Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/8b1fac-5a21-4848-a66a-10bb4579d528/1/smaQDy2hYnYh5iSHViMMRnAnJh0.roa
File: smaQDy2hYnYh5iSHViMMRnAnJh0.roa (raw, json)
Hash identifier: zO3TyrLnjBrXJ0HHHzjE+BxHwelGsPuK4Lo5/ikK+P4=
Subject key identifier: B2:66:90:0F:2D:A1:62:76:21:E6:24:87:56:23:0C:46:70:27:26:1D
Certificate issuer: /CN=0a7327805df20fb5c1d6f4e89074743caeb24af7
Certificate serial: 019DD7A68B61B1D47645C92993925EFF81AF
Authority key identifier: 0A:73:27:80:5D:F2:0F:B5:C1:D6:F4:E8:90:74:74:3C:AE:B2:4A:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CnMngF3yD7XB1vTokHR0PK6ySvc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/8b1fac-5a21-4848-a66a-10bb4579d528/1/smaQDy2hYnYh5iSHViMMRnAnJh0.roa
Signing time: Wed 29 Apr 2026 05:11:49 +0000
ROA not before: Wed 29 Apr 2026 05:11:49 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 58289
IP address blocks: 78.109.19.0/24 maxlen: 24
85.159.94.0/24 maxlen: 24
86.54.184.0/24 maxlen: 24
91.147.108.0/24 maxlen: 24
91.147.111.0/24 maxlen: 24
92.240.243.0/24 maxlen: 24
109.175.215.0/24 maxlen: 24
185.162.234.0/24 maxlen: 24
193.43.251.0/24 maxlen: 24
194.31.133.0/24 maxlen: 24
194.31.135.0/24 maxlen: 24
212.108.87.0/24 maxlen: 24
2a0e:6600::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4a/8b1fac-5a21-4848-a66a-10bb4579d528/1/CnMngF3yD7XB1vTokHR0PK6ySvc.crl
rsync://rpki.ripe.net/repository/DEFAULT/4a/8b1fac-5a21-4848-a66a-10bb4579d528/1/CnMngF3yD7XB1vTokHR0PK6ySvc.mft
rsync://rpki.ripe.net/repository/DEFAULT/CnMngF3yD7XB1vTokHR0PK6ySvc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 03 May 2026 05:01:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:d7:a6:8b:61:b1:d4:76:45:c9:29:93:92:5e:ff:81:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a7327805df20fb5c1d6f4e89074743caeb24af7
Validity
Not Before: Apr 29 05:11:49 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=b266900f2da1627621e6248756230c467027261d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:f3:23:15:67:4d:31:75:d0:f0:99:7e:b7:83:
d8:50:2a:8a:0a:02:6a:53:1f:bf:ab:25:d8:fe:db:
e1:48:b0:67:50:63:73:83:85:1c:77:0a:4a:2c:ef:
a0:0e:08:92:79:4e:23:a0:69:a4:23:24:d0:67:ae:
ae:91:48:a3:34:c5:0e:44:1a:7c:67:f0:0e:81:7e:
7d:72:b0:93:14:8d:a6:d4:2e:4c:65:b9:a8:0d:36:
48:74:12:cf:1c:4e:8f:63:6b:5a:5e:9a:b1:6f:b4:
80:e1:14:16:b3:a7:78:af:99:c3:ae:7c:ee:75:19:
1c:f2:a1:17:70:08:da:40:42:86:dd:cb:9f:99:24:
23:e8:f5:f0:cb:f8:da:28:36:d4:d0:91:69:37:43:
b5:35:46:7e:7c:da:60:50:62:5f:f3:84:a9:8a:cb:
81:81:c7:4f:c7:5a:e2:27:b8:fe:68:ab:34:b0:c3:
1d:5f:ea:3e:db:cf:46:2f:43:52:52:d1:6b:f1:79:
06:77:9d:ee:41:82:f3:66:c0:74:06:66:2c:dc:44:
61:b1:60:88:47:bf:f6:be:c5:21:c1:f8:ad:fc:db:
d8:68:18:f8:05:ed:64:63:4d:8e:33:2b:dc:d2:d5:
aa:e5:17:31:de:69:19:8c:10:58:65:4b:29:8c:05:
d7:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:66:90:0F:2D:A1:62:76:21:E6:24:87:56:23:0C:46:70:27:26:1D
X509v3 Authority Key Identifier:
keyid:0A:73:27:80:5D:F2:0F:B5:C1:D6:F4:E8:90:74:74:3C:AE:B2:4A:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CnMngF3yD7XB1vTokHR0PK6ySvc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/8b1fac-5a21-4848-a66a-10bb4579d528/1/smaQDy2hYnYh5iSHViMMRnAnJh0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/8b1fac-5a21-4848-a66a-10bb4579d528/1/CnMngF3yD7XB1vTokHR0PK6ySvc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.109.19.0/24
85.159.94.0/24
86.54.184.0/24
91.147.108.0/24
91.147.111.0/24
92.240.243.0/24
109.175.215.0/24
185.162.234.0/24
193.43.251.0/24
194.31.133.0/24
194.31.135.0/24
212.108.87.0/24
IPv6:
2a0e:6600::/48
Signature Algorithm: sha256WithRSAEncryption
04:76:ff:e9:69:47:68:e3:b4:d2:06:dc:de:4d:3c:8f:bc:4a:
e5:1b:7f:8d:67:b3:a9:81:bf:9e:4c:12:f2:50:89:2c:09:d4:
ca:75:89:19:26:06:fd:43:5e:ff:1d:40:1f:45:70:83:a9:f0:
ec:c5:9d:ff:e3:9e:14:76:d4:91:0c:d0:07:dd:04:8e:62:46:
d2:d0:35:a1:db:1e:f5:38:b1:5c:d7:01:2a:7e:f2:9a:f5:3e:
37:64:ae:78:7c:a8:30:fa:ee:22:0a:10:9a:38:d3:9c:2e:c5:
13:ed:38:89:1a:81:a6:83:72:9d:0e:c7:b5:07:da:88:90:91:
a1:7d:7a:0a:94:62:1f:0e:6d:90:95:78:b7:9f:54:4a:99:80:
7e:8d:27:58:a5:0e:f6:f5:12:ff:d9:77:de:d4:5f:36:69:8d:
c9:88:4b:8c:58:38:cd:91:2a:6c:84:a6:c8:56:29:b7:c5:52:
bb:7b:71:74:99:6c:ac:52:6a:a5:36:5a:87:72:97:9e:d9:7e:
2a:7b:44:b7:a2:2d:0e:e0:23:a9:0a:8f:65:37:20:73:4a:5f:
d2:c4:a2:1d:69:7c:e2:b7:67:3e:4d:30:cd:7c:6c:da:6a:66:
ab:f7:0b:e9:b7:11:f4:28:c4:75:f7:27:65:14:a1:2f:5c:ce:
3f:55:f1:07
-----BEGIN CERTIFICATE-----
MIIFUDCCBDigAwIBAgISAZ3XpothsdR2Rckpk5Je/4GvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhNzMyNzgwNWRmMjBmYjVjMWQ2ZjRlODkwNzQ3NDNjYWVi
MjRhZjcwHhcNMjYwNDI5MDUxMTQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjY2OTAwZjJkYTE2Mjc2MjFlNjI0ODc1NjIzMGM0NjcwMjcyNjFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4vMjFWdNMXXQ8Jl+t4PYUCqKCgJq
Ux+/qyXY/tvhSLBnUGNzg4UcdwpKLO+gDgiSeU4joGmkIyTQZ66ukUijNMUORBp8
Z/AOgX59crCTFI2m1C5MZbmoDTZIdBLPHE6PY2taXpqxb7SA4RQWs6d4r5nDrnzu
dRkc8qEXcAjaQEKG3cufmSQj6PXwy/jaKDbU0JFpN0O1NUZ+fNpgUGJf84SpisuB
gcdPx1riJ7j+aKs0sMMdX+o+289GL0NSUtFr8XkGd53uQYLzZsB0BmYs3ERhsWCI
R7/2vsUhwfit/NvYaBj4Be1kY02OMyvc0tWq5Rcx3mkZjBBYZUspjAXXgQIDAQAB
o4ICXDCCAlgwHQYDVR0OBBYEFLJmkA8toWJ2IeYkh1YjDEZwJyYdMB8GA1UdIwQY
MBaAFApzJ4Bd8g+1wdb06JB0dDyuskr3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ25NbmdGM3lEN1hCMXZUb2tIUjBQSzZ5U3ZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS84YjFmYWMtNWEyMS00ODQ4LWE2NmEt
MTBiYjQ1NzlkNTI4LzEvc21hUUR5MmhZblloNWlTSFZpTU1SbkFuSmgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS84YjFmYWMtNWEyMS00ODQ4LWE2NmEtMTBiYjQ1NzlkNTI4
LzEvQ25NbmdGM3lEN1hCMXZUb2tIUjBQSzZ5U3ZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHIGCCsGAQUFBwEHAQH/BGMwYTBOBAIAATBIAwQATm0TAwQA
VZ9eAwQAVja4AwQAW5NsAwQAW5NvAwQAXPDzAwQAba/XAwQAuaLqAwQAwSv7AwQA
wh+FAwQAwh+HAwQA1GxXMA8EAgACMAkDBwAqDmYAAAAwDQYJKoZIhvcNAQELBQAD
ggEBAAR2/+lpR2jjtNIG3N5NPI+8SuUbf41ns6mBv55MEvJQiSwJ1Mp1iRkmBv1D
Xv8dQB9FcIOp8OzFnf/jnhR21JEM0AfdBI5iRtLQNaHbHvU4sVzXASp+8pr1Pjdk
rnh8qDD67iIKEJo405wuxRPtOIkagaaDcp0Ox7UH2oiQkaF9egqUYh8ObZCVeLef
VEqZgH6NJ1ilDvb1Ev/Zd97UXzZpjcmIS4xYOM2RKmyEpshWKbfFUrt7cXSZbKxS
aqU2Wodyl57Zfip7RLeiLQ7gI6kKj2U3IHNKX9LEoh1pfOK3Zz5NMM18bNpqZqv3
C+m3EfQoxHX3J2UUoS9czj9V8Qc=
-----END CERTIFICATE-----
Generated at Sat May 2 14:51:01 2026 by rpki-client