Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/Sea5y_6G11fksnBMEsBEFFlAvq0.roa
File: Sea5y_6G11fksnBMEsBEFFlAvq0.roa (raw, json)
Hash identifier: hHdpAtl3pklqZ4qoB8GsnXzgMTi5qhh5wr2wn5S4Qts=
Subject key identifier: 49:E6:B9:CB:FE:86:D7:57:E4:B2:70:4C:12:C0:44:14:59:40:BE:AD
Certificate issuer: /CN=253a3b5f51808168c212c094a2baaff38e16464a
Certificate serial: 019CDCE43CBEB6EE0DEFC84B99D987298B38
Authority key identifier: 25:3A:3B:5F:51:80:81:68:C2:12:C0:94:A2:BA:AF:F3:8E:16:46:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/Sea5y_6G11fksnBMEsBEFFlAvq0.roa
Signing time: Wed 11 Mar 2026 12:34:31 +0000
ROA not before: Wed 11 Mar 2026 12:34:31 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 34879
IP address blocks: 195.208.64.0/24 maxlen: 24
195.208.65.0/24 maxlen: 24
195.208.66.0/23 maxlen: 24
195.208.68.0/24 maxlen: 24
195.208.69.0/24 maxlen: 24
195.208.70.0/24 maxlen: 24
195.208.71.0/24 maxlen: 24
195.208.72.0/24 maxlen: 24
195.208.73.0/24 maxlen: 24
195.208.74.0/24 maxlen: 24
195.208.75.0/24 maxlen: 24
195.208.76.0/24 maxlen: 24
195.208.77.0/24 maxlen: 24
195.209.64.0/24 maxlen: 24
195.209.65.0/24 maxlen: 24
195.209.66.0/24 maxlen: 24
195.209.67.0/24 maxlen: 24
195.209.68.0/24 maxlen: 24
195.209.69.0/24 maxlen: 24
195.209.70.0/24 maxlen: 24
195.209.71.0/24 maxlen: 24
195.209.72.0/23 maxlen: 24
195.209.74.0/24 maxlen: 24
195.209.75.0/24 maxlen: 24
195.209.76.0/24 maxlen: 24
195.209.77.0/24 maxlen: 24
195.209.78.0/24 maxlen: 24
195.209.79.0/24 maxlen: 24
195.209.80.0/24 maxlen: 24
195.209.81.0/24 maxlen: 24
195.209.82.0/24 maxlen: 24
195.209.83.0/24 maxlen: 24
195.209.84.0/24 maxlen: 24
195.209.85.0/24 maxlen: 24
195.209.86.0/24 maxlen: 24
195.209.87.0/24 maxlen: 24
195.209.88.0/21 maxlen: 24
195.209.192.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/JTo7X1GAgWjCEsCUorqv844WRko.crl
rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/JTo7X1GAgWjCEsCUorqv844WRko.mft
rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 12 Mar 2026 12:34:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:dc:e4:3c:be:b6:ee:0d:ef:c8:4b:99:d9:87:29:8b:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=253a3b5f51808168c212c094a2baaff38e16464a
Validity
Not Before: Mar 11 12:34:31 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=49e6b9cbfe86d757e4b2704c12c044145940bead
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:7e:9c:c8:34:35:f9:d4:a3:d9:80:45:f6:27:
e5:2a:6f:72:da:76:28:ed:51:4c:49:05:dd:71:21:
75:95:df:88:b4:69:b7:28:cd:0a:e3:11:25:88:9a:
2f:dc:8f:48:f0:25:25:63:db:bf:0e:83:86:34:73:
20:52:dd:89:d2:74:96:8a:7c:87:a7:1f:b8:2d:d8:
d6:f7:a0:b0:ef:bd:58:de:bc:ca:1d:cb:82:2e:df:
83:b9:55:f6:3b:d6:c7:69:ab:b8:17:1d:3d:d1:2b:
4b:4c:c1:45:86:c1:c6:9b:03:82:8f:25:71:0a:0a:
7d:c1:94:47:53:0d:e3:3f:d1:8c:1f:0e:68:83:6b:
b4:e8:c8:d5:33:93:37:79:30:ce:b1:56:2d:41:b4:
1b:04:db:e1:81:fa:1e:3d:8c:7b:88:16:94:bd:a0:
06:c1:c4:41:48:5f:71:2e:a2:f4:7b:5a:39:1c:e7:
8d:3b:00:a6:7d:36:f7:4f:c0:e8:50:ea:17:45:71:
f5:4e:27:9e:d7:44:c4:fe:15:8b:fa:c7:e1:a4:3e:
bd:36:1f:10:71:b8:e5:eb:16:0b:68:af:cc:bc:25:
23:4c:d3:2c:06:db:ce:af:6b:0f:1a:9b:51:e8:5f:
b4:a3:c1:c0:6c:4a:d8:8e:ed:e0:04:10:e6:0c:6f:
16:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:E6:B9:CB:FE:86:D7:57:E4:B2:70:4C:12:C0:44:14:59:40:BE:AD
X509v3 Authority Key Identifier:
keyid:25:3A:3B:5F:51:80:81:68:C2:12:C0:94:A2:BA:AF:F3:8E:16:46:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/Sea5y_6G11fksnBMEsBEFFlAvq0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/JTo7X1GAgWjCEsCUorqv844WRko.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.208.64.0-195.208.77.255
195.209.64.0/19
195.209.192.0/20
Signature Algorithm: sha256WithRSAEncryption
1c:74:04:7a:8c:53:b9:88:3d:7d:61:c1:ca:f4:97:bd:ca:b1:
62:83:fa:15:61:09:8c:5d:61:31:e7:f5:62:13:cb:55:3b:01:
8c:71:16:94:ac:4d:69:a2:08:55:8d:c8:f2:8d:79:c4:a8:d7:
45:07:cb:aa:47:42:5c:9d:94:bc:45:c9:3d:d5:30:57:72:4a:
63:a8:29:51:73:17:a9:22:af:ab:f7:da:91:7b:25:14:58:a1:
d2:fe:d4:18:54:c7:f4:9b:76:49:6c:42:f0:61:3f:40:55:dd:
d7:6e:02:3f:79:ee:1c:f6:85:bd:a4:b4:b3:9c:00:6b:cd:1c:
d9:c0:a5:f5:c5:17:ae:d0:cc:78:fa:6b:79:70:e5:e3:6c:19:
e7:74:18:01:4f:7d:fd:10:42:90:f1:ca:ba:48:0e:18:04:f3:
6b:62:50:0e:95:a9:31:a5:74:3e:4e:0c:a2:09:5f:6d:73:3e:
0d:33:95:f8:9b:26:1d:10:45:da:2d:fe:c7:67:94:7b:14:66:
76:13:ea:e7:db:79:d8:af:e5:11:17:12:7e:38:f2:df:1a:49:
82:93:58:66:8d:92:c3:92:e5:da:3e:79:1d:8f:4d:7e:a8:ce:
5e:a9:b5:73:92:51:30:47:26:e9:ed:45:21:7a:f4:4f:67:d1:
28:68:6f:8b
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZzc5Dy+tu4N78hLmdmHKYs4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1M2EzYjVmNTE4MDgxNjhjMjEyYzA5NGEyYmFhZmYzOGUx
NjQ2NGEwHhcNMjYwMzExMTIzNDMxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OWU2YjljYmZlODZkNzU3ZTRiMjcwNGMxMmMwNDQxNDU5NDBiZWFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApn6cyDQ1+dSj2YBF9iflKm9y2nYo
7VFMSQXdcSF1ld+ItGm3KM0K4xEliJov3I9I8CUlY9u/DoOGNHMgUt2J0nSWinyH
px+4LdjW96Cw771Y3rzKHcuCLt+DuVX2O9bHaau4Fx090StLTMFFhsHGmwOCjyVx
Cgp9wZRHUw3jP9GMHw5og2u06MjVM5M3eTDOsVYtQbQbBNvhgfoePYx7iBaUvaAG
wcRBSF9xLqL0e1o5HOeNOwCmfTb3T8DoUOoXRXH1Tiee10TE/hWL+sfhpD69Nh8Q
cbjl6xYLaK/MvCUjTNMsBtvOr2sPGptR6F+0o8HAbErYju3gBBDmDG8WWQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFEnmucv+htdX5LJwTBLARBRZQL6tMB8GA1UdIwQY
MBaAFCU6O19RgIFowhLAlKK6r/OOFkZKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlRvN1gxR0FnV2pDRXNDVW9ycXY4NDRXUmtvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS85NzQ3NGMtMWRjMi00NjJjLWFhZGQt
OWU5YTFlMDM3MzhlLzEvU2VhNXlfNkcxMWZrc25CTUVzQkVGRmxBdnEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS85NzQ3NGMtMWRjMi00NjJjLWFhZGQtOWU5YTFlMDM3Mzhl
LzEvSlRvN1gxR0FnV2pDRXNDVW9ycXY4NDRXUmtvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAbD0EAD
BAHD0EwDBAXD0UADBATD0cAwDQYJKoZIhvcNAQELBQADggEBABx0BHqMU7mIPX1h
wcr0l73KsWKD+hVhCYxdYTHn9WITy1U7AYxxFpSsTWmiCFWNyPKNecSo10UHy6pH
QlydlLxFyT3VMFdySmOoKVFzF6kir6v32pF7JRRYodL+1BhUx/SbdklsQvBhP0BV
3dduAj957hz2hb2ktLOcAGvNHNnApfXFF67QzHj6a3lw5eNsGed0GAFPff0QQpDx
yrpIDhgE82tiUA6VqTGldD5ODKIJX21zPg0zlfibJh0QRdot/sdnlHsUZnYT6ufb
ediv5REXEn448t8aSYKTWGaNksOS5do+eR2PTX6ozl6ptXOSUTBHJuntRSF69E9n
0Shob4s=
-----END CERTIFICATE-----
Generated at Wed Mar 11 22:19:32 2026 by rpki-client