Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/SlgS2zxyKfW_qcYKWwoZKBDRB-k.roa
File: SlgS2zxyKfW_qcYKWwoZKBDRB-k.roa (raw, json)
Hash identifier: cKfGNE841zVRVI/wrUuzuL5Y5spW3MIBjny6J4lpc1g=
Subject key identifier: 4A:58:12:DB:3C:72:29:F5:BF:A9:C6:0A:5B:0A:19:28:10:D1:07:E9
Certificate issuer: /CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Certificate serial: 019D297FDE05E0CE827030BD6A5C70384FCD
Authority key identifier: FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/SlgS2zxyKfW_qcYKWwoZKBDRB-k.roa
Signing time: Thu 26 Mar 2026 09:35:38 +0000
ROA not before: Thu 26 Mar 2026 09:35:38 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 34450
IP address blocks: 86.106.80.0/24 maxlen: 24
86.106.104.0/24 maxlen: 24
89.34.8.0/21 maxlen: 21
89.43.46.0/24 maxlen: 24
89.44.209.0/24 maxlen: 24
93.113.158.0/24 maxlen: 24
93.114.99.0/24 maxlen: 24
93.114.171.0/24 maxlen: 24
93.114.187.0/24 maxlen: 24
188.213.18.0/24 maxlen: 24
188.215.73.0/24 maxlen: 24
188.215.95.0/24 maxlen: 24
188.240.14.0/24 maxlen: 24
2a05:b680:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.crl
rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.mft
rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 16:32:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:29:7f:de:05:e0:ce:82:70:30:bd:6a:5c:70:38:4f:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Validity
Not Before: Mar 26 09:35:38 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=4a5812db3c7229f5bfa9c60a5b0a192810d107e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:e6:ee:33:27:2d:4a:8b:e1:4b:a1:9f:e7:3c:
c6:5e:cd:30:5e:26:27:9b:ef:21:5a:de:d5:92:7d:
11:e4:b9:55:85:4c:1f:e4:3c:b4:cc:88:41:72:76:
72:70:ca:ef:a3:f8:e5:1e:06:5a:2c:0e:ec:ce:03:
66:fc:23:53:79:45:5d:96:df:47:99:45:6c:6f:1d:
c4:66:86:f4:d5:45:59:5b:bb:50:a1:4a:0d:f2:44:
7f:96:19:98:db:01:b6:cb:88:52:58:92:b4:7a:26:
e5:8b:97:a6:ee:23:9c:81:6f:dc:c4:4f:86:9d:22:
df:f2:cd:f3:2a:a9:f9:03:69:26:c8:40:6b:5d:78:
4d:d2:ba:5d:e8:65:b6:17:b3:fa:31:4c:76:8b:e2:
df:dc:de:bc:5d:06:91:1d:b2:33:2f:a6:19:af:61:
93:c1:29:b4:91:31:13:89:46:2c:fd:1c:4d:58:77:
25:87:6c:05:28:73:33:bc:be:46:a0:8f:74:69:51:
51:bb:28:20:ad:6b:7b:5b:64:fd:9b:77:39:4c:44:
a7:49:74:3f:08:17:e9:9a:47:9a:31:70:98:c9:9c:
fd:47:b1:a5:02:c8:11:96:0e:a3:37:fb:53:a6:95:
42:37:80:5a:fa:2b:31:52:39:52:aa:7d:ba:65:be:
7d:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:58:12:DB:3C:72:29:F5:BF:A9:C6:0A:5B:0A:19:28:10:D1:07:E9
X509v3 Authority Key Identifier:
keyid:FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/SlgS2zxyKfW_qcYKWwoZKBDRB-k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.106.80.0/24
86.106.104.0/24
89.34.8.0/21
89.43.46.0/24
89.44.209.0/24
93.113.158.0/24
93.114.99.0/24
93.114.171.0/24
93.114.187.0/24
188.213.18.0/24
188.215.73.0/24
188.215.95.0/24
188.240.14.0/24
IPv6:
2a05:b680:1::/48
Signature Algorithm: sha256WithRSAEncryption
11:fd:4c:7a:d8:f3:6d:ef:36:1c:ee:15:79:2d:99:10:8c:8d:
58:5c:aa:23:9c:85:1a:0e:32:95:a3:24:eb:55:23:3d:c5:61:
f7:8a:55:c9:c7:63:87:c1:ee:e6:5b:bf:5f:70:50:58:82:4d:
5d:ab:ef:6a:82:7e:d3:61:24:bd:de:8e:34:c3:38:a0:1b:12:
be:ad:75:cc:44:e0:88:2e:07:18:4d:00:41:f3:63:1b:1e:6f:
21:aa:0f:97:40:a5:a0:55:19:bb:66:09:90:37:36:e3:69:da:
d8:78:73:aa:47:31:fe:f6:f4:5a:a6:01:91:db:9e:18:12:cb:
e7:d5:b0:06:01:c5:1a:06:9c:39:48:46:3a:25:85:03:2d:71:
a1:ee:76:9b:9c:73:2d:7e:e6:45:66:39:a4:00:bb:5c:fa:d8:
cc:d1:a4:80:67:d6:ef:75:5c:ca:41:73:fa:44:c3:ed:39:3f:
f7:bc:8e:31:88:08:f2:d5:23:92:20:1f:c5:60:6a:e8:12:d9:
ea:97:2c:b2:39:c5:21:3d:ce:75:e6:ac:38:ad:5a:0d:5b:d3:
d7:01:3e:a7:08:cf:5d:b7:4c:9d:da:fa:25:d2:3a:9c:49:de:
6e:4c:fc:97:87:b8:1a:43:13:09:4f:33:07:72:55:55:3c:94:
30:e9:5b:33
-----BEGIN CERTIFICATE-----
MIIFVjCCBD6gAwIBAgISAZ0pf94F4M6CcDC9alxwOE/NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlNTg5NTJkMzkzOTM1ZjBkM2JjZTgxNGZkOTE3OGQwNDY5
M2FlYjkwHhcNMjYwMzI2MDkzNTM4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTU4MTJkYjNjNzIyOWY1YmZhOWM2MGE1YjBhMTkyODEwZDEwN2U5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvubuMyctSovhS6Gf5zzGXs0wXiYn
m+8hWt7Vkn0R5LlVhUwf5Dy0zIhBcnZycMrvo/jlHgZaLA7szgNm/CNTeUVdlt9H
mUVsbx3EZob01UVZW7tQoUoN8kR/lhmY2wG2y4hSWJK0eibli5em7iOcgW/cxE+G
nSLf8s3zKqn5A2kmyEBrXXhN0rpd6GW2F7P6MUx2i+Lf3N68XQaRHbIzL6YZr2GT
wSm0kTETiUYs/RxNWHclh2wFKHMzvL5GoI90aVFRuyggrWt7W2T9m3c5TESnSXQ/
CBfpmkeaMXCYyZz9R7GlAsgRlg6jN/tTppVCN4Ba+isxUjlSqn26Zb59mwIDAQAB
o4ICYjCCAl4wHQYDVR0OBBYEFEpYEts8cin1v6nGClsKGSgQ0QfpMB8GA1UdIwQY
MBaAFP5YlS05OTXw07zoFP2ReNBGk665MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUt
NWQ0OGI2NWNlNTczLzEvU2xnUzJ6eHlLZldfcWNZS1d3b1pLQkRSQi1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUtNWQ0OGI2NWNlNTcz
LzEvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHgGCCsGAQUFBwEHAQH/BGkwZzBUBAIAATBOAwQAVmpQAwQA
VmpoAwQDWSIIAwQAWSsuAwQAWSzRAwQAXXGeAwQAXXJjAwQAXXKrAwQAXXK7AwQA
vNUSAwQAvNdJAwQAvNdfAwQAvPAOMA8EAgACMAkDBwAqBbaAAAEwDQYJKoZIhvcN
AQELBQADggEBABH9THrY823vNhzuFXktmRCMjVhcqiOchRoOMpWjJOtVIz3FYfeK
VcnHY4fB7uZbv19wUFiCTV2r72qCftNhJL3ejjTDOKAbEr6tdcxE4IguBxhNAEHz
YxsebyGqD5dApaBVGbtmCZA3NuNp2th4c6pHMf729FqmAZHbnhgSy+fVsAYBxRoG
nDlIRjolhQMtcaHudpuccy1+5kVmOaQAu1z62MzRpIBn1u91XMpBc/pEw+05P/e8
jjGICPLVI5IgH8VgaugS2eqXLLI5xSE9znXmrDitWg1b09cBPqcIz123TJ3a+iXS
OpxJ3m5M/JeHuBpDEwlPMwdyVVU8lDDpWzM=
-----END CERTIFICATE-----
Generated at Thu Mar 26 21:13:39 2026 by rpki-client