Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/9Da_qqL0kY85yJbrDQdGV36iv2I.roa
File: 9Da_qqL0kY85yJbrDQdGV36iv2I.roa (raw, json)
Hash identifier: Xgn0hSYePDe3PvXD+cQh4ZjDR4TG6iLsm2oTjUGIxXE=
Subject key identifier: F4:36:BF:AA:A2:F4:91:8F:39:C8:96:EB:0D:07:46:57:7E:A2:BF:62
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019D28E52A2F29F256ED3BC39C9B7208B3CA
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/9Da_qqL0kY85yJbrDQdGV36iv2I.roa
Signing time: Thu 26 Mar 2026 06:46:40 +0000
ROA not before: Thu 26 Mar 2026 06:46:40 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 29802
IP address blocks: 37.202.194.0/24 maxlen: 24
151.241.207.0/24 maxlen: 24
151.243.7.0/24 maxlen: 24
151.243.197.0/24 maxlen: 24
151.243.228.0/24 maxlen: 24
151.243.231.0/24 maxlen: 24
151.244.54.0/24 maxlen: 24
151.244.167.0/24 maxlen: 24
151.244.180.0/24 maxlen: 24
151.244.222.0/24 maxlen: 24
151.244.224.0/24 maxlen: 24
151.244.235.0/24 maxlen: 24
151.245.119.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 07:56:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:28:e5:2a:2f:29:f2:56:ed:3b:c3:9c:9b:72:08:b3:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Mar 26 06:46:40 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=f436bfaaa2f4918f39c896eb0d0746577ea2bf62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:72:9b:d8:db:5d:74:f0:81:59:04:97:26:33:
70:8c:3b:39:f2:cb:da:13:94:9a:5c:ff:42:19:12:
41:d0:f0:76:9e:e0:25:3e:ff:ee:31:8c:8b:3c:43:
18:09:e1:ae:79:29:eb:58:8e:79:f0:95:35:ab:ab:
4c:9d:54:79:c8:f5:f3:6c:b0:0f:22:04:f9:45:8a:
99:2e:ae:06:7a:ce:56:3c:9c:0c:c2:1c:ba:1b:43:
4b:2c:e4:9e:d3:5b:66:18:29:9a:6e:ee:e6:eb:20:
9f:c9:7d:c0:15:ef:75:65:69:b1:32:21:18:9f:61:
19:c3:13:da:0b:a0:f2:bd:6a:da:e7:38:cc:b6:ba:
0f:7d:db:aa:51:f8:9b:67:c2:12:c0:6e:0e:ca:1f:
8f:b6:ed:00:bb:63:99:3e:36:95:36:06:a3:57:86:
5a:bf:17:16:09:74:9a:af:40:ee:59:77:4f:74:a3:
3b:4e:4d:c9:08:d0:aa:88:22:bf:7b:70:1a:7d:fc:
52:c7:b9:41:59:ea:de:7d:25:7e:b9:91:67:76:c1:
1a:e3:bb:60:7a:7b:b6:ee:91:96:a1:7d:ce:6b:d4:
3d:7d:21:7e:7e:48:e3:bd:2f:df:40:09:23:db:2f:
c6:94:47:32:c5:4c:f0:d4:75:d0:43:75:d2:28:50:
d5:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:36:BF:AA:A2:F4:91:8F:39:C8:96:EB:0D:07:46:57:7E:A2:BF:62
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/9Da_qqL0kY85yJbrDQdGV36iv2I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.202.194.0/24
151.241.207.0/24
151.243.7.0/24
151.243.197.0/24
151.243.228.0/24
151.243.231.0/24
151.244.54.0/24
151.244.167.0/24
151.244.180.0/24
151.244.222.0/24
151.244.224.0/24
151.244.235.0/24
151.245.119.0/24
Signature Algorithm: sha256WithRSAEncryption
26:28:16:05:b1:a4:7f:04:d6:b7:46:b6:3e:6f:7e:39:1f:a7:
c8:19:db:34:25:d0:27:7b:c6:12:7c:bd:c1:12:e5:56:e5:03:
03:19:5d:00:d1:66:90:b8:05:90:dd:40:31:82:80:67:f4:60:
87:75:33:a2:d6:0e:30:75:64:00:a3:35:7e:ef:4e:2d:9d:7d:
8d:3c:12:b6:d2:63:7a:cf:00:5d:7c:fa:ab:d8:1b:97:55:f2:
52:42:7b:f5:df:aa:9f:40:a2:8e:82:b4:28:5a:c6:f6:9b:f9:
a4:54:c6:9d:75:21:a0:d2:75:52:3c:ff:12:7b:f3:9a:10:25:
94:37:99:1a:5f:7b:d5:18:99:5b:c8:5a:07:20:f6:4e:38:7b:
95:43:56:91:e7:c3:33:67:70:13:10:ca:ff:ef:89:5c:0b:82:
06:e4:17:6f:68:e8:76:75:69:86:96:b5:96:e8:21:13:34:32:
23:90:85:7a:80:75:f4:c4:b7:69:71:66:80:98:0a:25:b6:a0:
75:ec:29:32:d7:99:8c:48:42:fd:8a:80:bb:34:f5:21:16:a7:
46:02:55:86:5d:1e:48:97:9e:f9:c2:e2:ac:78:dc:1d:39:cc:
e6:8f:1b:b2:ba:ff:55:f5:07:82:a0:d6:1b:68:a8:8a:fc:77:
be:bb:3d:d7
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAZ0o5SovKfJW7TvDnJtyCLPKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjYwMzI2MDY0NjQwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDM2YmZhYWEyZjQ5MThmMzljODk2ZWIwZDA3NDY1NzdlYTJiZjYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAynKb2NtddPCBWQSXJjNwjDs58sva
E5SaXP9CGRJB0PB2nuAlPv/uMYyLPEMYCeGueSnrWI558JU1q6tMnVR5yPXzbLAP
IgT5RYqZLq4Ges5WPJwMwhy6G0NLLOSe01tmGCmabu7m6yCfyX3AFe91ZWmxMiEY
n2EZwxPaC6DyvWra5zjMtroPfduqUfibZ8ISwG4Oyh+Ptu0Au2OZPjaVNgajV4Za
vxcWCXSar0DuWXdPdKM7Tk3JCNCqiCK/e3AaffxSx7lBWerefSV+uZFndsEa47tg
enu27pGWoX3Oa9Q9fSF+fkjjvS/fQAkj2y/GlEcyxUzw1HXQQ3XSKFDVMQIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFPQ2v6qi9JGPOciW6w0HRld+or9iMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvOURhX3FxTDBrWTg1eUpickRRZEdWMzZpdjJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQAJcrCAwQA
l/HPAwQAl/MHAwQAl/PFAwQAl/PkAwQAl/PnAwQAl/Q2AwQAl/SnAwQAl/S0AwQA
l/TeAwQAl/TgAwQAl/TrAwQAl/V3MA0GCSqGSIb3DQEBCwUAA4IBAQAmKBYFsaR/
BNa3RrY+b345H6fIGds0JdAne8YSfL3BEuVW5QMDGV0A0WaQuAWQ3UAxgoBn9GCH
dTOi1g4wdWQAozV+704tnX2NPBK20mN6zwBdfPqr2BuXVfJSQnv136qfQKKOgrQo
Wsb2m/mkVMaddSGg0nVSPP8Se/OaECWUN5kaX3vVGJlbyFoHIPZOOHuVQ1aR58Mz
Z3ATEMr/74lcC4IG5BdvaOh2dWmGlrWW6CETNDIjkIV6gHX0xLdpcWaAmAoltqB1
7Cky15mMSEL9ioC7NPUhFqdGAlWGXR5Il575wuKseNwdOczmjxuyuv9V9QeCoNYb
aKiK/He+uz3X
-----END CERTIFICATE-----
Generated at Thu Mar 26 16:11:40 2026 by rpki-client