Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/o1phr_TokN8nlFzjkVtLnR7iF9A.roa
File: o1phr_TokN8nlFzjkVtLnR7iF9A.roa (raw, json)
Hash identifier: 4dhVN9pkVDbwMTwCENUZdVyEvyUBzdIiOCn6ADU5HSs=
Subject key identifier: A3:5A:61:AF:F4:E8:90:DF:27:94:5C:E3:91:5B:4B:9D:1E:E2:17:D0
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019D8292A4CE102CBC199CD0B80A829FD4E7
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/o1phr_TokN8nlFzjkVtLnR7iF9A.roa
Signing time: Sun 12 Apr 2026 16:42:21 +0000
ROA not before: Sun 12 Apr 2026 16:42:21 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 9009
IP address blocks: 37.202.208.0/24 maxlen: 24
37.202.220.0/24 maxlen: 24
151.240.118.0/24 maxlen: 24
151.241.51.0/24 maxlen: 24
151.241.205.0/24 maxlen: 24
151.243.87.0/24 maxlen: 24
151.243.174.0/24 maxlen: 24
151.244.129.0/24 maxlen: 24
151.245.126.0/24 maxlen: 24
151.247.50.0/23 maxlen: 24
151.247.52.0/23 maxlen: 24
151.247.184.0/23 maxlen: 24
151.247.186.0/23 maxlen: 24
151.247.240.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:82:92:a4:ce:10:2c:bc:19:9c:d0:b8:0a:82:9f:d4:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Apr 12 16:42:21 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=a35a61aff4e890df27945ce3915b4b9d1ee217d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:87:d2:d4:96:69:8a:6f:24:bd:5a:d4:5d:57:
d0:86:6a:9e:19:8f:4e:1c:31:93:a7:29:1e:d1:2d:
e5:9d:2c:16:dd:ed:28:ff:34:f3:1d:93:77:5e:9f:
9f:5a:4e:94:46:56:a7:1e:62:50:fd:95:15:54:11:
df:5b:91:4d:a3:4a:b3:1d:dc:76:b9:7d:3f:be:6c:
5f:15:5a:b0:63:65:96:dc:3d:c0:01:56:30:a2:53:
c0:3b:95:d4:c8:45:c1:4b:63:e1:7c:83:cf:f1:d3:
a2:8c:64:35:85:af:d5:a0:72:ab:c6:28:8d:8d:e4:
31:26:08:c7:07:a2:a5:32:0c:92:f9:6a:15:f6:63:
a8:92:8a:05:70:7a:6f:3b:f9:84:c1:bf:73:b3:90:
04:50:ce:2c:a4:1d:4f:c0:b7:d7:93:e0:ca:77:c1:
be:66:2b:81:71:b2:e3:59:a8:e5:eb:43:79:36:b6:
20:51:6b:d5:96:19:a9:04:94:fb:31:0a:0e:6c:3f:
17:29:e2:91:f2:a7:75:0b:e0:61:92:83:e2:07:04:
74:71:28:7f:1a:19:7a:a3:69:a5:74:3c:cb:e5:c4:
f5:63:6f:8f:3a:55:b8:c4:fb:11:64:92:da:3c:09:
94:8d:23:15:e4:af:02:4f:25:ec:4b:15:3f:a2:e0:
3c:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:5A:61:AF:F4:E8:90:DF:27:94:5C:E3:91:5B:4B:9D:1E:E2:17:D0
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/o1phr_TokN8nlFzjkVtLnR7iF9A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.202.208.0/24
37.202.220.0/24
151.240.118.0/24
151.241.51.0/24
151.241.205.0/24
151.243.87.0/24
151.243.174.0/24
151.244.129.0/24
151.245.126.0/24
151.247.50.0-151.247.53.255
151.247.184.0/22
151.247.240.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:5c:aa:78:2d:8f:1d:5c:e2:c9:07:32:4a:3e:6a:04:95:c7:
34:18:7c:9e:ad:7e:16:25:be:33:cc:c7:2c:5f:7b:fd:8e:ee:
d6:f2:f0:41:04:28:55:9d:26:42:fc:18:41:d3:c4:c8:d3:54:
8e:5b:e7:c2:eb:93:2f:f6:9c:1b:c0:fe:86:39:2c:72:85:e4:
83:69:d6:9a:79:27:a1:da:5d:09:fe:89:14:dc:7b:23:b7:84:
5d:91:31:6c:90:23:5c:4b:77:14:57:31:ea:e8:52:66:e0:3c:
d1:29:92:6d:3c:22:bf:ce:b3:52:58:df:bc:77:3e:a0:95:33:
80:31:3f:cf:8c:37:24:70:f1:c2:71:60:ca:5e:20:a5:14:d0:
05:c2:ae:53:54:e5:f1:03:2b:ea:1a:f1:40:d8:f6:25:ce:f9:
fa:e7:36:2c:37:35:4b:06:46:c2:45:d3:d2:9c:84:83:0b:e0:
86:c7:1d:7f:9b:c6:3d:94:c1:c7:9b:ca:0a:a6:23:01:0f:33:
b8:7e:e0:52:c5:64:5b:e4:8e:7d:65:81:a6:60:71:67:26:27:
3e:7d:5b:58:23:c8:ca:1a:4c:82:90:46:c4:d3:7f:66:3f:5b:
3f:9d:d6:75:d6:99:c4:6f:72:92:02:a3:a0:84:56:2f:94:d4:
39:e3:19:50
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgISAZ2CkqTOECy8GZzQuAqCn9TnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjYwNDEyMTY0MjIxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzVhNjFhZmY0ZTg5MGRmMjc5NDVjZTM5MTViNGI5ZDFlZTIxN2QwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt4fS1JZpim8kvVrUXVfQhmqeGY9O
HDGTpyke0S3lnSwW3e0o/zTzHZN3Xp+fWk6URlanHmJQ/ZUVVBHfW5FNo0qzHdx2
uX0/vmxfFVqwY2WW3D3AAVYwolPAO5XUyEXBS2PhfIPP8dOijGQ1ha/VoHKrxiiN
jeQxJgjHB6KlMgyS+WoV9mOokooFcHpvO/mEwb9zs5AEUM4spB1PwLfXk+DKd8G+
ZiuBcbLjWajl60N5NrYgUWvVlhmpBJT7MQoObD8XKeKR8qd1C+BhkoPiBwR0cSh/
Ghl6o2mldDzL5cT1Y2+POlW4xPsRZJLaPAmUjSMV5K8CTyXsSxU/ouA8tQIDAQAB
o4ICUzCCAk8wHQYDVR0OBBYEFKNaYa/06JDfJ5Rc45FbS50e4hfQMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvbzFwaHJfVG9rTjhubEZ6amtWdExuUjdpRjlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGkGCCsGAQUFBwEHAQH/BFowWDBWBAIAATBQAwQAJcrQAwQA
JcrcAwQAl/B2AwQAl/EzAwQAl/HNAwQAl/NXAwQAl/OuAwQAl/SBAwQAl/V+MAwD
BAGX9zIDBAGX9zQDBAKX97gDBACX9/AwDQYJKoZIhvcNAQELBQADggEBAE1cqngt
jx1c4skHMko+agSVxzQYfJ6tfhYlvjPMxyxfe/2O7tby8EEEKFWdJkL8GEHTxMjT
VI5b58Lrky/2nBvA/oY5LHKF5INp1pp5J6HaXQn+iRTceyO3hF2RMWyQI1xLdxRX
MeroUmbgPNEpkm08Ir/Os1JY37x3PqCVM4AxP8+MNyRw8cJxYMpeIKUU0AXCrlNU
5fEDK+oa8UDY9iXO+frnNiw3NUsGRsJF09KchIML4IbHHX+bxj2UwcebygqmIwEP
M7h+4FLFZFvkjn1lgaZgcWcmJz59W1gjyMoaTIKQRsTTf2Y/Wz+d1nXWmcRvcpIC
o6CEVi+U1DnjGVA=
-----END CERTIFICATE-----
Generated at Fri Apr 17 13:38:25 2026 by rpki-client