Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/N124GRxX30EVhd8s_Ufh4dmejA8.roa
File: N124GRxX30EVhd8s_Ufh4dmejA8.roa (raw, json)
Hash identifier: jj0o5Qdf4/GbC1ZwYbgIckX/IybVCr829cg8N6NT81A=
Subject key identifier: 37:5D:B8:19:1C:57:DF:41:15:85:DF:2C:FD:47:E1:E1:D9:9E:8C:0F
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019D4CCA1D626F8A3C1CA5D9D0F3D240A96B
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/N124GRxX30EVhd8s_Ufh4dmejA8.roa
Signing time: Thu 02 Apr 2026 06:03:27 +0000
ROA not before: Thu 02 Apr 2026 06:03:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 29802
IP address blocks: 37.202.194.0/24 maxlen: 24
151.241.207.0/24 maxlen: 24
151.243.7.0/24 maxlen: 24
151.243.152.0/24 maxlen: 24
151.243.154.0/24 maxlen: 24
151.243.197.0/24 maxlen: 24
151.243.228.0/24 maxlen: 24
151.243.231.0/24 maxlen: 24
151.244.54.0/24 maxlen: 24
151.244.167.0/24 maxlen: 24
151.244.180.0/24 maxlen: 24
151.244.222.0/24 maxlen: 24
151.244.224.0/24 maxlen: 24
151.244.235.0/24 maxlen: 24
151.245.119.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 03:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:4c:ca:1d:62:6f:8a:3c:1c:a5:d9:d0:f3:d2:40:a9:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Apr 2 06:03:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=375db8191c57df411585df2cfd47e1e1d99e8c0f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:80:fb:4e:99:be:7b:7a:67:f9:7b:2f:c8:23:
01:2d:cb:4f:22:a5:0e:e4:bb:64:e3:fc:d0:37:cf:
e5:f3:ca:61:a7:42:90:c9:ab:d0:4f:86:c7:22:62:
5e:85:92:5d:83:78:7e:b9:7c:af:56:fd:23:c7:b3:
2e:32:fd:29:35:f7:51:5c:42:2e:e2:81:00:02:f7:
e9:eb:f2:56:72:9c:de:34:d0:fb:e0:eb:0b:c4:35:
7d:b1:df:75:ec:5f:ec:5a:e5:aa:2c:75:b7:c8:e4:
c2:30:e9:22:3c:a4:0d:9a:28:90:47:bb:7a:bd:5e:
d6:bc:1a:8b:4c:f2:48:c7:1e:fc:13:77:b5:db:70:
c6:75:89:2c:83:20:34:f9:55:de:4f:f5:1d:c0:2b:
49:ec:28:61:8e:52:9d:77:9e:04:22:b4:4c:34:fa:
f6:e2:40:c5:59:a2:55:9c:2d:2d:48:a6:d3:76:2a:
c7:0b:68:29:c7:1f:2b:a9:f2:22:85:6e:44:85:42:
5d:9c:06:1b:83:75:55:71:d6:c6:f2:88:46:1c:8e:
20:92:7c:63:5a:34:30:6b:e4:35:a7:4f:d5:25:fd:
8c:c3:41:07:65:12:59:1d:dd:8e:2b:4f:ad:94:53:
54:41:1d:ec:d1:90:e8:76:1f:f8:dc:d5:bf:e6:81:
b3:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:5D:B8:19:1C:57:DF:41:15:85:DF:2C:FD:47:E1:E1:D9:9E:8C:0F
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/N124GRxX30EVhd8s_Ufh4dmejA8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.202.194.0/24
151.241.207.0/24
151.243.7.0/24
151.243.152.0/24
151.243.154.0/24
151.243.197.0/24
151.243.228.0/24
151.243.231.0/24
151.244.54.0/24
151.244.167.0/24
151.244.180.0/24
151.244.222.0/24
151.244.224.0/24
151.244.235.0/24
151.245.119.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:67:af:a2:bf:81:4b:fe:42:9a:e6:90:1e:b2:95:d0:af:77:
92:98:8e:46:52:06:8c:a3:b7:af:53:62:ad:92:e7:8f:02:26:
86:35:71:6b:b6:ee:39:1a:1d:61:74:64:ab:9a:aa:2c:17:76:
f1:e5:b5:a1:20:03:98:b3:cb:ae:3e:80:82:ed:02:fc:36:0a:
6c:6c:21:52:05:33:11:97:85:45:76:25:be:ba:e3:07:c8:79:
dc:a4:8a:f0:d7:b9:f6:e3:fc:ea:44:b9:d9:ec:6f:fb:34:ba:
d0:90:69:81:e7:4d:f5:cc:0e:9d:2e:9e:76:40:08:28:ee:35:
2a:89:27:fb:91:af:ce:f6:91:bc:cd:1e:cd:3d:6c:18:6a:7e:
d9:82:d9:a7:e8:46:fd:e0:c1:d0:f1:e1:a5:6f:b4:6b:46:76:
98:f9:7c:bc:1e:ff:16:04:d3:1d:6e:db:29:8d:fb:88:84:cc:
94:c5:1c:75:8f:95:c7:0c:96:2e:91:9d:73:9d:dd:5a:9c:be:
f9:6b:c7:4b:b4:fd:42:83:50:eb:cc:5a:a9:d3:63:ef:ee:50:
d1:86:e3:46:9b:21:d2:4c:5e:fc:54:91:66:fa:1b:ec:8d:b5:
d5:68:e7:e8:0a:51:0c:29:7d:a2:60:4c:32:19:ff:c9:08:98:
f7:01:d2:80
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgISAZ1Myh1ib4o8HKXZ0PPSQKlrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjYwNDAyMDYwMzI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzVkYjgxOTFjNTdkZjQxMTU4NWRmMmNmZDQ3ZTFlMWQ5OWU4YzBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz4D7Tpm+e3pn+XsvyCMBLctPIqUO
5Ltk4/zQN8/l88php0KQyavQT4bHImJehZJdg3h+uXyvVv0jx7MuMv0pNfdRXEIu
4oEAAvfp6/JWcpzeNND74OsLxDV9sd917F/sWuWqLHW3yOTCMOkiPKQNmiiQR7t6
vV7WvBqLTPJIxx78E3e123DGdYksgyA0+VXeT/UdwCtJ7ChhjlKdd54EIrRMNPr2
4kDFWaJVnC0tSKbTdirHC2gpxx8rqfIihW5EhUJdnAYbg3VVcdbG8ohGHI4gknxj
WjQwa+Q1p0/VJf2Mw0EHZRJZHd2OK0+tlFNUQR3s0ZDodh/43NW/5oGzFQIDAQAB
o4ICXTCCAlkwHQYDVR0OBBYEFDdduBkcV99BFYXfLP1H4eHZnowPMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvTjEyNEdSeFgzMEVWaGQ4c19VZmg0ZG1lakE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjBgBAIAATBaAwQAJcrCAwQA
l/HPAwQAl/MHAwQAl/OYAwQAl/OaAwQAl/PFAwQAl/PkAwQAl/PnAwQAl/Q2AwQA
l/SnAwQAl/S0AwQAl/TeAwQAl/TgAwQAl/TrAwQAl/V3MA0GCSqGSIb3DQEBCwUA
A4IBAQBNZ6+iv4FL/kKa5pAespXQr3eSmI5GUgaMo7evU2KtkuePAiaGNXFrtu45
Gh1hdGSrmqosF3bx5bWhIAOYs8uuPoCC7QL8NgpsbCFSBTMRl4VFdiW+uuMHyHnc
pIrw17n24/zqRLnZ7G/7NLrQkGmB5031zA6dLp52QAgo7jUqiSf7ka/O9pG8zR7N
PWwYan7Zgtmn6Eb94MHQ8eGlb7RrRnaY+Xy8Hv8WBNMdbtspjfuIhMyUxRx1j5XH
DJYukZ1znd1anL75a8dLtP1Cg1DrzFqp02Pv7lDRhuNGmyHSTF78VJFm+hvsjbXV
aOfoClEMKX2iYEwyGf/JCJj3AdKA
-----END CERTIFICATE-----
Generated at Fri Apr 17 13:31:53 2026 by rpki-client