Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/9b60e5-f98f-4ac6-98a5-f2f426efe039/1/SGD5GcL8l9REwij1xB0V3ArZ6IM.roa
File: SGD5GcL8l9REwij1xB0V3ArZ6IM.roa (raw, json)
Hash identifier: CbbI/yFIt3p0EMou0tP1jzrb/qN0JlHcNbbxYjLJqoA=
Subject key identifier: 48:60:F9:19:C2:FC:97:D4:44:C2:28:F5:C4:1D:15:DC:0A:D9:E8:83
Certificate issuer: /CN=8b7f81a6e782e211189c4f34e459b4226c75f4a6
Certificate serial: 019D298BC410D512CD8CC0E1FAA1C3C51406
Authority key identifier: 8B:7F:81:A6:E7:82:E2:11:18:9C:4F:34:E4:59:B4:22:6C:75:F4:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i3-BpueC4hEYnE805Fm0Imx19KY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/9b60e5-f98f-4ac6-98a5-f2f426efe039/1/SGD5GcL8l9REwij1xB0V3ArZ6IM.roa
Signing time: Thu 26 Mar 2026 09:48:38 +0000
ROA not before: Thu 26 Mar 2026 09:48:38 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 199236
IP address blocks: 45.128.173.0/24 maxlen: 24
91.211.240.0/24 maxlen: 24
91.211.241.0/24 maxlen: 24
91.211.242.0/24 maxlen: 24
91.211.243.0/24 maxlen: 24
185.4.120.0/24 maxlen: 24
185.4.121.0/24 maxlen: 24
185.4.122.0/24 maxlen: 24
185.4.123.0/24 maxlen: 24
194.113.24.0/24 maxlen: 24
195.54.172.0/24 maxlen: 24
195.54.173.0/24 maxlen: 24
217.175.192.0/24 maxlen: 24
217.175.194.0/24 maxlen: 24
2a02:7040::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/26/9b60e5-f98f-4ac6-98a5-f2f426efe039/1/i3-BpueC4hEYnE805Fm0Imx19KY.crl
rsync://rpki.ripe.net/repository/DEFAULT/26/9b60e5-f98f-4ac6-98a5-f2f426efe039/1/i3-BpueC4hEYnE805Fm0Imx19KY.mft
rsync://rpki.ripe.net/repository/DEFAULT/i3-BpueC4hEYnE805Fm0Imx19KY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 16:32:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:29:8b:c4:10:d5:12:cd:8c:c0:e1:fa:a1:c3:c5:14:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b7f81a6e782e211189c4f34e459b4226c75f4a6
Validity
Not Before: Mar 26 09:48:38 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=4860f919c2fc97d444c228f5c41d15dc0ad9e883
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:f1:55:87:be:a7:f8:8e:fb:88:d2:07:a2:23:
9c:9a:3b:d6:fc:d7:61:91:22:32:c7:a6:26:cd:e7:
e7:e0:2d:80:07:f6:31:4f:84:08:f6:c5:63:61:6a:
96:c9:b8:4b:90:74:7b:f5:fe:31:a5:6d:1d:2a:3f:
3d:81:b6:b6:a7:41:a3:90:6d:a9:a4:41:46:3d:28:
43:f4:35:9b:ba:5f:49:5b:b2:c1:b2:ac:6d:c1:a0:
ef:d4:50:b3:4a:29:ac:c7:b6:a4:80:e5:ee:77:27:
e7:d3:22:54:07:9d:82:f2:3b:cc:e8:1e:2d:ad:f9:
d3:ac:2a:ce:be:b9:f2:10:c6:76:3b:65:8b:30:e0:
d2:66:e3:07:1c:42:04:7b:12:2b:81:14:05:b8:76:
ad:f1:36:da:d3:6d:4c:14:ef:63:f7:c8:79:71:6c:
2a:e9:62:61:4d:00:32:c3:8d:d6:a0:2f:81:e8:ae:
98:7c:f9:68:50:c3:83:59:64:c0:ce:5a:bf:c1:b6:
52:20:4e:1d:87:f7:ef:ff:f0:90:28:cf:ab:48:c3:
9b:a6:86:4a:f0:fc:49:dd:70:aa:24:44:f5:9b:30:
70:3f:f7:51:a4:76:e1:9c:73:26:2e:2a:d9:98:3a:
c5:6f:d1:79:94:24:b7:3e:d6:9f:a5:7d:c5:68:2c:
e7:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:60:F9:19:C2:FC:97:D4:44:C2:28:F5:C4:1D:15:DC:0A:D9:E8:83
X509v3 Authority Key Identifier:
keyid:8B:7F:81:A6:E7:82:E2:11:18:9C:4F:34:E4:59:B4:22:6C:75:F4:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i3-BpueC4hEYnE805Fm0Imx19KY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/9b60e5-f98f-4ac6-98a5-f2f426efe039/1/SGD5GcL8l9REwij1xB0V3ArZ6IM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/9b60e5-f98f-4ac6-98a5-f2f426efe039/1/i3-BpueC4hEYnE805Fm0Imx19KY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.128.173.0/24
91.211.240.0/22
185.4.120.0/22
194.113.24.0/24
195.54.172.0/23
217.175.192.0/24
217.175.194.0/24
IPv6:
2a02:7040::/32
Signature Algorithm: sha256WithRSAEncryption
78:13:bd:bd:26:63:05:a4:f1:1b:b9:eb:49:2b:48:9a:dd:a5:
37:c1:a8:76:40:1e:ad:a8:d4:d8:55:88:df:02:97:15:2c:46:
48:a2:4b:9e:8f:32:32:be:1c:35:a1:52:cd:7a:10:98:21:fa:
59:17:f7:77:0a:5a:4e:c9:36:0e:5f:13:9b:4d:50:f4:e1:97:
3e:63:d5:6a:9e:c9:46:c4:0a:fe:40:af:48:4d:ee:89:ae:c9:
91:a8:60:5c:f9:b5:c4:f2:c4:1f:30:bb:70:91:06:f3:0f:56:
71:e1:0d:b5:16:23:22:7c:2e:e3:f8:fd:29:d8:9e:44:e3:46:
53:5b:02:af:d8:f7:3e:9b:4d:1e:6a:c6:de:09:64:1c:cf:1d:
f6:08:93:9c:5f:77:d0:3d:88:f5:14:d5:6b:25:1c:1a:23:cf:
cf:6d:04:60:63:dc:ab:06:ed:a9:35:91:4f:f2:f9:33:91:c8:
62:a6:85:fd:79:60:31:b2:c5:e8:eb:12:c4:53:d0:7c:d1:41:
ff:a6:f2:8a:a4:9e:17:71:1f:11:66:0d:e9:39:19:9c:ae:7e:
e8:a0:d6:98:cf:5b:91:e1:1d:89:c7:84:30:7f:3c:55:69:b8:
35:ae:74:7e:e3:9f:ad:1b:2f:b4:c7:c6:5e:fa:7b:ef:b5:97:
0a:3b:ea:51
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAZ0pi8QQ1RLNjMDh+qHDxRQGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiN2Y4MWE2ZTc4MmUyMTExODljNGYzNGU0NTliNDIyNmM3
NWY0YTYwHhcNMjYwMzI2MDk0ODM4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODYwZjkxOWMyZmM5N2Q0NDRjMjI4ZjVjNDFkMTVkYzBhZDllODgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxvFVh76n+I77iNIHoiOcmjvW/Ndh
kSIyx6Ymzefn4C2AB/YxT4QI9sVjYWqWybhLkHR79f4xpW0dKj89gba2p0GjkG2p
pEFGPShD9DWbul9JW7LBsqxtwaDv1FCzSimsx7akgOXudyfn0yJUB52C8jvM6B4t
rfnTrCrOvrnyEMZ2O2WLMODSZuMHHEIEexIrgRQFuHat8Tba021MFO9j98h5cWwq
6WJhTQAyw43WoC+B6K6YfPloUMODWWTAzlq/wbZSIE4dh/fv//CQKM+rSMObpoZK
8PxJ3XCqJET1mzBwP/dRpHbhnHMmLirZmDrFb9F5lCS3PtafpX3FaCzn9wIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFEhg+RnC/JfURMIo9cQdFdwK2eiDMB8GA1UdIwQY
MBaAFIt/gabnguIRGJxPNORZtCJsdfSmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTMtQnB1ZUM0aEVZbkU4MDVGbTBJbXgxOUtZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi85YjYwZTUtZjk4Zi00YWM2LTk4YTUt
ZjJmNDI2ZWZlMDM5LzEvU0dENUdjTDhsOVJFd2lqMXhCMFYzQXJaNklNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi85YjYwZTUtZjk4Zi00YWM2LTk4YTUtZjJmNDI2ZWZlMDM5
LzEvaTMtQnB1ZUM0aEVZbkU4MDVGbTBJbXgxOUtZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQALYCtAwQC
W9PwAwQCuQR4AwQAwnEYAwQBwzasAwQA2a/AAwQA2a/CMA0EAgACMAcDBQAqAnBA
MA0GCSqGSIb3DQEBCwUAA4IBAQB4E729JmMFpPEbuetJK0ia3aU3wah2QB6tqNTY
VYjfApcVLEZIokuejzIyvhw1oVLNehCYIfpZF/d3ClpOyTYOXxObTVD04Zc+Y9Vq
nslGxAr+QK9ITe6JrsmRqGBc+bXE8sQfMLtwkQbzD1Zx4Q21FiMifC7j+P0p2J5E
40ZTWwKv2Pc+m00easbeCWQczx32CJOcX3fQPYj1FNVrJRwaI8/PbQRgY9yrBu2p
NZFP8vkzkchipoX9eWAxssXo6xLEU9B80UH/pvKKpJ4XcR8RZg3pORmcrn7ooNaY
z1uR4R2Jx4QwfzxVabg1rnR+45+tGy+0x8Ze+nvvtZcKO+pR
-----END CERTIFICATE-----
Generated at Thu Mar 26 22:24:36 2026 by rpki-client