Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/1-SnT6A8bIuS8ou7zP4my1zHqrOc.roa
File: 1-SnT6A8bIuS8ou7zP4my1zHqrOc.roa (raw, json)
Hash identifier: aJsxowleE7sR/aPvc4zJv3ud0JqycjWWVi9pWoJuKwA=
Subject key identifier: F9:29:D3:E8:0F:1B:22:E4:BC:A2:EE:F3:3F:89:B2:D7:31:EA:AC:E7
Certificate issuer: /CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Certificate serial: 019CDC44A2997146E00B4B733EFA844910D4
Authority key identifier: A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/1-SnT6A8bIuS8ou7zP4my1zHqrOc.roa
Signing time: Wed 11 Mar 2026 09:40:11 +0000
ROA not before: Wed 11 Mar 2026 09:40:11 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 41717
IP address blocks: 2.58.244.0/24 maxlen: 24
2.58.245.0/24 maxlen: 24
2.58.246.0/24 maxlen: 24
2.58.247.0/24 maxlen: 24
2.58.248.0/24 maxlen: 24
5.183.116.0/24 maxlen: 24
5.183.120.0/22 maxlen: 24
5.183.120.0/23 maxlen: 23
5.183.120.0/24 maxlen: 24
5.183.121.0/24 maxlen: 24
5.183.122.0/24 maxlen: 24
5.183.123.0/24 maxlen: 24
45.8.32.0/24 maxlen: 24
45.8.33.0/24 maxlen: 24
45.8.34.0/24 maxlen: 24
45.8.35.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.mft
rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 13 Mar 2026 03:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:dc:44:a2:99:71:46:e0:0b:4b:73:3e:fa:84:49:10:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Validity
Not Before: Mar 11 09:40:11 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=f929d3e80f1b22e4bca2eef33f89b2d731eaace7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:09:66:ab:33:25:fc:20:5c:cb:60:f1:20:3e:
cd:84:15:ea:fa:87:21:32:db:ba:64:ba:cc:c0:01:
09:ba:63:f5:2b:22:3b:c2:29:9f:29:29:1c:e0:0e:
cf:a9:2a:d9:d7:19:5e:72:40:e2:ab:dd:85:ef:e6:
45:1f:94:45:3b:a6:6e:81:b0:87:53:e1:a4:d0:0b:
9e:bf:c5:ce:d4:94:1d:d3:6c:6f:6e:82:73:2f:c4:
cd:5e:03:f7:00:4f:22:1c:00:ef:5f:17:1e:f1:aa:
5e:cf:33:1e:7b:03:3e:48:44:6f:5a:8b:ff:b5:f9:
31:27:3c:66:5a:c8:8a:4b:4b:03:96:73:46:f9:4e:
ba:2a:df:d8:2f:df:fe:b5:a2:7d:78:7d:f0:e8:d2:
1c:9d:16:c6:5f:54:ff:98:2a:68:5b:88:5c:15:dc:
0d:da:86:4c:b5:0d:96:0f:46:f6:c9:6a:30:29:59:
fa:a1:8c:22:91:65:a2:86:2a:d2:2e:20:ba:6a:97:
0e:ba:80:5b:0f:6a:74:d1:d9:b8:d3:98:58:79:27:
47:bc:3b:ab:fc:c9:a7:94:a0:40:09:9d:54:4f:22:
9f:92:92:41:81:3e:6b:fb:5f:d9:22:15:f3:ff:74:
4b:e7:6d:ed:89:fd:83:d3:0c:dc:32:a4:75:43:fe:
62:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:29:D3:E8:0F:1B:22:E4:BC:A2:EE:F3:3F:89:B2:D7:31:EA:AC:E7
X509v3 Authority Key Identifier:
keyid:A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/1-SnT6A8bIuS8ou7zP4my1zHqrOc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.244.0-2.58.248.255
5.183.116.0/24
5.183.120.0/22
45.8.32.0/22
Signature Algorithm: sha256WithRSAEncryption
97:40:fd:05:db:12:bc:c1:69:1f:27:42:6a:f2:d1:cc:6f:8b:
24:e3:96:5e:42:4c:40:a8:3b:02:ee:c8:7d:22:f2:ec:53:35:
54:52:db:0d:29:54:ff:f2:b6:0d:5a:9a:7b:5a:7a:f0:f4:ad:
8e:81:7b:a8:a8:04:3f:91:4a:ed:97:dd:09:9f:e4:49:30:73:
bb:9a:2c:06:0e:72:6a:8d:66:e3:1f:93:7e:36:5b:a5:ed:a3:
a7:1a:42:21:15:8b:f6:dc:3e:5d:fd:5f:86:35:b9:bd:08:93:
31:b0:cb:e0:58:2f:51:d2:89:dd:ca:bc:39:84:ae:ad:20:1b:
8d:d1:83:d6:7b:27:b5:24:42:de:34:b2:3a:c0:41:69:02:9d:
52:11:85:fe:28:b2:8d:cc:ca:45:4e:a9:ea:f6:44:78:40:1f:
94:2e:b1:55:4a:53:44:e4:f3:c2:03:39:e9:3f:38:c3:01:59:
b8:d4:74:67:10:33:ea:d2:fc:f7:28:61:e5:34:3e:61:ab:66:
ea:94:98:c6:10:0b:bc:55:3a:57:a6:7f:5a:c8:65:d6:5e:ce:
32:18:6a:eb:bf:88:b4:40:0e:b7:79:19:ab:10:7d:3d:30:35:
41:fa:f2:82:e3:b2:5e:3a:ff:4c:ce:97:54:9e:33:18:3a:65:
ad:6d:92:9f
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZzcRKKZcUbgC0tzPvqESRDUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1NzZlYjJjYzQ2MmU2ZTRiZjBkZTY5YjlmNjM0ODc1ZGVi
YmFhZTIwHhcNMjYwMzExMDk0MDExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTI5ZDNlODBmMWIyMmU0YmNhMmVlZjMzZjg5YjJkNzMxZWFhY2U3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAowlmqzMl/CBcy2DxID7NhBXq+och
Mtu6ZLrMwAEJumP1KyI7wimfKSkc4A7PqSrZ1xleckDiq92F7+ZFH5RFO6ZugbCH
U+Gk0Auev8XO1JQd02xvboJzL8TNXgP3AE8iHADvXxce8apezzMeewM+SERvWov/
tfkxJzxmWsiKS0sDlnNG+U66Kt/YL9/+taJ9eH3w6NIcnRbGX1T/mCpoW4hcFdwN
2oZMtQ2WD0b2yWowKVn6oYwikWWihirSLiC6apcOuoBbD2p00dm405hYeSdHvDur
/MmnlKBACZ1UTyKfkpJBgT5r+1/ZIhXz/3RL523tif2D0wzcMqR1Q/5itwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFPkp0+gPGyLkvKLu8z+Jstcx6qznMB8GA1UdIwQY
MBaAFKV26yzEYubkvw3mm59jSHXeu6riMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEt
MjU0YWNkOTJiNGUxLzEvMS1TblQ2QThiSXVTOG91N3pQNG15MXpIcXJPYy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvODcvOTMxOTI3LTlmMzgtNDFiNi04N2ZhLTI1NGFjZDkyYjRl
MS8xL3BYYnJMTVJpNXVTX0RlYWJuMk5JZGQ2N3F1SS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA5BggrBgEFBQcBBwEB/wQqMCgwJgQCAAEwIDAMAwQCAjr0
AwQAAjr4AwQABbd0AwQCBbd4AwQCLQggMA0GCSqGSIb3DQEBCwUAA4IBAQCXQP0F
2xK8wWkfJ0Jq8tHMb4sk45ZeQkxAqDsC7sh9IvLsUzVUUtsNKVT/8rYNWpp7Wnrw
9K2OgXuoqAQ/kUrtl90Jn+RJMHO7miwGDnJqjWbjH5N+Nlul7aOnGkIhFYv23D5d
/V+GNbm9CJMxsMvgWC9R0ondyrw5hK6tIBuN0YPWeye1JELeNLI6wEFpAp1SEYX+
KLKNzMpFTqnq9kR4QB+ULrFVSlNE5PPCAznpPzjDAVm41HRnEDPq0vz3KGHlND5h
q2bqlJjGEAu8VTpXpn9ayGXWXs4yGGrrv4i0QA63eRmrEH09MDVB+vKC47JeOv9M
zpdUnjMYOmWtbZKf
-----END CERTIFICATE-----
Generated at Thu Mar 12 12:57:02 2026 by rpki-client