Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/RTOgTjhQqFJvXuUjpznFozK_exE.roa
File: RTOgTjhQqFJvXuUjpznFozK_exE.roa (raw, json)
Hash identifier: H23Hs3NXTrMYNCpgNEJ7pmofLcC+7cDO0y2v3YUy0/g=
Subject key identifier: 45:33:A0:4E:38:50:A8:52:6F:5E:E5:23:A7:39:C5:A3:32:BF:7B:11
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019D2413378F0184AA16AAF6CA7E4CAA5F29
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/RTOgTjhQqFJvXuUjpznFozK_exE.roa
Signing time: Wed 25 Mar 2026 08:18:52 +0000
ROA not before: Wed 25 Mar 2026 08:18:52 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 20473
IP address blocks: 37.202.223.0/24 maxlen: 24
151.240.4.0/24 maxlen: 24
151.240.5.0/24 maxlen: 24
151.240.6.0/24 maxlen: 24
151.240.7.0/24 maxlen: 24
151.240.11.0/24 maxlen: 24
151.240.12.0/24 maxlen: 24
151.240.13.0/24 maxlen: 24
151.240.15.0/24 maxlen: 24
151.240.16.0/24 maxlen: 24
151.240.18.0/24 maxlen: 24
151.240.19.0/24 maxlen: 24
151.240.25.0/24 maxlen: 24
151.240.32.0/24 maxlen: 24
151.240.33.0/24 maxlen: 24
151.240.34.0/24 maxlen: 24
151.240.35.0/24 maxlen: 24
151.240.36.0/24 maxlen: 24
151.240.37.0/24 maxlen: 24
151.240.38.0/24 maxlen: 24
151.240.39.0/24 maxlen: 24
151.240.40.0/24 maxlen: 24
151.240.41.0/24 maxlen: 24
151.240.42.0/24 maxlen: 24
151.240.83.0/24 maxlen: 24
151.240.88.0/24 maxlen: 24
151.240.89.0/24 maxlen: 24
151.240.90.0/24 maxlen: 24
151.240.126.0/24 maxlen: 24
151.240.127.0/24 maxlen: 24
151.240.128.0/24 maxlen: 24
151.240.129.0/24 maxlen: 24
151.240.130.0/24 maxlen: 24
151.240.131.0/24 maxlen: 24
151.240.132.0/24 maxlen: 24
151.240.133.0/24 maxlen: 24
151.240.134.0/24 maxlen: 24
151.240.135.0/24 maxlen: 24
151.240.136.0/24 maxlen: 24
151.240.137.0/24 maxlen: 24
151.240.138.0/24 maxlen: 24
151.240.139.0/24 maxlen: 24
151.240.140.0/24 maxlen: 24
151.240.141.0/24 maxlen: 24
151.240.142.0/24 maxlen: 24
151.240.143.0/24 maxlen: 24
151.240.156.0/24 maxlen: 24
151.240.157.0/24 maxlen: 24
151.240.159.0/24 maxlen: 24
151.240.160.0/24 maxlen: 24
151.240.162.0/24 maxlen: 24
151.240.164.0/24 maxlen: 24
151.240.166.0/24 maxlen: 24
151.240.167.0/24 maxlen: 24
151.240.168.0/24 maxlen: 24
151.240.170.0/24 maxlen: 24
151.240.171.0/24 maxlen: 24
151.240.172.0/24 maxlen: 24
151.240.174.0/24 maxlen: 24
151.240.175.0/24 maxlen: 24
151.240.176.0/24 maxlen: 24
151.240.178.0/24 maxlen: 24
151.240.180.0/24 maxlen: 24
151.240.181.0/24 maxlen: 24
151.240.182.0/24 maxlen: 24
151.240.183.0/24 maxlen: 24
151.240.184.0/24 maxlen: 24
151.240.185.0/24 maxlen: 24
151.240.186.0/24 maxlen: 24
151.240.187.0/24 maxlen: 24
151.240.188.0/24 maxlen: 24
151.240.189.0/24 maxlen: 24
151.240.190.0/24 maxlen: 24
151.240.191.0/24 maxlen: 24
151.240.192.0/24 maxlen: 24
151.240.193.0/24 maxlen: 24
151.240.194.0/24 maxlen: 24
151.240.195.0/24 maxlen: 24
151.240.196.0/24 maxlen: 24
151.240.197.0/24 maxlen: 24
151.240.198.0/24 maxlen: 24
151.240.199.0/24 maxlen: 24
151.240.200.0/24 maxlen: 24
151.240.201.0/24 maxlen: 24
151.240.202.0/24 maxlen: 24
151.240.203.0/24 maxlen: 24
151.240.204.0/24 maxlen: 24
151.240.206.0/24 maxlen: 24
151.240.207.0/24 maxlen: 24
151.240.208.0/24 maxlen: 24
151.240.209.0/24 maxlen: 24
151.240.210.0/24 maxlen: 24
151.240.211.0/24 maxlen: 24
151.240.212.0/24 maxlen: 24
151.240.213.0/24 maxlen: 24
151.240.214.0/24 maxlen: 24
151.240.215.0/24 maxlen: 24
151.240.216.0/24 maxlen: 24
151.240.217.0/24 maxlen: 24
151.240.218.0/24 maxlen: 24
151.240.219.0/24 maxlen: 24
151.240.220.0/24 maxlen: 24
151.240.221.0/24 maxlen: 24
151.240.222.0/24 maxlen: 24
151.240.223.0/24 maxlen: 24
151.240.224.0/24 maxlen: 24
151.240.225.0/24 maxlen: 24
151.240.229.0/24 maxlen: 24
151.240.233.0/24 maxlen: 24
151.240.234.0/24 maxlen: 24
151.240.235.0/24 maxlen: 24
151.240.236.0/24 maxlen: 24
151.240.237.0/24 maxlen: 24
151.240.238.0/24 maxlen: 24
151.240.240.0/24 maxlen: 24
151.240.248.0/24 maxlen: 24
151.240.254.0/24 maxlen: 24
151.241.32.0/24 maxlen: 24
151.242.145.0/24 maxlen: 24
151.242.176.0/22 maxlen: 24
151.242.184.0/22 maxlen: 24
151.242.236.0/22 maxlen: 24
151.243.45.0/24 maxlen: 24
151.243.88.0/24 maxlen: 24
151.244.186.0/24 maxlen: 24
151.244.187.0/24 maxlen: 24
151.245.144.0/22 maxlen: 24
151.245.148.0/22 maxlen: 24
151.245.180.0/22 maxlen: 24
151.245.203.0/24 maxlen: 24
151.246.32.0/21 maxlen: 21
151.246.104.0/21 maxlen: 21
151.246.168.0/22 maxlen: 24
151.246.172.0/22 maxlen: 24
151.246.180.0/22 maxlen: 24
151.246.224.0/22 maxlen: 24
151.246.228.0/22 maxlen: 24
151.246.232.0/22 maxlen: 24
151.246.236.0/22 maxlen: 24
151.247.4.0/24 maxlen: 24
151.247.112.0/22 maxlen: 24
151.247.116.0/22 maxlen: 24
151.247.131.0/24 maxlen: 24
151.247.144.0/22 maxlen: 24
151.247.152.0/22 maxlen: 24
151.247.223.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:24:13:37:8f:01:84:aa:16:aa:f6:ca:7e:4c:aa:5f:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Mar 25 08:18:52 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=4533a04e3850a8526f5ee523a739c5a332bf7b11
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:d7:12:0c:ba:14:35:d9:4a:03:9c:29:3f:aa:
31:9b:91:48:f4:69:a9:4d:a5:ea:b9:2c:f5:51:7e:
3e:07:dc:cb:cb:d2:c3:0f:36:aa:4c:be:1b:68:94:
ec:68:56:b0:94:3d:1e:6a:a1:2e:8e:8d:d6:1e:d1:
27:87:66:db:9d:8d:16:8f:6d:12:0e:b7:a0:27:c8:
f2:f5:75:fd:06:34:d0:29:b7:2c:27:51:de:8f:a0:
a2:3a:b2:cc:fd:1b:35:1b:a1:5a:ff:23:44:da:c0:
e9:2a:e7:8b:e9:d7:15:7d:e8:c7:e1:26:f7:88:ba:
f3:32:fa:7a:d8:ff:0c:b9:23:a7:40:c9:f0:05:27:
2e:8a:0c:36:27:6c:09:cc:1d:5e:c5:74:14:82:14:
3e:58:27:4d:bb:b5:6c:ec:37:c8:9a:1c:ad:e3:fd:
31:c8:d6:72:80:23:14:7c:c6:b1:83:7d:4b:2e:46:
a6:c5:1c:17:93:af:01:65:2b:99:e7:90:4c:1f:0f:
29:a3:68:52:64:ed:1f:bf:d3:3c:b8:7e:7d:d4:60:
dd:9d:a5:4a:aa:22:86:64:08:25:72:87:4f:b6:af:
5a:eb:04:06:11:12:fd:bc:d8:29:21:82:03:b2:9f:
3b:1b:32:70:0e:0f:1e:84:23:fe:ca:1b:f9:54:80:
f4:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:33:A0:4E:38:50:A8:52:6F:5E:E5:23:A7:39:C5:A3:32:BF:7B:11
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/RTOgTjhQqFJvXuUjpznFozK_exE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.202.223.0/24
151.240.4.0/22
151.240.11.0-151.240.13.255
151.240.15.0-151.240.16.255
151.240.18.0/23
151.240.25.0/24
151.240.32.0-151.240.42.255
151.240.83.0/24
151.240.88.0-151.240.90.255
151.240.126.0-151.240.143.255
151.240.156.0/23
151.240.159.0-151.240.160.255
151.240.162.0/24
151.240.164.0/24
151.240.166.0-151.240.168.255
151.240.170.0-151.240.172.255
151.240.174.0-151.240.176.255
151.240.178.0/24
151.240.180.0-151.240.204.255
151.240.206.0-151.240.225.255
151.240.229.0/24
151.240.233.0-151.240.238.255
151.240.240.0/24
151.240.248.0/24
151.240.254.0/24
151.241.32.0/24
151.242.145.0/24
151.242.176.0/22
151.242.184.0/22
151.242.236.0/22
151.243.45.0/24
151.243.88.0/24
151.244.186.0/23
151.245.144.0/21
151.245.180.0/22
151.245.203.0/24
151.246.32.0/21
151.246.104.0/21
151.246.168.0/21
151.246.180.0/22
151.246.224.0/20
151.247.4.0/24
151.247.112.0/21
151.247.131.0/24
151.247.144.0/22
151.247.152.0/22
151.247.223.0/24
Signature Algorithm: sha256WithRSAEncryption
15:1f:00:bf:5a:b1:56:b1:33:a1:e8:36:9b:a2:88:c9:1d:47:
39:a1:95:9c:55:01:d3:2c:02:b0:2f:ec:67:e7:df:17:07:fd:
28:e0:77:9f:ee:8d:9c:90:bb:0e:c1:9c:32:e2:27:91:0e:a3:
d5:e8:63:f2:f2:d4:ca:f5:3d:7a:da:d8:33:57:f4:17:fb:dd:
09:ef:f3:be:36:72:64:e0:85:f7:2b:16:1a:f0:53:8a:30:3f:
3a:f6:d4:4c:cc:25:bf:38:d5:5b:42:93:c0:8d:45:91:4a:60:
dd:15:da:60:c4:af:f0:ce:20:07:28:0a:c3:63:45:5a:6e:43:
43:9f:54:2d:c9:ab:89:06:f1:5b:97:3b:17:7e:b3:53:86:e0:
3a:77:e5:22:16:74:0a:ef:8e:2b:33:1e:34:c0:dd:74:24:52:
e7:35:b5:12:ae:98:99:9c:02:b9:09:28:20:c4:ea:db:0c:8c:
ad:27:85:19:72:27:c1:6b:60:07:34:f3:59:13:82:10:b0:9e:
26:d2:35:f5:e4:ec:c4:35:9d:d4:f0:f6:4a:40:60:a9:68:73:
07:44:4f:98:2a:6f:5d:cf:4f:a5:64:09:eb:ba:69:9d:aa:be:
50:93:cb:0c:f8:8d:3a:6b:03:1d:1b:1f:d6:be:70:41:9f:b0:
79:0e:11:8f
-----BEGIN CERTIFICATE-----
MIIGezCCBWOgAwIBAgISAZ0kEzePAYSqFqr2yn5Mql8pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjYwMzI1MDgxODUyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NTMzYTA0ZTM4NTBhODUyNmY1ZWU1MjNhNzM5YzVhMzMyYmY3YjExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5NcSDLoUNdlKA5wpP6oxm5FI9Gmp
TaXquSz1UX4+B9zLy9LDDzaqTL4baJTsaFawlD0eaqEujo3WHtEnh2bbnY0Wj20S
DregJ8jy9XX9BjTQKbcsJ1Hej6CiOrLM/Rs1G6Fa/yNE2sDpKueL6dcVfejH4Sb3
iLrzMvp62P8MuSOnQMnwBScuigw2J2wJzB1exXQUghQ+WCdNu7Vs7DfImhyt4/0x
yNZygCMUfMaxg31LLkamxRwXk68BZSuZ55BMHw8po2hSZO0fv9M8uH591GDdnaVK
qiKGZAglcodPtq9a6wQGERL9vNgpIYIDsp87GzJwDg8ehCP+yhv5VID0oQIDAQAB
o4IDhzCCA4MwHQYDVR0OBBYEFEUzoE44UKhSb17lI6c5xaMyv3sRMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvUlRPZ1RqaFFxRkp2WHVVanB6bkZvektfZXhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBmwYIKwYBBQUHAQcBAf8EggGKMIIBhjCCAYIEAgABMIIB
egMEACXK3wMEApfwBDAMAwQAl/ALAwQBl/AMMAwDBACX8A8DBACX8BADBAGX8BID
BACX8BkwDAMEBZfwIAMEAJfwKgMEAJfwUzAMAwQDl/BYAwQAl/BaMAwDBAGX8H4D
BASX8IADBAGX8JwwDAMEAJfwnwMEAJfwoAMEAJfwogMEAJfwpDAMAwQBl/CmAwQA
l/CoMAwDBAGX8KoDBACX8KwwDAMEAZfwrgMEAJfwsAMEAJfwsjAMAwQCl/C0AwQA
l/DMMAwDBAGX8M4DBAGX8OADBACX8OUwDAMEAJfw6QMEAJfw7gMEAJfw8AMEAJfw
+AMEAJfw/gMEAJfxIAMEAJfykQMEApfysAMEApfyuAMEApfy7AMEAJfzLQMEAJfz
WAMEAZf0ugMEA5f1kAMEApf1tAMEAJf1ywMEA5f2IAMEA5f2aAMEA5f2qAMEApf2
tAMEBJf24AMEAJf3BAMEA5f3cAMEAJf3gwMEApf3kAMEApf3mAMEAJf33zANBgkq
hkiG9w0BAQsFAAOCAQEAFR8Av1qxVrEzoeg2m6KIyR1HOaGVnFUB0ywCsC/sZ+ff
Fwf9KOB3n+6NnJC7DsGcMuInkQ6j1ehj8vLUyvU9etrYM1f0F/vdCe/zvjZyZOCF
9ysWGvBTijA/OvbUTMwlvzjVW0KTwI1FkUpg3RXaYMSv8M4gBygKw2NFWm5DQ59U
LcmriQbxW5c7F36zU4bgOnflIhZ0Cu+OKzMeNMDddCRS5zW1Eq6YmZwCuQkoIMTq
2wyMrSeFGXInwWtgBzTzWROCELCeJtI19eTsxDWd1PD2SkBgqWhzB0RPmCpvXc9P
pWQJ67ppnaq+UJPLDPiNOmsDHRsf1r5wQZ+weQ4Rjw==
-----END CERTIFICATE-----
Generated at Thu Mar 26 09:34:25 2026 by rpki-client