Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/39RGODXKWl2ucUx2WpEYtzFVoNw.roa
File: 39RGODXKWl2ucUx2WpEYtzFVoNw.roa (raw, json)
Hash identifier: DxE0+NVkQUuIfHJ5+t4JW4niq0Zpnz8qJEVfjKq+8jw=
Subject key identifier: DF:D4:46:38:35:CA:5A:5D:AE:71:4C:76:5A:91:18:B7:31:55:A0:DC
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019D9B9A6C3901C123B712B51AC0FA1E6D1E
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/39RGODXKWl2ucUx2WpEYtzFVoNw.roa
Signing time: Fri 17 Apr 2026 13:21:21 +0000
ROA not before: Fri 17 Apr 2026 13:21:21 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 395470
IP address blocks: 37.202.198.0/24 maxlen: 24
151.242.148.0/24 maxlen: 24
151.244.122.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:9b:9a:6c:39:01:c1:23:b7:12:b5:1a:c0:fa:1e:6d:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Apr 17 13:21:21 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=dfd4463835ca5a5dae714c765a9118b73155a0dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:1d:1a:de:d8:2c:4c:54:65:ab:73:c1:1b:87:
f4:15:c2:8c:d3:60:d8:48:7c:65:4d:b5:8e:84:47:
2c:30:1e:ec:b9:98:08:12:42:33:79:c5:54:d8:29:
9c:71:f6:c5:54:99:e1:a5:24:91:8a:89:59:2e:80:
33:f2:3f:5d:6d:2f:c7:17:e5:ba:e1:1c:7a:a4:84:
81:5c:e3:6e:ba:8e:92:3a:35:b1:ed:17:1d:51:2a:
5a:93:f6:e6:df:61:e9:b9:23:96:47:30:4d:77:ab:
ba:54:ec:86:26:a6:db:1d:ac:cc:ae:17:4b:f3:e8:
9a:e1:01:95:25:7e:28:2b:e6:12:89:07:f3:cf:64:
1b:79:59:e4:b5:cb:74:4e:37:ae:3f:a5:f8:ed:89:
e1:e0:c4:8d:1a:fc:f8:bc:98:af:42:f4:64:88:04:
94:a6:fb:75:8c:39:7c:45:cb:1f:66:94:35:6c:62:
a4:ad:16:a4:80:a6:2c:cf:f9:54:2d:45:30:d2:0f:
68:44:41:8f:7b:db:d5:78:2b:71:0f:4e:e2:de:4d:
63:cf:58:bb:60:c4:a7:9c:09:10:05:f9:95:6f:ec:
2c:e2:ca:0a:43:48:b1:c7:1c:c7:81:78:75:d0:a3:
bd:25:97:7d:35:c5:60:cc:f8:e8:9a:eb:9d:95:b8:
18:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:D4:46:38:35:CA:5A:5D:AE:71:4C:76:5A:91:18:B7:31:55:A0:DC
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/39RGODXKWl2ucUx2WpEYtzFVoNw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.202.198.0/24
151.242.148.0/24
151.244.122.0/24
Signature Algorithm: sha256WithRSAEncryption
45:f0:e3:22:08:48:a8:e0:e4:21:d9:65:16:5a:f4:2c:8a:55:
a0:dd:fa:d4:e2:74:e2:33:f6:7d:81:cb:e9:22:4d:33:e9:f2:
58:5e:32:1e:62:67:7b:55:4d:ca:c5:0b:6c:67:e9:98:b8:a4:
aa:b7:f9:3f:16:32:08:48:9a:87:62:7b:b6:08:37:ea:94:1e:
e2:46:e3:4f:93:b3:1f:9c:ff:9e:30:0f:8b:52:89:34:78:f0:
61:46:54:6e:b3:17:b6:a0:c5:08:d4:30:3b:36:0b:75:c6:da:
2a:73:02:38:70:e8:41:67:53:50:63:9e:a2:0e:1c:06:68:48:
db:1d:7b:42:f9:30:de:2c:a1:2f:e8:7f:40:82:95:21:d5:a9:
c7:c0:13:14:43:f0:8d:d0:1f:cf:73:f1:d3:16:5e:44:80:c7:
44:ae:1b:ef:d4:4a:8a:77:7c:ee:07:6a:53:52:00:05:5f:10:
1f:9d:ea:e3:50:5b:24:ae:d9:f1:1e:03:9a:1c:97:10:f8:d9:
8b:d2:83:ae:80:f1:c8:49:fe:ea:00:94:d6:bf:c1:2b:b4:58:
64:16:e4:65:85:58:2b:b9:55:50:74:23:d3:4a:9c:5b:70:5c:
74:99:63:b8:30:66:45:c7:9c:71:0e:82:62:4e:36:fc:65:dd:
97:53:ad:e5
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZ2bmmw5AcEjtxK1GsD6Hm0eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjYwNDE3MTMyMTIxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZmQ0NDYzODM1Y2E1YTVkYWU3MTRjNzY1YTkxMThiNzMxNTVhMGRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsR0a3tgsTFRlq3PBG4f0FcKM02DY
SHxlTbWOhEcsMB7suZgIEkIzecVU2CmccfbFVJnhpSSRiolZLoAz8j9dbS/HF+W6
4Rx6pISBXONuuo6SOjWx7RcdUSpak/bm32HpuSOWRzBNd6u6VOyGJqbbHazMrhdL
8+ia4QGVJX4oK+YSiQfzz2QbeVnktct0TjeuP6X47Ynh4MSNGvz4vJivQvRkiASU
pvt1jDl8RcsfZpQ1bGKkrRakgKYsz/lULUUw0g9oREGPe9vVeCtxD07i3k1jz1i7
YMSnnAkQBfmVb+ws4soKQ0ixxxzHgXh10KO9JZd9NcVgzPjomuudlbgYvQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFN/URjg1ylpdrnFMdlqRGLcxVaDcMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvMzlSR09EWEtXbDJ1Y1V4MldwRVl0ekZWb053LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAJcrGAwQA
l/KUAwQAl/R6MA0GCSqGSIb3DQEBCwUAA4IBAQBF8OMiCEio4OQh2WUWWvQsilWg
3frU4nTiM/Z9gcvpIk0z6fJYXjIeYmd7VU3KxQtsZ+mYuKSqt/k/FjIISJqHYnu2
CDfqlB7iRuNPk7MfnP+eMA+LUok0ePBhRlRusxe2oMUI1DA7Ngt1xtoqcwI4cOhB
Z1NQY56iDhwGaEjbHXtC+TDeLKEv6H9AgpUh1anHwBMUQ/CN0B/Pc/HTFl5EgMdE
rhvv1EqKd3zuB2pTUgAFXxAfnerjUFskrtnxHgOaHJcQ+NmL0oOugPHISf7qAJTW
v8ErtFhkFuRlhVgruVVQdCPTSpxbcFx0mWO4MGZFx5xxDoJiTjb8Zd2XU63l
-----END CERTIFICATE-----
Generated at Fri Apr 17 17:28:01 2026 by rpki-client