Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/kXrnDrrXw0gd-OJbP7vZIX7txcA.roa
File: kXrnDrrXw0gd-OJbP7vZIX7txcA.roa (raw, json)
Hash identifier: cMD7c9cI2G1mbTCVBiFZQ31MU263PsRVZ4YEPrKvkcw=
Subject key identifier: 91:7A:E7:0E:BA:D7:C3:48:1D:F8:E2:5B:3F:BB:D9:21:7E:ED:C5:C0
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 019E3200439379A235B1F69878D07679AA87
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/kXrnDrrXw0gd-OJbP7vZIX7txcA.roa
Signing time: Sat 16 May 2026 18:15:38 +0000
ROA not before: Sat 16 May 2026 18:15:38 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 214693
IP address blocks: 37.202.197.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 03 Jun 2026 15:55:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:32:00:43:93:79:a2:35:b1:f6:98:78:d0:76:79:aa:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: May 16 18:15:38 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=917ae70ebad7c3481df8e25b3fbbd9217eedc5c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:ab:8d:e7:a1:ba:52:c2:28:58:40:9f:66:ae:
e7:f8:cc:2a:2c:0e:65:98:5e:80:d4:3a:5e:8b:a5:
ed:22:7b:5c:4e:9d:99:22:11:06:91:12:85:30:a7:
e7:d0:0f:87:16:83:0d:d2:35:cd:92:df:a1:ba:48:
06:89:55:b5:28:d1:4f:74:10:db:be:99:79:24:f3:
a5:5d:a9:9c:c5:96:5b:52:1e:19:9f:47:d5:92:50:
2c:1d:75:d9:35:69:09:9d:35:0b:9c:51:28:91:fb:
00:86:e6:fb:2d:df:63:94:8b:3f:f1:73:89:ce:17:
d4:09:45:b0:99:55:73:a8:34:2e:0d:72:7f:95:15:
b0:52:82:f2:1d:29:37:1f:56:5c:52:cf:3e:ce:1f:
1e:7d:cc:86:64:73:58:58:c7:e9:cc:a4:bf:a5:96:
47:0e:a7:65:4b:f1:ec:ab:cd:37:25:c6:09:1a:8b:
3c:cc:49:5a:f7:bc:f3:5c:de:8c:73:6a:db:c8:d1:
c9:1c:9f:8a:9d:51:07:ed:28:fe:1b:0e:a8:39:ed:
b3:76:96:43:d8:1d:ea:f5:65:7a:4f:b3:c2:9f:98:
0b:b1:b1:79:9d:c7:91:52:d7:1e:96:24:d3:1f:9a:
6b:1b:da:7d:79:14:68:6e:e4:a3:d2:ec:0c:63:54:
9e:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:7A:E7:0E:BA:D7:C3:48:1D:F8:E2:5B:3F:BB:D9:21:7E:ED:C5:C0
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/kXrnDrrXw0gd-OJbP7vZIX7txcA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.202.197.0/24
Signature Algorithm: sha256WithRSAEncryption
57:29:dd:bc:4c:e3:03:10:d5:d6:5a:7e:b2:a3:d6:34:ff:a8:
ca:7d:51:6c:1d:ce:1b:ee:27:75:8f:42:0b:10:4f:fe:fb:cf:
6a:d9:d8:25:b1:dc:d1:67:35:e5:8e:ae:c9:d6:7f:d8:74:dc:
c1:02:6c:7d:d0:b2:73:1e:1e:bd:5c:c2:21:2d:6d:24:5e:6c:
67:49:43:12:c2:4f:09:74:02:53:9e:4d:79:df:2b:d5:5f:7e:
85:d4:55:ff:c1:57:3b:61:03:e2:1b:6f:71:a5:bf:52:4a:ae:
cf:58:e3:8a:8b:c5:9a:09:99:b1:7e:37:df:64:b2:5b:5a:f8:
74:1e:04:e7:72:3b:ff:fd:93:29:b0:fb:04:78:f7:92:73:ae:
b5:58:64:41:65:b7:4c:eb:fa:27:c1:2f:99:64:ce:ae:7b:8d:
4b:b3:99:4a:d1:2a:54:6a:2f:c0:a8:e6:39:4e:3a:1f:33:23:
82:04:0f:50:54:17:4a:80:c5:e2:7d:28:d1:0e:94:0c:d0:ab:
e9:14:3e:87:bf:03:cb:e7:8b:19:73:95:59:77:ff:66:04:30:
9a:57:55:15:11:1e:25:03:41:76:ec:0e:91:bc:2c:5c:a9:db:
15:54:c8:1a:0d:a2:a2:b0:9b:fc:7d:b4:c5:8b:25:f5:02:7e:
17:73:20:91
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ4yAEOTeaI1sfaYeNB2eaqHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjYwNTE2MTgxNTM4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTdhZTcwZWJhZDdjMzQ4MWRmOGUyNWIzZmJiZDkyMTdlZWRjNWMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqauN56G6UsIoWECfZq7n+MwqLA5l
mF6A1Dpei6XtIntcTp2ZIhEGkRKFMKfn0A+HFoMN0jXNkt+hukgGiVW1KNFPdBDb
vpl5JPOlXamcxZZbUh4Zn0fVklAsHXXZNWkJnTULnFEokfsAhub7Ld9jlIs/8XOJ
zhfUCUWwmVVzqDQuDXJ/lRWwUoLyHSk3H1ZcUs8+zh8efcyGZHNYWMfpzKS/pZZH
DqdlS/Hsq803JcYJGos8zEla97zzXN6Mc2rbyNHJHJ+KnVEH7Sj+Gw6oOe2zdpZD
2B3q9WV6T7PCn5gLsbF5nceRUtceliTTH5prG9p9eRRobuSj0uwMY1SevwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJF65w6618NIHfjiWz+72SF+7cXAMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEva1hybkRyclh3MGdkLU9KYlA3dlpJWDd0eGNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAJcrFMA0G
CSqGSIb3DQEBCwUAA4IBAQBXKd28TOMDENXWWn6yo9Y0/6jKfVFsHc4b7id1j0IL
EE/++89q2dglsdzRZzXljq7J1n/YdNzBAmx90LJzHh69XMIhLW0kXmxnSUMSwk8J
dAJTnk153yvVX36F1FX/wVc7YQPiG29xpb9SSq7PWOOKi8WaCZmxfjffZLJbWvh0
HgTncjv//ZMpsPsEePeSc661WGRBZbdM6/onwS+ZZM6ue41Ls5lK0SpUai/AqOY5
TjofMyOCBA9QVBdKgMXifSjRDpQM0KvpFD6HvwPL54sZc5VZd/9mBDCaV1UVER4l
A0F27A6RvCxcqdsVVMgaDaKisJv8fbTFiyX1An4XcyCR
-----END CERTIFICATE-----
Generated at Tue Jun 2 21:32:19 2026 by rpki-client