Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/397546-dc7b-4660-8a51-bf59fc1cb26d/1/If-4jw8504k0DpzNI8J-eTjth_I.roa
File: If-4jw8504k0DpzNI8J-eTjth_I.roa (raw, json)
Hash identifier: +7hlM1fpCVGHtefaNr3Hcn1BgELFnn/j/b88Js0gOWM=
Subject key identifier: 21:FF:B8:8F:0F:39:D3:89:34:0E:9C:CD:23:C2:7E:79:38:ED:87:F2
Certificate issuer: /CN=24ba4f52ac1be0755d34bc5483c061bdf293447e
Certificate serial: 019D6FD801A31CCC43B6B54314566982C162
Authority key identifier: 24:BA:4F:52:AC:1B:E0:75:5D:34:BC:54:83:C0:61:BD:F2:93:44:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JLpPUqwb4HVdNLxUg8BhvfKTRH4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/397546-dc7b-4660-8a51-bf59fc1cb26d/1/If-4jw8504k0DpzNI8J-eTjth_I.roa
Signing time: Thu 09 Apr 2026 01:25:20 +0000
ROA not before: Thu 09 Apr 2026 01:25:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 19905
IP address blocks: 37.208.128.0/17 maxlen: 24
37.210.0.0/15 maxlen: 24
78.100.0.0/15 maxlen: 24
82.148.96.0/19 maxlen: 24
86.62.192.0/18 maxlen: 24
89.211.0.0/16 maxlen: 24
176.202.0.0/15 maxlen: 24
178.152.0.0/15 maxlen: 24
185.96.224.0/22 maxlen: 24
212.77.192.0/19 maxlen: 24
213.130.96.0/19 maxlen: 24
2001:1a10::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/37/397546-dc7b-4660-8a51-bf59fc1cb26d/1/JLpPUqwb4HVdNLxUg8BhvfKTRH4.crl
rsync://rpki.ripe.net/repository/DEFAULT/37/397546-dc7b-4660-8a51-bf59fc1cb26d/1/JLpPUqwb4HVdNLxUg8BhvfKTRH4.mft
rsync://rpki.ripe.net/repository/DEFAULT/JLpPUqwb4HVdNLxUg8BhvfKTRH4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:6f:d8:01:a3:1c:cc:43:b6:b5:43:14:56:69:82:c1:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=24ba4f52ac1be0755d34bc5483c061bdf293447e
Validity
Not Before: Apr 9 01:25:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=21ffb88f0f39d389340e9ccd23c27e7938ed87f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:b2:ba:11:27:26:82:7b:fc:a3:b3:46:d4:37:
2b:39:34:4d:11:50:1d:23:b2:f2:4b:6c:b5:e1:f8:
81:d2:a3:d0:27:97:01:bb:43:4a:fb:3d:0d:ea:cd:
4a:ba:18:73:ca:14:24:08:8b:28:72:ae:13:db:11:
52:05:eb:a8:de:93:7c:50:34:4f:cc:ed:1d:65:67:
68:98:c5:77:8e:08:90:ea:58:fc:6b:89:43:02:ac:
b6:a1:21:0c:da:45:cf:aa:45:ee:80:b2:3f:d9:09:
42:de:ad:14:54:dc:ac:0d:1a:47:c6:03:ea:33:85:
c1:7f:20:f0:3e:80:0a:e9:2d:6e:04:a4:83:bb:87:
99:f6:81:30:8a:17:0c:1b:e3:79:9a:d1:ad:71:4b:
0e:59:62:75:23:6d:9f:cc:29:1a:10:4e:73:06:54:
5a:76:d6:41:fa:45:f9:e1:11:64:61:bc:e7:72:a7:
a2:9c:67:e9:64:a6:da:ea:92:f7:11:76:90:8f:58:
3b:39:bd:75:15:e4:fe:17:b8:3e:6a:0a:e8:4b:00:
14:0a:33:58:85:72:c2:4d:7d:9c:8b:97:a5:87:bb:
f2:c4:22:71:54:e7:08:73:56:5d:c9:4e:fe:c7:16:
37:1d:55:b0:00:40:09:44:52:f0:fe:a1:65:97:7c:
1a:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:FF:B8:8F:0F:39:D3:89:34:0E:9C:CD:23:C2:7E:79:38:ED:87:F2
X509v3 Authority Key Identifier:
keyid:24:BA:4F:52:AC:1B:E0:75:5D:34:BC:54:83:C0:61:BD:F2:93:44:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JLpPUqwb4HVdNLxUg8BhvfKTRH4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/397546-dc7b-4660-8a51-bf59fc1cb26d/1/If-4jw8504k0DpzNI8J-eTjth_I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/397546-dc7b-4660-8a51-bf59fc1cb26d/1/JLpPUqwb4HVdNLxUg8BhvfKTRH4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.208.128.0/17
37.210.0.0/15
78.100.0.0/15
82.148.96.0/19
86.62.192.0/18
89.211.0.0/16
176.202.0.0/15
178.152.0.0/15
185.96.224.0/22
212.77.192.0/19
213.130.96.0/19
IPv6:
2001:1a10::/29
Signature Algorithm: sha256WithRSAEncryption
7a:f8:9e:23:76:dc:7b:53:2a:98:87:63:a3:b1:d6:a6:f5:a7:
0e:36:c8:a9:51:7b:ab:0b:a8:c9:cd:c8:f6:ab:ce:b1:0b:64:
dc:56:b0:46:68:62:49:47:53:71:96:9d:27:08:22:d1:45:8c:
2b:64:96:18:1c:9e:1d:4d:61:c1:c8:dc:0b:ec:94:e8:3f:70:
d7:75:2b:e7:52:51:80:6e:46:cc:cb:66:c2:7d:e9:8b:ab:4d:
ed:e2:48:d8:5d:3b:f5:a5:dd:38:a5:37:40:30:2a:f3:2e:52:
40:86:15:00:aa:44:89:ac:30:e1:37:29:c7:e9:50:c5:29:10:
1b:aa:49:45:00:9c:10:f0:0f:27:a7:10:f3:f5:be:6b:12:21:
5a:15:4c:54:81:2e:00:ea:7a:12:99:47:38:2a:ce:a7:ab:80:
cc:4e:4e:2c:cb:97:d4:77:05:6a:18:0f:ff:54:e6:8d:58:0a:
31:dc:e6:f9:43:a5:d3:5b:01:66:4c:a6:de:97:3d:4e:c0:b8:
77:3c:eb:b9:5d:13:dd:55:af:85:3e:04:62:7f:f4:4a:27:31:
e1:e0:d0:52:ca:b5:74:5b:ca:7c:74:5b:0e:32:31:95:d4:ce:
1f:12:72:b0:8b:8f:bc:62:c2:f1:dd:92:a6:9a:a4:a1:66:5a:
96:80:a5:59
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAZ1v2AGjHMxDtrVDFFZpgsFiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0YmE0ZjUyYWMxYmUwNzU1ZDM0YmM1NDgzYzA2MWJkZjI5
MzQ0N2UwHhcNMjYwNDA5MDEyNTIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMWZmYjg4ZjBmMzlkMzg5MzQwZTljY2QyM2MyN2U3OTM4ZWQ4N2YyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7rK6EScmgnv8o7NG1DcrOTRNEVAd
I7LyS2y14fiB0qPQJ5cBu0NK+z0N6s1KuhhzyhQkCIsocq4T2xFSBeuo3pN8UDRP
zO0dZWdomMV3jgiQ6lj8a4lDAqy2oSEM2kXPqkXugLI/2QlC3q0UVNysDRpHxgPq
M4XBfyDwPoAK6S1uBKSDu4eZ9oEwihcMG+N5mtGtcUsOWWJ1I22fzCkaEE5zBlRa
dtZB+kX54RFkYbzncqeinGfpZKba6pL3EXaQj1g7Ob11FeT+F7g+agroSwAUCjNY
hXLCTX2ci5elh7vyxCJxVOcIc1ZdyU7+xxY3HVWwAEAJRFLw/qFll3waRQIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFCH/uI8POdOJNA6czSPCfnk47YfyMB8GA1UdIwQY
MBaAFCS6T1KsG+B1XTS8VIPAYb3yk0R+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSkxwUFVxd2I0SFZkTkx4VWc4Qmh2ZktUUkg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy8zOTc1NDYtZGM3Yi00NjYwLThhNTEt
YmY1OWZjMWNiMjZkLzEvSWYtNGp3ODUwNGswRHB6Tkk4Si1lVGp0aF9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy8zOTc1NDYtZGM3Yi00NjYwLThhNTEtYmY1OWZjMWNiMjZk
LzEvSkxwUFVxd2I0SFZkTkx4VWc4Qmh2ZktUUkg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDBDBAIAATA9AwQHJdCAAwMB
JdIDAwFOZAMEBVKUYAMEBlY+wAMDAFnTAwMBsMoDAwGymAMEArlg4AMEBdRNwAME
BdWCYDANBAIAAjAHAwUDIAEaEDANBgkqhkiG9w0BAQsFAAOCAQEAevieI3bce1Mq
mIdjo7HWpvWnDjbIqVF7qwuoyc3I9qvOsQtk3FawRmhiSUdTcZadJwgi0UWMK2SW
GByeHU1hwcjcC+yU6D9w13Ur51JRgG5GzMtmwn3pi6tN7eJI2F079aXdOKU3QDAq
8y5SQIYVAKpEiaww4Tcpx+lQxSkQG6pJRQCcEPAPJ6cQ8/W+axIhWhVMVIEuAOp6
EplHOCrOp6uAzE5OLMuX1HcFahgP/1TmjVgKMdzm+UOl01sBZkym3pc9TsC4dzzr
uV0T3VWvhT4EYn/0Sicx4eDQUsq1dFvKfHRbDjIxldTOHxJysIuPvGLC8d2Sppqk
oWZaloClWQ==
-----END CERTIFICATE-----
Generated at Fri Apr 17 01:19:48 2026 by rpki-client