Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/b9884b-6fc5-4b3e-b1e8-e01e94124674/1/SUEavrAvbJYi-09a6QVI2M_eSIc.roa
File: SUEavrAvbJYi-09a6QVI2M_eSIc.roa (raw, json)
Hash identifier: hAAmC8KjoRR+ZLoagJaC8chUvGr6KdS0WhlLhZ1Tw9Y=
Subject key identifier: 49:41:1A:BE:B0:2F:6C:96:22:FB:4F:5A:E9:05:48:D8:CF:DE:48:87
Certificate issuer: /CN=da8f05e3843517cf0971c2bf9cddddd62717e52c
Certificate serial: 019D70C4371A17CCDC9BE0C2E04654FB1A21
Authority key identifier: DA:8F:05:E3:84:35:17:CF:09:71:C2:BF:9C:DD:DD:D6:27:17:E5:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2o8F44Q1F88JccK_nN3d1icX5Sw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/b9884b-6fc5-4b3e-b1e8-e01e94124674/1/SUEavrAvbJYi-09a6QVI2M_eSIc.roa
Signing time: Thu 09 Apr 2026 05:43:20 +0000
ROA not before: Thu 09 Apr 2026 05:43:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 207567
IP address blocks: 138.124.98.0/24 maxlen: 24
138.124.100.0/24 maxlen: 24
138.124.104.0/24 maxlen: 24
138.124.105.0/24 maxlen: 24
138.124.106.0/24 maxlen: 24
138.124.121.0/24 maxlen: 24
138.124.242.0/24 maxlen: 24
138.124.243.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5f/b9884b-6fc5-4b3e-b1e8-e01e94124674/1/2o8F44Q1F88JccK_nN3d1icX5Sw.crl
rsync://rpki.ripe.net/repository/DEFAULT/5f/b9884b-6fc5-4b3e-b1e8-e01e94124674/1/2o8F44Q1F88JccK_nN3d1icX5Sw.mft
rsync://rpki.ripe.net/repository/DEFAULT/2o8F44Q1F88JccK_nN3d1icX5Sw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:70:c4:37:1a:17:cc:dc:9b:e0:c2:e0:46:54:fb:1a:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da8f05e3843517cf0971c2bf9cddddd62717e52c
Validity
Not Before: Apr 9 05:43:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=49411abeb02f6c9622fb4f5ae90548d8cfde4887
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:1b:b2:ba:db:5d:67:86:ab:e4:92:60:b4:e3:
93:52:a8:fd:fc:05:5c:cb:8a:a6:9d:24:ae:83:01:
44:a1:43:a6:86:e1:4b:09:43:66:8a:01:5b:40:f8:
6c:75:b3:7c:a2:d1:2a:b4:ef:45:c7:b0:46:f5:37:
76:14:b4:36:6a:03:7c:26:15:60:5b:6b:4e:4c:69:
7d:3b:68:a1:db:97:3c:b2:e8:40:15:d2:41:e7:fb:
dc:28:0c:3b:a3:b9:d5:85:47:7a:b8:6a:a6:33:41:
f7:e7:14:b4:26:85:fb:80:21:8c:12:17:46:7d:68:
ad:11:e7:65:bd:8d:1e:78:bd:f0:5f:52:3c:d0:33:
f5:45:3a:b3:bf:1e:77:a2:aa:60:02:fb:54:b5:fe:
72:58:b1:b5:64:c2:df:48:70:d3:6f:f3:5a:50:41:
c7:37:28:b2:38:8c:bb:06:df:66:52:ee:32:8f:6b:
45:f7:de:39:e3:1d:97:2e:19:48:b5:7b:f8:3b:89:
18:81:03:1f:26:06:e9:c1:a6:60:79:c9:ff:6e:0c:
8d:96:97:da:fd:67:b3:3b:f1:11:41:8c:56:fb:ac:
ee:09:fe:73:80:fd:22:32:2d:c2:60:cd:a3:11:cc:
ce:5a:1d:e1:5d:3a:36:d3:dd:22:17:9a:db:78:a8:
20:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:41:1A:BE:B0:2F:6C:96:22:FB:4F:5A:E9:05:48:D8:CF:DE:48:87
X509v3 Authority Key Identifier:
keyid:DA:8F:05:E3:84:35:17:CF:09:71:C2:BF:9C:DD:DD:D6:27:17:E5:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2o8F44Q1F88JccK_nN3d1icX5Sw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b9884b-6fc5-4b3e-b1e8-e01e94124674/1/SUEavrAvbJYi-09a6QVI2M_eSIc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b9884b-6fc5-4b3e-b1e8-e01e94124674/1/2o8F44Q1F88JccK_nN3d1icX5Sw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
138.124.98.0/24
138.124.100.0/24
138.124.104.0-138.124.106.255
138.124.121.0/24
138.124.242.0/23
Signature Algorithm: sha256WithRSAEncryption
6e:ac:8e:29:1f:d7:d4:f8:e4:dd:dd:65:9a:2f:7c:05:02:d2:
63:c1:d3:85:1d:8c:55:9c:8e:be:b6:80:bc:3a:d0:96:ad:7c:
50:6a:9e:af:e2:29:b1:71:94:41:54:34:4b:3b:ef:8a:8c:dd:
fa:b2:6a:47:6a:fe:b0:b9:97:88:66:1f:28:0b:9e:39:dd:f5:
c1:e6:98:8a:61:bd:a6:32:7e:45:b1:23:7d:47:cf:5f:fb:7c:
35:25:ec:d9:e9:1f:a7:63:ef:68:fb:8f:64:27:17:dd:3f:8b:
f0:30:4a:ba:36:9e:f4:10:4e:58:39:15:23:21:73:d4:c3:34:
a7:b7:54:75:0b:3a:e6:db:a0:39:ff:df:05:eb:e3:34:fb:80:
dc:b8:15:2f:5b:b9:c5:4f:50:16:51:9a:ac:fe:69:b8:c9:85:
0f:e0:a9:d4:f8:0a:e8:37:47:8b:ea:da:07:31:eb:31:37:bf:
e1:e8:6b:e8:fa:09:99:83:60:a6:d7:ea:d6:2c:9c:b1:3f:4b:
5d:8b:57:b6:e7:8d:5b:5c:25:42:1d:be:f0:f2:bf:d5:cc:34:
d3:15:f1:6d:a5:3f:a0:87:cd:00:3a:a0:7b:0e:35:94:72:0b:
85:64:e0:c5:54:8b:1a:49:5d:15:fd:cb:b9:30:30:63:ce:54:
b1:7f:f4:40
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZ1wxDcaF8zcm+DC4EZU+xohMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhOGYwNWUzODQzNTE3Y2YwOTcxYzJiZjljZGRkZGQ2Mjcx
N2U1MmMwHhcNMjYwNDA5MDU0MzIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OTQxMWFiZWIwMmY2Yzk2MjJmYjRmNWFlOTA1NDhkOGNmZGU0ODg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApRuyuttdZ4ar5JJgtOOTUqj9/AVc
y4qmnSSugwFEoUOmhuFLCUNmigFbQPhsdbN8otEqtO9Fx7BG9Td2FLQ2agN8JhVg
W2tOTGl9O2ih25c8suhAFdJB5/vcKAw7o7nVhUd6uGqmM0H35xS0JoX7gCGMEhdG
fWitEedlvY0eeL3wX1I80DP1RTqzvx53oqpgAvtUtf5yWLG1ZMLfSHDTb/NaUEHH
NyiyOIy7Bt9mUu4yj2tF99454x2XLhlItXv4O4kYgQMfJgbpwaZgecn/bgyNlpfa
/WezO/ERQYxW+6zuCf5zgP0iMi3CYM2jEczOWh3hXTo2090iF5rbeKggXwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFElBGr6wL2yWIvtPWukFSNjP3kiHMB8GA1UdIwQY
MBaAFNqPBeOENRfPCXHCv5zd3dYnF+UsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMm84RjQ0UTFGODhKY2NLX25OM2QxaWNYNVN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9iOTg4NGItNmZjNS00YjNlLWIxZTgt
ZTAxZTk0MTI0Njc0LzEvU1VFYXZyQXZiSllpLTA5YTZRVkkyTV9lU0ljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9iOTg4NGItNmZjNS00YjNlLWIxZTgtZTAxZTk0MTI0Njc0
LzEvMm84RjQ0UTFGODhKY2NLX25OM2QxaWNYNVN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQAinxiAwQA
inxkMAwDBAOKfGgDBACKfGoDBACKfHkDBAGKfPIwDQYJKoZIhvcNAQELBQADggEB
AG6sjikf19T45N3dZZovfAUC0mPB04UdjFWcjr62gLw60JatfFBqnq/iKbFxlEFU
NEs774qM3fqyakdq/rC5l4hmHygLnjnd9cHmmIphvaYyfkWxI31Hz1/7fDUl7Nnp
H6dj72j7j2QnF90/i/AwSro2nvQQTlg5FSMhc9TDNKe3VHULOubboDn/3wXr4zT7
gNy4FS9bucVPUBZRmqz+abjJhQ/gqdT4Cug3R4vq2gcx6zE3v+Hoa+j6CZmDYKbX
6tYsnLE/S12LV7bnjVtcJUIdvvDyv9XMNNMV8W2lP6CHzQA6oHsONZRyC4Vk4MVU
ixpJXRX9y7kwMGPOVLF/9EA=
-----END CERTIFICATE-----
Generated at Fri Apr 17 06:50:58 2026 by rpki-client