Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/M8WsoMnGPVNmkP0_GRgTxjZRJnE.roa
File: M8WsoMnGPVNmkP0_GRgTxjZRJnE.roa (raw, json)
Hash identifier: +25YQ0hNnRgpLZqiohuE6AMcgCqjkbxQlkrhVlizZHg=
Subject key identifier: 33:C5:AC:A0:C9:C6:3D:53:66:90:FD:3F:19:18:13:C6:36:51:26:71
Certificate issuer: /CN=22f2c2e7bc1da54d919ca5b5941d378892b2ccb2
Certificate serial: 019E2D5EA146C1B66B956A56D98A03F74417
Authority key identifier: 22:F2:C2:E7:BC:1D:A5:4D:91:9C:A5:B5:94:1D:37:88:92:B2:CC:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IvLC57wdpU2RnKW1lB03iJKyzLI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/M8WsoMnGPVNmkP0_GRgTxjZRJnE.roa
Signing time: Fri 15 May 2026 20:40:36 +0000
ROA not before: Fri 15 May 2026 20:40:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 3561
IP address blocks: 109.166.40.0/21 maxlen: 21
109.166.48.0/21 maxlen: 21
151.248.72.0/21 maxlen: 21
151.248.80.0/21 maxlen: 21
151.248.88.0/22 maxlen: 22
176.118.80.0/21 maxlen: 21
176.118.80.0/22 maxlen: 22
176.118.84.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/IvLC57wdpU2RnKW1lB03iJKyzLI.crl
rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/IvLC57wdpU2RnKW1lB03iJKyzLI.mft
rsync://rpki.ripe.net/repository/DEFAULT/IvLC57wdpU2RnKW1lB03iJKyzLI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 10:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:2d:5e:a1:46:c1:b6:6b:95:6a:56:d9:8a:03:f7:44:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22f2c2e7bc1da54d919ca5b5941d378892b2ccb2
Validity
Not Before: May 15 20:40:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=33c5aca0c9c63d536690fd3f191813c636512671
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:dd:22:c5:24:5e:2d:45:f8:dd:a9:1d:78:ad:
e3:f3:97:e0:cd:0c:97:fc:f2:a2:16:85:05:5e:d4:
4c:80:c2:3d:b6:96:5a:0f:94:3b:b3:c6:dc:76:6c:
5e:af:6d:71:16:69:08:89:06:ed:92:41:f8:bf:8f:
dc:7b:32:95:61:20:c0:f9:14:94:c0:f7:61:75:e9:
cd:a4:fa:c4:20:75:de:01:cc:ed:ba:e8:97:99:23:
71:d7:33:dd:b5:da:69:a0:06:fd:19:26:a0:9b:ff:
75:39:08:66:19:3e:c3:ff:7d:e1:e8:8b:6e:63:ee:
2a:62:c1:32:03:51:67:70:c1:ab:38:0c:9a:50:5a:
e7:67:9f:4f:cf:38:fe:00:d2:87:f7:5a:9b:a9:85:
a2:aa:c2:b0:2a:67:04:46:84:54:6e:b4:1f:6e:88:
d7:36:59:4a:b2:d0:74:21:86:61:00:7f:e3:28:0a:
3a:73:54:f3:65:4e:cb:7f:41:63:02:58:2d:fe:af:
1e:40:74:08:32:34:0e:53:15:e4:a4:37:43:79:58:
6c:3a:11:0e:89:63:34:0e:3b:84:1c:3a:65:66:30:
ce:80:1a:60:0a:8a:26:30:29:da:11:fe:78:5b:87:
f2:dc:e2:29:18:2f:68:ee:75:3c:07:31:8d:29:b4:
af:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:C5:AC:A0:C9:C6:3D:53:66:90:FD:3F:19:18:13:C6:36:51:26:71
X509v3 Authority Key Identifier:
keyid:22:F2:C2:E7:BC:1D:A5:4D:91:9C:A5:B5:94:1D:37:88:92:B2:CC:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IvLC57wdpU2RnKW1lB03iJKyzLI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/M8WsoMnGPVNmkP0_GRgTxjZRJnE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/IvLC57wdpU2RnKW1lB03iJKyzLI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.166.40.0-109.166.55.255
151.248.72.0-151.248.91.255
176.118.80.0/21
Signature Algorithm: sha256WithRSAEncryption
1b:39:d7:bd:3d:87:2b:e2:92:74:36:1a:e9:14:f8:57:a0:7b:
5e:11:09:82:7e:4a:21:6f:30:c2:f6:36:5f:f0:ae:70:0a:6c:
d7:3c:e9:61:6c:8a:df:ce:f2:49:9b:d9:ee:48:bc:65:a0:af:
f5:fa:f5:74:bc:4a:ad:59:59:a6:17:44:14:25:f2:f4:4b:ff:
c2:2f:28:57:19:f9:82:7a:6f:42:11:41:81:bd:7d:c7:c5:80:
f2:c0:39:3d:92:e4:58:1d:db:1c:5c:1e:17:cb:41:f2:54:f9:
df:fe:4e:94:ca:f0:29:4c:00:3d:6f:1b:19:56:ed:fe:0d:38:
e7:d8:c2:94:70:76:88:1e:1b:84:a2:23:58:26:dd:d8:e9:43:
55:13:4e:b5:b9:e8:73:c5:af:6e:b8:62:37:c6:f8:ab:0d:cd:
8d:1f:2c:0a:55:d1:71:04:28:49:35:b6:89:36:32:44:08:af:
6f:41:8b:f7:c1:dd:60:79:62:7e:03:6c:a6:0d:c8:30:3c:f8:
df:7b:e1:79:99:9e:6e:08:2a:e1:54:3b:e7:04:1b:81:0e:10:
2c:fb:2c:f2:86:26:a0:91:9b:ce:75:f4:d9:35:58:f9:26:65:
51:2d:bb:f4:f2:3f:46:b2:d1:f3:95:42:66:90:a8:c7:c1:3a:
5c:21:4f:3f
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZ4tXqFGwbZrlWpW2YoD90QXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyZjJjMmU3YmMxZGE1NGQ5MTljYTViNTk0MWQzNzg4OTJi
MmNjYjIwHhcNMjYwNTE1MjA0MDM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzM2M1YWNhMGM5YzYzZDUzNjY5MGZkM2YxOTE4MTNjNjM2NTEyNjcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAod0ixSReLUX43akdeK3j85fgzQyX
/PKiFoUFXtRMgMI9tpZaD5Q7s8bcdmxer21xFmkIiQbtkkH4v4/cezKVYSDA+RSU
wPdhdenNpPrEIHXeAcztuuiXmSNx1zPdtdppoAb9GSagm/91OQhmGT7D/33h6Itu
Y+4qYsEyA1FncMGrOAyaUFrnZ59Pzzj+ANKH91qbqYWiqsKwKmcERoRUbrQfbojX
NllKstB0IYZhAH/jKAo6c1TzZU7Lf0FjAlgt/q8eQHQIMjQOUxXkpDdDeVhsOhEO
iWM0DjuEHDplZjDOgBpgCoomMCnaEf54W4fy3OIpGC9o7nU8BzGNKbSvRwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFDPFrKDJxj1TZpD9PxkYE8Y2USZxMB8GA1UdIwQY
MBaAFCLywue8HaVNkZyltZQdN4iSssyyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXZMQzU3d2RwVTJSbktXMWxCMDNpSkt5ekxJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi82MDI1MzAtNmQyMi00NmYxLThlMDUt
MDJkZWY2ZTg0YzkxLzEvTThXc29NbkdQVk5ta1AwX0dSZ1R4alpSSm5FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi82MDI1MzAtNmQyMi00NmYxLThlMDUtMDJkZWY2ZTg0Yzkx
LzEvSXZMQzU3d2RwVTJSbktXMWxCMDNpSkt5ekxJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiMAwDBANtpigD
BANtpjAwDAMEA5f4SAMEApf4WAMEA7B2UDANBgkqhkiG9w0BAQsFAAOCAQEAGznX
vT2HK+KSdDYa6RT4V6B7XhEJgn5KIW8wwvY2X/CucAps1zzpYWyK387ySZvZ7ki8
ZaCv9fr1dLxKrVlZphdEFCXy9Ev/wi8oVxn5gnpvQhFBgb19x8WA8sA5PZLkWB3b
HFweF8tB8lT53/5OlMrwKUwAPW8bGVbt/g0459jClHB2iB4bhKIjWCbd2OlDVRNO
tbnoc8WvbrhiN8b4qw3NjR8sClXRcQQoSTW2iTYyRAivb0GL98HdYHlifgNspg3I
MDz433vheZmebggq4VQ75wQbgQ4QLPss8oYmoJGbznX02TVY+SZlUS279PI/RrLR
85VCZpCox8E6XCFPPw==
-----END CERTIFICATE-----
Generated at Sat Jun 13 20:42:17 2026 by rpki-client