Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/921609-58a5-4306-b82b-4b7dcd8777de/1/SOgy0vaXDl1qIul-YuWcMXoxFHQ.roa
File: SOgy0vaXDl1qIul-YuWcMXoxFHQ.roa (raw, json)
Hash identifier: lN/H+O4i/rNCySyb7U2rIk9cEQw6Mc4Ga+W5WUeEoKk=
Subject key identifier: 48:E8:32:D2:F6:97:0E:5D:6A:22:E9:7E:62:E5:9C:31:7A:31:14:74
Certificate issuer: /CN=9eefcb1205eb7955471e5c8f5434a92072ad3ddd
Certificate serial: 019C47CD74E04BD7C41223FD804968E81F2B
Authority key identifier: 9E:EF:CB:12:05:EB:79:55:47:1E:5C:8F:54:34:A9:20:72:AD:3D:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nu_LEgXreVVHHlyPVDSpIHKtPd0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/921609-58a5-4306-b82b-4b7dcd8777de/1/SOgy0vaXDl1qIul-YuWcMXoxFHQ.roa
Signing time: Tue 10 Feb 2026 13:46:12 +0000
ROA not before: Tue 10 Feb 2026 13:46:12 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 59790
IP address blocks: 5.154.243.0/24 maxlen: 24
176.56.40.0/22 maxlen: 22
185.65.208.0/22 maxlen: 22
185.109.144.0/22 maxlen: 22
185.182.164.0/22 maxlen: 22
185.227.52.0/22 maxlen: 22
193.93.140.0/23 maxlen: 23
193.124.14.0/24 maxlen: 24
193.124.84.0/24 maxlen: 24
194.135.47.0/24 maxlen: 24
194.135.118.0/24 maxlen: 24
2a05:380::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/921609-58a5-4306-b82b-4b7dcd8777de/1/nu_LEgXreVVHHlyPVDSpIHKtPd0.crl
rsync://rpki.ripe.net/repository/DEFAULT/09/921609-58a5-4306-b82b-4b7dcd8777de/1/nu_LEgXreVVHHlyPVDSpIHKtPd0.mft
rsync://rpki.ripe.net/repository/DEFAULT/nu_LEgXreVVHHlyPVDSpIHKtPd0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:47:cd:74:e0:4b:d7:c4:12:23:fd:80:49:68:e8:1f:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9eefcb1205eb7955471e5c8f5434a92072ad3ddd
Validity
Not Before: Feb 10 13:46:12 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=48e832d2f6970e5d6a22e97e62e59c317a311474
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:4c:68:c6:3b:c1:ff:ca:d2:25:d6:8c:b5:7d:
e8:1f:6a:e0:c3:74:8b:54:ee:8c:22:e5:9d:68:33:
51:e6:5f:83:8a:6d:f8:02:00:eb:c2:cf:af:6a:a8:
c8:25:87:aa:0f:f4:f6:d2:9c:86:4b:9f:ff:df:c8:
e5:5f:e9:52:43:15:e4:ce:90:e3:b8:7e:8a:08:71:
99:da:86:26:1b:08:79:d8:88:64:37:dd:3c:e2:a6:
8c:79:53:c8:4c:a3:16:01:16:4e:94:46:05:74:86:
bf:0a:4e:a3:f0:71:5a:05:7f:75:af:cf:ba:36:b6:
1d:af:43:82:62:b4:37:27:bb:12:0d:77:73:d8:40:
9a:04:f0:d9:26:91:0a:db:65:af:43:7a:17:f7:f7:
5b:bb:3c:6e:fe:91:87:f4:51:d6:c1:9e:91:7a:e6:
4f:a9:9b:a2:66:9a:4e:d1:7e:00:fc:15:67:b6:3f:
bb:d0:ec:92:c8:c3:a9:ac:ce:f0:4b:e9:2a:46:cb:
67:d2:68:ae:23:d4:c2:8a:32:ee:d2:51:68:4b:b1:
3d:d9:44:a0:99:2d:bc:f8:7c:bd:76:03:aa:3c:bd:
67:01:1e:78:62:96:bd:fb:37:2e:c5:25:de:67:16:
c6:db:f1:96:d9:82:dc:8b:6b:55:c2:4d:92:85:f8:
29:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:E8:32:D2:F6:97:0E:5D:6A:22:E9:7E:62:E5:9C:31:7A:31:14:74
X509v3 Authority Key Identifier:
keyid:9E:EF:CB:12:05:EB:79:55:47:1E:5C:8F:54:34:A9:20:72:AD:3D:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nu_LEgXreVVHHlyPVDSpIHKtPd0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/921609-58a5-4306-b82b-4b7dcd8777de/1/SOgy0vaXDl1qIul-YuWcMXoxFHQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/921609-58a5-4306-b82b-4b7dcd8777de/1/nu_LEgXreVVHHlyPVDSpIHKtPd0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.154.243.0/24
176.56.40.0/22
185.65.208.0/22
185.109.144.0/22
185.182.164.0/22
185.227.52.0/22
193.93.140.0/23
193.124.14.0/24
193.124.84.0/24
194.135.47.0/24
194.135.118.0/24
IPv6:
2a05:380::/29
Signature Algorithm: sha256WithRSAEncryption
7e:6e:e0:f5:d0:d9:41:41:32:89:04:db:ab:cd:c8:24:dd:ed:
ae:0c:8b:ea:f4:2a:6f:be:dc:bf:0f:a8:66:e7:df:84:d7:57:
e0:5c:68:6c:56:2a:a9:c7:b3:ac:6c:5e:9a:ac:79:50:c8:10:
1c:ba:df:ac:ac:06:8b:d3:d5:ea:6f:ad:c1:9c:ad:be:22:34:
33:9b:a4:03:8c:6d:45:50:13:44:b2:c5:9b:db:a2:34:07:74:
51:02:61:d7:6f:3e:3e:bf:99:05:98:8b:44:3e:1c:1a:bf:d9:
a7:ca:d7:c4:a9:04:7e:bf:e9:01:98:88:33:87:18:46:f5:f3:
ea:b3:71:72:35:51:07:72:a6:9c:00:d9:0f:30:d4:72:bd:61:
3f:7d:df:c6:a1:5b:b9:65:74:02:4d:10:fd:a3:ed:b9:74:4f:
45:8c:69:68:cc:05:5c:f2:cb:6b:44:da:18:47:43:e1:7d:ce:
1e:0c:a2:87:7b:80:57:c0:56:68:6f:1d:ab:1f:28:e8:d6:99:
c4:18:f3:5c:e6:12:25:b9:c4:3c:e0:49:cc:f3:07:41:3b:9f:
58:11:aa:2c:fa:e8:67:75:0d:5d:9e:f9:52:d4:87:32:44:25:
3b:63:e8:01:cc:70:5c:87:77:68:b2:c6:5d:af:91:49:99:f3:
c4:23:e8:56
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgISAZxHzXTgS9fEEiP9gElo6B8rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllZWZjYjEyMDVlYjc5NTU0NzFlNWM4ZjU0MzRhOTIwNzJh
ZDNkZGQwHhcNMjYwMjEwMTM0NjEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OGU4MzJkMmY2OTcwZTVkNmEyMmU5N2U2MmU1OWMzMTdhMzExNDc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq0xoxjvB/8rSJdaMtX3oH2rgw3SL
VO6MIuWdaDNR5l+Dim34AgDrws+vaqjIJYeqD/T20pyGS5//38jlX+lSQxXkzpDj
uH6KCHGZ2oYmGwh52IhkN9084qaMeVPITKMWARZOlEYFdIa/Ck6j8HFaBX91r8+6
NrYdr0OCYrQ3J7sSDXdz2ECaBPDZJpEK22WvQ3oX9/dbuzxu/pGH9FHWwZ6ReuZP
qZuiZppO0X4A/BVntj+70OySyMOprM7wS+kqRstn0miuI9TCijLu0lFoS7E92USg
mS28+Hy9dgOqPL1nAR54Ypa9+zcuxSXeZxbG2/GW2YLci2tVwk2ShfgpMQIDAQAB
o4ICVDCCAlAwHQYDVR0OBBYEFEjoMtL2lw5daiLpfmLlnDF6MRR0MB8GA1UdIwQY
MBaAFJ7vyxIF63lVRx5cj1Q0qSByrT3dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnVfTEVnWHJlVlZISGx5UFZEU3BJSEt0UGQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS85MjE2MDktNThhNS00MzA2LWI4MmIt
NGI3ZGNkODc3N2RlLzEvU09neTB2YVhEbDFxSXVsLVl1V2NNWG94RkhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS85MjE2MDktNThhNS00MzA2LWI4MmItNGI3ZGNkODc3N2Rl
LzEvbnVfTEVnWHJlVlZISGx5UFZEU3BJSEt0UGQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGoGCCsGAQUFBwEHAQH/BFswWTBIBAIAATBCAwQABZrzAwQC
sDgoAwQCuUHQAwQCuW2QAwQCubakAwQCueM0AwQBwV2MAwQAwXwOAwQAwXxUAwQA
wocvAwQAwod2MA0EAgACMAcDBQMqBQOAMA0GCSqGSIb3DQEBCwUAA4IBAQB+buD1
0NlBQTKJBNurzcgk3e2uDIvq9Cpvvty/D6hm59+E11fgXGhsViqpx7OsbF6arHlQ
yBAcut+srAaL09Xqb63BnK2+IjQzm6QDjG1FUBNEssWb26I0B3RRAmHXbz4+v5kF
mItEPhwav9mnytfEqQR+v+kBmIgzhxhG9fPqs3FyNVEHcqacANkPMNRyvWE/fd/G
oVu5ZXQCTRD9o+25dE9FjGlozAVc8strRNoYR0Phfc4eDKKHe4BXwFZobx2rHyjo
1pnEGPNc5hIlucQ84EnM8wdBO59YEaos+uhndQ1dnvlS1IcyRCU7Y+gBzHBch3do
ssZdr5FJmfPEI+hW
-----END CERTIFICATE-----
Generated at Mon Mar 2 07:53:34 2026 by rpki-client