Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/SqqKkbu3H7G8VQvSBHfjeVHIyx0.roa
File: SqqKkbu3H7G8VQvSBHfjeVHIyx0.roa (raw, json)
Hash identifier: YutmRApO4qLJhVDkqt3PtxMPj5j65A/F0Hn/Y3Q+ix4=
Subject key identifier: 4A:AA:8A:91:BB:B7:1F:B1:BC:55:0B:D2:04:77:E3:79:51:C8:CB:1D
Certificate issuer: /CN=4b9331fa7be470dc179e16c306e98c6c731a575c
Certificate serial: 019D0517A8DDE1D252E282814DA9A0F09AEF
Authority key identifier: 4B:93:31:FA:7B:E4:70:DC:17:9E:16:C3:06:E9:8C:6C:73:1A:57:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S5Mx-nvkcNwXnhbDBumMbHMaV1w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/SqqKkbu3H7G8VQvSBHfjeVHIyx0.roa
Signing time: Thu 19 Mar 2026 07:55:29 +0000
ROA not before: Thu 19 Mar 2026 07:55:29 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 54994
IP address blocks: 140.150.0.0/24 maxlen: 24
140.150.1.0/24 maxlen: 24
140.150.2.0/24 maxlen: 24
140.150.3.0/24 maxlen: 24
140.150.4.0/24 maxlen: 24
140.150.5.0/24 maxlen: 24
140.150.6.0/24 maxlen: 24
140.150.7.0/24 maxlen: 24
140.150.8.0/24 maxlen: 24
140.150.10.0/24 maxlen: 24
140.150.11.0/24 maxlen: 24
140.150.12.0/24 maxlen: 24
140.150.13.0/24 maxlen: 24
140.150.14.0/24 maxlen: 24
140.150.15.0/24 maxlen: 24
140.150.16.0/24 maxlen: 24
140.150.18.0/24 maxlen: 24
140.150.19.0/24 maxlen: 24
140.150.20.0/24 maxlen: 24
140.150.21.0/24 maxlen: 24
140.150.22.0/24 maxlen: 24
140.150.23.0/24 maxlen: 24
140.150.24.0/24 maxlen: 24
140.150.25.0/24 maxlen: 24
140.150.26.0/24 maxlen: 24
140.150.27.0/24 maxlen: 24
140.150.28.0/24 maxlen: 24
140.150.29.0/24 maxlen: 24
140.150.30.0/24 maxlen: 24
140.150.31.0/24 maxlen: 24
140.150.32.0/24 maxlen: 24
140.150.33.0/24 maxlen: 24
140.150.34.0/24 maxlen: 24
140.150.35.0/24 maxlen: 24
140.150.36.0/24 maxlen: 24
140.150.37.0/24 maxlen: 24
140.150.38.0/24 maxlen: 24
140.150.40.0/24 maxlen: 24
140.150.41.0/24 maxlen: 24
140.150.42.0/24 maxlen: 24
140.150.43.0/24 maxlen: 24
140.150.44.0/24 maxlen: 24
140.150.46.0/24 maxlen: 24
140.150.47.0/24 maxlen: 24
146.103.64.0/24 maxlen: 24
146.103.65.0/24 maxlen: 24
146.103.66.0/24 maxlen: 24
146.103.67.0/24 maxlen: 24
146.103.68.0/24 maxlen: 24
146.103.71.0/24 maxlen: 24
146.103.72.0/24 maxlen: 24
146.103.73.0/24 maxlen: 24
146.103.74.0/24 maxlen: 24
146.103.75.0/24 maxlen: 24
146.103.76.0/24 maxlen: 24
146.103.77.0/24 maxlen: 24
146.103.78.0/24 maxlen: 24
146.103.79.0/24 maxlen: 24
146.103.80.0/24 maxlen: 24
146.103.81.0/24 maxlen: 24
146.103.82.0/24 maxlen: 24
146.103.83.0/24 maxlen: 24
146.103.84.0/24 maxlen: 24
146.103.85.0/24 maxlen: 24
146.103.86.0/24 maxlen: 24
146.103.87.0/24 maxlen: 24
146.103.88.0/24 maxlen: 24
146.103.89.0/24 maxlen: 24
146.103.90.0/24 maxlen: 24
146.103.91.0/24 maxlen: 24
146.103.92.0/24 maxlen: 24
146.103.93.0/24 maxlen: 24
146.103.94.0/24 maxlen: 24
146.103.95.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/S5Mx-nvkcNwXnhbDBumMbHMaV1w.crl
rsync://rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/S5Mx-nvkcNwXnhbDBumMbHMaV1w.mft
rsync://rpki.ripe.net/repository/DEFAULT/S5Mx-nvkcNwXnhbDBumMbHMaV1w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:05:17:a8:dd:e1:d2:52:e2:82:81:4d:a9:a0:f0:9a:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b9331fa7be470dc179e16c306e98c6c731a575c
Validity
Not Before: Mar 19 07:55:29 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=4aaa8a91bbb71fb1bc550bd20477e37951c8cb1d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:a4:63:7e:f5:eb:b2:0c:74:43:e1:20:72:c0:
07:83:9c:fe:76:4d:34:2c:c8:80:08:fe:0a:63:c4:
01:d0:24:51:0f:ac:78:27:1b:0a:e6:a5:0b:d9:e6:
61:79:8d:70:c7:31:41:52:2a:e3:f3:30:d9:6e:c3:
ca:cf:98:a2:ce:44:11:a9:d5:5e:64:da:f1:14:ff:
9a:12:86:29:f4:1f:89:47:1e:56:a9:f5:50:91:d7:
cb:bb:a6:ec:a9:95:bd:03:ec:84:88:f7:14:6d:6a:
48:4a:23:ee:f9:14:86:a9:5c:54:69:f3:c8:e7:b8:
b2:8b:d8:68:9b:16:ca:19:c4:de:39:4e:f0:b4:29:
70:a4:08:48:1a:a3:fd:21:0e:3c:37:0a:f7:e4:1b:
34:c2:f4:e4:de:3a:68:3b:da:ca:ca:c1:3d:36:ab:
df:53:42:32:85:fc:0e:f6:c3:7b:31:39:56:bd:3d:
5f:85:10:7f:02:ca:ff:9d:3c:23:9e:e2:c3:dd:ae:
92:5c:91:c8:bd:6f:22:e1:a4:f9:fb:bb:e8:5b:6b:
bb:bc:3c:89:4a:d1:fd:77:79:39:2d:e4:32:bb:4b:
ff:71:3b:21:19:b0:e4:d9:66:60:71:18:28:c4:5e:
19:70:c8:41:3d:bb:3d:8a:85:d6:05:1e:b7:7e:85:
0a:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:AA:8A:91:BB:B7:1F:B1:BC:55:0B:D2:04:77:E3:79:51:C8:CB:1D
X509v3 Authority Key Identifier:
keyid:4B:93:31:FA:7B:E4:70:DC:17:9E:16:C3:06:E9:8C:6C:73:1A:57:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S5Mx-nvkcNwXnhbDBumMbHMaV1w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/SqqKkbu3H7G8VQvSBHfjeVHIyx0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/S5Mx-nvkcNwXnhbDBumMbHMaV1w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
140.150.0.0-140.150.8.255
140.150.10.0-140.150.16.255
140.150.18.0-140.150.38.255
140.150.40.0-140.150.44.255
140.150.46.0/23
146.103.64.0-146.103.68.255
146.103.71.0-146.103.95.255
Signature Algorithm: sha256WithRSAEncryption
a7:e2:d4:26:8f:22:43:b8:f7:5d:8f:94:fc:5c:f7:dc:eb:c1:
1f:39:87:10:41:b9:59:5b:25:13:62:b6:a9:56:da:5a:20:63:
51:28:c4:0a:86:56:bd:cd:db:18:b8:9a:fb:0f:e7:09:11:23:
4a:9f:6f:b0:22:77:dd:05:f2:62:50:9f:de:cb:50:e9:71:93:
67:0d:65:d7:eb:7c:9e:0b:6e:6e:6b:7e:a2:c1:d0:ee:d7:d1:
c2:fa:5b:f7:2d:17:7e:ad:19:1f:82:f7:32:13:a2:98:84:c9:
b5:67:76:43:82:d7:25:f3:d3:56:1f:4b:b8:26:18:77:cc:5d:
88:c2:0b:3f:71:08:41:c6:b7:bd:cf:58:03:a5:93:ef:c0:db:
e6:17:28:e9:ef:04:ab:d0:0c:af:5e:f2:42:7a:ca:60:0a:c5:
a4:c8:ec:4b:d2:e1:1b:dd:4f:af:f2:f5:86:93:d3:ed:73:54:
13:e8:06:e1:08:4d:37:9f:f6:b6:c9:75:bb:e3:9a:99:94:2a:
2f:cb:f9:c6:80:77:e7:2f:51:a2:cd:6b:8c:a1:1a:f4:6f:9c:
8e:40:e3:5a:90:87:94:2d:f2:32:60:1f:2e:a2:c3:1e:7a:a8:
f0:79:88:ba:19:c2:df:a0:3d:b3:fa:31:8f:d4:2c:51:91:d7:
7f:07:85:a1
-----BEGIN CERTIFICATE-----
MIIFUDCCBDigAwIBAgISAZ0FF6jd4dJS4oKBTamg8JrvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiOTMzMWZhN2JlNDcwZGMxNzllMTZjMzA2ZTk4YzZjNzMx
YTU3NWMwHhcNMjYwMzE5MDc1NTI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YWFhOGE5MWJiYjcxZmIxYmM1NTBiZDIwNDc3ZTM3OTUxYzhjYjFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0qRjfvXrsgx0Q+EgcsAHg5z+dk00
LMiACP4KY8QB0CRRD6x4JxsK5qUL2eZheY1wxzFBUirj8zDZbsPKz5iizkQRqdVe
ZNrxFP+aEoYp9B+JRx5WqfVQkdfLu6bsqZW9A+yEiPcUbWpISiPu+RSGqVxUafPI
57iyi9homxbKGcTeOU7wtClwpAhIGqP9IQ48Nwr35Bs0wvTk3jpoO9rKysE9Nqvf
U0IyhfwO9sN7MTlWvT1fhRB/Asr/nTwjnuLD3a6SXJHIvW8i4aT5+7voW2u7vDyJ
StH9d3k5LeQyu0v/cTshGbDk2WZgcRgoxF4ZcMhBPbs9ioXWBR63foUKCQIDAQAB
o4ICXDCCAlgwHQYDVR0OBBYEFEqqipG7tx+xvFUL0gR343lRyMsdMB8GA1UdIwQY
MBaAFEuTMfp75HDcF54WwwbpjGxzGldcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzVNeC1udmtjTndYbmhiREJ1bU1iSE1hVjF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC81YjQ4YTctYTBkNy00M2YyLWEzNjIt
OGIyYjQ3MzhiMWNjLzEvU3FxS2tidTNIN0c4VlF2U0JIZmplVkhJeXgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC81YjQ4YTctYTBkNy00M2YyLWEzNjItOGIyYjQ3MzhiMWNj
LzEvUzVNeC1udmtjTndYbmhiREJ1bU1iSE1hVjF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHIGCCsGAQUFBwEHAQH/BGMwYTBfBAIAATBZMAsDAwGMlgME
AIyWCDAMAwQBjJYKAwQAjJYQMAwDBAGMlhIDBACMliYwDAMEA4yWKAMEAIyWLAME
AYyWLjAMAwQGkmdAAwQAkmdEMAwDBACSZ0cDBAWSZ0AwDQYJKoZIhvcNAQELBQAD
ggEBAKfi1CaPIkO4912PlPxc99zrwR85hxBBuVlbJRNitqlW2logY1EoxAqGVr3N
2xi4mvsP5wkRI0qfb7Aid90F8mJQn97LUOlxk2cNZdfrfJ4Lbm5rfqLB0O7X0cL6
W/ctF36tGR+C9zITopiEybVndkOC1yXz01YfS7gmGHfMXYjCCz9xCEHGt73PWAOl
k+/A2+YXKOnvBKvQDK9e8kJ6ymAKxaTI7EvS4RvdT6/y9YaT0+1zVBPoBuEITTef
9rbJdbvjmpmUKi/L+caAd+cvUaLNa4yhGvRvnI5A41qQh5Qt8jJgHy6iwx56qPB5
iLoZwt+gPbP6MY/ULFGR138HhaE=
-----END CERTIFICATE-----
Generated at Thu Mar 26 09:11:30 2026 by rpki-client