Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/b9884b-6fc5-4b3e-b1e8-e01e94124674/1/sgrFZma6zheGea9J58PSDqqiCmM.roa
File: sgrFZma6zheGea9J58PSDqqiCmM.roa (raw, json)
Hash identifier: iXm2HKLx+ZNC9Eul83oyhoOJ0aOmRAKDu34RWqMoyaY=
Subject key identifier: B2:0A:C5:66:66:BA:CE:17:86:79:AF:49:E7:C3:D2:0E:AA:A2:0A:63
Certificate issuer: /CN=da8f05e3843517cf0971c2bf9cddddd62717e52c
Certificate serial: 019C0F88D07270E665B794D8830B74F29186
Authority key identifier: DA:8F:05:E3:84:35:17:CF:09:71:C2:BF:9C:DD:DD:D6:27:17:E5:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2o8F44Q1F88JccK_nN3d1icX5Sw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/b9884b-6fc5-4b3e-b1e8-e01e94124674/1/sgrFZma6zheGea9J58PSDqqiCmM.roa
Signing time: Fri 30 Jan 2026 15:32:30 +0000
ROA not before: Fri 30 Jan 2026 15:32:30 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 209207
IP address blocks: 138.124.79.0/24 maxlen: 24
138.124.126.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5f/b9884b-6fc5-4b3e-b1e8-e01e94124674/1/2o8F44Q1F88JccK_nN3d1icX5Sw.crl
rsync://rpki.ripe.net/repository/DEFAULT/5f/b9884b-6fc5-4b3e-b1e8-e01e94124674/1/2o8F44Q1F88JccK_nN3d1icX5Sw.mft
rsync://rpki.ripe.net/repository/DEFAULT/2o8F44Q1F88JccK_nN3d1icX5Sw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:0f:88:d0:72:70:e6:65:b7:94:d8:83:0b:74:f2:91:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da8f05e3843517cf0971c2bf9cddddd62717e52c
Validity
Not Before: Jan 30 15:32:30 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=b20ac56666bace178679af49e7c3d20eaaa20a63
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:8e:7f:d8:53:54:60:c5:5b:3b:ff:66:4e:c4:
d3:68:5b:4f:e3:56:ec:91:ee:be:8d:99:77:20:6f:
cf:9f:c2:4c:64:48:81:69:95:d5:4f:d1:b4:fa:e0:
d8:72:a6:3e:88:ac:c8:d0:c2:29:e5:33:b7:fe:b6:
30:7d:0e:4e:7b:3d:cf:d7:9b:9b:9b:fe:d6:6f:f3:
ce:52:88:f5:c8:f3:76:09:34:2a:9a:be:f4:09:6e:
20:72:6a:9f:5f:48:28:fa:c8:d6:22:26:36:49:85:
76:e7:ff:1e:2b:c5:ce:cb:35:4e:12:e2:69:e4:d0:
e2:1a:02:76:1f:92:64:c8:9f:84:38:1c:e4:f7:3f:
ed:a5:34:c3:22:21:8f:67:54:05:0d:23:98:6d:99:
e6:be:75:65:c4:81:d5:3f:61:5c:a1:cb:f3:84:7f:
06:22:df:3d:65:37:79:32:ce:54:55:cc:ca:0e:b8:
ee:e7:fe:35:82:41:19:fe:02:c8:16:06:91:30:f6:
58:98:92:d1:0d:51:7c:6d:40:91:22:ce:d8:cb:a4:
61:b8:21:dd:c3:6d:cc:0c:8e:7b:5d:dc:37:2f:a2:
a2:e8:cf:1c:f5:61:78:f7:39:ba:a3:b5:b5:49:02:
16:15:a4:c7:41:42:2c:53:56:12:b2:91:a7:6f:7a:
df:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:0A:C5:66:66:BA:CE:17:86:79:AF:49:E7:C3:D2:0E:AA:A2:0A:63
X509v3 Authority Key Identifier:
keyid:DA:8F:05:E3:84:35:17:CF:09:71:C2:BF:9C:DD:DD:D6:27:17:E5:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2o8F44Q1F88JccK_nN3d1icX5Sw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b9884b-6fc5-4b3e-b1e8-e01e94124674/1/sgrFZma6zheGea9J58PSDqqiCmM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b9884b-6fc5-4b3e-b1e8-e01e94124674/1/2o8F44Q1F88JccK_nN3d1icX5Sw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
138.124.79.0/24
138.124.126.0/24
Signature Algorithm: sha256WithRSAEncryption
95:d8:e3:05:d5:6d:f0:3b:1c:c8:b0:4e:e4:4d:eb:b1:be:b7:
2b:f8:ab:31:78:7f:5c:58:50:54:28:ec:ea:cf:95:70:ed:f8:
b5:57:2d:c7:a0:79:11:a7:17:46:af:92:14:4b:d0:ae:b0:47:
d1:ed:0a:c9:c1:3a:3c:72:6f:16:42:30:ce:ff:2b:a1:e4:ef:
29:6e:da:aa:9b:17:4a:37:9b:05:84:ad:0e:41:7c:f8:78:2c:
48:10:f1:8b:51:f1:04:11:c5:17:1e:f4:bb:7f:53:07:d2:68:
12:c9:bc:aa:5e:6e:36:83:9a:d8:d9:8b:8d:fa:63:b9:de:e9:
6e:e0:31:ac:74:94:0e:1f:ec:b7:99:f4:75:e0:0c:f8:ab:2c:
11:42:57:6c:0d:db:8b:30:0e:6b:68:0e:c7:d7:f7:46:aa:4b:
6c:8e:5a:d4:04:c8:ad:d0:4c:44:8c:35:7a:12:07:2a:47:22:
d4:44:a2:06:fe:9b:f3:1f:73:5b:94:e3:80:d8:41:73:60:db:
1a:49:e2:d3:24:00:8c:37:60:a7:18:9b:39:76:d0:88:2e:41:
39:63:b6:0a:b8:00:3e:7d:be:a6:e1:f3:a4:06:6d:12:6e:bb:
9d:46:01:3d:48:7c:03:fc:a3:59:aa:72:2d:85:b1:68:95:08:
0a:7d:dc:4b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZwPiNBycOZlt5TYgwt08pGGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhOGYwNWUzODQzNTE3Y2YwOTcxYzJiZjljZGRkZGQ2Mjcx
N2U1MmMwHhcNMjYwMTMwMTUzMjMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjBhYzU2NjY2YmFjZTE3ODY3OWFmNDllN2MzZDIwZWFhYTIwYTYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqI5/2FNUYMVbO/9mTsTTaFtP41bs
ke6+jZl3IG/Pn8JMZEiBaZXVT9G0+uDYcqY+iKzI0MIp5TO3/rYwfQ5Oez3P15ub
m/7Wb/POUoj1yPN2CTQqmr70CW4gcmqfX0go+sjWIiY2SYV25/8eK8XOyzVOEuJp
5NDiGgJ2H5JkyJ+EOBzk9z/tpTTDIiGPZ1QFDSOYbZnmvnVlxIHVP2FcocvzhH8G
It89ZTd5Ms5UVczKDrju5/41gkEZ/gLIFgaRMPZYmJLRDVF8bUCRIs7Yy6RhuCHd
w23MDI57Xdw3L6Ki6M8c9WF49zm6o7W1SQIWFaTHQUIsU1YSspGnb3rfTQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLIKxWZmus4XhnmvSefD0g6qogpjMB8GA1UdIwQY
MBaAFNqPBeOENRfPCXHCv5zd3dYnF+UsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMm84RjQ0UTFGODhKY2NLX25OM2QxaWNYNVN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9iOTg4NGItNmZjNS00YjNlLWIxZTgt
ZTAxZTk0MTI0Njc0LzEvc2dyRlptYTZ6aGVHZWE5SjU4UFNEcXFpQ21NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9iOTg4NGItNmZjNS00YjNlLWIxZTgtZTAxZTk0MTI0Njc0
LzEvMm84RjQ0UTFGODhKY2NLX25OM2QxaWNYNVN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAinxPAwQA
inx+MA0GCSqGSIb3DQEBCwUAA4IBAQCV2OMF1W3wOxzIsE7kTeuxvrcr+KsxeH9c
WFBUKOzqz5Vw7fi1Vy3HoHkRpxdGr5IUS9CusEfR7QrJwTo8cm8WQjDO/yuh5O8p
btqqmxdKN5sFhK0OQXz4eCxIEPGLUfEEEcUXHvS7f1MH0mgSybyqXm42g5rY2YuN
+mO53ulu4DGsdJQOH+y3mfR14Az4qywRQldsDduLMA5raA7H1/dGqktsjlrUBMit
0ExEjDV6EgcqRyLURKIG/pvzH3NblOOA2EFzYNsaSeLTJACMN2CnGJs5dtCILkE5
Y7YKuAA+fb6m4fOkBm0SbrudRgE9SHwD/KNZqnIthbFolQgKfdxL
-----END CERTIFICATE-----
Generated at Mon Mar 2 06:42:11 2026 by rpki-client