Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/M0NrO_cZZya3DaEFQWl2NoMt3Y4.roa
File: M0NrO_cZZya3DaEFQWl2NoMt3Y4.roa (raw, json)
Hash identifier: /hKPNllyyMZIjpkSrssP98QNrQzRMEbm8LQuUHF9IlM=
Subject key identifier: 33:43:6B:3B:F7:19:67:26:B7:0D:A1:05:41:69:76:36:83:2D:DD:8E
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019DE4E02F08760C2A6AF45611E46CDC5A18
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/M0NrO_cZZya3DaEFQWl2NoMt3Y4.roa
Signing time: Fri 01 May 2026 18:49:50 +0000
ROA not before: Fri 01 May 2026 18:49:50 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 3257
IP address blocks: 37.202.208.0/24 maxlen: 24
37.202.220.0/24 maxlen: 24
151.244.129.0/24 maxlen: 24
151.245.126.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:e4:e0:2f:08:76:0c:2a:6a:f4:56:11:e4:6c:dc:5a:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: May 1 18:49:50 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=33436b3bf7196726b70da10541697636832ddd8e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:d3:a5:6f:b5:64:d9:84:45:88:f5:05:7a:b2:
fb:72:ff:66:c0:47:bb:c0:19:c4:0d:69:75:ef:d2:
89:93:58:a2:b1:c3:b0:78:58:6f:20:9c:0d:22:cc:
cb:ab:44:75:b7:01:2f:0c:05:65:03:60:c7:d0:0e:
39:57:c0:3e:f2:f4:a6:a4:1b:c4:39:f1:45:52:31:
1c:9d:54:43:ea:f0:6b:b6:bc:67:f5:08:f1:12:1e:
1d:56:13:90:e2:10:08:7e:47:3c:d8:8b:dd:be:a2:
09:35:57:68:2c:38:9e:96:12:22:26:2b:fc:f1:7e:
18:be:a4:cf:5f:67:07:05:ca:3d:63:e5:f6:8f:81:
a6:bc:6c:f4:e7:6d:5b:1d:5c:18:f4:85:ef:19:9a:
87:ef:02:6f:f3:d6:98:f5:7d:e8:bd:ed:21:c4:89:
d6:fb:ce:b1:7a:68:0a:00:ff:99:f1:29:86:69:d6:
7a:07:bd:c9:b9:9a:e9:6a:b1:0a:4b:e0:24:d4:d5:
dc:38:ea:89:85:6c:14:31:0d:30:80:3c:e1:2f:f4:
5d:6b:2f:a5:1d:59:93:1a:da:99:bd:76:d8:7d:b1:
10:76:cf:7b:0f:a8:47:ed:81:4f:e5:02:6e:1e:ce:
89:5f:39:59:09:35:6c:68:c1:d1:02:b3:41:ff:97:
16:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:43:6B:3B:F7:19:67:26:B7:0D:A1:05:41:69:76:36:83:2D:DD:8E
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/M0NrO_cZZya3DaEFQWl2NoMt3Y4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.202.208.0/24
37.202.220.0/24
151.244.129.0/24
151.245.126.0/24
Signature Algorithm: sha256WithRSAEncryption
69:af:47:01:05:bb:f4:3e:d2:b0:6b:fa:6c:22:7a:39:69:ac:
4a:97:a9:10:9b:7e:f7:31:05:1c:bc:7b:3e:a4:83:b6:40:64:
7c:89:29:92:1d:8e:3c:cf:76:7e:c1:d5:03:57:f8:17:56:25:
9a:13:1b:1a:e5:d6:0e:c1:64:ee:8f:af:aa:44:8c:e8:05:3d:
bb:a2:6e:f2:1b:66:21:5b:81:10:60:db:68:bd:cf:0c:db:0e:
b4:59:98:fb:a2:f1:6b:ec:3d:c9:e4:19:d3:f6:29:f4:30:6d:
8c:d2:50:6c:e8:63:8b:40:e3:21:23:e1:d0:91:69:84:49:1a:
1b:9a:38:a9:4e:78:5f:ae:1f:be:93:aa:25:9f:bb:e3:22:81:
ab:e5:e6:6c:da:b0:8b:10:42:cd:73:81:46:ae:42:1c:16:0a:
6c:c2:66:c2:9b:10:1c:13:16:12:3b:ed:e1:15:46:7b:c5:c7:
1f:9c:b5:b9:92:53:31:72:73:9e:64:57:ce:94:02:f2:4b:2d:
94:3e:a6:b6:6e:e9:99:aa:71:47:4b:40:21:10:52:ee:25:f7:
b5:10:50:57:f5:59:93:74:3b:f1:bb:b8:36:d3:63:3a:7a:3a:
af:94:89:75:6b:d8:64:72:33:26:8d:e9:f5:62:1b:80:cc:75:
07:39:e5:b4
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZ3k4C8IdgwqavRWEeRs3FoYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjYwNTAxMTg0OTUwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzQzNmIzYmY3MTk2NzI2YjcwZGExMDU0MTY5NzYzNjgzMmRkZDhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxNOlb7Vk2YRFiPUFerL7cv9mwEe7
wBnEDWl179KJk1iiscOweFhvIJwNIszLq0R1twEvDAVlA2DH0A45V8A+8vSmpBvE
OfFFUjEcnVRD6vBrtrxn9QjxEh4dVhOQ4hAIfkc82IvdvqIJNVdoLDielhIiJiv8
8X4YvqTPX2cHBco9Y+X2j4GmvGz0521bHVwY9IXvGZqH7wJv89aY9X3ove0hxInW
+86xemgKAP+Z8SmGadZ6B73JuZrparEKS+Ak1NXcOOqJhWwUMQ0wgDzhL/Rday+l
HVmTGtqZvXbYfbEQds97D6hH7YFP5QJuHs6JXzlZCTVsaMHRArNB/5cWmwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFDNDazv3GWcmtw2hBUFpdjaDLd2OMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvTTBOck9fY1paeWEzRGFFRlFXbDJOb010M1k0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAJcrQAwQA
JcrcAwQAl/SBAwQAl/V+MA0GCSqGSIb3DQEBCwUAA4IBAQBpr0cBBbv0PtKwa/ps
Ino5aaxKl6kQm373MQUcvHs+pIO2QGR8iSmSHY48z3Z+wdUDV/gXViWaExsa5dYO
wWTuj6+qRIzoBT27om7yG2YhW4EQYNtovc8M2w60WZj7ovFr7D3J5BnT9in0MG2M
0lBs6GOLQOMhI+HQkWmESRobmjipTnhfrh++k6oln7vjIoGr5eZs2rCLEELNc4FG
rkIcFgpswmbCmxAcExYSO+3hFUZ7xccfnLW5klMxcnOeZFfOlALySy2UPqa2bumZ
qnFHS0AhEFLuJfe1EFBX9VmTdDvxu7g202M6ejqvlIl1a9hkcjMmjen1YhuAzHUH
OeW0
-----END CERTIFICATE-----
Generated at Tue May 12 21:32:53 2026 by rpki-client