Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/O8I2rNzx-7L_RlYdvhGiCPWb8Ms.roa
File: O8I2rNzx-7L_RlYdvhGiCPWb8Ms.roa (raw, json)
Hash identifier: d5mvthR4rF38DzrZDyL9DUyP/wZHqEMzDL/C0NX/AHA=
Subject key identifier: 3B:C2:36:AC:DC:F1:FB:B2:FF:46:56:1D:BE:11:A2:08:F5:9B:F0:CB
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0199863883058CD6D5BB2B7126FB4EF2DB48
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/O8I2rNzx-7L_RlYdvhGiCPWb8Ms.roa
Signing time: Fri 26 Sep 2025 13:31:14 +0000
ROA not before: Fri 26 Sep 2025 13:31:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42831
IP address blocks: 37.202.193.0/24 maxlen: 24
37.202.213.0/24 maxlen: 24
151.242.40.0/24 maxlen: 24
151.242.99.0/24 maxlen: 24
151.243.175.0/24 maxlen: 24
151.243.188.0/22 maxlen: 22
151.244.164.0/24 maxlen: 24
151.244.249.0/24 maxlen: 24
151.245.26.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 20:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:86:38:83:05:8c:d6:d5:bb:2b:71:26:fb:4e:f2:db:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Sep 26 13:31:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3bc236acdcf1fbb2ff46561dbe11a208f59bf0cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:bf:32:3f:01:32:5a:1f:be:c4:93:b6:95:89:
5d:11:85:b6:a5:d8:96:63:28:a1:73:8e:aa:8c:65:
61:f0:5b:95:f6:f5:45:f1:4a:11:0e:93:ce:e9:1e:
43:d7:a7:bf:43:e6:1d:18:7c:ab:01:50:14:35:59:
ab:8f:53:0c:67:25:63:2e:f2:d4:f7:f1:f9:0b:42:
8a:63:06:7b:a2:f1:13:98:2a:9c:ea:ba:b1:cf:39:
ac:80:8d:12:87:d1:de:a1:03:04:b4:e1:ee:56:6b:
80:86:70:15:dd:cd:d4:19:f0:f8:fb:ee:21:ac:2f:
15:76:7d:ae:3b:d5:05:44:ec:9b:62:89:e9:ee:16:
64:7f:f9:60:c5:7f:9e:30:52:6a:23:fa:60:da:50:
c3:82:af:23:0b:2d:df:96:fe:e1:a7:87:46:46:ba:
6a:f0:f2:03:95:31:5f:17:9d:46:41:4d:0f:52:06:
5d:64:50:bf:4e:72:de:52:93:0e:3a:ac:78:70:cf:
86:52:41:9d:5b:19:ed:19:6a:2b:e1:2f:0b:d6:f6:
a6:3f:f9:c3:23:f9:10:cb:a0:ca:00:d3:b4:fc:00:
2e:ff:39:8e:b3:48:de:8b:a1:fa:81:48:50:75:ee:
8d:7d:92:51:72:bd:e1:97:1a:44:52:5d:7d:be:8e:
48:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:C2:36:AC:DC:F1:FB:B2:FF:46:56:1D:BE:11:A2:08:F5:9B:F0:CB
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/O8I2rNzx-7L_RlYdvhGiCPWb8Ms.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.202.193.0/24
37.202.213.0/24
151.242.40.0/24
151.242.99.0/24
151.243.175.0/24
151.243.188.0/22
151.244.164.0/24
151.244.249.0/24
151.245.26.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:0c:9a:ba:0a:2b:ac:3b:94:04:07:5d:98:38:09:36:98:c8:
b3:25:aa:3b:db:79:86:eb:1a:6f:d5:8c:3f:0e:cc:ff:ad:60:
eb:bf:2d:9d:d8:a9:17:3a:8d:58:35:10:c2:02:c6:c4:0f:9b:
08:ca:da:6f:a3:ed:5d:95:54:8b:30:86:84:30:aa:63:89:cc:
df:c6:e7:4c:81:a1:87:d4:30:d2:12:b8:ae:b2:dd:60:ef:25:
bf:72:9f:3c:0b:13:3e:b9:5d:6c:1d:b2:f5:25:d6:c3:e2:dd:
cb:96:be:a8:c4:5e:92:4c:03:e0:24:f8:a5:47:ce:52:a7:28:
59:88:9e:8d:1b:4a:cc:15:32:90:51:4e:0d:43:15:0b:3c:c7:
5b:3b:15:2f:60:47:2e:2a:80:b3:dd:ce:15:5b:cb:c3:ad:ac:
12:ab:0e:b2:27:16:29:58:60:77:d9:47:85:55:00:1a:e4:2d:
ce:ab:8e:be:ff:61:57:50:ee:42:82:51:77:7d:c5:87:d1:54:
14:19:bd:a5:e8:83:c0:15:73:7b:75:d6:f1:2f:13:08:9e:54:
c1:ee:ff:a5:2b:a7:c2:63:7f:9f:e0:32:23:ae:ef:16:66:b2:
b9:59:49:70:71:b0:0b:79:dc:a2:6e:45:98:53:38:a6:53:c6:
e6:03:21:cc
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZmGOIMFjNbVuytxJvtO8ttIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwOTI2MTMzMTE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmMyMzZhY2RjZjFmYmIyZmY0NjU2MWRiZTExYTIwOGY1OWJmMGNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsL8yPwEyWh++xJO2lYldEYW2pdiW
Yyihc46qjGVh8FuV9vVF8UoRDpPO6R5D16e/Q+YdGHyrAVAUNVmrj1MMZyVjLvLU
9/H5C0KKYwZ7ovETmCqc6rqxzzmsgI0Sh9HeoQMEtOHuVmuAhnAV3c3UGfD4++4h
rC8Vdn2uO9UFROybYonp7hZkf/lgxX+eMFJqI/pg2lDDgq8jCy3flv7hp4dGRrpq
8PIDlTFfF51GQU0PUgZdZFC/TnLeUpMOOqx4cM+GUkGdWxntGWor4S8L1vamP/nD
I/kQy6DKANO0/AAu/zmOs0jei6H6gUhQde6NfZJRcr3hlxpEUl19vo5IawIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFDvCNqzc8fuy/0ZWHb4Rogj1m/DLMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvTzhJMnJOengtN0xfUmxZZHZoR2lDUFdiOE1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAJcrBAwQA
JcrVAwQAl/IoAwQAl/JjAwQAl/OvAwQCl/O8AwQAl/SkAwQAl/T5AwQAl/UaMA0G
CSqGSIb3DQEBCwUAA4IBAQBPDJq6CiusO5QEB12YOAk2mMizJao723mG6xpv1Yw/
Dsz/rWDrvy2d2KkXOo1YNRDCAsbED5sIytpvo+1dlVSLMIaEMKpjiczfxudMgaGH
1DDSEriust1g7yW/cp88CxM+uV1sHbL1JdbD4t3Llr6oxF6STAPgJPilR85SpyhZ
iJ6NG0rMFTKQUU4NQxULPMdbOxUvYEcuKoCz3c4VW8vDrawSqw6yJxYpWGB32UeF
VQAa5C3Oq46+/2FXUO5CglF3fcWH0VQUGb2l6IPAFXN7ddbxLxMInlTB7v+lK6fC
Y3+f4DIjru8WZrK5WUlwcbALedyibkWYUzimU8bmAyHM
-----END CERTIFICATE-----
Generated at Mon Oct 20 03:50:13 2025 by rpki-client