GxkzDBcYsoIIODanBzJF8A4
Xjl8+3/Z90qA9TmXKQOiXRjaiYCN2w8gt3pJWFx7X1Mqy3WhVTcK3GPMft+/6g36
4T7pgyI9mCVGPHMRn3emY2YcjSa4Q4q7W2o4pTszwTMKrTkmFViYF1hjowIDAQAB
o4ICbDCCAmgwHQYDVR0OBBYEFJtLUEl6kW5r7PN72ZT0jcCmhybZMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvbTB0UVNYcVJibXZzODN2WmxQU053S2FISnRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGBBggrBgEFBQcBBwEB/wRyMHAwbgQCAAEwaAMEAJfyZQME
AJfyaQMEAJfyjwMEAZfzigMEAZfzkAMEAZfzsgMEAZf14gMEAZf2pAMEAZf29gME
AZf2+gMEAJf3iQMEAJf3oQMEAJf3pQMEAJf3sQMEAJf3+jAMAwQAl/f9AwQAl/f+
MA0GCSqGSIb3DQEBCwUAA4IBAQAIzt51wALHJV8hlp9JbZZub3GTYoNUpZIlcrU0
NgOmwPGGQFBJN8rYtGZSOtmVvO4YwYdL6o6hRixDv9cs0OUF2IQpR6fPtvuG4+rg
9jEhW94hJFY5e13BSw/HhY5y0NtkxPMmQpN3qq0ralgqb7mtFAXzFwAYjOOpwmiw
NALjXgY/VuUwrXynWheIzPK2HgHMHUllIz4NtTtyuVCXqkVmnSL0w9WuwC3j6XhM
TEm07HvwobVH7YGdDTyYC2lvFxhpFoN0RQq424iYhJgpY/qXQnpCLFf7i2a/joIe
7c0VAeLsRQhK3l8FPEY/89BKOKBS0UR05JgicIoVGIjlb05O
-----END CERTIFICATE-----
Generated at Wed Mar 4 14:20:07 2026 by rpki-client