Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/NtABul-1rEMAjFIgOwcrpsx2oiE.roa
File: NtABul-1rEMAjFIgOwcrpsx2oiE.roa (raw, json)
Hash identifier: 4CjxKQrYQgX2Oc/BvsJ6QiY2TuQ/OCPb0Jsm6GGbfDI=
Subject key identifier: 36:D0:01:BA:5F:B5:AC:43:00:8C:52:20:3B:07:2B:A6:CC:76:A2:21
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019D1E93DD624A4E03F24133F8CB46ED9459
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/NtABul-1rEMAjFIgOwcrpsx2oiE.roa
Signing time: Tue 24 Mar 2026 06:41:40 +0000
ROA not before: Tue 24 Mar 2026 06:41:40 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 17497
IP address blocks: 37.202.212.0/24 maxlen: 24
151.240.147.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 17:01:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:1e:93:dd:62:4a:4e:03:f2:41:33:f8:cb:46:ed:94:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Mar 24 06:41:40 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=36d001ba5fb5ac43008c52203b072ba6cc76a221
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:78:2f:b4:b0:ee:46:42:84:dc:28:6e:4c:36:
48:33:35:6a:7d:35:84:81:a2:a3:4b:1c:41:8d:3d:
4f:1d:fa:df:7a:6a:9f:ef:5d:03:57:ad:12:ec:c5:
0e:31:8a:62:f2:86:3f:cf:a5:8b:4c:a5:cf:e1:f9:
e0:02:53:59:6a:9c:22:b3:b4:e7:dd:74:d8:c8:c1:
24:a6:14:3e:79:be:24:53:d6:87:36:49:34:a5:57:
08:39:fa:a3:22:b4:23:eb:64:20:b9:9a:38:45:64:
7c:c5:c1:51:2b:92:4b:29:19:08:2d:69:c0:dd:7b:
3c:d1:0f:fb:ff:c3:57:4d:f2:1a:12:9c:b4:0e:cc:
d0:d5:d3:e7:81:c6:bb:34:05:d7:1e:60:ac:cf:68:
9d:9e:6b:25:28:a8:3b:bd:d9:9c:50:6a:95:7f:bc:
bd:d9:e4:05:c2:82:6a:5a:f3:a3:f4:7c:5b:96:4c:
92:0a:3a:3d:15:ee:22:58:bb:4e:ea:04:07:bb:a7:
2d:63:f4:73:d6:a6:2c:dc:f0:b1:93:28:c4:9a:15:
a8:66:17:e3:e0:bd:e9:f5:58:97:a9:e7:01:e2:77:
c3:a7:1c:3f:f5:dc:80:ab:a8:14:ca:7e:c2:24:79:
ea:c9:a4:42:4a:0d:1b:0d:8a:05:63:78:ae:7e:5f:
bd:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:D0:01:BA:5F:B5:AC:43:00:8C:52:20:3B:07:2B:A6:CC:76:A2:21
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/NtABul-1rEMAjFIgOwcrpsx2oiE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.202.212.0/24
151.240.147.0/24
Signature Algorithm: sha256WithRSAEncryption
56:79:fc:4a:74:4d:6b:a4:ab:3c:eb:ed:52:fa:b8:3d:4e:a4:
2e:13:28:b6:e2:43:8b:23:35:38:76:61:f2:40:d7:dd:af:2e:
91:84:69:7a:f4:09:7c:9e:d1:d0:4b:12:5d:e9:8d:8e:1e:42:
f3:2e:3e:ec:3a:8a:d7:7b:81:ae:98:8e:78:e2:ce:fb:22:6e:
9c:f1:eb:ff:64:69:5e:20:66:5a:d8:48:53:a0:21:eb:25:69:
a6:fe:b6:fd:24:f6:9d:90:a4:5b:d7:23:a8:58:b0:62:a1:19:
be:73:1f:75:9b:3c:90:93:8b:50:f0:a6:d6:ff:6f:4b:f4:5b:
6f:82:cf:67:b5:90:65:65:2a:ad:77:2a:f8:dc:22:28:6a:4c:
62:0f:f8:82:36:70:ce:3e:25:e9:1f:95:a1:a1:56:24:18:02:
b2:af:1b:6e:74:32:1a:6c:39:40:ff:f2:70:d9:e2:ea:bc:ef:
f1:fa:d5:7f:38:e4:7b:40:a0:12:d7:c3:82:7a:d7:44:31:8f:
89:24:ab:08:d0:aa:91:23:f4:fe:32:35:80:bb:a0:f1:71:3a:
77:15:15:5c:ad:ac:15:23:b4:04:d0:76:81:71:5c:49:0c:73:
ea:27:49:8f:ba:aa:69:61:e1:28:b6:ea:14:a3:17:a8:5f:e8:
3e:4e:35:ad
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZ0ek91iSk4D8kEz+MtG7ZRZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjYwMzI0MDY0MTQwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNmQwMDFiYTVmYjVhYzQzMDA4YzUyMjAzYjA3MmJhNmNjNzZhMjIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy3gvtLDuRkKE3ChuTDZIMzVqfTWE
gaKjSxxBjT1PHfrfemqf710DV60S7MUOMYpi8oY/z6WLTKXP4fngAlNZapwis7Tn
3XTYyMEkphQ+eb4kU9aHNkk0pVcIOfqjIrQj62QguZo4RWR8xcFRK5JLKRkILWnA
3Xs80Q/7/8NXTfIaEpy0DszQ1dPngca7NAXXHmCsz2idnmslKKg7vdmcUGqVf7y9
2eQFwoJqWvOj9HxblkySCjo9Fe4iWLtO6gQHu6ctY/Rz1qYs3PCxkyjEmhWoZhfj
4L3p9ViXqecB4nfDpxw/9dyAq6gUyn7CJHnqyaRCSg0bDYoFY3iufl+9owIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDbQAbpftaxDAIxSIDsHK6bMdqIhMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvTnRBQnVsLTFyRU1BakZJZ093Y3Jwc3gyb2lFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAJcrUAwQA
l/CTMA0GCSqGSIb3DQEBCwUAA4IBAQBWefxKdE1rpKs86+1S+rg9TqQuEyi24kOL
IzU4dmHyQNfdry6RhGl69Al8ntHQSxJd6Y2OHkLzLj7sOorXe4GumI544s77Im6c
8ev/ZGleIGZa2EhToCHrJWmm/rb9JPadkKRb1yOoWLBioRm+cx91mzyQk4tQ8KbW
/29L9Ftvgs9ntZBlZSqtdyr43CIoakxiD/iCNnDOPiXpH5WhoVYkGAKyrxtudDIa
bDlA//Jw2eLqvO/x+tV/OOR7QKAS18OCetdEMY+JJKsI0KqRI/T+MjWAu6DxcTp3
FRVcrawVI7QE0HaBcVxJDHPqJ0mPuqppYeEotuoUoxeoX+g+TjWt
-----END CERTIFICATE-----
Generated at Thu Mar 26 04:58:29 2026 by rpki-client