Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/xUukIp2ni2Huf9S39_QSnZMBoLw.roa
File: xUukIp2ni2Huf9S39_QSnZMBoLw.roa (raw, json)
Hash identifier: CWjyPx4reTwUUKtg6pl9ISohnxWCF2UYh0gCg+WpD4w=
Subject key identifier: C5:4B:A4:22:9D:A7:8B:61:EE:7F:D4:B7:F7:F4:12:9D:93:01:A0:BC
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 019DB93800BF640C3045FFF2A65E6FE90A91
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/xUukIp2ni2Huf9S39_QSnZMBoLw.roa
Signing time: Thu 23 Apr 2026 07:22:28 +0000
ROA not before: Thu 23 Apr 2026 07:22:28 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 401856
IP address blocks: 37.98.149.0/24 maxlen: 24
82.152.63.0/24 maxlen: 24
82.153.237.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 21:00:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:b9:38:00:bf:64:0c:30:45:ff:f2:a6:5e:6f:e9:0a:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Apr 23 07:22:28 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=c54ba4229da78b61ee7fd4b7f7f4129d9301a0bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:3c:0a:d9:4b:23:96:4a:07:f8:09:57:9c:b1:
13:72:47:5a:cc:ee:f7:8f:60:00:f4:07:83:17:ed:
b1:36:ec:12:74:e8:10:62:3e:b1:85:13:bc:7c:22:
3b:c5:af:c9:4c:68:90:89:0e:92:38:9f:c6:34:b4:
c0:2a:9c:17:74:95:39:03:1f:64:5c:2d:b2:8c:d1:
fd:e4:17:88:0e:66:92:28:d1:3f:3d:ed:d7:b8:5a:
b7:fa:e2:6b:da:d9:d6:29:d4:41:1b:1d:56:31:3d:
49:29:b5:7c:d5:fa:b9:66:1d:01:f8:92:0a:8d:6d:
d1:ed:dd:d4:d0:9d:a6:f2:fc:61:aa:cf:cf:ae:7d:
e8:13:75:04:84:d4:f3:15:57:2d:dc:88:09:67:f2:
8d:ff:cc:1f:14:13:33:a6:22:a7:9a:56:dd:2c:e2:
d2:61:00:b0:99:ac:3f:b0:ff:38:d2:f4:ee:eb:6c:
1b:4d:05:c9:6d:34:ea:6c:ec:a3:1b:01:ba:58:f1:
97:25:6c:9b:a1:58:76:1b:9f:e9:ea:43:65:18:6f:
91:7e:ca:25:f6:cc:a3:78:a8:fc:6c:26:7b:87:43:
ed:49:b2:c2:f4:30:34:d1:89:4e:bd:58:f1:61:31:
4f:54:23:91:e0:ce:9b:93:ff:c8:d6:78:39:20:c5:
00:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:4B:A4:22:9D:A7:8B:61:EE:7F:D4:B7:F7:F4:12:9D:93:01:A0:BC
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/xUukIp2ni2Huf9S39_QSnZMBoLw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.98.149.0/24
82.152.63.0/24
82.153.237.0/24
Signature Algorithm: sha256WithRSAEncryption
44:9b:81:9d:61:5c:a9:f1:39:ea:0e:7d:e5:99:30:b0:20:38:
77:7c:b3:a6:0a:45:7e:16:57:13:86:aa:80:03:65:cc:1f:ec:
14:fa:45:0a:7d:ef:be:37:91:e4:6c:79:20:7a:a8:08:9f:99:
cc:81:9a:1e:c5:e0:a2:51:99:16:b4:58:8e:88:fe:17:1f:73:
fe:a4:75:53:ee:e2:84:f2:47:06:69:f3:de:0f:3b:76:05:a6:
d6:cc:ea:50:06:5d:d6:b5:74:cd:ae:ac:14:7c:b7:f9:d6:dc:
8d:4f:e2:44:b5:ba:ea:90:4d:25:08:98:06:20:08:a8:1f:14:
80:f7:48:9d:03:13:ca:1c:68:e7:61:ce:ad:6b:78:32:32:49:
78:40:69:13:a8:41:54:2f:26:70:61:8c:83:50:0e:86:ef:46:
7e:cc:28:f8:b5:2a:99:2a:2a:88:f2:b2:a1:b5:f1:f7:d5:6c:
6d:6f:35:0c:7f:9e:7d:ee:f6:fb:33:be:12:ab:7b:9a:ab:03:
7e:4b:2f:13:7c:f8:04:8b:ea:39:32:62:0d:ae:c4:52:4e:45:
b7:e4:a7:6c:b7:3a:80:6b:d0:4f:e9:ce:1d:80:a1:a2:ff:17:
ad:2d:bb:6c:7c:81:6c:f5:de:c2:52:33:9b:20:82:7f:69:34:
95:3d:ca:d1
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZ25OAC/ZAwwRf/ypl5v6QqRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjYwNDIzMDcyMjI4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTRiYTQyMjlkYTc4YjYxZWU3ZmQ0YjdmN2Y0MTI5ZDkzMDFhMGJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0jwK2UsjlkoH+AlXnLETckdazO73
j2AA9AeDF+2xNuwSdOgQYj6xhRO8fCI7xa/JTGiQiQ6SOJ/GNLTAKpwXdJU5Ax9k
XC2yjNH95BeIDmaSKNE/Pe3XuFq3+uJr2tnWKdRBGx1WMT1JKbV81fq5Zh0B+JIK
jW3R7d3U0J2m8vxhqs/Prn3oE3UEhNTzFVct3IgJZ/KN/8wfFBMzpiKnmlbdLOLS
YQCwmaw/sP840vTu62wbTQXJbTTqbOyjGwG6WPGXJWyboVh2G5/p6kNlGG+Rfsol
9syjeKj8bCZ7h0PtSbLC9DA00YlOvVjxYTFPVCOR4M6bk//I1ng5IMUAPwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMVLpCKdp4th7n/Ut/f0Ep2TAaC8MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEveFV1a0lwMm5pMkh1ZjlTMzlfUVNuWk1Cb0x3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAJWKVAwQA
Upg/AwQAUpntMA0GCSqGSIb3DQEBCwUAA4IBAQBEm4GdYVyp8TnqDn3lmTCwIDh3
fLOmCkV+FlcThqqAA2XMH+wU+kUKfe++N5HkbHkgeqgIn5nMgZoexeCiUZkWtFiO
iP4XH3P+pHVT7uKE8kcGafPeDzt2BabWzOpQBl3WtXTNrqwUfLf51tyNT+JEtbrq
kE0lCJgGIAioHxSA90idAxPKHGjnYc6ta3gyMkl4QGkTqEFULyZwYYyDUA6G70Z+
zCj4tSqZKiqI8rKhtfH31WxtbzUMf5597vb7M74Sq3uaqwN+Sy8TfPgEi+o5MmIN
rsRSTkW35KdstzqAa9BP6c4dgKGi/xetLbtsfIFs9d7CUjObIIJ/aTSVPcrR
-----END CERTIFICATE-----
Generated at Wed May 13 04:20:27 2026 by rpki-client