Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/f25506-6a6c-497d-a4ab-248c47b3c7d8/1/SgjnIjuq3AeuRbPMRDHnDCjAALI.roa
File: SgjnIjuq3AeuRbPMRDHnDCjAALI.roa (raw, json)
Hash identifier: Pfy5puiab8wDSE6eVbJ+tlKeXTAJeJMbBe/7aBk5Ysw=
Subject key identifier: 4A:08:E7:22:3B:AA:DC:07:AE:45:B3:CC:44:31:E7:0C:28:C0:00:B2
Certificate issuer: /CN=35216a360277876e3e93b29bd4bb9c9231fad2f7
Certificate serial: 019938269089F7792121C0526D64A7FAD4BA
Authority key identifier: 35:21:6A:36:02:77:87:6E:3E:93:B2:9B:D4:BB:9C:92:31:FA:D2:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NSFqNgJ3h24-k7Kb1LuckjH60vc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/f25506-6a6c-497d-a4ab-248c47b3c7d8/1/SgjnIjuq3AeuRbPMRDHnDCjAALI.roa
Signing time: Thu 11 Sep 2025 09:41:15 +0000
ROA not before: Thu 11 Sep 2025 09:41:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208802
IP address blocks: 45.84.200.0/22 maxlen: 22
45.84.200.0/23 maxlen: 23
45.84.203.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a8/f25506-6a6c-497d-a4ab-248c47b3c7d8/1/NSFqNgJ3h24-k7Kb1LuckjH60vc.crl
rsync://rpki.ripe.net/repository/DEFAULT/a8/f25506-6a6c-497d-a4ab-248c47b3c7d8/1/NSFqNgJ3h24-k7Kb1LuckjH60vc.mft
rsync://rpki.ripe.net/repository/DEFAULT/NSFqNgJ3h24-k7Kb1LuckjH60vc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:38:26:90:89:f7:79:21:21:c0:52:6d:64:a7:fa:d4:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35216a360277876e3e93b29bd4bb9c9231fad2f7
Validity
Not Before: Sep 11 09:41:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4a08e7223baadc07ae45b3cc4431e70c28c000b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:13:2e:54:7f:f5:60:de:19:a6:b8:a6:af:df:
7a:37:dd:be:83:9e:b2:84:a3:1e:4a:ab:c2:55:f4:
13:6d:b0:e8:b7:ee:e2:fa:08:bc:74:0b:49:32:c7:
19:e4:09:93:88:45:7e:fe:4e:6b:0d:b8:2f:18:c8:
5e:3a:b5:a4:a1:c4:0b:a9:83:67:ec:6f:ab:50:bc:
94:4e:dd:a0:1e:54:cd:1f:99:b4:73:a2:14:f7:6f:
4b:3f:13:4d:07:fb:3d:59:04:73:b5:67:08:47:db:
a9:05:18:d5:8d:f3:b6:ec:66:60:b5:92:b2:4e:c7:
04:ce:ec:77:e8:53:d7:e8:65:17:dc:89:8a:37:1f:
c4:d4:03:e2:82:e7:b2:c6:3c:82:f3:f2:05:88:cd:
88:f2:c8:3a:af:ab:67:63:59:6d:25:bf:d4:c4:50:
fa:8d:37:db:37:55:79:04:29:30:ab:32:cc:3e:ad:
57:69:15:76:fc:29:60:52:10:d7:0d:de:e4:51:67:
1b:63:79:c8:d9:6d:73:7b:35:80:45:3e:33:30:39:
f1:8f:37:99:e7:f0:db:84:cc:f5:46:63:85:9e:a2:
92:bd:da:8a:ea:a5:93:bf:4d:e3:c5:36:53:90:c5:
8f:66:4c:03:7b:66:67:90:b3:e4:6c:4a:ac:dd:a3:
06:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:08:E7:22:3B:AA:DC:07:AE:45:B3:CC:44:31:E7:0C:28:C0:00:B2
X509v3 Authority Key Identifier:
keyid:35:21:6A:36:02:77:87:6E:3E:93:B2:9B:D4:BB:9C:92:31:FA:D2:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NSFqNgJ3h24-k7Kb1LuckjH60vc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/f25506-6a6c-497d-a4ab-248c47b3c7d8/1/SgjnIjuq3AeuRbPMRDHnDCjAALI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/f25506-6a6c-497d-a4ab-248c47b3c7d8/1/NSFqNgJ3h24-k7Kb1LuckjH60vc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.84.200.0/22
Signature Algorithm: sha256WithRSAEncryption
19:c7:45:94:87:6c:48:4c:37:c1:65:2a:02:95:e5:f1:d1:56:
66:1b:2c:50:8d:54:32:cc:aa:e3:56:8e:1f:09:e5:e6:9a:8a:
f3:b1:92:76:89:1d:77:41:a1:a8:55:fe:df:22:31:85:5b:3b:
6d:a4:be:06:b0:13:d0:ce:e0:c4:09:3e:cf:25:7b:08:e5:b8:
f7:93:34:08:6b:2e:2e:a8:75:fc:57:70:4d:f1:2d:a9:3b:5c:
63:45:52:e2:18:a5:9d:39:2d:66:33:b9:fe:29:0c:fd:28:a8:
76:cd:6e:6c:7e:1c:6f:90:2b:75:1f:09:56:1f:b5:bc:fa:6b:
0e:58:77:13:7d:9c:53:73:0d:e6:8d:38:36:9a:2c:7b:6c:56:
28:d6:b3:2c:23:e3:d7:cb:f6:f9:67:dc:8e:70:30:31:cc:0b:
95:5a:c7:70:17:de:50:fb:f3:5b:f2:8a:5f:40:ce:80:86:d9:
04:37:15:6b:e8:05:84:0a:b6:aa:59:a4:28:53:ec:18:0e:87:
62:2b:90:f8:df:3b:87:a2:c1:9c:44:39:c0:ea:19:57:d8:bf:
d8:a1:d4:c6:c3:e4:cd:91:a9:55:5c:8a:d1:2f:49:6f:d4:dc:
18:64:c1:d1:64:13:2e:0a:36:7f:dd:23:87:02:25:0e:ed:ef:
1e:19:5c:37
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZk4JpCJ93khIcBSbWSn+tS6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1MjE2YTM2MDI3Nzg3NmUzZTkzYjI5YmQ0YmI5YzkyMzFm
YWQyZjcwHhcNMjUwOTExMDk0MTE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTA4ZTcyMjNiYWFkYzA3YWU0NWIzY2M0NDMxZTcwYzI4YzAwMGIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2hMuVH/1YN4Zprimr996N92+g56y
hKMeSqvCVfQTbbDot+7i+gi8dAtJMscZ5AmTiEV+/k5rDbgvGMheOrWkocQLqYNn
7G+rULyUTt2gHlTNH5m0c6IU929LPxNNB/s9WQRztWcIR9upBRjVjfO27GZgtZKy
TscEzux36FPX6GUX3ImKNx/E1APigueyxjyC8/IFiM2I8sg6r6tnY1ltJb/UxFD6
jTfbN1V5BCkwqzLMPq1XaRV2/ClgUhDXDd7kUWcbY3nI2W1zezWART4zMDnxjzeZ
5/DbhMz1RmOFnqKSvdqK6qWTv03jxTZTkMWPZkwDe2ZnkLPkbEqs3aMGNwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEoI5yI7qtwHrkWzzEQx5wwowACyMB8GA1UdIwQY
MBaAFDUhajYCd4duPpOym9S7nJIx+tL3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlNGcU5nSjNoMjQtazdLYjFMdWNrakg2MHZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9mMjU1MDYtNmE2Yy00OTdkLWE0YWIt
MjQ4YzQ3YjNjN2Q4LzEvU2dqbklqdXEzQWV1UmJQTVJESG5EQ2pBQUxJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9mMjU1MDYtNmE2Yy00OTdkLWE0YWItMjQ4YzQ3YjNjN2Q4
LzEvTlNGcU5nSjNoMjQtazdLYjFMdWNrakg2MHZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLVTIMA0G
CSqGSIb3DQEBCwUAA4IBAQAZx0WUh2xITDfBZSoCleXx0VZmGyxQjVQyzKrjVo4f
CeXmmorzsZJ2iR13QaGoVf7fIjGFWzttpL4GsBPQzuDECT7PJXsI5bj3kzQIay4u
qHX8V3BN8S2pO1xjRVLiGKWdOS1mM7n+KQz9KKh2zW5sfhxvkCt1HwlWH7W8+msO
WHcTfZxTcw3mjTg2mix7bFYo1rMsI+PXy/b5Z9yOcDAxzAuVWsdwF95Q+/Nb8opf
QM6AhtkENxVr6AWECraqWaQoU+wYDodiK5D43zuHosGcRDnA6hlX2L/YodTGw+TN
kalVXIrRL0lv1NwYZMHRZBMuCjZ/3SOHAiUO7e8eGVw3
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:04:31 2025 by rpki-client