Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/db97d0-28f2-4329-b856-4a348e7be441/1/sCUzc7gXh2PzsffuuhJ6uBlOeMg.roa
File: sCUzc7gXh2PzsffuuhJ6uBlOeMg.roa (raw, json)
Hash identifier: U/8gs+Tj9k/OOjSuMy2EgOuC8Nu7+qHY4JJnf6XE25M=
Subject key identifier: B0:25:33:73:B8:17:87:63:F3:B1:F7:EE:BA:12:7A:B8:19:4E:78:C8
Certificate issuer: /CN=914aa557c3d3d1e6b7f0525c34cc1d488a5a9294
Certificate serial: 019D0C585906A2420DDE85C4A26EB48066C0
Authority key identifier: 91:4A:A5:57:C3:D3:D1:E6:B7:F0:52:5C:34:CC:1D:48:8A:5A:92:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kUqlV8PT0ea38FJcNMwdSIpakpQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/db97d0-28f2-4329-b856-4a348e7be441/1/sCUzc7gXh2PzsffuuhJ6uBlOeMg.roa
Signing time: Fri 20 Mar 2026 17:43:29 +0000
ROA not before: Fri 20 Mar 2026 17:43:29 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 206986
IP address blocks: 222.167.223.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/99/db97d0-28f2-4329-b856-4a348e7be441/1/kUqlV8PT0ea38FJcNMwdSIpakpQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/99/db97d0-28f2-4329-b856-4a348e7be441/1/kUqlV8PT0ea38FJcNMwdSIpakpQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/kUqlV8PT0ea38FJcNMwdSIpakpQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 23:01:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:0c:58:59:06:a2:42:0d:de:85:c4:a2:6e:b4:80:66:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=914aa557c3d3d1e6b7f0525c34cc1d488a5a9294
Validity
Not Before: Mar 20 17:43:29 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=b0253373b8178763f3b1f7eeba127ab8194e78c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:3b:c4:53:fa:99:22:a5:24:fb:08:c8:51:d8:
23:7e:da:08:f8:48:17:d6:64:54:93:ad:d9:54:ad:
64:5c:f6:52:f8:74:35:8c:1d:88:a6:ea:06:48:fe:
10:50:4f:7c:e5:b8:4f:b0:fa:11:0f:30:d4:10:d3:
87:1f:c7:3c:4d:66:b4:34:11:da:00:84:ac:2c:35:
fc:b8:db:eb:a8:50:71:0a:4c:c8:e9:f4:77:a8:fe:
eb:3a:84:1d:7b:26:bf:c0:fb:6f:de:f9:81:0f:ae:
68:19:59:d9:0a:54:e6:59:de:08:9d:8a:a4:6e:41:
af:64:b8:07:ad:90:22:c4:60:a3:c3:7b:94:66:5a:
ea:6c:8a:11:fe:1d:21:c9:09:48:fe:56:5c:ff:06:
a4:55:73:60:5b:a3:13:c4:c0:56:24:35:a3:51:2d:
42:29:9b:cb:b7:46:9d:2c:79:b0:43:6d:9e:03:3c:
a9:ee:c5:44:d7:6e:ad:b8:ad:4f:f0:35:87:d9:84:
63:4b:5f:96:be:63:0a:82:27:13:89:e6:a0:6e:e6:
9c:71:3c:6a:e5:73:ae:6b:94:18:80:62:b9:e9:dd:
19:5f:91:a1:bb:1a:32:1d:8f:22:43:de:1d:3c:c4:
79:62:68:4b:ef:0a:19:0d:49:f4:95:c6:ba:3c:9b:
5b:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:25:33:73:B8:17:87:63:F3:B1:F7:EE:BA:12:7A:B8:19:4E:78:C8
X509v3 Authority Key Identifier:
keyid:91:4A:A5:57:C3:D3:D1:E6:B7:F0:52:5C:34:CC:1D:48:8A:5A:92:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kUqlV8PT0ea38FJcNMwdSIpakpQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/db97d0-28f2-4329-b856-4a348e7be441/1/sCUzc7gXh2PzsffuuhJ6uBlOeMg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/db97d0-28f2-4329-b856-4a348e7be441/1/kUqlV8PT0ea38FJcNMwdSIpakpQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
222.167.223.0/24
Signature Algorithm: sha256WithRSAEncryption
04:75:84:51:8a:4b:f9:aa:57:6b:ce:80:43:29:42:cc:cf:f8:
2d:7b:75:1e:82:1e:ae:22:d4:7f:ae:21:6d:a2:f5:25:ea:b5:
0a:3a:4f:e3:09:c2:61:a6:0e:71:b7:cd:09:51:22:56:6c:23:
ed:2d:15:c7:57:f5:93:51:82:3f:e6:7d:67:08:67:63:ce:ae:
3c:97:70:cf:13:1e:9b:b7:4a:ad:fe:91:42:f6:aa:6b:4f:44:
a0:8d:70:2c:8f:74:b7:6e:75:87:53:63:5f:5e:02:c8:29:ed:
b8:bb:97:6b:82:8f:94:ce:56:94:e6:ac:bf:0e:43:0b:36:1e:
dc:d4:71:fd:ec:27:18:17:c5:e5:71:cb:9a:6c:60:21:cc:aa:
ff:85:c3:9f:2d:53:3f:7b:df:15:50:23:a6:dd:f7:0f:de:36:
35:4f:f4:91:f8:eb:c8:2d:fa:6f:cd:53:1a:ed:fb:ad:4b:bd:
ce:81:88:3b:3c:e9:a1:9a:22:de:8e:05:05:d1:92:89:c9:cf:
8a:e5:de:50:18:09:60:bd:48:33:bc:9e:96:50:94:17:d1:66:
19:eb:8e:0b:bc:c9:42:8e:da:3d:e0:ef:79:0a:04:47:4f:53:
9f:1d:23:76:7c:98:52:95:33:ad:1c:b3:6d:3d:f8:37:6d:be:
73:56:8d:eb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ0MWFkGokIN3oXEom60gGbAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxNGFhNTU3YzNkM2QxZTZiN2YwNTI1YzM0Y2MxZDQ4OGE1
YTkyOTQwHhcNMjYwMzIwMTc0MzI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMDI1MzM3M2I4MTc4NzYzZjNiMWY3ZWViYTEyN2FiODE5NGU3OGM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0zvEU/qZIqUk+wjIUdgjftoI+EgX
1mRUk63ZVK1kXPZS+HQ1jB2IpuoGSP4QUE985bhPsPoRDzDUENOHH8c8TWa0NBHa
AISsLDX8uNvrqFBxCkzI6fR3qP7rOoQdeya/wPtv3vmBD65oGVnZClTmWd4InYqk
bkGvZLgHrZAixGCjw3uUZlrqbIoR/h0hyQlI/lZc/wakVXNgW6MTxMBWJDWjUS1C
KZvLt0adLHmwQ22eAzyp7sVE126tuK1P8DWH2YRjS1+WvmMKgicTieagbuaccTxq
5XOua5QYgGK56d0ZX5GhuxoyHY8iQ94dPMR5YmhL7woZDUn0lca6PJtbCQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLAlM3O4F4dj87H37roSergZTnjIMB8GA1UdIwQY
MBaAFJFKpVfD09Hmt/BSXDTMHUiKWpKUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva1VxbFY4UFQwZWEzOEZKY05Nd2RTSXBha3BRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS9kYjk3ZDAtMjhmMi00MzI5LWI4NTYt
NGEzNDhlN2JlNDQxLzEvc0NVemM3Z1hoMlB6c2ZmdXVoSjZ1QmxPZU1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS9kYjk3ZDAtMjhmMi00MzI5LWI4NTYtNGEzNDhlN2JlNDQx
LzEva1VxbFY4UFQwZWEzOEZKY05Nd2RTSXBha3BRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA3qffMA0G
CSqGSIb3DQEBCwUAA4IBAQAEdYRRikv5qldrzoBDKULMz/gte3Uegh6uItR/riFt
ovUl6rUKOk/jCcJhpg5xt80JUSJWbCPtLRXHV/WTUYI/5n1nCGdjzq48l3DPEx6b
t0qt/pFC9qprT0SgjXAsj3S3bnWHU2NfXgLIKe24u5drgo+UzlaU5qy/DkMLNh7c
1HH97CcYF8XlccuabGAhzKr/hcOfLVM/e98VUCOm3fcP3jY1T/SR+OvILfpvzVMa
7futS73OgYg7POmhmiLejgUF0ZKJyc+K5d5QGAlgvUgzvJ6WUJQX0WYZ644LvMlC
jto94O95CgRHT1OfHSN2fJhSlTOtHLNtPfg3bb5zVo3r
-----END CERTIFICATE-----
Generated at Thu Mar 26 04:13:02 2026 by rpki-client