Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/SAOjAfmVta9T_Ls7ykRFr8U5SYI.roa
File: SAOjAfmVta9T_Ls7ykRFr8U5SYI.roa (raw, json)
Hash identifier: r10sWadtpWdod9WG4HGHqPD7qRwz46PwcZV2+I/tlNM=
Subject key identifier: 48:03:A3:01:F9:95:B5:AF:53:FC:BB:3B:CA:44:45:AF:C5:39:49:82
Certificate issuer: /CN=d3e97033a36aa9bcc0c2f167e620d7ca1493cbea
Certificate serial: 019D40A87EFEDCEB13E3D363CF12023FE27F
Authority key identifier: D3:E9:70:33:A3:6A:A9:BC:C0:C2:F1:67:E6:20:D7:CA:14:93:CB:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0-lwM6NqqbzAwvFn5iDXyhSTy-o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/SAOjAfmVta9T_Ls7ykRFr8U5SYI.roa
Signing time: Mon 30 Mar 2026 21:31:17 +0000
ROA not before: Mon 30 Mar 2026 21:31:17 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 39577
IP address blocks: 92.118.74.0/24 maxlen: 24
92.118.75.0/24 maxlen: 24
92.246.140.0/23 maxlen: 32
185.230.243.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/0-lwM6NqqbzAwvFn5iDXyhSTy-o.crl
rsync://rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/0-lwM6NqqbzAwvFn5iDXyhSTy-o.mft
rsync://rpki.ripe.net/repository/DEFAULT/0-lwM6NqqbzAwvFn5iDXyhSTy-o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Apr 2026 04:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:40:a8:7e:fe:dc:eb:13:e3:d3:63:cf:12:02:3f:e2:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3e97033a36aa9bcc0c2f167e620d7ca1493cbea
Validity
Not Before: Mar 30 21:31:17 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=4803a301f995b5af53fcbb3bca4445afc5394982
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:7d:db:b0:80:a8:36:37:3a:43:8f:1b:21:32:
23:2c:0a:5e:fc:25:d9:24:6f:93:45:95:98:0e:59:
0c:25:a8:03:0a:f5:ba:01:80:77:3d:d3:55:97:ee:
56:a1:56:9c:59:d8:3b:5c:db:a0:43:27:f3:21:af:
68:be:bb:5c:3a:1e:ec:63:76:d6:70:ae:ca:ec:67:
30:d6:0f:04:b8:eb:07:d3:5e:03:66:2f:7e:fb:e5:
22:02:a7:30:c6:fa:af:7b:0d:de:e7:68:8f:9c:33:
16:d2:0b:40:9f:db:7f:2b:bd:e6:db:91:5b:60:09:
5e:15:d6:41:04:22:17:f1:ea:b1:7b:59:a0:65:a9:
a7:99:89:5a:99:97:08:c0:22:af:93:08:97:6c:1b:
ad:52:06:c5:1f:11:35:26:ec:06:8f:03:94:d8:27:
cf:de:2e:16:48:fa:0c:4d:4b:e7:05:e2:07:fc:17:
64:68:11:8b:d0:26:00:02:67:d4:94:4f:f9:4f:b9:
d4:15:e4:f4:f0:ce:df:c2:6e:a8:06:25:07:eb:7e:
2a:b6:5a:a3:79:77:c9:7c:2a:af:30:83:ff:3a:34:
c4:0c:c0:6a:dd:83:30:7a:26:c1:d8:13:aa:39:c8:
ea:1f:39:dc:a2:a1:c9:c3:75:7f:31:3a:18:71:d3:
d0:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:03:A3:01:F9:95:B5:AF:53:FC:BB:3B:CA:44:45:AF:C5:39:49:82
X509v3 Authority Key Identifier:
keyid:D3:E9:70:33:A3:6A:A9:BC:C0:C2:F1:67:E6:20:D7:CA:14:93:CB:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0-lwM6NqqbzAwvFn5iDXyhSTy-o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/SAOjAfmVta9T_Ls7ykRFr8U5SYI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/5a320b-e94f-41c9-82f3-dbf9d41f1798/1/0-lwM6NqqbzAwvFn5iDXyhSTy-o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.118.74.0/23
92.246.140.0/23
185.230.243.0/24
Signature Algorithm: sha256WithRSAEncryption
ad:db:10:cb:ca:e8:0d:7e:9f:2d:71:ae:52:5a:c6:d0:ec:04:
a4:92:54:29:38:25:3d:d3:d8:8a:82:e2:f8:e4:1f:4e:b6:d5:
8f:42:0e:8a:fb:00:b5:96:8b:18:9e:12:e1:e3:4c:b6:3d:24:
4f:20:42:7c:ec:b7:61:d5:02:15:01:2f:b4:85:f3:c7:01:6a:
d8:70:d2:6b:09:23:06:57:0a:2c:44:a7:b4:b9:d3:15:d1:6c:
18:f1:1d:54:04:19:73:c9:86:38:8e:ee:aa:17:de:2e:fd:fa:
59:c9:86:98:fa:2d:07:ba:60:4d:cc:45:95:27:7e:67:82:26:
e8:b3:f8:a1:37:b4:ee:73:7f:70:5b:d0:71:99:6e:6f:bf:85:
a1:26:18:51:d9:eb:c7:c7:6f:cb:1c:c0:dd:5b:10:38:c8:32:
19:75:bb:63:a3:3f:56:b1:d6:88:ea:8c:57:fb:0e:af:c8:a2:
5c:f6:5c:05:f2:6f:d1:6c:e9:51:43:56:8f:fb:ba:1f:0d:36:
dd:15:c4:e5:3d:88:61:aa:fa:2c:49:6a:57:0d:0c:74:d0:e0:
cb:59:34:2c:68:a8:c5:53:9c:9a:01:58:78:57:84:b1:43:91:
a5:89:85:01:3b:a1:7d:a9:c0:ee:8d:9e:dd:ca:a6:4c:3e:9e:
ed:67:68:a8
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZ1AqH7+3OsT49NjzxICP+J/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzZTk3MDMzYTM2YWE5YmNjMGMyZjE2N2U2MjBkN2NhMTQ5
M2NiZWEwHhcNMjYwMzMwMjEzMTE3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODAzYTMwMWY5OTViNWFmNTNmY2JiM2JjYTQ0NDVhZmM1Mzk0OTgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArH3bsICoNjc6Q48bITIjLApe/CXZ
JG+TRZWYDlkMJagDCvW6AYB3PdNVl+5WoVacWdg7XNugQyfzIa9ovrtcOh7sY3bW
cK7K7Gcw1g8EuOsH014DZi9+++UiAqcwxvqvew3e52iPnDMW0gtAn9t/K73m25Fb
YAleFdZBBCIX8eqxe1mgZamnmYlamZcIwCKvkwiXbButUgbFHxE1JuwGjwOU2CfP
3i4WSPoMTUvnBeIH/BdkaBGL0CYAAmfUlE/5T7nUFeT08M7fwm6oBiUH634qtlqj
eXfJfCqvMIP/OjTEDMBq3YMweibB2BOqOcjqHzncoqHJw3V/MToYcdPQVwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEgDowH5lbWvU/y7O8pERa/FOUmCMB8GA1UdIwQY
MBaAFNPpcDOjaqm8wMLxZ+Yg18oUk8vqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMC1sd002TnFxYnpBd3ZGbjVpRFh5aFNUeS1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS81YTMyMGItZTk0Zi00MWM5LTgyZjMt
ZGJmOWQ0MWYxNzk4LzEvU0FPakFmbVZ0YTlUX0xzN3lrUkZyOFU1U1lJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS81YTMyMGItZTk0Zi00MWM5LTgyZjMtZGJmOWQ0MWYxNzk4
LzEvMC1sd002TnFxYnpBd3ZGbjVpRFh5aFNUeS1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBXHZKAwQB
XPaMAwQAuebzMA0GCSqGSIb3DQEBCwUAA4IBAQCt2xDLyugNfp8tca5SWsbQ7ASk
klQpOCU909iKguL45B9OttWPQg6K+wC1losYnhLh40y2PSRPIEJ87Ldh1QIVAS+0
hfPHAWrYcNJrCSMGVwosRKe0udMV0WwY8R1UBBlzyYY4ju6qF94u/fpZyYaY+i0H
umBNzEWVJ35ngibos/ihN7Tuc39wW9BxmW5vv4WhJhhR2evHx2/LHMDdWxA4yDIZ
dbtjoz9WsdaI6oxX+w6vyKJc9lwF8m/RbOlRQ1aP+7ofDTbdFcTlPYhhqvosSWpX
DQx00ODLWTQsaKjFU5yaAVh4V4SxQ5GliYUBO6F9qcDujZ7dyqZMPp7tZ2io
-----END CERTIFICATE-----
Generated at Sun Apr 19 12:57:31 2026 by rpki-client