Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/dcb70d-7947-4569-bc84-e060b4fcbccb/1/Sq-ujidV3DDsRqOSLpPxqfz8Glg.roa
File: Sq-ujidV3DDsRqOSLpPxqfz8Glg.roa (raw, json)
Hash identifier: 6PSBv//QP4qZRXvWnrG7tint+pXX8yUVg9OL2IFvirQ=
Subject key identifier: 4A:AF:AE:8E:27:55:DC:30:EC:46:A3:92:2E:93:F1:A9:FC:FC:1A:58
Certificate issuer: /CN=dcbfb0048a8da556fd9d3df1077402f843f5d703
Certificate serial: 019D7848A57B5518DE2C69F4D501C226EA08
Authority key identifier: DC:BF:B0:04:8A:8D:A5:56:FD:9D:3D:F1:07:74:02:F8:43:F5:D7:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3L-wBIqNpVb9nT3xB3QC-EP11wM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/dcb70d-7947-4569-bc84-e060b4fcbccb/1/Sq-ujidV3DDsRqOSLpPxqfz8Glg.roa
Signing time: Fri 10 Apr 2026 16:45:19 +0000
ROA not before: Fri 10 Apr 2026 16:45:19 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 906
IP address blocks: 45.88.192.0/22 maxlen: 24
193.41.248.0/24 maxlen: 24
193.41.250.0/24 maxlen: 24
193.110.200.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/dcb70d-7947-4569-bc84-e060b4fcbccb/1/3L-wBIqNpVb9nT3xB3QC-EP11wM.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/dcb70d-7947-4569-bc84-e060b4fcbccb/1/3L-wBIqNpVb9nT3xB3QC-EP11wM.mft
rsync://rpki.ripe.net/repository/DEFAULT/3L-wBIqNpVb9nT3xB3QC-EP11wM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 07:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:78:48:a5:7b:55:18:de:2c:69:f4:d5:01:c2:26:ea:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dcbfb0048a8da556fd9d3df1077402f843f5d703
Validity
Not Before: Apr 10 16:45:19 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=4aafae8e2755dc30ec46a3922e93f1a9fcfc1a58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:ae:45:d2:8c:f1:75:27:82:b0:a6:2b:ee:4d:
e0:2a:93:5b:47:98:0a:88:7a:45:d6:40:88:e5:94:
74:76:5f:5e:7b:de:87:45:af:e7:a3:e0:bd:b6:bb:
3f:ef:b2:46:4c:9b:0c:0d:11:1d:2d:eb:2e:06:56:
ed:7d:c7:cc:d2:bc:15:26:63:69:b8:fe:02:30:ea:
b3:f5:87:2e:a6:9d:81:a8:33:a2:ff:ad:f4:eb:38:
b5:be:96:7f:64:93:80:5b:b6:ed:fa:8d:cc:88:53:
60:a8:04:83:60:6e:2f:80:b5:75:28:0c:1a:d4:8d:
fa:b2:e0:76:33:0d:4f:a9:19:45:cf:6c:0d:f4:e4:
0c:70:f0:45:b8:5d:cf:3e:60:12:8a:fb:76:98:c0:
4d:af:ac:e7:f3:93:ea:2a:e4:8d:25:6f:18:a3:0f:
ff:1b:8d:fa:1f:51:83:20:58:14:12:bf:82:fa:88:
3e:e9:50:84:16:e9:75:4a:78:3a:01:67:c4:3b:57:
55:b4:d6:7e:a5:4d:60:5c:45:eb:7f:88:bd:3a:d3:
47:f3:74:97:6a:f7:6a:b6:65:76:c1:f4:42:85:52:
30:b4:79:7a:7d:5f:2f:26:24:21:43:89:f5:f7:a7:
be:ca:1d:77:61:0f:1e:91:1e:e3:04:24:e1:82:83:
0a:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:AF:AE:8E:27:55:DC:30:EC:46:A3:92:2E:93:F1:A9:FC:FC:1A:58
X509v3 Authority Key Identifier:
keyid:DC:BF:B0:04:8A:8D:A5:56:FD:9D:3D:F1:07:74:02:F8:43:F5:D7:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3L-wBIqNpVb9nT3xB3QC-EP11wM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/dcb70d-7947-4569-bc84-e060b4fcbccb/1/Sq-ujidV3DDsRqOSLpPxqfz8Glg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/dcb70d-7947-4569-bc84-e060b4fcbccb/1/3L-wBIqNpVb9nT3xB3QC-EP11wM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.192.0/22
193.41.248.0/24
193.41.250.0/24
193.110.200.0/22
Signature Algorithm: sha256WithRSAEncryption
33:dc:ef:7c:2e:77:be:d1:4e:2d:4b:3b:95:d6:50:c2:e8:37:
91:56:6b:3a:ee:61:65:9b:39:56:ce:98:0a:b0:6c:59:bf:f2:
9f:0c:28:9e:ce:b4:98:d3:04:a2:3e:e1:7d:72:3f:3d:4b:88:
85:e6:ef:ae:01:4a:53:28:a1:93:7c:09:2f:52:03:d0:c4:90:
7e:f4:c5:1e:e6:83:de:bf:91:25:0c:cd:d2:87:fd:5d:d6:00:
8f:66:23:94:04:ea:d1:37:a4:6b:c5:eb:05:0f:b0:22:a8:4c:
9d:db:cb:14:54:02:74:90:af:10:42:da:ef:9a:79:13:be:7c:
11:98:69:ef:8d:ac:dd:ca:cf:eb:96:45:17:b4:54:3f:db:85:
c1:e1:e4:6e:59:a7:d0:91:bb:28:b6:2a:dd:68:0a:79:40:d5:
2d:f9:3e:fb:fe:f4:52:79:0e:57:39:7b:af:83:e0:32:79:37:
9e:ce:d8:0b:5d:eb:dd:f3:db:3f:ef:89:a0:30:39:9d:1d:b8:
f1:3e:d0:9a:f9:f7:b7:b7:2c:cb:d8:8d:df:f0:ab:ca:32:3b:
07:5d:21:9f:32:95:42:b3:42:b6:f6:43:ed:f5:63:fa:e3:a3:
f6:b1:fc:f7:0c:b9:84:0e:a6:db:d9:54:67:19:34:68:dc:82:
b8:0f:78:34
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZ14SKV7VRjeLGn01QHCJuoIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjYmZiMDA0OGE4ZGE1NTZmZDlkM2RmMTA3NzQwMmY4NDNm
NWQ3MDMwHhcNMjYwNDEwMTY0NTE5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YWFmYWU4ZTI3NTVkYzMwZWM0NmEzOTIyZTkzZjFhOWZjZmMxYTU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApq5F0ozxdSeCsKYr7k3gKpNbR5gK
iHpF1kCI5ZR0dl9ee96HRa/no+C9trs/77JGTJsMDREdLesuBlbtfcfM0rwVJmNp
uP4CMOqz9Ycupp2BqDOi/6306zi1vpZ/ZJOAW7bt+o3MiFNgqASDYG4vgLV1KAwa
1I36suB2Mw1PqRlFz2wN9OQMcPBFuF3PPmASivt2mMBNr6zn85PqKuSNJW8Yow//
G436H1GDIFgUEr+C+og+6VCEFul1Sng6AWfEO1dVtNZ+pU1gXEXrf4i9OtNH83SX
avdqtmV2wfRChVIwtHl6fV8vJiQhQ4n196e+yh13YQ8ekR7jBCThgoMKSwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFEqvro4nVdww7Eajki6T8an8/BpYMB8GA1UdIwQY
MBaAFNy/sASKjaVW/Z098Qd0AvhD9dcDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0wtd0JJcU5wVmI5blQzeEIzUUMtRVAxMXdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC9kY2I3MGQtNzk0Ny00NTY5LWJjODQt
ZTA2MGI0ZmNiY2NiLzEvU3EtdWppZFYzRERzUnFPU0xwUHhxZno4R2xnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC9kY2I3MGQtNzk0Ny00NTY5LWJjODQtZTA2MGI0ZmNiY2Ni
LzEvM0wtd0JJcU5wVmI5blQzeEIzUUMtRVAxMXdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCLVjAAwQA
wSn4AwQAwSn6AwQCwW7IMA0GCSqGSIb3DQEBCwUAA4IBAQAz3O98Lne+0U4tSzuV
1lDC6DeRVms67mFlmzlWzpgKsGxZv/KfDCiezrSY0wSiPuF9cj89S4iF5u+uAUpT
KKGTfAkvUgPQxJB+9MUe5oPev5ElDM3Sh/1d1gCPZiOUBOrRN6RrxesFD7AiqEyd
28sUVAJ0kK8QQtrvmnkTvnwRmGnvjazdys/rlkUXtFQ/24XB4eRuWafQkbsotird
aAp5QNUt+T77/vRSeQ5XOXuvg+AyeTeeztgLXevd89s/74mgMDmdHbjxPtCa+fe3
tyzL2I3f8KvKMjsHXSGfMpVCs0K29kPt9WP646P2sfz3DLmEDqbb2VRnGTRo3IK4
D3g0
-----END CERTIFICATE-----
Generated at Fri Apr 17 17:12:00 2026 by rpki-client