Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/0895d2-b778-46c4-a691-f1237f4c5cf6/1/SbQrzw5bedEzafBuBFrQvUpgX5w.roa
File: SbQrzw5bedEzafBuBFrQvUpgX5w.roa (raw, json)
Hash identifier: N6GnlqTTOzlBqifhZ0vVNFyM6GeaLcSbXxk2VxlzMlQ=
Subject key identifier: 49:B4:2B:CF:0E:5B:79:D1:33:69:F0:6E:04:5A:D0:BD:4A:60:5F:9C
Certificate issuer: /CN=0837c99b2a4c062d5c20678f9dcf3207aefd5e78
Certificate serial: 019CB70DE5F9BD86C63DE9634C4B104BBB15
Authority key identifier: 08:37:C9:9B:2A:4C:06:2D:5C:20:67:8F:9D:CF:32:07:AE:FD:5E:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CDfJmypMBi1cIGePnc8yB679Xng.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/0895d2-b778-46c4-a691-f1237f4c5cf6/1/SbQrzw5bedEzafBuBFrQvUpgX5w.roa
Signing time: Wed 04 Mar 2026 04:14:27 +0000
ROA not before: Wed 04 Mar 2026 04:14:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 212628
IP address blocks: 64.118.144.0/22 maxlen: 22
66.51.64.0/20 maxlen: 24
216.195.200.0/21 maxlen: 21
216.236.1.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d1/0895d2-b778-46c4-a691-f1237f4c5cf6/1/CDfJmypMBi1cIGePnc8yB679Xng.crl
rsync://rpki.ripe.net/repository/DEFAULT/d1/0895d2-b778-46c4-a691-f1237f4c5cf6/1/CDfJmypMBi1cIGePnc8yB679Xng.mft
rsync://rpki.ripe.net/repository/DEFAULT/CDfJmypMBi1cIGePnc8yB679Xng.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Mar 2026 21:00:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:b7:0d:e5:f9:bd:86:c6:3d:e9:63:4c:4b:10:4b:bb:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0837c99b2a4c062d5c20678f9dcf3207aefd5e78
Validity
Not Before: Mar 4 04:14:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=49b42bcf0e5b79d13369f06e045ad0bd4a605f9c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:cb:97:46:fa:a6:01:bb:0c:a1:b6:ce:28:54:
19:07:94:f2:2b:a2:20:15:f4:58:7b:a7:e9:b1:4d:
1c:47:7e:68:7b:9f:03:e4:a0:16:24:df:ef:b8:3a:
5e:62:f6:96:82:ac:64:70:3c:11:f0:53:a9:b7:f4:
6c:fc:6d:0b:f5:8b:0d:05:1a:17:58:91:de:23:e7:
7a:49:99:b0:35:af:04:e3:30:5e:51:af:21:c0:17:
be:27:16:c5:d0:9f:12:3e:7a:1f:3e:7f:de:2c:57:
8f:52:c5:97:59:13:16:e1:60:0a:88:aa:37:de:1a:
80:57:2e:24:49:e6:e2:5e:97:9c:02:c7:17:98:79:
45:33:d8:70:2c:4d:9f:fb:2d:67:18:8f:b2:88:70:
ab:fb:b1:18:f3:61:14:ee:42:0d:27:6e:64:ee:1a:
66:25:c4:6d:bc:15:86:9a:88:21:a1:7b:21:a4:6b:
05:d9:c0:a2:8f:07:6d:71:ca:85:42:ec:c6:12:9b:
69:8f:b8:7f:d5:6e:b0:0d:9b:5d:7a:08:89:6f:3e:
1c:9b:43:d2:8a:d8:e1:b1:3a:88:85:a8:cb:20:e6:
34:c3:01:2d:ce:8d:7e:dd:71:2e:3d:06:c7:bb:af:
17:54:6e:cc:f5:f0:04:5b:95:cc:83:3a:94:28:ef:
47:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:B4:2B:CF:0E:5B:79:D1:33:69:F0:6E:04:5A:D0:BD:4A:60:5F:9C
X509v3 Authority Key Identifier:
keyid:08:37:C9:9B:2A:4C:06:2D:5C:20:67:8F:9D:CF:32:07:AE:FD:5E:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CDfJmypMBi1cIGePnc8yB679Xng.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/0895d2-b778-46c4-a691-f1237f4c5cf6/1/SbQrzw5bedEzafBuBFrQvUpgX5w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/0895d2-b778-46c4-a691-f1237f4c5cf6/1/CDfJmypMBi1cIGePnc8yB679Xng.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.118.144.0/22
66.51.64.0/20
216.195.200.0/21
216.236.1.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:31:76:17:71:b4:1c:ed:9c:ae:5a:9b:6a:dc:c7:f8:7b:61:
e7:7c:f7:9b:25:7a:c8:00:40:9b:28:62:e2:bb:22:03:d5:c8:
4c:bf:c1:d2:b7:0e:83:40:23:92:ca:3b:2e:7b:cf:b2:54:5e:
b3:1e:ac:87:67:f7:01:82:04:69:f9:5c:29:7c:01:fc:ae:31:
18:88:71:dd:5e:d6:c6:04:51:21:6d:ed:d5:b2:20:86:44:05:
ba:ce:db:6b:98:44:58:b1:a4:b6:59:23:14:e1:17:b5:e8:2d:
e8:07:90:72:4a:61:e7:01:aa:e5:bf:7e:8e:ac:17:23:6d:24:
71:45:a1:c2:64:12:06:d5:93:aa:2b:44:74:b3:13:78:59:c4:
61:04:bf:e7:2c:9f:b5:0d:9c:61:9f:4b:08:f2:cb:cd:0f:aa:
b7:74:98:de:59:54:27:f6:57:e5:29:f2:55:ff:70:52:5c:1b:
82:6a:8f:2e:52:35:3d:7d:71:a6:18:28:f3:42:cd:27:4b:80:
7f:9c:7c:db:e4:52:cf:27:4f:b9:1d:03:d1:ac:ba:97:73:0c:
87:24:68:9b:74:86:f2:51:4a:d9:09:6c:1e:04:7b:e9:21:08:
39:01:45:eb:d9:a9:64:a3:1f:24:78:03:6e:66:7c:8f:24:d5:
b8:00:f1:b1
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZy3DeX5vYbGPeljTEsQS7sVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4MzdjOTliMmE0YzA2MmQ1YzIwNjc4ZjlkY2YzMjA3YWVm
ZDVlNzgwHhcNMjYwMzA0MDQxNDI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OWI0MmJjZjBlNWI3OWQxMzM2OWYwNmUwNDVhZDBiZDRhNjA1ZjljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtsuXRvqmAbsMobbOKFQZB5TyK6Ig
FfRYe6fpsU0cR35oe58D5KAWJN/vuDpeYvaWgqxkcDwR8FOpt/Rs/G0L9YsNBRoX
WJHeI+d6SZmwNa8E4zBeUa8hwBe+JxbF0J8SPnofPn/eLFePUsWXWRMW4WAKiKo3
3hqAVy4kSebiXpecAscXmHlFM9hwLE2f+y1nGI+yiHCr+7EY82EU7kINJ25k7hpm
JcRtvBWGmoghoXshpGsF2cCijwdtccqFQuzGEptpj7h/1W6wDZtdegiJbz4cm0PS
itjhsTqIhajLIOY0wwEtzo1+3XEuPQbHu68XVG7M9fAEW5XMgzqUKO9HQwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFEm0K88OW3nRM2nwbgRa0L1KYF+cMB8GA1UdIwQY
MBaAFAg3yZsqTAYtXCBnj53PMgeu/V54MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0RmSm15cE1CaTFjSUdlUG5jOHlCNjc5WG5nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS8wODk1ZDItYjc3OC00NmM0LWE2OTEt
ZjEyMzdmNGM1Y2Y2LzEvU2JRcnp3NWJlZEV6YWZCdUJGclF2VXBnWDV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS8wODk1ZDItYjc3OC00NmM0LWE2OTEtZjEyMzdmNGM1Y2Y2
LzEvQ0RmSm15cE1CaTFjSUdlUG5jOHlCNjc5WG5nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCQHaQAwQE
QjNAAwQD2MPIAwQA2OwBMA0GCSqGSIb3DQEBCwUAA4IBAQCMMXYXcbQc7ZyuWptq
3Mf4e2HnfPebJXrIAECbKGLiuyID1chMv8HStw6DQCOSyjsue8+yVF6zHqyHZ/cB
ggRp+VwpfAH8rjEYiHHdXtbGBFEhbe3VsiCGRAW6zttrmERYsaS2WSMU4Re16C3o
B5BySmHnAarlv36OrBcjbSRxRaHCZBIG1ZOqK0R0sxN4WcRhBL/nLJ+1DZxhn0sI
8svND6q3dJjeWVQn9lflKfJV/3BSXBuCao8uUjU9fXGmGCjzQs0nS4B/nHzb5FLP
J0+5HQPRrLqXcwyHJGibdIbyUUrZCWweBHvpIQg5AUXr2alkox8keANuZnyPJNW4
APGx
-----END CERTIFICATE-----
Generated at Sat Mar 7 07:59:32 2026 by rpki-client