Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/SzZl4RoE_E8w_EvDFQ8VL5n3mts.roa
File: SzZl4RoE_E8w_EvDFQ8VL5n3mts.roa (raw, json)
Hash identifier: uU8WlonwgrQpVYVUnp1LceAnvfhAdjV3BL8I2az183g=
Subject key identifier: 4B:36:65:E1:1A:04:FC:4F:30:FC:4B:C3:15:0F:15:2F:99:F7:9A:DB
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019E1D25D1E02D41376ED5877C4409C8D5CE
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/SzZl4RoE_E8w_EvDFQ8VL5n3mts.roa
Signing time: Tue 12 May 2026 17:04:38 +0000
ROA not before: Tue 12 May 2026 17:04:38 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 198250
IP address blocks: 37.202.198.0/24 maxlen: 24
151.244.64.0/24 maxlen: 24
151.245.148.0/24 maxlen: 24
151.247.191.0/24 maxlen: 24
151.247.235.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 14:18:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:1d:25:d1:e0:2d:41:37:6e:d5:87:7c:44:09:c8:d5:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: May 12 17:04:38 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=4b3665e11a04fc4f30fc4bc3150f152f99f79adb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:aa:05:93:f9:06:c3:a1:bc:97:57:84:9e:97:
05:93:66:22:b6:fe:f0:2c:39:80:08:7d:9e:4e:81:
f1:90:d0:1c:c0:61:14:cd:33:28:62:78:be:a5:9e:
60:10:87:32:bb:a4:27:35:83:b1:8e:83:60:e5:fd:
30:e9:23:72:9a:42:7c:c7:5f:52:ae:45:d8:df:80:
8f:f8:2c:4a:f1:16:71:76:40:89:1e:99:c5:e2:81:
c8:81:33:ef:a8:70:6a:1d:51:97:18:ec:af:17:36:
86:72:ac:f8:82:12:d6:54:dc:d8:10:68:0c:1e:0b:
c9:59:ec:c9:f6:e8:67:02:21:69:3a:d0:58:e2:a4:
29:83:0b:3f:d7:1a:a5:56:4d:45:57:7c:2d:b9:5e:
b2:8a:df:4d:e8:cd:90:6b:87:60:81:4b:bb:03:4d:
16:52:4d:1f:8c:7e:88:3f:f6:5d:4e:30:b1:62:8f:
7b:ff:e5:db:57:a3:b8:3c:96:6d:36:fb:e5:42:98:
26:28:7c:1c:35:17:8f:07:1c:3c:9f:db:c9:74:4a:
8f:8b:a8:34:a4:de:b4:6e:3b:03:5f:57:01:ec:7c:
9d:fb:e3:ba:ec:af:11:ab:e6:60:92:38:0b:f2:d7:
06:a1:c1:9e:69:9c:94:41:f8:d0:4d:68:56:8f:40:
89:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:36:65:E1:1A:04:FC:4F:30:FC:4B:C3:15:0F:15:2F:99:F7:9A:DB
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/SzZl4RoE_E8w_EvDFQ8VL5n3mts.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.202.198.0/24
151.244.64.0/24
151.245.148.0/24
151.247.191.0/24
151.247.235.0/24
Signature Algorithm: sha256WithRSAEncryption
a3:55:72:c1:03:ae:c1:dc:25:3d:5f:70:c6:39:10:8c:ad:5b:
82:c6:5e:dd:4e:60:71:4f:58:af:bc:f2:87:52:dc:eb:a4:bf:
5c:dd:f1:ff:45:fc:4e:ec:b7:88:f3:19:b2:26:f6:e1:c6:8d:
02:df:e7:56:ad:af:b6:e7:88:ba:49:59:37:54:fb:bc:86:92:
90:8e:ba:32:21:f8:e1:15:90:4f:2d:3c:97:7c:41:6f:1c:d1:
07:16:e0:cd:01:15:84:40:6a:5a:b9:6c:f2:62:94:86:00:15:
fe:a6:56:87:17:07:6b:0b:40:d9:5f:93:26:73:f4:fc:06:55:
0e:ff:71:64:0c:45:b3:d2:31:9b:76:8e:92:d2:b7:cf:aa:4f:
20:d3:f0:4e:4a:98:51:95:69:80:1a:55:62:b8:74:9a:51:4a:
ac:01:2d:ca:a7:85:f9:05:f5:e5:4f:0d:a1:91:33:81:23:1d:
5d:53:e2:8e:26:62:16:01:e5:02:f2:28:11:b5:45:21:53:d8:
c1:16:9e:d0:ec:39:67:02:bf:c7:d6:99:63:c5:f2:69:2c:85:
4d:4c:03:e4:28:92:71:00:84:c7:98:be:df:e5:f9:34:b8:11:
48:c8:dd:97:db:cb:e9:be:2f:71:cf:5a:76:da:9e:bf:6c:59:
67:3d:42:90
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZ4dJdHgLUE3btWHfEQJyNXOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjYwNTEyMTcwNDM4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjM2NjVlMTFhMDRmYzRmMzBmYzRiYzMxNTBmMTUyZjk5Zjc5YWRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuaoFk/kGw6G8l1eEnpcFk2Yitv7w
LDmACH2eToHxkNAcwGEUzTMoYni+pZ5gEIcyu6QnNYOxjoNg5f0w6SNymkJ8x19S
rkXY34CP+CxK8RZxdkCJHpnF4oHIgTPvqHBqHVGXGOyvFzaGcqz4ghLWVNzYEGgM
HgvJWezJ9uhnAiFpOtBY4qQpgws/1xqlVk1FV3wtuV6yit9N6M2Qa4dggUu7A00W
Uk0fjH6IP/ZdTjCxYo97/+XbV6O4PJZtNvvlQpgmKHwcNRePBxw8n9vJdEqPi6g0
pN60bjsDX1cB7Hyd++O67K8Rq+ZgkjgL8tcGocGeaZyUQfjQTWhWj0CJ3wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFEs2ZeEaBPxPMPxLwxUPFS+Z95rbMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvU3pabDRSb0VfRTh3X0V2REZROFZMNW4zbXRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAJcrGAwQA
l/RAAwQAl/WUAwQAl/e/AwQAl/frMA0GCSqGSIb3DQEBCwUAA4IBAQCjVXLBA67B
3CU9X3DGORCMrVuCxl7dTmBxT1ivvPKHUtzrpL9c3fH/RfxO7LeI8xmyJvbhxo0C
3+dWra+254i6SVk3VPu8hpKQjroyIfjhFZBPLTyXfEFvHNEHFuDNARWEQGpauWzy
YpSGABX+plaHFwdrC0DZX5Mmc/T8BlUO/3FkDEWz0jGbdo6S0rfPqk8g0/BOSphR
lWmAGlViuHSaUUqsAS3Kp4X5BfXlTw2hkTOBIx1dU+KOJmIWAeUC8igRtUUhU9jB
Fp7Q7DlnAr/H1pljxfJpLIVNTAPkKJJxAITHmL7f5fk0uBFIyN2X28vpvi9xz1p2
2p6/bFlnPUKQ
-----END CERTIFICATE-----
Generated at Tue May 12 21:48:09 2026 by rpki-client