Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/4f6985-b94a-47cc-a300-6f2cf4f03ceb/1/sblOD2Vnvdytv3EIv9Vs60T4k3I.roa
File: sblOD2Vnvdytv3EIv9Vs60T4k3I.roa (raw, json)
Hash identifier: U7h62eJV7fkX1a8W7lVZLKsNdCq8SUyqds6Fc3ndSXo=
Subject key identifier: B1:B9:4E:0F:65:67:BD:DC:AD:BF:71:08:BF:D5:6C:EB:44:F8:93:72
Certificate issuer: /CN=db1d6eba463b7564abfae938b46ed47187de0ec0
Certificate serial: 019D979E814ABF6D92D117138CD6C5DAED2E
Authority key identifier: DB:1D:6E:BA:46:3B:75:64:AB:FA:E9:38:B4:6E:D4:71:87:DE:0E:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2x1uukY7dWSr-uk4tG7UcYfeDsA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/4f6985-b94a-47cc-a300-6f2cf4f03ceb/1/sblOD2Vnvdytv3EIv9Vs60T4k3I.roa
Signing time: Thu 16 Apr 2026 18:47:20 +0000
ROA not before: Thu 16 Apr 2026 18:47:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 62005
IP address blocks: 91.210.108.0/23 maxlen: 24
91.221.190.0/23 maxlen: 24
91.242.228.0/24 maxlen: 24
132.243.168.0/22 maxlen: 24
146.19.49.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b8/4f6985-b94a-47cc-a300-6f2cf4f03ceb/1/2x1uukY7dWSr-uk4tG7UcYfeDsA.crl
rsync://rpki.ripe.net/repository/DEFAULT/b8/4f6985-b94a-47cc-a300-6f2cf4f03ceb/1/2x1uukY7dWSr-uk4tG7UcYfeDsA.mft
rsync://rpki.ripe.net/repository/DEFAULT/2x1uukY7dWSr-uk4tG7UcYfeDsA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:97:9e:81:4a:bf:6d:92:d1:17:13:8c:d6:c5:da:ed:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=db1d6eba463b7564abfae938b46ed47187de0ec0
Validity
Not Before: Apr 16 18:47:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=b1b94e0f6567bddcadbf7108bfd56ceb44f89372
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:59:b5:ff:8a:62:30:b3:75:ef:e0:97:76:ed:
b1:83:ce:6c:f5:0e:ac:06:ed:cb:6b:1b:fd:01:1d:
0e:b8:ce:01:e0:e9:05:c7:1c:b6:f8:fe:b0:cd:e7:
99:78:8e:5f:c4:38:9e:fb:40:36:0e:33:a5:f6:bc:
5d:00:a2:fd:26:e2:56:94:cf:f6:18:a1:4b:e5:9a:
14:05:6c:38:27:a0:b8:89:ba:3e:09:5c:56:fd:bd:
44:10:7b:9d:6f:24:96:68:ae:6e:ca:b6:b5:b1:d1:
51:f1:7a:1b:fd:28:b2:5d:e9:a8:6e:65:23:eb:f5:
a2:48:09:c3:5d:d5:40:3b:b8:ea:20:b7:02:d2:20:
14:16:3c:61:3f:6c:f8:6e:df:93:63:27:2d:4e:99:
02:3b:a1:52:7b:8c:ec:08:53:ec:6a:6b:2f:8b:07:
7a:dd:fc:48:76:87:33:9c:ac:aa:57:c3:2c:a5:52:
33:c0:17:3c:ff:f7:c8:22:1b:78:66:18:2d:e1:42:
4d:b2:4a:9c:f2:0d:af:5a:06:ee:a3:f8:54:e4:a7:
d2:0d:9f:c0:29:5c:99:d5:b0:da:c0:3e:74:e3:a9:
d8:74:b7:f5:28:82:37:c6:db:a4:ec:29:b3:5d:3b:
06:cb:c3:25:5e:0a:6c:de:54:ec:50:03:1c:c1:6b:
7f:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:B9:4E:0F:65:67:BD:DC:AD:BF:71:08:BF:D5:6C:EB:44:F8:93:72
X509v3 Authority Key Identifier:
keyid:DB:1D:6E:BA:46:3B:75:64:AB:FA:E9:38:B4:6E:D4:71:87:DE:0E:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2x1uukY7dWSr-uk4tG7UcYfeDsA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/4f6985-b94a-47cc-a300-6f2cf4f03ceb/1/sblOD2Vnvdytv3EIv9Vs60T4k3I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/4f6985-b94a-47cc-a300-6f2cf4f03ceb/1/2x1uukY7dWSr-uk4tG7UcYfeDsA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.210.108.0/23
91.221.190.0/23
91.242.228.0/24
132.243.168.0/22
146.19.49.0/24
Signature Algorithm: sha256WithRSAEncryption
08:56:c8:31:e6:f6:ef:ce:46:fd:a3:6b:4a:8c:fe:14:d4:9f:
09:9d:7b:35:a6:42:ea:7c:33:6a:22:9d:f8:56:94:5d:b9:86:
14:84:ad:12:1e:90:d5:08:63:90:9f:7f:85:f5:7f:c2:44:20:
22:c7:12:fc:28:0b:65:c8:4b:39:be:11:32:24:53:35:46:72:
0e:94:f5:33:35:45:d4:d6:f5:5e:a1:c8:9f:a7:49:0c:67:79:
fc:e4:43:ac:d4:76:95:9c:94:cc:15:0f:12:47:88:2a:83:fd:
91:ae:9d:1f:bd:34:d7:e5:30:0c:f6:36:74:94:c5:44:00:46:
4b:b7:48:f5:d6:29:2b:71:17:19:22:20:fa:f8:ed:7d:9a:28:
b6:06:c1:11:ef:64:92:21:08:de:37:b3:4f:71:ab:1f:48:01:
1d:66:ff:b4:e6:a1:63:75:1d:da:76:10:70:76:f3:a4:b4:b5:
e9:08:a7:3e:6b:44:b6:50:f8:49:d2:b1:59:2f:ab:be:69:f0:
05:32:55:62:3f:e9:39:37:91:44:9e:eb:90:2f:58:c2:cd:38:
88:e1:83:b8:db:06:a2:cf:0f:c3:24:71:37:9b:9c:34:ae:44:
25:7a:43:9a:6e:e2:ef:f2:c5:43:f5:26:24:5c:c3:48:ab:2c:
d9:60:1c:aa
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZ2XnoFKv22S0RcTjNbF2u0uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiMWQ2ZWJhNDYzYjc1NjRhYmZhZTkzOGI0NmVkNDcxODdk
ZTBlYzAwHhcNMjYwNDE2MTg0NzIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMWI5NGUwZjY1NjdiZGRjYWRiZjcxMDhiZmQ1NmNlYjQ0Zjg5MzcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm1m1/4piMLN17+CXdu2xg85s9Q6s
Bu3Laxv9AR0OuM4B4OkFxxy2+P6wzeeZeI5fxDie+0A2DjOl9rxdAKL9JuJWlM/2
GKFL5ZoUBWw4J6C4ibo+CVxW/b1EEHudbySWaK5uyra1sdFR8Xob/SiyXemobmUj
6/WiSAnDXdVAO7jqILcC0iAUFjxhP2z4bt+TYyctTpkCO6FSe4zsCFPsamsviwd6
3fxIdocznKyqV8MspVIzwBc8//fIIht4Zhgt4UJNskqc8g2vWgbuo/hU5KfSDZ/A
KVyZ1bDawD5046nYdLf1KII3xtuk7CmzXTsGy8MlXgps3lTsUAMcwWt/wwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFLG5Tg9lZ73crb9xCL/VbOtE+JNyMB8GA1UdIwQY
MBaAFNsdbrpGO3Vkq/rpOLRu1HGH3g7AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMngxdXVrWTdkV1NyLXVrNHRHN1VjWWZlRHNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80ZjY5ODUtYjk0YS00N2NjLWEzMDAt
NmYyY2Y0ZjAzY2ViLzEvc2JsT0QyVm52ZHl0djNFSXY5VnM2MFQ0azNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80ZjY5ODUtYjk0YS00N2NjLWEzMDAtNmYyY2Y0ZjAzY2Vi
LzEvMngxdXVrWTdkV1NyLXVrNHRHN1VjWWZlRHNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBW9JsAwQB
W92+AwQAW/LkAwQChPOoAwQAkhMxMA0GCSqGSIb3DQEBCwUAA4IBAQAIVsgx5vbv
zkb9o2tKjP4U1J8JnXs1pkLqfDNqIp34VpRduYYUhK0SHpDVCGOQn3+F9X/CRCAi
xxL8KAtlyEs5vhEyJFM1RnIOlPUzNUXU1vVeocifp0kMZ3n85EOs1HaVnJTMFQ8S
R4gqg/2Rrp0fvTTX5TAM9jZ0lMVEAEZLt0j11ikrcRcZIiD6+O19mii2BsER72SS
IQjeN7NPcasfSAEdZv+05qFjdR3adhBwdvOktLXpCKc+a0S2UPhJ0rFZL6u+afAF
MlViP+k5N5FEnuuQL1jCzTiI4YO42waizw/DJHE3m5w0rkQlekOabuLv8sVD9SYk
XMNIqyzZYByq
-----END CERTIFICATE-----
Generated at Fri Apr 17 07:02:39 2026 by rpki-client