Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/5ecfc2-da70-4333-8f96-5b87825c07ee/1/NxUakW6ert1_TvUFm3rxXZuzp5o.roa
File: NxUakW6ert1_TvUFm3rxXZuzp5o.roa (raw, json)
Hash identifier: iE/eE1pi3XGlNp9D+HdOt2wuaCbc0VIGMluSePKPqFE=
Subject key identifier: 37:15:1A:91:6E:9E:AE:DD:7F:4E:F5:05:9B:7A:F1:5D:9B:B3:A7:9A
Certificate issuer: /CN=4456c14cd8724f9a909627b94e006cf69d12307b
Certificate serial: 019CDEA8332CA3E3CC81BE0A1C89C76D7321
Authority key identifier: 44:56:C1:4C:D8:72:4F:9A:90:96:27:B9:4E:00:6C:F6:9D:12:30:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RFbBTNhyT5qQlie5TgBs9p0SMHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/5ecfc2-da70-4333-8f96-5b87825c07ee/1/NxUakW6ert1_TvUFm3rxXZuzp5o.roa
Signing time: Wed 11 Mar 2026 20:48:10 +0000
ROA not before: Wed 11 Mar 2026 20:48:10 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 44654
IP address blocks: 37.252.208.0/23 maxlen: 23
37.252.208.0/24 maxlen: 24
37.252.209.0/24 maxlen: 24
37.252.210.0/23 maxlen: 23
37.252.210.0/24 maxlen: 24
37.252.211.0/24 maxlen: 24
37.252.212.0/23 maxlen: 23
37.252.212.0/24 maxlen: 24
37.252.213.0/24 maxlen: 24
37.252.215.0/24 maxlen: 24
109.205.8.0/21 maxlen: 24
109.205.9.0/24 maxlen: 24
185.36.124.0/22 maxlen: 24
185.36.124.0/23 maxlen: 23
2a02:d8::/32 maxlen: 48
2a02:d8:8::/48 maxlen: 48
2a02:d8:9::/48 maxlen: 48
2a02:d8:a::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/5ecfc2-da70-4333-8f96-5b87825c07ee/1/RFbBTNhyT5qQlie5TgBs9p0SMHs.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/5ecfc2-da70-4333-8f96-5b87825c07ee/1/RFbBTNhyT5qQlie5TgBs9p0SMHs.mft
rsync://rpki.ripe.net/repository/DEFAULT/RFbBTNhyT5qQlie5TgBs9p0SMHs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 02:00:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:de:a8:33:2c:a3:e3:cc:81:be:0a:1c:89:c7:6d:73:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4456c14cd8724f9a909627b94e006cf69d12307b
Validity
Not Before: Mar 11 20:48:10 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=37151a916e9eaedd7f4ef5059b7af15d9bb3a79a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:40:bd:5e:b3:2f:c2:3f:c5:a5:b6:a3:d3:7d:
a3:d1:67:65:2c:05:17:b0:fe:a6:65:04:e7:73:4d:
38:93:5d:32:27:67:5b:c4:60:dc:b3:09:97:82:36:
9f:b5:36:94:9c:26:15:74:70:4e:0e:a6:72:b1:dd:
b4:5e:e8:8e:b4:4b:73:d5:38:af:24:56:4b:9c:0b:
06:af:f4:f9:09:b5:0b:8a:36:82:51:61:f0:a1:50:
88:8b:d2:fb:cf:28:97:99:3d:3a:cb:d8:8d:15:dc:
53:5f:58:9a:cb:b3:67:02:56:a1:f1:a9:14:04:b0:
02:ef:27:ac:0b:c8:69:ea:3c:40:22:8a:22:75:77:
cc:55:5b:5e:4f:78:ec:5c:b9:4c:be:0c:00:c5:ea:
92:35:5f:11:0a:d6:9f:0a:14:08:f1:20:e4:74:19:
26:3c:d8:79:ef:2d:18:6e:83:f8:6c:0e:24:6b:e4:
b6:e0:3a:6f:2a:fa:11:0d:f5:f0:45:d9:7f:43:cd:
2e:69:a7:6f:43:70:11:56:ae:ed:23:3c:e7:83:9c:
b0:36:ca:f1:6b:ec:36:e2:d4:3c:fc:9a:c7:98:38:
26:e6:4b:42:15:8a:7c:74:ca:57:09:30:fe:8c:c2:
36:9a:b0:3b:9c:4e:ec:d5:23:73:aa:d5:ad:64:9f:
e5:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:15:1A:91:6E:9E:AE:DD:7F:4E:F5:05:9B:7A:F1:5D:9B:B3:A7:9A
X509v3 Authority Key Identifier:
keyid:44:56:C1:4C:D8:72:4F:9A:90:96:27:B9:4E:00:6C:F6:9D:12:30:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RFbBTNhyT5qQlie5TgBs9p0SMHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/5ecfc2-da70-4333-8f96-5b87825c07ee/1/NxUakW6ert1_TvUFm3rxXZuzp5o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/5ecfc2-da70-4333-8f96-5b87825c07ee/1/RFbBTNhyT5qQlie5TgBs9p0SMHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.252.208.0-37.252.213.255
37.252.215.0/24
109.205.8.0/21
185.36.124.0/22
IPv6:
2a02:d8::/32
Signature Algorithm: sha256WithRSAEncryption
6b:07:9b:7c:55:e8:fc:53:fb:09:6d:f8:f6:97:10:17:3a:9d:
c6:db:00:57:d8:4b:a2:b4:f3:c5:bd:59:40:08:67:c2:b7:97:
2a:7c:c9:29:c9:40:79:5c:3e:96:4c:46:6a:0e:df:f6:93:b3:
6e:ab:c0:19:48:50:68:d6:68:7a:e2:ab:c4:44:ba:57:c7:38:
26:54:11:a4:05:ac:aa:26:3c:ca:95:83:4e:1d:de:80:38:d4:
e6:f7:c0:83:36:25:62:6e:ae:9d:26:95:e2:90:bc:38:b9:87:
1f:2c:78:86:f1:93:cb:9c:87:68:80:08:ae:64:94:ea:3c:12:
c8:49:d7:17:c5:ba:f4:24:fc:f5:77:db:ea:eb:cd:fc:35:70:
cb:20:60:f0:23:d5:7a:b7:d2:48:c6:55:12:0c:c0:d2:c6:55:
1c:4a:5c:f8:ea:83:1d:31:95:65:28:ef:2c:49:b4:47:87:3b:
63:db:0f:87:eb:a1:6d:b5:b9:e2:bd:5b:55:31:45:46:ad:68:
bf:da:20:1b:b5:ba:e4:d0:77:16:88:70:23:cc:46:e3:2c:72:
39:6e:47:9e:2e:56:b5:98:cd:d3:63:aa:21:7b:4a:94:b8:d9:
36:7c:f9:02:17:f1:38:6e:17:00:a8:c2:ff:d4:15:3e:2e:90:
2d:6c:3a:0f
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAZzeqDMso+PMgb4KHInHbXMhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0NTZjMTRjZDg3MjRmOWE5MDk2MjdiOTRlMDA2Y2Y2OWQx
MjMwN2IwHhcNMjYwMzExMjA0ODEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzE1MWE5MTZlOWVhZWRkN2Y0ZWY1MDU5YjdhZjE1ZDliYjNhNzlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAukC9XrMvwj/Fpbaj032j0WdlLAUX
sP6mZQTnc004k10yJ2dbxGDcswmXgjaftTaUnCYVdHBODqZysd20XuiOtEtz1Tiv
JFZLnAsGr/T5CbULijaCUWHwoVCIi9L7zyiXmT06y9iNFdxTX1iay7NnAlah8akU
BLAC7yesC8hp6jxAIooidXfMVVteT3jsXLlMvgwAxeqSNV8RCtafChQI8SDkdBkm
PNh57y0YboP4bA4ka+S24DpvKvoRDfXwRdl/Q80uaadvQ3ARVq7tIzzng5ywNsrx
a+w24tQ8/JrHmDgm5ktCFYp8dMpXCTD+jMI2mrA7nE7s1SNzqtWtZJ/l7QIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFDcVGpFunq7df071BZt68V2bs6eaMB8GA1UdIwQY
MBaAFERWwUzYck+akJYnuU4AbPadEjB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkZiQlROaHlUNXFRbGllNVRnQnM5cDBTTUhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS81ZWNmYzItZGE3MC00MzMzLThmOTYt
NWI4NzgyNWMwN2VlLzEvTnhVYWtXNmVydDFfVHZVRm0zcnhYWnV6cDVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS81ZWNmYzItZGE3MC00MzMzLThmOTYtNWI4NzgyNWMwN2Vl
LzEvUkZiQlROaHlUNXFRbGllNVRnQnM5cDBTTUhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAmBAIAATAgMAwDBAQl/NAD
BAEl/NQDBAAl/NcDBANtzQgDBAK5JHwwDQQCAAIwBwMFACoCANgwDQYJKoZIhvcN
AQELBQADggEBAGsHm3xV6PxT+wlt+PaXEBc6ncbbAFfYS6K088W9WUAIZ8K3lyp8
ySnJQHlcPpZMRmoO3/aTs26rwBlIUGjWaHriq8REulfHOCZUEaQFrKomPMqVg04d
3oA41Ob3wIM2JWJurp0mleKQvDi5hx8seIbxk8uch2iACK5klOo8EshJ1xfFuvQk
/PV32+rrzfw1cMsgYPAj1Xq30kjGVRIMwNLGVRxKXPjqgx0xlWUo7yxJtEeHO2Pb
D4froW21ueK9W1UxRUataL/aIBu1uuTQdxaIcCPMRuMscjluR54uVrWYzdNjqiF7
SpS42TZ8+QIX8ThuFwCowv/UFT4ukC1sOg8=
-----END CERTIFICATE-----
Generated at Thu Mar 26 13:03:54 2026 by rpki-client