Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/SQT32_SFSiBeN8yhu1uhi2on9GM.roa
File: SQT32_SFSiBeN8yhu1uhi2on9GM.roa (raw, json)
Hash identifier: Ug0OjPlq8V5zRrkjziD3I2t0c+HThWtv6n456zFIKeA=
Subject key identifier: 49:04:F7:DB:F4:85:4A:20:5E:37:CC:A1:BB:5B:A1:8B:6A:27:F4:63
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 019D966566F33FF482ADF413A141BE11FEF3
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/SQT32_SFSiBeN8yhu1uhi2on9GM.roa
Signing time: Thu 16 Apr 2026 13:05:21 +0000
ROA not before: Thu 16 Apr 2026 13:05:21 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 198883
IP address blocks: 45.145.56.0/24 maxlen: 24
45.149.147.0/24 maxlen: 24
185.126.67.0/24 maxlen: 24
195.66.24.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.mft
rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:96:65:66:f3:3f:f4:82:ad:f4:13:a1:41:be:11:fe:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Apr 16 13:05:21 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=4904f7dbf4854a205e37cca1bb5ba18b6a27f463
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:65:ed:08:52:0c:e0:4b:fd:77:ea:3c:54:ab:
9c:0c:90:20:9d:fc:5d:2d:05:e4:f7:c2:ae:15:41:
74:85:60:2f:c0:77:1c:e5:0e:b1:37:1a:0b:58:d8:
71:73:ec:f7:a8:af:db:1b:d3:b1:fc:f6:1a:b6:2d:
5a:23:6a:9f:1b:0c:62:bc:d1:14:0f:a6:4b:1b:8b:
c7:e4:af:92:2c:44:a2:b8:72:e8:2a:db:3c:3d:4d:
91:d5:cf:2d:f7:58:48:d3:39:75:1b:f0:8b:6e:ae:
d3:b2:32:f5:f7:c9:2b:4d:22:a5:c9:9a:dc:95:1a:
1b:0f:4a:92:5e:55:e2:db:7b:dd:2c:a2:7f:dc:83:
dd:11:f4:3a:98:e4:7c:bf:5d:1e:90:2c:8d:fa:14:
8b:73:43:2a:76:bf:d8:03:d6:90:c8:5a:ec:51:10:
28:7e:64:ff:76:52:73:e0:eb:03:11:09:a0:71:c0:
fa:0e:d5:fa:6c:e5:95:01:cb:81:24:22:f6:e6:85:
cf:ab:8a:91:41:d7:fa:a9:82:6e:59:a0:ab:30:ff:
83:85:91:bd:bc:4a:93:22:26:f7:c6:8b:d7:39:46:
2e:a4:eb:69:6c:79:28:99:00:f9:15:04:0b:55:1e:
f3:6d:7b:40:00:02:f8:f7:ef:24:d3:1a:21:e1:72:
46:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:04:F7:DB:F4:85:4A:20:5E:37:CC:A1:BB:5B:A1:8B:6A:27:F4:63
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/SQT32_SFSiBeN8yhu1uhi2on9GM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.145.56.0/24
45.149.147.0/24
185.126.67.0/24
195.66.24.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:b1:5b:95:41:22:2f:8e:2f:b7:73:ee:2c:1d:91:1d:d6:61:
85:25:82:aa:c6:02:e9:e5:5d:ca:46:09:b1:99:60:0b:98:52:
6a:df:7e:7a:6c:e7:03:e3:5b:dd:8a:cb:17:42:72:60:02:47:
77:59:a9:8c:62:a5:0f:a3:80:c2:c3:3a:3d:94:28:d8:2b:98:
a0:08:d2:2a:f2:a1:26:32:bd:52:4c:0d:b0:1a:1e:af:0a:f3:
8c:a1:35:59:b2:ae:c9:30:69:b4:e4:74:59:8c:d5:e9:05:18:
c2:09:a6:7d:d2:b0:e5:61:16:f4:1e:4d:2e:24:ec:be:07:ac:
75:24:41:35:e2:82:60:4f:6c:26:d3:70:74:b0:8f:88:42:7e:
1e:75:e0:f0:19:72:ad:0e:7d:9e:e5:f6:36:f7:a5:4d:0c:68:
bc:32:4e:37:ae:51:11:6c:e3:36:23:c2:df:f7:99:0a:35:d1:
1e:a4:19:5f:de:a1:ce:ea:38:47:96:1a:8a:67:e6:ea:1d:ca:
51:91:ec:bc:66:69:d4:b6:0e:01:b9:fd:85:b9:33:d4:6e:7e:
2e:27:d2:fd:69:bd:8c:f2:0c:f4:ed:3f:5a:cf:64:02:9f:05:
ba:2d:3f:ae:b8:20:79:56:83:dd:43:5b:31:d0:f3:52:c8:fa:
3c:bd:68:f3
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZ2WZWbzP/SCrfQToUG+Ef7zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjYwNDE2MTMwNTIxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OTA0ZjdkYmY0ODU0YTIwNWUzN2NjYTFiYjViYTE4YjZhMjdmNDYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA02XtCFIM4Ev9d+o8VKucDJAgnfxd
LQXk98KuFUF0hWAvwHcc5Q6xNxoLWNhxc+z3qK/bG9Ox/PYati1aI2qfGwxivNEU
D6ZLG4vH5K+SLESiuHLoKts8PU2R1c8t91hI0zl1G/CLbq7TsjL198krTSKlyZrc
lRobD0qSXlXi23vdLKJ/3IPdEfQ6mOR8v10ekCyN+hSLc0Mqdr/YA9aQyFrsURAo
fmT/dlJz4OsDEQmgccD6DtX6bOWVAcuBJCL25oXPq4qRQdf6qYJuWaCrMP+DhZG9
vEqTIib3xovXOUYupOtpbHkomQD5FQQLVR7zbXtAAAL49+8k0xoh4XJGNwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFEkE99v0hUogXjfMobtboYtqJ/RjMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvU1FUMzJfU0ZTaUJlTjh5aHUxdWhpMm9uOUdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALZE4AwQA
LZWTAwQAuX5DAwQAw0IYMA0GCSqGSIb3DQEBCwUAA4IBAQCPsVuVQSIvji+3c+4s
HZEd1mGFJYKqxgLp5V3KRgmxmWALmFJq3356bOcD41vdissXQnJgAkd3WamMYqUP
o4DCwzo9lCjYK5igCNIq8qEmMr1STA2wGh6vCvOMoTVZsq7JMGm05HRZjNXpBRjC
CaZ90rDlYRb0Hk0uJOy+B6x1JEE14oJgT2wm03B0sI+IQn4edeDwGXKtDn2e5fY2
96VNDGi8Mk43rlERbOM2I8Lf95kKNdEepBlf3qHO6jhHlhqKZ+bqHcpRkey8ZmnU
tg4Buf2FuTPUbn4uJ9L9ab2M8gz07T9az2QCnwW6LT+uuCB5VoPdQ1sx0PNSyPo8
vWjz
-----END CERTIFICATE-----
Generated at Fri Apr 17 03:55:23 2026 by rpki-client