Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/cfbcfa-88da-488e-ace1-7967962e7c75/1/SR844C9CRl27s_FrBd7vLnyUdho.roa
File: SR844C9CRl27s_FrBd7vLnyUdho.roa (raw, json)
Hash identifier: IBZrX7BjbJAmk2KBJkfUZSId5sdEA+S6S7NN5rGVAOk=
Subject key identifier: 49:1F:38:E0:2F:42:46:5D:BB:B3:F1:6B:05:DE:EF:2E:7C:94:76:1A
Certificate issuer: /CN=1763214280055a47deb554fe9cb28dc0c1792302
Certificate serial: 019B7CED2035C665C4044968D3355F1310F7
Authority key identifier: 17:63:21:42:80:05:5A:47:DE:B5:54:FE:9C:B2:8D:C0:C1:79:23:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F2MhQoAFWkfetVT-nLKNwMF5IwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/cfbcfa-88da-488e-ace1-7967962e7c75/1/SR844C9CRl27s_FrBd7vLnyUdho.roa
Signing time: Fri 02 Jan 2026 04:17:53 +0000
ROA not before: Fri 02 Jan 2026 04:17:53 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 12997
IP address blocks: 31.29.0.0/19 maxlen: 19
31.29.0.0/20 maxlen: 20
31.29.16.0/20 maxlen: 20
37.218.128.0/18 maxlen: 18
37.218.128.0/19 maxlen: 19
37.218.160.0/19 maxlen: 19
80.72.176.0/20 maxlen: 20
80.72.176.0/21 maxlen: 21
80.72.184.0/21 maxlen: 21
85.113.0.0/19 maxlen: 19
85.113.0.0/20 maxlen: 20
85.113.16.0/20 maxlen: 20
89.237.192.0/18 maxlen: 18
89.237.192.0/19 maxlen: 19
89.237.224.0/19 maxlen: 19
185.66.252.0/22 maxlen: 22
185.66.252.0/23 maxlen: 23
185.66.254.0/23 maxlen: 23
195.114.240.0/20 maxlen: 20
195.114.240.0/21 maxlen: 21
195.114.248.0/21 maxlen: 21
212.97.0.0/19 maxlen: 19
212.97.0.0/20 maxlen: 20
212.97.16.0/20 maxlen: 20
212.241.0.0/19 maxlen: 19
212.241.0.0/20 maxlen: 20
212.241.16.0/20 maxlen: 20
213.145.128.0/19 maxlen: 19
213.145.128.0/20 maxlen: 20
213.145.128.0/24 maxlen: 24
213.145.129.0/24 maxlen: 24
213.145.130.0/24 maxlen: 24
213.145.140.0/24 maxlen: 24
213.145.144.0/20 maxlen: 20
2a01:9d00::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/18/cfbcfa-88da-488e-ace1-7967962e7c75/1/F2MhQoAFWkfetVT-nLKNwMF5IwI.crl
rsync://rpki.ripe.net/repository/DEFAULT/18/cfbcfa-88da-488e-ace1-7967962e7c75/1/F2MhQoAFWkfetVT-nLKNwMF5IwI.mft
rsync://rpki.ripe.net/repository/DEFAULT/F2MhQoAFWkfetVT-nLKNwMF5IwI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 15:05:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:7c:ed:20:35:c6:65:c4:04:49:68:d3:35:5f:13:10:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1763214280055a47deb554fe9cb28dc0c1792302
Validity
Not Before: Jan 2 04:17:53 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=491f38e02f42465dbbb3f16b05deef2e7c94761a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:59:c0:83:ac:83:08:24:3a:49:a3:67:58:d7:
51:36:78:24:91:6c:88:5f:1a:b9:d5:94:66:4a:18:
1a:07:ff:d4:03:32:fe:62:5c:eb:a8:86:9a:56:28:
15:7b:94:f9:5e:f1:e3:1b:05:39:18:dc:69:95:5b:
34:b6:b1:7c:32:93:65:71:e4:8f:a3:3b:b7:5a:a5:
4f:2f:c3:b6:eb:8d:35:36:94:e8:9f:30:8c:97:6d:
a5:e6:3c:b8:a9:ba:43:18:8b:b7:c1:77:d0:ec:04:
b1:60:a1:03:57:37:00:9f:d2:06:01:d7:ec:81:fa:
81:b3:77:a1:81:fa:80:c4:f0:96:b5:2e:5b:2e:dd:
43:1e:b6:b0:03:22:b5:f8:fb:b3:93:3f:93:7b:a3:
62:c3:73:44:e9:b0:12:09:24:9c:24:22:ca:fc:66:
f6:37:88:77:98:87:bd:58:f7:2b:4d:bb:dc:ae:0e:
eb:34:5b:d3:02:34:76:ee:9b:b2:01:78:f0:ab:ff:
5d:6a:a9:a3:eb:09:19:94:9a:50:f4:bf:82:47:f8:
15:e3:81:54:e2:4c:16:f3:4f:22:6d:e8:28:0f:ad:
40:92:9c:d0:1e:08:43:93:d9:d7:21:47:73:fc:41:
c5:a0:60:d4:1b:81:c8:da:29:a1:68:56:c2:41:f5:
2e:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:1F:38:E0:2F:42:46:5D:BB:B3:F1:6B:05:DE:EF:2E:7C:94:76:1A
X509v3 Authority Key Identifier:
keyid:17:63:21:42:80:05:5A:47:DE:B5:54:FE:9C:B2:8D:C0:C1:79:23:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F2MhQoAFWkfetVT-nLKNwMF5IwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/cfbcfa-88da-488e-ace1-7967962e7c75/1/SR844C9CRl27s_FrBd7vLnyUdho.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/cfbcfa-88da-488e-ace1-7967962e7c75/1/F2MhQoAFWkfetVT-nLKNwMF5IwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.29.0.0/19
37.218.128.0/18
80.72.176.0/20
85.113.0.0/19
89.237.192.0/18
185.66.252.0/22
195.114.240.0/20
212.97.0.0/19
212.241.0.0/19
213.145.128.0/19
IPv6:
2a01:9d00::/32
Signature Algorithm: sha256WithRSAEncryption
92:30:ef:0e:09:8f:0f:c7:41:20:bc:3f:dc:c9:74:a0:7d:62:
35:ac:76:95:fb:d8:30:34:51:93:d8:f1:90:56:bd:f2:42:83:
c7:b2:fe:70:b2:79:ae:0e:5a:4e:77:4b:03:ae:3e:7a:08:0b:
f9:d0:4a:9a:6f:e8:6a:08:28:1f:b7:dd:6d:06:a8:46:6f:31:
04:f0:df:f1:d3:fc:fd:f0:a4:4a:69:91:cf:12:7d:d3:d7:81:
db:cb:da:10:b6:b7:f3:3a:f1:d3:26:df:b9:df:76:8d:09:39:
f7:5e:57:bf:85:bf:78:bb:30:2d:ac:bf:a4:1a:e2:37:e0:f9:
b4:7f:f0:d5:fa:5d:df:98:64:b2:71:08:3f:f5:6a:fe:16:18:
6e:ce:50:a7:af:6d:53:81:01:37:e4:fb:1b:48:7f:9d:8d:fb:
5f:f6:cd:bf:94:e9:2f:c8:d4:33:38:b5:a0:f5:d1:5a:df:a8:
86:95:35:eb:ed:6a:28:b9:f7:49:00:d6:2a:69:03:29:d1:17:
55:f9:e9:70:ed:4b:b6:16:5b:f3:29:5c:c5:e4:1f:94:ac:5f:
9f:f2:aa:e7:74:67:ce:81:fa:dd:8d:0d:70:9f:18:38:be:cc:
23:7f:55:18:d8:0d:04:32:48:a7:9d:6e:3a:a0:df:c3:fc:c8:
68:25:8e:9b
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgISAZt87SA1xmXEBElo0zVfExD3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3NjMyMTQyODAwNTVhNDdkZWI1NTRmZTljYjI4ZGMwYzE3
OTIzMDIwHhcNMjYwMTAyMDQxNzUzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OTFmMzhlMDJmNDI0NjVkYmJiM2YxNmIwNWRlZWYyZTdjOTQ3NjFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5VnAg6yDCCQ6SaNnWNdRNngkkWyI
Xxq51ZRmShgaB//UAzL+YlzrqIaaVigVe5T5XvHjGwU5GNxplVs0trF8MpNlceSP
ozu3WqVPL8O26401NpTonzCMl22l5jy4qbpDGIu3wXfQ7ASxYKEDVzcAn9IGAdfs
gfqBs3ehgfqAxPCWtS5bLt1DHrawAyK1+Puzkz+Te6Niw3NE6bASCSScJCLK/Gb2
N4h3mIe9WPcrTbvcrg7rNFvTAjR27puyAXjwq/9daqmj6wkZlJpQ9L+CR/gV44FU
4kwW808ibegoD61AkpzQHghDk9nXIUdz/EHFoGDUG4HI2imhaFbCQfUukwIDAQAB
o4ICTjCCAkowHQYDVR0OBBYEFEkfOOAvQkZdu7PxawXe7y58lHYaMB8GA1UdIwQY
MBaAFBdjIUKABVpH3rVU/pyyjcDBeSMCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjJNaFFvQUZXa2ZldFZULW5MS053TUY1SXdJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9jZmJjZmEtODhkYS00ODhlLWFjZTEt
Nzk2Nzk2MmU3Yzc1LzEvU1I4NDRDOUNSbDI3c19GckJkN3ZMbnlVZGhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC9jZmJjZmEtODhkYS00ODhlLWFjZTEtNzk2Nzk2MmU3Yzc1
LzEvRjJNaFFvQUZXa2ZldFZULW5MS053TUY1SXdJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGQGCCsGAQUFBwEHAQH/BFUwUzBCBAIAATA8AwQFHx0AAwQG
JdqAAwQEUEiwAwQFVXEAAwQGWe3AAwQCuUL8AwQEw3LwAwQF1GEAAwQF1PEAAwQF
1ZGAMA0EAgACMAcDBQAqAZ0AMA0GCSqGSIb3DQEBCwUAA4IBAQCSMO8OCY8Px0Eg
vD/cyXSgfWI1rHaV+9gwNFGT2PGQVr3yQoPHsv5wsnmuDlpOd0sDrj56CAv50Eqa
b+hqCCgft91tBqhGbzEE8N/x0/z98KRKaZHPEn3T14Hby9oQtrfzOvHTJt+533aN
CTn3Xle/hb94uzAtrL+kGuI34Pm0f/DV+l3fmGSycQg/9Wr+FhhuzlCnr21TgQE3
5PsbSH+djftf9s2/lOkvyNQzOLWg9dFa36iGlTXr7WooufdJANYqaQMp0RdV+elw
7Uu2FlvzKVzF5B+UrF+f8qrndGfOgfrdjQ1wnxg4vswjf1UY2A0EMkinnW46oN/D
/MhoJY6b
-----END CERTIFICATE-----
Generated at Mon Mar 2 23:37:20 2026 by rpki-client