Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/67e755-3c54-45db-89b5-df31745cc229/1/l4DBdStfdTqpFE2GUQ7wpbM0KWU.roa
File: l4DBdStfdTqpFE2GUQ7wpbM0KWU.roa (raw, json)
Hash identifier: AQoHT6lkRghb1teuc/s2owz9xxJB3CRP6CmK2f0ZEEI=
Subject key identifier: 97:80:C1:75:2B:5F:75:3A:A9:14:4D:86:51:0E:F0:A5:B3:34:29:65
Certificate issuer: /CN=40ec5d82a8eb5d98ce76e61dafe517661fc4e675
Certificate serial: 019B7C7F89DC75DBBF95E475B6EC5C7279FC
Authority key identifier: 40:EC:5D:82:A8:EB:5D:98:CE:76:E6:1D:AF:E5:17:66:1F:C4:E6:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QOxdgqjrXZjOduYdr-UXZh_E5nU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/67e755-3c54-45db-89b5-df31745cc229/1/l4DBdStfdTqpFE2GUQ7wpbM0KWU.roa
Signing time: Fri 02 Jan 2026 02:18:11 +0000
ROA not before: Fri 02 Jan 2026 02:18:11 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 198436
IP address blocks: 37.72.48.0/24 maxlen: 24
37.72.49.0/24 maxlen: 24
37.72.50.0/24 maxlen: 24
37.72.51.0/24 maxlen: 24
37.72.52.0/24 maxlen: 24
37.72.53.0/24 maxlen: 24
37.72.54.0/24 maxlen: 24
37.72.55.0/24 maxlen: 24
37.72.56.0/24 maxlen: 24
37.72.57.0/24 maxlen: 24
37.72.58.0/24 maxlen: 24
37.72.59.0/24 maxlen: 24
37.72.60.0/24 maxlen: 24
37.72.61.0/24 maxlen: 24
37.72.62.0/24 maxlen: 24
37.72.63.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7b/67e755-3c54-45db-89b5-df31745cc229/1/QOxdgqjrXZjOduYdr-UXZh_E5nU.crl
rsync://rpki.ripe.net/repository/DEFAULT/7b/67e755-3c54-45db-89b5-df31745cc229/1/QOxdgqjrXZjOduYdr-UXZh_E5nU.mft
rsync://rpki.ripe.net/repository/DEFAULT/QOxdgqjrXZjOduYdr-UXZh_E5nU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 15:05:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:7c:7f:89:dc:75:db:bf:95:e4:75:b6:ec:5c:72:79:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=40ec5d82a8eb5d98ce76e61dafe517661fc4e675
Validity
Not Before: Jan 2 02:18:11 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=9780c1752b5f753aa9144d86510ef0a5b3342965
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:23:61:28:be:18:f1:cd:03:d5:a9:8d:f5:38:
e8:75:a3:e9:04:a3:17:06:e0:2b:e2:27:8c:7a:17:
fd:99:3c:89:00:1a:2e:33:8d:1d:8c:4e:9f:c6:bd:
a9:37:67:0c:f4:a5:30:4a:88:8c:d5:d1:c5:85:85:
7d:84:e1:88:5c:81:ad:aa:d3:28:b6:7f:ed:48:61:
1f:bd:de:f2:3b:33:f8:11:5d:27:05:ad:8c:b3:cc:
f0:35:64:e5:85:b5:66:2e:84:06:e2:ba:14:7d:97:
f4:4c:02:5d:78:38:a2:c5:f8:3e:39:71:55:eb:cd:
86:7a:d2:fd:f1:1d:8a:cc:43:e9:de:9a:91:72:8b:
41:68:73:3d:07:1e:73:4f:97:25:40:1b:78:2a:e7:
81:35:72:f3:f2:c2:e3:17:87:8b:4b:76:50:fb:f0:
64:22:ac:4a:a9:4c:50:de:c2:7c:55:26:ed:60:0a:
cb:5f:10:f9:d7:9a:40:69:56:9a:55:72:f8:b6:8f:
aa:0a:18:a2:e8:c9:e5:a5:bd:84:0e:d2:b5:c8:2f:
9e:bb:47:6c:51:db:a2:50:f6:d1:75:da:b0:9b:bb:
ab:22:20:2b:29:9e:eb:af:19:94:05:e1:64:a6:7a:
17:d5:62:80:ca:a0:18:82:d6:e0:f2:f3:f5:0b:08:
7f:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:80:C1:75:2B:5F:75:3A:A9:14:4D:86:51:0E:F0:A5:B3:34:29:65
X509v3 Authority Key Identifier:
keyid:40:EC:5D:82:A8:EB:5D:98:CE:76:E6:1D:AF:E5:17:66:1F:C4:E6:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QOxdgqjrXZjOduYdr-UXZh_E5nU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/67e755-3c54-45db-89b5-df31745cc229/1/l4DBdStfdTqpFE2GUQ7wpbM0KWU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/67e755-3c54-45db-89b5-df31745cc229/1/QOxdgqjrXZjOduYdr-UXZh_E5nU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.72.48.0/20
Signature Algorithm: sha256WithRSAEncryption
23:09:b5:56:f9:bc:49:51:62:29:8d:86:d0:b4:5e:21:20:b7:
67:9f:02:74:d5:bb:e1:df:11:72:f3:b7:f9:40:4a:6a:fd:65:
65:fc:56:35:1c:fa:82:c5:2c:b5:bb:b4:9f:c8:28:3d:22:f5:
76:78:a5:be:3f:9a:23:c6:a0:10:21:d9:76:e1:2f:ae:14:4a:
20:0e:b6:12:51:c4:d9:0f:b3:ce:d3:e4:ea:bb:4f:33:fa:cb:
76:c9:a8:9a:05:9f:fa:cf:eb:6a:5f:38:f1:34:c3:c5:8b:79:
f7:22:2d:a4:59:67:3d:bf:be:57:1c:01:d2:f7:4a:e3:ca:3b:
de:37:c1:54:2d:17:c8:b8:a9:cc:3e:8f:a6:bf:8e:f2:db:83:
65:a7:17:a1:06:63:3a:7c:08:a4:15:16:00:1d:1f:66:a5:73:
aa:7e:6f:ff:e5:a2:68:1f:02:2b:fa:0e:84:55:60:d8:f6:77:
65:a7:1f:54:89:34:03:e9:63:ba:b7:6a:95:e4:ee:7e:9c:78:
1f:6b:ba:40:93:45:1e:a4:46:fb:9d:14:6b:25:35:03:4b:b4:
b4:f5:22:db:c7:dc:4d:f8:a0:7f:6a:54:d6:d9:64:8a:7b:00:
a0:73:6b:b6:2a:d3:d5:fd:97:45:ea:04:de:4a:c3:74:b8:fd:
2b:38:77:4d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZt8f4ncddu/leR1tuxccnn8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwZWM1ZDgyYThlYjVkOThjZTc2ZTYxZGFmZTUxNzY2MWZj
NGU2NzUwHhcNMjYwMTAyMDIxODExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzgwYzE3NTJiNWY3NTNhYTkxNDRkODY1MTBlZjBhNWIzMzQyOTY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxiNhKL4Y8c0D1amN9TjodaPpBKMX
BuAr4ieMehf9mTyJABouM40djE6fxr2pN2cM9KUwSoiM1dHFhYV9hOGIXIGtqtMo
tn/tSGEfvd7yOzP4EV0nBa2Ms8zwNWTlhbVmLoQG4roUfZf0TAJdeDiixfg+OXFV
682GetL98R2KzEPp3pqRcotBaHM9Bx5zT5clQBt4KueBNXLz8sLjF4eLS3ZQ+/Bk
IqxKqUxQ3sJ8VSbtYArLXxD515pAaVaaVXL4to+qChii6Mnlpb2EDtK1yC+eu0ds
UduiUPbRddqwm7urIiArKZ7rrxmUBeFkpnoX1WKAyqAYgtbg8vP1Cwh/7wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJeAwXUrX3U6qRRNhlEO8KWzNCllMB8GA1UdIwQY
MBaAFEDsXYKo612YznbmHa/lF2YfxOZ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUU94ZGdxanJYWmpPZHVZZHItVVhaaF9FNW5VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi82N2U3NTUtM2M1NC00NWRiLTg5YjUt
ZGYzMTc0NWNjMjI5LzEvbDREQmRTdGZkVHFwRkUyR1VRN3dwYk0wS1dVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi82N2U3NTUtM2M1NC00NWRiLTg5YjUtZGYzMTc0NWNjMjI5
LzEvUU94ZGdxanJYWmpPZHVZZHItVVhaaF9FNW5VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEJUgwMA0G
CSqGSIb3DQEBCwUAA4IBAQAjCbVW+bxJUWIpjYbQtF4hILdnnwJ01bvh3xFy87f5
QEpq/WVl/FY1HPqCxSy1u7SfyCg9IvV2eKW+P5ojxqAQIdl24S+uFEogDrYSUcTZ
D7PO0+Tqu08z+st2yaiaBZ/6z+tqXzjxNMPFi3n3Ii2kWWc9v75XHAHS90rjyjve
N8FULRfIuKnMPo+mv47y24NlpxehBmM6fAikFRYAHR9mpXOqfm//5aJoHwIr+g6E
VWDY9ndlpx9UiTQD6WO6t2qV5O5+nHgfa7pAk0UepEb7nRRrJTUDS7S09SLbx9xN
+KB/alTW2WSKewCgc2u2KtPV/ZdF6gTeSsN0uP0rOHdN
-----END CERTIFICATE-----
Generated at Tue Mar 3 00:23:31 2026 by rpki-client