Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/msJoEbv6n-fkfxUVpde9BkJPopg.roa
File: msJoEbv6n-fkfxUVpde9BkJPopg.roa (raw, json)
Hash identifier: yX/ESf77/Kb84spJzqfNEYMdUCAVMiLvTanipVdac6o=
Subject key identifier: 9A:C2:68:11:BB:FA:9F:E7:E4:7F:15:15:A5:D7:BD:06:42:4F:A2:98
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019D875D7D861854D6901BD70733A66797C9
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/msJoEbv6n-fkfxUVpde9BkJPopg.roa
Signing time: Mon 13 Apr 2026 15:02:24 +0000
ROA not before: Mon 13 Apr 2026 15:02:24 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 64267
IP address blocks: 37.202.202.0/24 maxlen: 24
151.240.2.0/24 maxlen: 24
151.241.33.0/24 maxlen: 24
151.241.43.0/24 maxlen: 24
151.241.48.0/24 maxlen: 24
151.242.26.0/24 maxlen: 24
151.243.26.0/24 maxlen: 24
151.244.42.0/24 maxlen: 24
151.244.69.0/24 maxlen: 24
151.245.69.0/24 maxlen: 24
151.245.166.0/24 maxlen: 24
151.245.177.0/24 maxlen: 24
151.246.224.0/24 maxlen: 24
151.246.230.0/24 maxlen: 24
151.246.234.0/24 maxlen: 24
151.247.35.0/24 maxlen: 24
151.247.101.0/24 maxlen: 24
151.247.108.0/24 maxlen: 24
151.247.246.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:87:5d:7d:86:18:54:d6:90:1b:d7:07:33:a6:67:97:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Apr 13 15:02:24 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=9ac26811bbfa9fe7e47f1515a5d7bd06424fa298
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:68:05:a9:57:75:5a:78:52:12:7d:52:43:ea:
da:d0:0d:02:b9:54:7c:4d:8c:14:59:f4:a7:bb:8f:
d6:74:7f:08:f4:23:d2:7b:06:d6:7e:42:e8:16:12:
42:a9:e9:8e:04:a6:65:6d:34:50:ca:79:8c:38:d6:
c5:ac:a4:32:02:93:c3:e4:aa:fd:52:ec:67:bb:79:
05:2a:82:da:e3:68:39:51:8a:f0:76:2d:c4:6b:80:
b4:18:e2:bd:d0:4a:bf:73:36:a4:33:8b:4c:b3:71:
fd:80:8d:bb:5e:d0:4e:ea:c0:a5:bf:13:cf:5e:70:
52:ce:51:7f:35:e9:4e:64:b0:db:80:fd:c2:74:99:
c7:2c:e7:5d:a9:82:f6:e7:73:58:b9:2d:db:0f:1f:
c7:ec:52:75:32:ac:64:b3:3e:7e:a0:b6:72:af:27:
b5:c8:89:01:e7:8d:15:62:fc:e1:5a:5d:4c:86:74:
88:48:0c:84:41:d3:f7:5f:04:01:b2:9b:37:64:f2:
e6:ec:ed:80:c8:8f:3e:3b:3c:ea:cd:90:83:29:16:
e6:45:a9:59:6b:b5:a7:24:33:60:90:36:0d:5e:70:
1a:40:6a:47:41:35:45:89:62:1b:00:60:78:c2:30:
6f:11:a0:92:aa:2a:72:9f:0c:66:42:66:51:26:fd:
26:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:C2:68:11:BB:FA:9F:E7:E4:7F:15:15:A5:D7:BD:06:42:4F:A2:98
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/msJoEbv6n-fkfxUVpde9BkJPopg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.202.202.0/24
151.240.2.0/24
151.241.33.0/24
151.241.43.0/24
151.241.48.0/24
151.242.26.0/24
151.243.26.0/24
151.244.42.0/24
151.244.69.0/24
151.245.69.0/24
151.245.166.0/24
151.245.177.0/24
151.246.224.0/24
151.246.230.0/24
151.246.234.0/24
151.247.35.0/24
151.247.101.0/24
151.247.108.0/24
151.247.246.0/24
Signature Algorithm: sha256WithRSAEncryption
30:39:94:45:53:52:07:63:b8:0f:bb:81:4d:9d:81:9c:59:56:
06:c3:b6:13:ff:b1:02:ef:01:1e:d9:49:8d:a0:33:8e:63:f3:
db:26:43:f0:a9:10:39:be:47:22:5b:35:44:ad:7f:fe:e0:a3:
74:61:30:4a:f3:8d:13:2d:cf:f1:f7:3c:6e:67:52:08:45:cb:
fa:66:4b:e9:f0:4d:e5:ca:1e:64:ef:2d:69:cd:e2:37:f3:01:
78:c4:5f:54:95:26:c3:32:fd:27:c5:15:e3:84:49:dc:b1:f3:
ab:0f:ac:7a:c0:e6:36:c5:01:8f:d2:1d:37:cb:41:f4:d2:65:
a1:bb:9c:48:c2:76:ff:1f:7e:6f:10:68:28:e2:46:c0:8b:e9:
d3:87:59:42:f5:a5:15:78:5a:46:b0:56:97:7d:06:fd:a8:7b:
d4:fb:ed:8d:06:1c:e2:9e:a0:47:35:6a:b1:b1:9c:36:e3:11:
15:2e:8c:f9:32:ce:a9:69:fc:a1:9c:be:11:b1:a9:34:35:21:
93:f5:40:62:e2:e7:69:d3:09:a7:b0:73:83:63:55:e0:20:3a:
ec:b9:7f:dd:b6:a1:37:9a:da:0e:60:82:91:c5:1f:69:9c:e8:
40:64:20:69:a3:e5:6b:e8:1d:0f:47:97:bb:8c:f0:67:91:f1:
52:b2:91:0f
-----BEGIN CERTIFICATE-----
MIIFajCCBFKgAwIBAgISAZ2HXX2GGFTWkBvXBzOmZ5fJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjYwNDEzMTUwMjI0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YWMyNjgxMWJiZmE5ZmU3ZTQ3ZjE1MTVhNWQ3YmQwNjQyNGZhMjk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5mgFqVd1WnhSEn1SQ+ra0A0CuVR8
TYwUWfSnu4/WdH8I9CPSewbWfkLoFhJCqemOBKZlbTRQynmMONbFrKQyApPD5Kr9
Uuxnu3kFKoLa42g5UYrwdi3Ea4C0GOK90Eq/czakM4tMs3H9gI27XtBO6sClvxPP
XnBSzlF/NelOZLDbgP3CdJnHLOddqYL253NYuS3bDx/H7FJ1Mqxksz5+oLZyrye1
yIkB540VYvzhWl1MhnSISAyEQdP3XwQBsps3ZPLm7O2AyI8+OzzqzZCDKRbmRalZ
a7WnJDNgkDYNXnAaQGpHQTVFiWIbAGB4wjBvEaCSqipynwxmQmZRJv0mJwIDAQAB
o4ICdjCCAnIwHQYDVR0OBBYEFJrCaBG7+p/n5H8VFaXXvQZCT6KYMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvbXNKb0VidjZuLWZrZnhVVnBkZTlCa0pQb3BnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGLBggrBgEFBQcBBwEB/wR8MHoweAQCAAEwcgMEACXKygME
AJfwAgMEAJfxIQMEAJfxKwMEAJfxMAMEAJfyGgMEAJfzGgMEAJf0KgMEAJf0RQME
AJf1RQMEAJf1pgMEAJf1sQMEAJf24AMEAJf25gMEAJf26gMEAJf3IwMEAJf3ZQME
AJf3bAMEAJf39jANBgkqhkiG9w0BAQsFAAOCAQEAMDmURVNSB2O4D7uBTZ2BnFlW
BsO2E/+xAu8BHtlJjaAzjmPz2yZD8KkQOb5HIls1RK1//uCjdGEwSvONEy3P8fc8
bmdSCEXL+mZL6fBN5coeZO8tac3iN/MBeMRfVJUmwzL9J8UV44RJ3LHzqw+sesDm
NsUBj9IdN8tB9NJlobucSMJ2/x9+bxBoKOJGwIvp04dZQvWlFXhaRrBWl30G/ah7
1PvtjQYc4p6gRzVqsbGcNuMRFS6M+TLOqWn8oZy+EbGpNDUhk/VAYuLnadMJp7Bz
g2NV4CA67Ll/3bahN5raDmCCkcUfaZzoQGQgaaPla+gdD0eXu4zwZ5HxUrKRDw==
-----END CERTIFICATE-----
Generated at Fri Apr 17 16:48:21 2026 by rpki-client