Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/Ouid1Q9RgMGi9RD61qHZ9QUsB-s.roa
File: Ouid1Q9RgMGi9RD61qHZ9QUsB-s.roa (raw, json)
Hash identifier: lVUd8AiEtlwblIvsy+ENNptz5MQImwmMWpu9HAtyhoM=
Subject key identifier: 3A:E8:9D:D5:0F:51:80:C1:A2:F5:10:FA:D6:A1:D9:F5:05:2C:07:EB
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019DF3FF0A849B38466118DFAAED16B55405
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/Ouid1Q9RgMGi9RD61qHZ9QUsB-s.roa
Signing time: Mon 04 May 2026 17:17:50 +0000
ROA not before: Mon 04 May 2026 17:17:50 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 29802
IP address blocks: 37.202.194.0/24 maxlen: 24
151.241.207.0/24 maxlen: 24
151.243.7.0/24 maxlen: 24
151.243.152.0/24 maxlen: 24
151.243.154.0/24 maxlen: 24
151.243.197.0/24 maxlen: 24
151.243.228.0/24 maxlen: 24
151.243.231.0/24 maxlen: 24
151.244.54.0/24 maxlen: 24
151.244.167.0/24 maxlen: 24
151.244.180.0/24 maxlen: 24
151.244.222.0/24 maxlen: 24
151.244.224.0/24 maxlen: 24
151.244.235.0/24 maxlen: 24
151.245.119.0/24 maxlen: 24
151.246.161.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 23:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:f3:ff:0a:84:9b:38:46:61:18:df:aa:ed:16:b5:54:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: May 4 17:17:50 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=3ae89dd50f5180c1a2f510fad6a1d9f5052c07eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:8a:f8:6e:12:a3:76:ac:f6:a0:f0:ad:9a:19:
eb:4f:88:a9:06:3f:e2:78:14:30:2d:24:1c:69:62:
b4:a6:84:49:fd:b1:f4:5f:8b:70:1c:d1:4d:f4:41:
4b:ae:77:ca:08:55:30:17:ef:68:23:b2:87:29:94:
0f:27:09:ea:e6:54:30:db:ec:19:00:ff:9f:95:ba:
9d:f5:dc:5a:54:f2:e3:14:e7:9c:a4:3d:2b:10:d5:
e7:2f:f7:f4:18:c4:4a:44:45:28:5f:12:5b:23:d1:
78:4a:4f:ff:67:6c:4e:af:f0:99:9e:e3:9c:ce:a2:
30:ce:1f:be:8a:78:12:5d:e6:14:d1:af:04:1e:b1:
25:f6:7f:46:64:d6:64:2d:36:23:ac:93:36:d4:98:
c7:5b:85:30:fa:92:41:04:07:fd:fe:fe:f3:9a:26:
b4:70:5d:36:3b:99:79:b8:bf:ff:5a:ed:14:19:3a:
b8:30:57:f9:83:32:6a:0b:3b:e9:86:f9:76:3c:fb:
fd:67:a1:36:28:f7:47:3a:52:eb:a8:5c:09:fa:91:
b9:f2:2d:90:78:e9:3e:b5:56:c0:b3:2b:07:66:41:
ff:5f:ac:b9:08:cf:48:66:ce:16:eb:3e:5e:19:9d:
2b:f5:7f:c0:5f:8e:62:20:a2:b9:ab:29:d7:fe:34:
47:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:E8:9D:D5:0F:51:80:C1:A2:F5:10:FA:D6:A1:D9:F5:05:2C:07:EB
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/Ouid1Q9RgMGi9RD61qHZ9QUsB-s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.202.194.0/24
151.241.207.0/24
151.243.7.0/24
151.243.152.0/24
151.243.154.0/24
151.243.197.0/24
151.243.228.0/24
151.243.231.0/24
151.244.54.0/24
151.244.167.0/24
151.244.180.0/24
151.244.222.0/24
151.244.224.0/24
151.244.235.0/24
151.245.119.0/24
151.246.161.0/24
Signature Algorithm: sha256WithRSAEncryption
11:20:d9:7d:79:ef:02:59:34:00:64:66:03:ee:65:ca:64:25:
fb:7f:ef:3c:bb:1d:ab:3c:69:63:8d:7e:a0:43:1c:e4:14:10:
63:cb:a6:a7:3a:df:02:4a:38:f5:5b:d6:0b:ea:1c:b8:df:5d:
8d:0c:c7:88:13:97:72:1d:db:6d:74:eb:0c:ab:02:f2:a4:d1:
bd:98:ed:0d:f1:9e:3d:8c:1c:88:db:34:b4:b5:28:a1:64:1a:
b7:0e:45:2c:cf:04:59:c9:82:ad:0d:be:43:85:6a:60:22:a7:
b4:d0:28:86:5f:2c:fe:2c:7c:bc:10:ba:09:1b:25:43:13:75:
d2:e4:c6:6c:23:f6:dd:d5:53:51:2d:e5:b9:53:be:88:24:a8:
95:cb:5d:ac:04:00:85:7a:00:8d:4a:9b:34:1f:2c:45:08:02:
4c:e0:07:c2:4e:c0:c7:60:01:a2:17:05:5b:25:ba:8a:c7:d0:
d7:6d:2d:81:b0:7f:44:02:63:52:6b:11:d0:27:bf:5e:69:f5:
43:6f:5d:80:8e:fc:c3:43:74:3d:c2:32:4c:4a:c1:8b:d6:71:
3c:84:24:ea:3e:e3:2d:6a:a5:47:c7:f8:ba:dc:ac:7a:ce:c2:
e7:8d:29:91:85:61:34:d2:3b:a1:c0:29:8b:5c:58:24:e7:88:
13:f4:42:38
-----BEGIN CERTIFICATE-----
MIIFVzCCBD+gAwIBAgISAZ3z/wqEmzhGYRjfqu0WtVQFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjYwNTA0MTcxNzUwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYWU4OWRkNTBmNTE4MGMxYTJmNTEwZmFkNmExZDlmNTA1MmMwN2ViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuIr4bhKjdqz2oPCtmhnrT4ipBj/i
eBQwLSQcaWK0poRJ/bH0X4twHNFN9EFLrnfKCFUwF+9oI7KHKZQPJwnq5lQw2+wZ
AP+flbqd9dxaVPLjFOecpD0rENXnL/f0GMRKREUoXxJbI9F4Sk//Z2xOr/CZnuOc
zqIwzh++ingSXeYU0a8EHrEl9n9GZNZkLTYjrJM21JjHW4Uw+pJBBAf9/v7zmia0
cF02O5l5uL//Wu0UGTq4MFf5gzJqCzvphvl2PPv9Z6E2KPdHOlLrqFwJ+pG58i2Q
eOk+tVbAsysHZkH/X6y5CM9IZs4W6z5eGZ0r9X/AX45iIKK5qynX/jRH+wIDAQAB
o4ICYzCCAl8wHQYDVR0OBBYEFDrondUPUYDBovUQ+tah2fUFLAfrMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvT3VpZDFROVJnTUdpOVJENjFxSFo5UVVzQi1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHkGCCsGAQUFBwEHAQH/BGowaDBmBAIAATBgAwQAJcrCAwQA
l/HPAwQAl/MHAwQAl/OYAwQAl/OaAwQAl/PFAwQAl/PkAwQAl/PnAwQAl/Q2AwQA
l/SnAwQAl/S0AwQAl/TeAwQAl/TgAwQAl/TrAwQAl/V3AwQAl/ahMA0GCSqGSIb3
DQEBCwUAA4IBAQARINl9ee8CWTQAZGYD7mXKZCX7f+88ux2rPGljjX6gQxzkFBBj
y6anOt8CSjj1W9YL6hy4312NDMeIE5dyHdttdOsMqwLypNG9mO0N8Z49jByI2zS0
tSihZBq3DkUszwRZyYKtDb5DhWpgIqe00CiGXyz+LHy8ELoJGyVDE3XS5MZsI/bd
1VNRLeW5U76IJKiVy12sBACFegCNSps0HyxFCAJM4AfCTsDHYAGiFwVbJbqKx9DX
bS2BsH9EAmNSaxHQJ79eafVDb12AjvzDQ3Q9wjJMSsGL1nE8hCTqPuMtaqVHx/i6
3Kx6zsLnjSmRhWE00juhwCmLXFgk54gT9EI4
-----END CERTIFICATE-----
Generated at Wed May 13 08:45:21 2026 by rpki-client