Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/eQP4cz_qZAZ9NzysFJhyv0MOMJs.roa
File: eQP4cz_qZAZ9NzysFJhyv0MOMJs.roa (raw, json)
Hash identifier: WGtmY7kj1k+xy2GxnHM72H6qf/A4bMHpizyPPpEU5r0=
Subject key identifier: 79:03:F8:73:3F:EA:64:06:7D:37:3C:AC:14:98:72:BF:43:0E:30:9B
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019D101B819B227596FEC121C5FD32F8F4D2
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/eQP4cz_qZAZ9NzysFJhyv0MOMJs.roa
Signing time: Sat 21 Mar 2026 11:15:31 +0000
ROA not before: Sat 21 Mar 2026 11:15:31 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 21859
IP address blocks: 37.202.222.0/24 maxlen: 24
151.240.28.0/24 maxlen: 24
151.242.87.0/24 maxlen: 24
151.242.174.0/23 maxlen: 23
151.242.192.0/23 maxlen: 23
151.243.101.0/24 maxlen: 24
151.244.188.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:10:1b:81:9b:22:75:96:fe:c1:21:c5:fd:32:f8:f4:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Mar 21 11:15:31 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=7903f8733fea64067d373cac149872bf430e309b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:95:d2:89:51:c2:3f:32:d8:a3:cc:4a:03:2a:
27:df:08:c5:1f:d5:e1:92:12:fe:48:dc:a8:d9:8e:
18:cf:32:be:80:26:13:aa:33:31:26:c6:97:3b:0e:
39:54:d6:06:31:6b:ba:0f:6d:63:23:b4:ad:46:2b:
d0:ff:f8:a9:14:cc:dd:12:85:af:91:76:8b:ef:bf:
09:dd:60:84:2e:71:86:e8:09:b2:ac:72:92:71:64:
ca:8e:c7:5d:e4:6a:24:b7:c5:7e:34:a7:ea:d8:8c:
0c:a3:20:01:d1:f2:17:28:a8:ae:f8:e0:f3:1e:39:
fe:63:86:ca:a9:2e:d8:d3:84:b7:10:62:3e:22:ee:
a0:1d:de:a9:b2:79:9d:20:0d:59:7e:b7:37:6b:e3:
1b:f1:b1:61:6c:ce:fe:65:06:d2:78:12:c0:21:4c:
d0:46:39:4d:49:d6:3f:27:d7:cd:17:b6:75:cd:e5:
b8:9e:e1:c8:51:11:60:c1:ab:0e:64:83:95:22:56:
0c:da:a1:c2:4d:b2:66:89:c0:40:32:f0:c8:f0:aa:
a4:b5:8d:2a:6f:2c:e4:81:82:ef:31:80:c3:7b:d3:
b1:b8:24:f3:00:c4:d4:4c:f5:58:e8:f1:1d:d4:64:
9f:75:32:98:57:36:bf:f9:57:a0:80:13:fa:81:2e:
26:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:03:F8:73:3F:EA:64:06:7D:37:3C:AC:14:98:72:BF:43:0E:30:9B
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/eQP4cz_qZAZ9NzysFJhyv0MOMJs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.202.222.0/24
151.240.28.0/24
151.242.87.0/24
151.242.174.0/23
151.242.192.0/23
151.243.101.0/24
151.244.188.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:27:2d:ca:a7:f2:50:ee:64:5e:92:e8:b6:a1:ad:7f:ce:9f:
41:66:3b:c6:87:75:78:60:9e:fc:da:f3:00:52:2a:99:37:bc:
9d:93:e2:11:35:a9:10:23:a9:41:1b:4b:05:b5:67:f8:e8:c8:
30:67:c6:a6:07:89:89:f3:00:0e:4e:a2:ea:68:20:ed:e6:5c:
13:17:b5:6e:82:aa:85:d5:42:33:fb:7b:b8:5c:4f:6c:f9:f5:
0c:e7:52:c8:4e:7d:49:4e:c4:5a:28:40:7b:2d:8b:3c:cf:8d:
85:81:1b:48:be:67:1c:3f:50:c4:ea:12:f8:ee:e5:c2:aa:aa:
41:0a:1d:95:d7:42:52:d6:70:66:4e:71:0b:d0:76:5f:84:55:
73:73:b3:ad:d3:f7:ba:cb:9a:0d:78:18:0c:73:df:f6:b5:bc:
d7:04:c6:2d:80:6a:bd:4d:64:bb:60:23:d9:fe:26:8a:89:71:
59:67:18:a4:21:2e:e1:91:6b:49:d0:30:5a:fa:ec:39:94:5c:
2d:e8:f1:db:d4:80:cc:88:49:30:80:c0:42:b5:00:58:1e:ac:
96:d5:9e:1a:a2:ef:da:5f:7b:1c:2a:dd:e9:ac:7b:e6:c5:b6:
57:45:eb:f9:83:da:30:c7:d9:f4:80:93:b4:66:55:02:30:cb:
58:75:14:85
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZ0QG4GbInWW/sEhxf0y+PTSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjYwMzIxMTExNTMxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OTAzZjg3MzNmZWE2NDA2N2QzNzNjYWMxNDk4NzJiZjQzMGUzMDliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAupXSiVHCPzLYo8xKAyon3wjFH9Xh
khL+SNyo2Y4YzzK+gCYTqjMxJsaXOw45VNYGMWu6D21jI7StRivQ//ipFMzdEoWv
kXaL778J3WCELnGG6AmyrHKScWTKjsdd5Gokt8V+NKfq2IwMoyAB0fIXKKiu+ODz
Hjn+Y4bKqS7Y04S3EGI+Iu6gHd6psnmdIA1Zfrc3a+Mb8bFhbM7+ZQbSeBLAIUzQ
RjlNSdY/J9fNF7Z1zeW4nuHIURFgwasOZIOVIlYM2qHCTbJmicBAMvDI8KqktY0q
byzkgYLvMYDDe9OxuCTzAMTUTPVY6PEd1GSfdTKYVza/+VeggBP6gS4mbQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFHkD+HM/6mQGfTc8rBSYcr9DDjCbMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvZVFQNGN6X3FaQVo5Tnp5c0ZKaHl2ME1PTUpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAJcreAwQA
l/AcAwQAl/JXAwQBl/KuAwQBl/LAAwQAl/NlAwQAl/S8MA0GCSqGSIb3DQEBCwUA
A4IBAQB6Jy3Kp/JQ7mRekui2oa1/zp9BZjvGh3V4YJ782vMAUiqZN7ydk+IRNakQ
I6lBG0sFtWf46MgwZ8amB4mJ8wAOTqLqaCDt5lwTF7VugqqF1UIz+3u4XE9s+fUM
51LITn1JTsRaKEB7LYs8z42FgRtIvmccP1DE6hL47uXCqqpBCh2V10JS1nBmTnEL
0HZfhFVzc7Ot0/e6y5oNeBgMc9/2tbzXBMYtgGq9TWS7YCPZ/iaKiXFZZxikIS7h
kWtJ0DBa+uw5lFwt6PHb1IDMiEkwgMBCtQBYHqyW1Z4aou/aX3scKt3prHvmxbZX
Rev5g9owx9n0gJO0ZlUCMMtYdRSF
-----END CERTIFICATE-----
Generated at Thu Mar 26 09:33:10 2026 by rpki-client