Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/63a5bb-24d0-4db9-b510-f9973c576b03/1/sgqR4WMwXjyOfh_rWVUf5MMjM8s.roa
File: sgqR4WMwXjyOfh_rWVUf5MMjM8s.roa (raw, json)
Hash identifier: spwljFTg//vIfCs+4AV5oovDbFK1ooetV57V5ssw4qo=
Subject key identifier: B2:0A:91:E1:63:30:5E:3C:8E:7E:1F:EB:59:55:1F:E4:C3:23:33:CB
Certificate issuer: /CN=21aa28de21bc91f39dbf2d012fd552d22d0f5aaa
Certificate serial: 019CD84511A3D7E8BEFC1467AE58FC686240
Authority key identifier: 21:AA:28:DE:21:BC:91:F3:9D:BF:2D:01:2F:D5:52:D2:2D:0F:5A:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Iaoo3iG8kfOdvy0BL9VS0i0PWqo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/63a5bb-24d0-4db9-b510-f9973c576b03/1/sgqR4WMwXjyOfh_rWVUf5MMjM8s.roa
Signing time: Tue 10 Mar 2026 15:02:10 +0000
ROA not before: Tue 10 Mar 2026 15:02:10 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 201641
IP address blocks: 185.102.100.0/22 maxlen: 24
185.102.101.0/24 maxlen: 24
185.102.101.253/32 maxlen: 32
185.102.103.0/24 maxlen: 24
185.102.103.253/32 maxlen: 32
194.15.212.0/24 maxlen: 24
2001:67c:6e8::/48 maxlen: 48
2a10:a600::/32 maxlen: 48
2a10:a600:c0da::/48 maxlen: 48
2a10:a600:c0db::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e1/63a5bb-24d0-4db9-b510-f9973c576b03/1/Iaoo3iG8kfOdvy0BL9VS0i0PWqo.crl
rsync://rpki.ripe.net/repository/DEFAULT/e1/63a5bb-24d0-4db9-b510-f9973c576b03/1/Iaoo3iG8kfOdvy0BL9VS0i0PWqo.mft
rsync://rpki.ripe.net/repository/DEFAULT/Iaoo3iG8kfOdvy0BL9VS0i0PWqo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 09:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:d8:45:11:a3:d7:e8:be:fc:14:67:ae:58:fc:68:62:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21aa28de21bc91f39dbf2d012fd552d22d0f5aaa
Validity
Not Before: Mar 10 15:02:10 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=b20a91e163305e3c8e7e1feb59551fe4c32333cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:52:83:db:63:b8:aa:b3:59:2b:e3:bc:d8:4f:
1d:1e:b6:85:85:ae:41:ce:22:57:fe:4f:d3:46:f2:
d8:fa:cf:28:87:ed:b9:fe:e1:74:7a:9b:e7:78:ae:
13:20:e2:48:3e:ee:74:c2:54:c8:1a:fc:69:83:35:
ae:ad:86:0e:63:a0:6a:1f:f9:0f:1b:f4:26:ba:14:
ec:4f:bf:0e:50:b1:ba:31:73:63:c8:0a:2b:ee:85:
ca:a5:af:44:7c:36:a6:aa:e0:dd:72:e9:7d:2a:c2:
37:27:3c:12:03:4b:2d:10:85:71:d5:b3:3a:a6:4a:
02:48:0d:5d:32:ca:de:75:7d:aa:ba:a2:28:86:4d:
53:92:39:88:cb:9f:3b:db:c5:63:ac:3d:ec:58:33:
15:bb:93:f3:8b:78:b9:36:03:93:67:e7:4a:22:ad:
9c:6b:2f:36:e5:0c:f5:a3:80:59:69:13:98:37:9d:
56:25:b2:4c:8f:b1:66:36:06:2e:06:99:48:7d:09:
73:6f:3d:b3:83:5c:0c:10:46:26:3b:ac:ba:b1:a3:
5a:16:54:6e:d8:c2:24:aa:cb:b6:41:4b:91:bd:ac:
63:56:da:9f:7e:5c:7e:ed:ed:e7:85:ce:7f:93:5f:
19:3b:06:ea:66:44:73:81:4f:b8:89:fb:12:90:87:
13:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:0A:91:E1:63:30:5E:3C:8E:7E:1F:EB:59:55:1F:E4:C3:23:33:CB
X509v3 Authority Key Identifier:
keyid:21:AA:28:DE:21:BC:91:F3:9D:BF:2D:01:2F:D5:52:D2:2D:0F:5A:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Iaoo3iG8kfOdvy0BL9VS0i0PWqo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/63a5bb-24d0-4db9-b510-f9973c576b03/1/sgqR4WMwXjyOfh_rWVUf5MMjM8s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/63a5bb-24d0-4db9-b510-f9973c576b03/1/Iaoo3iG8kfOdvy0BL9VS0i0PWqo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.102.100.0/22
194.15.212.0/24
IPv6:
2001:67c:6e8::/48
2a10:a600::/32
Signature Algorithm: sha256WithRSAEncryption
74:61:d5:64:78:a3:c8:2f:42:39:08:c9:cb:c5:8c:df:85:e6:
bf:3b:7b:77:d6:9b:23:0c:88:fb:37:3a:15:95:c6:af:9d:4a:
6e:4f:9c:f7:bc:11:7b:20:ed:55:ef:13:4b:0b:cb:cc:3b:b0:
78:5b:27:6a:19:bf:aa:1d:96:07:2a:dc:e7:9e:b8:7a:2e:82:
d7:39:36:1f:14:7e:ff:69:95:50:6d:9b:49:3f:64:56:af:e0:
91:c2:7a:87:4b:6a:34:ca:89:b5:6d:94:49:87:d6:01:b2:19:
fe:49:c4:ec:8f:94:26:69:20:1a:72:fd:a8:e4:29:56:8e:ab:
16:e0:95:4d:41:ed:84:67:ec:eb:a3:4f:98:5d:94:70:92:a8:
19:e0:fb:3a:dd:3d:fb:69:0c:c2:fe:45:45:59:b5:cf:b4:99:
aa:f4:91:7c:5b:52:73:7d:c6:89:db:2f:a9:96:39:04:ff:a4:
58:dd:3c:d5:44:96:02:a7:50:c0:ff:07:90:b6:02:08:a6:f9:
07:c5:8d:e7:d3:52:15:68:90:81:aa:c1:b3:a5:77:e3:87:db:
da:00:3f:01:b8:53:79:11:57:2d:69:bb:5b:b0:d5:90:48:8c:
52:06:34:10:4d:e5:8e:1e:95:d3:d1:6d:ea:44:6f:7c:25:5f:
a1:d1:c6:d2
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZzYRRGj1+i+/BRnrlj8aGJAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxYWEyOGRlMjFiYzkxZjM5ZGJmMmQwMTJmZDU1MmQyMmQw
ZjVhYWEwHhcNMjYwMzEwMTUwMjEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjBhOTFlMTYzMzA1ZTNjOGU3ZTFmZWI1OTU1MWZlNGMzMjMzM2NiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6lKD22O4qrNZK+O82E8dHraFha5B
ziJX/k/TRvLY+s8oh+25/uF0epvneK4TIOJIPu50wlTIGvxpgzWurYYOY6BqH/kP
G/QmuhTsT78OULG6MXNjyAor7oXKpa9EfDamquDdcul9KsI3JzwSA0stEIVx1bM6
pkoCSA1dMsredX2quqIohk1TkjmIy58728VjrD3sWDMVu5Pzi3i5NgOTZ+dKIq2c
ay825Qz1o4BZaROYN51WJbJMj7FmNgYuBplIfQlzbz2zg1wMEEYmO6y6saNaFlRu
2MIkqsu2QUuRvaxjVtqfflx+7e3nhc5/k18ZOwbqZkRzgU+4ifsSkIcTiQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFLIKkeFjMF48jn4f61lVH+TDIzPLMB8GA1UdIwQY
MBaAFCGqKN4hvJHznb8tAS/VUtItD1qqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWFvbzNpRzhrZk9kdnkwQkw5VlMwaTBQV3FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS82M2E1YmItMjRkMC00ZGI5LWI1MTAt
Zjk5NzNjNTc2YjAzLzEvc2dxUjRXTXdYanlPZmhfcldWVWY1TU1qTThzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS82M2E1YmItMjRkMC00ZGI5LWI1MTAtZjk5NzNjNTc2YjAz
LzEvSWFvbzNpRzhrZk9kdnkwQkw5VlMwaTBQV3FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDASBAIAATAMAwQCuWZkAwQA
wg/UMBYEAgACMBADBwAgAQZ8BugDBQAqEKYAMA0GCSqGSIb3DQEBCwUAA4IBAQB0
YdVkeKPIL0I5CMnLxYzfhea/O3t31psjDIj7NzoVlcavnUpuT5z3vBF7IO1V7xNL
C8vMO7B4WydqGb+qHZYHKtznnrh6LoLXOTYfFH7/aZVQbZtJP2RWr+CRwnqHS2o0
yom1bZRJh9YBshn+ScTsj5QmaSAacv2o5ClWjqsW4JVNQe2EZ+zro0+YXZRwkqgZ
4Ps63T37aQzC/kVFWbXPtJmq9JF8W1JzfcaJ2y+pljkE/6RY3TzVRJYCp1DA/weQ
tgIIpvkHxY3n01IVaJCBqsGzpXfjh9vaAD8BuFN5EVctabtbsNWQSIxSBjQQTeWO
HpXT0W3qRG98JV+h0cbS
-----END CERTIFICATE-----
Generated at Thu Mar 26 17:58:52 2026 by rpki-client