Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/956748-e858-473c-81c5-09f250e1b9ea/1/sQjE4Ryf3azGzRpKF8iTxt9fGjI.roa
File: sQjE4Ryf3azGzRpKF8iTxt9fGjI.roa (raw, json)
Hash identifier: sCZDZUEpHkq2HyKQrO/C9pxfE8YHa827nuwFp5PQA2Q=
Subject key identifier: B1:08:C4:E1:1C:9F:DD:AC:C6:CD:1A:4A:17:C8:93:C6:DF:5F:1A:32
Certificate issuer: /CN=360c26f9f5bd5176fb9ad0b65a948d0e8dd90ee4
Certificate serial: 019CC3FE4507DFC9D7FF1E2D62AB980334CD
Authority key identifier: 36:0C:26:F9:F5:BD:51:76:FB:9A:D0:B6:5A:94:8D:0E:8D:D9:0E:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ngwm-fW9UXb7mtC2WpSNDo3ZDuQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/956748-e858-473c-81c5-09f250e1b9ea/1/sQjE4Ryf3azGzRpKF8iTxt9fGjI.roa
Signing time: Fri 06 Mar 2026 16:32:26 +0000
ROA not before: Fri 06 Mar 2026 16:32:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 214806
IP address blocks: 94.156.238.0/24 maxlen: 24
2a12:9b00:b00b::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e3/956748-e858-473c-81c5-09f250e1b9ea/1/Ngwm-fW9UXb7mtC2WpSNDo3ZDuQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/e3/956748-e858-473c-81c5-09f250e1b9ea/1/Ngwm-fW9UXb7mtC2WpSNDo3ZDuQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ngwm-fW9UXb7mtC2WpSNDo3ZDuQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 14 Mar 2026 00:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:c3:fe:45:07:df:c9:d7:ff:1e:2d:62:ab:98:03:34:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=360c26f9f5bd5176fb9ad0b65a948d0e8dd90ee4
Validity
Not Before: Mar 6 16:32:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=b108c4e11c9fddacc6cd1a4a17c893c6df5f1a32
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:04:c9:2d:a9:ea:e3:ad:f7:a4:aa:cb:87:5a:
7b:4f:3a:30:02:dd:0a:15:0e:74:b5:80:69:bf:91:
ec:2d:1c:04:91:79:74:ff:b0:4d:dd:57:2d:07:7c:
ee:5b:aa:e8:46:92:8c:a0:63:d7:66:af:09:b0:67:
e3:05:4a:71:a5:b2:95:20:46:89:4c:2a:55:22:de:
7e:08:6e:38:6f:94:94:c8:0b:86:16:ff:18:9c:19:
aa:64:52:e6:12:44:a2:85:77:e8:9d:5b:dd:b9:cf:
dd:67:27:ac:fc:75:88:ca:81:60:94:9b:7e:69:72:
50:56:38:ae:61:2a:d7:01:cd:71:e7:f4:dd:b9:2d:
aa:fb:38:24:88:36:2f:22:2c:84:8f:8a:99:bf:e6:
10:3c:e0:22:a1:08:49:bc:de:5b:5d:99:73:a5:a1:
e2:31:ea:2a:5f:62:42:9d:48:a8:10:32:4f:74:a1:
f2:ba:ab:cd:fc:a0:a2:04:20:ac:5a:69:10:3f:bf:
ff:14:0a:72:5f:2d:a6:7f:88:0e:61:5f:43:b6:e1:
4f:ae:0c:ce:d3:d9:4a:ba:35:e7:e0:dc:64:2b:f1:
1f:a5:40:0b:69:48:e3:18:5e:6a:80:29:07:00:4f:
f2:05:bf:d4:fe:09:81:3e:80:89:15:b9:98:e1:7a:
9d:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:08:C4:E1:1C:9F:DD:AC:C6:CD:1A:4A:17:C8:93:C6:DF:5F:1A:32
X509v3 Authority Key Identifier:
keyid:36:0C:26:F9:F5:BD:51:76:FB:9A:D0:B6:5A:94:8D:0E:8D:D9:0E:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ngwm-fW9UXb7mtC2WpSNDo3ZDuQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/956748-e858-473c-81c5-09f250e1b9ea/1/sQjE4Ryf3azGzRpKF8iTxt9fGjI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/956748-e858-473c-81c5-09f250e1b9ea/1/Ngwm-fW9UXb7mtC2WpSNDo3ZDuQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.156.238.0/24
IPv6:
2a12:9b00:b00b::/48
Signature Algorithm: sha256WithRSAEncryption
2b:b3:28:60:62:f3:e0:09:7a:d7:6f:98:c0:c3:6e:59:c0:88:
22:53:52:65:ed:49:77:7a:d2:9c:ec:9a:86:63:f4:fa:bf:36:
1f:b3:45:fa:eb:33:36:01:10:7f:e5:a8:39:ac:de:0f:c8:14:
77:c7:d3:9c:1c:9d:28:9a:dc:cf:cd:ce:d8:a7:2e:a4:48:5e:
f4:5a:33:8e:bc:33:44:e8:68:12:5e:29:f0:29:9f:d1:e6:d0:
b8:cd:0b:02:96:61:49:8a:7d:f9:43:26:96:5c:aa:f6:4a:7b:
74:6a:bc:64:4e:59:11:60:d4:85:f7:c7:f0:d9:d1:5e:46:1a:
a2:f2:33:6d:09:98:13:47:77:e9:27:a0:51:5c:58:c8:60:36:
f8:ee:12:49:10:5b:2a:57:e1:dc:c1:73:89:9c:1b:da:29:66:
39:f6:e3:91:07:9a:c1:f3:ff:9b:6c:3e:ba:c3:90:1e:14:72:
0c:84:14:10:d1:ef:aa:4b:6a:38:47:de:6e:64:28:89:55:f5:
5b:ad:1b:7d:8d:fe:33:87:a2:b9:db:bd:c2:8e:38:02:88:15:
9a:d4:07:df:39:8d:36:b2:74:b1:8e:38:38:8d:fa:3d:e1:08:
cb:1e:ac:86:a9:2a:7c:30:ae:d9:d1:19:4e:23:ea:27:79:ee:
c7:d4:eb:f4
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZzD/kUH38nX/x4tYquYAzTNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2MGMyNmY5ZjViZDUxNzZmYjlhZDBiNjVhOTQ4ZDBlOGRk
OTBlZTQwHhcNMjYwMzA2MTYzMjI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTA4YzRlMTFjOWZkZGFjYzZjZDFhNGExN2M4OTNjNmRmNWYxYTMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArQTJLanq4633pKrLh1p7TzowAt0K
FQ50tYBpv5HsLRwEkXl0/7BN3VctB3zuW6roRpKMoGPXZq8JsGfjBUpxpbKVIEaJ
TCpVIt5+CG44b5SUyAuGFv8YnBmqZFLmEkSihXfonVvduc/dZyes/HWIyoFglJt+
aXJQVjiuYSrXAc1x5/TduS2q+zgkiDYvIiyEj4qZv+YQPOAioQhJvN5bXZlzpaHi
MeoqX2JCnUioEDJPdKHyuqvN/KCiBCCsWmkQP7//FApyXy2mf4gOYV9DtuFPrgzO
09lKujXn4NxkK/EfpUALaUjjGF5qgCkHAE/yBb/U/gmBPoCJFbmY4XqdBQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLEIxOEcn92sxs0aShfIk8bfXxoyMB8GA1UdIwQY
MBaAFDYMJvn1vVF2+5rQtlqUjQ6N2Q7kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmd3bS1mVzlVWGI3bXRDMldwU05EbzNaRHVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy85NTY3NDgtZTg1OC00NzNjLTgxYzUt
MDlmMjUwZTFiOWVhLzEvc1FqRTRSeWYzYXpHelJwS0Y4aVR4dDlmR2pJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy85NTY3NDgtZTg1OC00NzNjLTgxYzUtMDlmMjUwZTFiOWVh
LzEvTmd3bS1mVzlVWGI3bXRDMldwU05EbzNaRHVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAXpzuMA8E
AgACMAkDBwAqEpsAsAswDQYJKoZIhvcNAQELBQADggEBACuzKGBi8+AJetdvmMDD
blnAiCJTUmXtSXd60pzsmoZj9Pq/Nh+zRfrrMzYBEH/lqDms3g/IFHfH05wcnSia
3M/NztinLqRIXvRaM468M0ToaBJeKfApn9Hm0LjNCwKWYUmKfflDJpZcqvZKe3Rq
vGROWRFg1IX3x/DZ0V5GGqLyM20JmBNHd+knoFFcWMhgNvjuEkkQWypX4dzBc4mc
G9opZjn245EHmsHz/5tsPrrDkB4UcgyEFBDR76pLajhH3m5kKIlV9VutG32N/jOH
ornbvcKOOAKIFZrUB985jTaydLGOODiN+j3hCMserIapKnwwrtnRGU4j6id57sfU
6/Q=
-----END CERTIFICATE-----
Generated at Fri Mar 13 08:34:52 2026 by rpki-client