Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/sJkFnWG3iDL7QEkCGIhCXUaxFCc.roa
File: sJkFnWG3iDL7QEkCGIhCXUaxFCc.roa (raw, json)
Hash identifier: Iwo6+xzmLFxvGz03rVLENUxfgB4riTbTCrJNz/Gh9mI=
Subject key identifier: B0:99:05:9D:61:B7:88:32:FB:40:49:02:18:88:42:5D:46:B1:14:27
Certificate issuer: /CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Certificate serial: 019E3FF9344C7D75F71DC54D2C06229B6C8A
Authority key identifier: DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/sJkFnWG3iDL7QEkCGIhCXUaxFCc.roa
Signing time: Tue 19 May 2026 11:22:36 +0000
ROA not before: Tue 19 May 2026 11:22:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 3320
IP address blocks: 84.232.29.0/24 maxlen: 24
84.236.247.0/24 maxlen: 24
88.148.121.0/24 maxlen: 24
89.32.161.0/24 maxlen: 24
89.45.244.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.crl
rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.mft
rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 04 Jun 2026 19:00:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:3f:f9:34:4c:7d:75:f7:1d:c5:4d:2c:06:22:9b:6c:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Validity
Not Before: May 19 11:22:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=b099059d61b78832fb4049021888425d46b11427
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f7:26:68:d7:3a:38:b1:71:75:b6:e2:05:7d:bf:
27:3d:1a:ea:2a:67:db:b7:fd:05:b8:bb:be:96:60:
e8:57:3a:0a:c2:5f:cd:18:bf:9b:c8:b9:d9:cd:45:
09:5e:e9:8d:bc:a4:f1:11:3d:24:fd:e2:c9:e0:49:
f1:4a:30:c0:b8:36:3b:93:af:d1:2f:94:27:95:ea:
e4:bc:c6:59:b9:78:5a:1c:14:f0:be:80:4f:0b:b2:
fe:8d:bf:2f:56:c1:26:82:a0:18:d4:3a:ad:f0:4d:
b8:13:12:e4:56:19:62:f1:46:ef:33:64:1f:c9:87:
6c:fb:80:3b:36:dc:6d:a1:98:5a:93:15:4f:c6:8e:
d7:a9:86:5f:95:1a:ed:8e:fe:32:d8:56:2b:a5:62:
16:09:ce:93:cd:d7:1c:da:c1:f1:9b:25:46:76:03:
2d:af:c0:0c:3f:90:29:42:49:43:9f:bb:ca:52:76:
66:62:bb:ff:c0:95:2d:22:c3:06:c9:a9:1a:d3:02:
c2:1e:71:9e:50:96:61:63:76:e7:51:2c:f1:f9:9e:
ec:df:0b:59:3d:a9:f8:f4:fc:70:43:d8:05:45:4f:
ec:d7:72:e4:8a:77:94:73:bd:a4:02:02:07:bd:87:
5b:8d:8d:e7:7d:0e:5e:0e:0d:39:7c:b6:19:26:84:
6f:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:99:05:9D:61:B7:88:32:FB:40:49:02:18:88:42:5D:46:B1:14:27
X509v3 Authority Key Identifier:
keyid:DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/sJkFnWG3iDL7QEkCGIhCXUaxFCc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.232.29.0/24
84.236.247.0/24
88.148.121.0/24
89.32.161.0/24
89.45.244.0/24
Signature Algorithm: sha256WithRSAEncryption
b0:69:b5:cc:b8:9d:6d:af:db:ce:e5:d4:0e:b0:3c:7d:e2:15:
16:f5:54:25:bf:60:cd:75:b7:d0:10:b4:73:86:06:47:6d:d1:
9d:38:28:7b:89:2c:f3:94:5e:f8:e4:ea:9d:c0:21:39:50:24:
7a:b2:90:73:a0:cc:25:46:ed:4e:5b:b4:5e:f8:e5:79:21:ce:
70:d8:02:40:57:e0:ae:67:d7:20:10:af:c8:c3:e7:df:c6:23:
82:a0:7f:6c:25:6b:1b:eb:d4:b7:83:0f:fd:9c:5a:26:ae:3d:
8b:28:78:80:a5:73:a4:7b:7a:8f:f5:b5:ce:4c:01:05:32:e9:
78:cf:bc:57:c7:ed:06:f7:47:67:7a:34:c6:57:31:9c:14:07:
43:28:96:a0:64:72:74:3e:17:42:15:62:67:75:10:c0:ea:27:
f5:7c:f0:ef:10:d6:d4:66:36:66:83:9e:3c:1e:d2:d5:75:73:
f1:ef:7a:5e:3c:11:25:8a:b2:a4:16:10:74:bb:81:bf:9f:06:
d7:86:91:a2:7d:0d:ff:7a:ef:f6:8e:a6:9a:87:ea:be:46:59:
7b:db:d3:32:2b:9b:88:cb:28:de:d0:b8:36:d0:ac:91:ba:78:
0b:e6:5c:14:39:f6:d0:c6:db:fd:88:1a:77:15:cd:5d:57:36:
fa:3c:e6:b0
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZ4/+TRMfXX3HcVNLAYim2yKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhYWYxN2IwMDE1ZGJiN2NkOTkyZjI2Y2RmZjAxYzRlMjYy
MGI3M2UwHhcNMjYwNTE5MTEyMjM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMDk5MDU5ZDYxYjc4ODMyZmI0MDQ5MDIxODg4NDI1ZDQ2YjExNDI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9yZo1zo4sXF1tuIFfb8nPRrqKmfb
t/0FuLu+lmDoVzoKwl/NGL+byLnZzUUJXumNvKTxET0k/eLJ4EnxSjDAuDY7k6/R
L5QnlerkvMZZuXhaHBTwvoBPC7L+jb8vVsEmgqAY1Dqt8E24ExLkVhli8UbvM2Qf
yYds+4A7NtxtoZhakxVPxo7XqYZflRrtjv4y2FYrpWIWCc6Tzdcc2sHxmyVGdgMt
r8AMP5ApQklDn7vKUnZmYrv/wJUtIsMGyaka0wLCHnGeUJZhY3bnUSzx+Z7s3wtZ
Pan49PxwQ9gFRU/s13LkineUc72kAgIHvYdbjY3nfQ5eDg05fLYZJoRvzwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFLCZBZ1ht4gy+0BJAhiIQl1GsRQnMB8GA1UdIwQY
MBaAFNqvF7ABXbt82ZLybN/wHE4mILc+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAt
Y2YwNmQxOTgzYmExLzEvc0prRm5XRzNpREw3UUVrQ0dJaENYVWF4RkNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAtY2YwNmQxOTgzYmEx
LzEvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAVOgdAwQA
VOz3AwQAWJR5AwQAWSChAwQAWS30MA0GCSqGSIb3DQEBCwUAA4IBAQCwabXMuJ1t
r9vO5dQOsDx94hUW9VQlv2DNdbfQELRzhgZHbdGdOCh7iSzzlF745OqdwCE5UCR6
spBzoMwlRu1OW7Re+OV5Ic5w2AJAV+CuZ9cgEK/Iw+ffxiOCoH9sJWsb69S3gw/9
nFomrj2LKHiApXOke3qP9bXOTAEFMul4z7xXx+0G90dnejTGVzGcFAdDKJagZHJ0
PhdCFWJndRDA6if1fPDvENbUZjZmg548HtLVdXPx73pePBElirKkFhB0u4G/nwbX
hpGifQ3/eu/2jqaah+q+Rll729MyK5uIyyje0Lg20KyRungL5lwUOfbQxtv9iBp3
Fc1dVzb6POaw
-----END CERTIFICATE-----
Generated at Thu Jun 4 03:14:41 2026 by rpki-client