Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/dd5a28-df9d-4627-809d-bd5d3f00fbb2/1/ZUJhUNmgGj_YHmbRa8-Vde0Gm6Y.roa
File: ZUJhUNmgGj_YHmbRa8-Vde0Gm6Y.roa (raw, json)
Hash identifier: W7TJ+QEiqoirOPiCGWDS+nKtWjHZnufX8l6Fd8kt268=
Subject key identifier: 65:42:61:50:D9:A0:1A:3F:D8:1E:66:D1:6B:CF:95:75:ED:06:9B:A6
Certificate issuer: /CN=9f312e9297bc1d27ebeb476dea0ee15dd756542d
Certificate serial: 019D10E7A4FCBBE920019193BCEA6134FB74
Authority key identifier: 9F:31:2E:92:97:BC:1D:27:EB:EB:47:6D:EA:0E:E1:5D:D7:56:54:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nzEukpe8HSfr60dt6g7hXddWVC0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/dd5a28-df9d-4627-809d-bd5d3f00fbb2/1/ZUJhUNmgGj_YHmbRa8-Vde0Gm6Y.roa
Signing time: Sat 21 Mar 2026 14:58:29 +0000
ROA not before: Sat 21 Mar 2026 14:58:29 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 215305
IP address blocks: 103.76.87.0/24 maxlen: 24
103.200.28.0/24 maxlen: 24
103.200.29.0/24 maxlen: 24
144.48.10.0/24 maxlen: 24
195.78.49.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3e/dd5a28-df9d-4627-809d-bd5d3f00fbb2/1/nzEukpe8HSfr60dt6g7hXddWVC0.crl
rsync://rpki.ripe.net/repository/DEFAULT/3e/dd5a28-df9d-4627-809d-bd5d3f00fbb2/1/nzEukpe8HSfr60dt6g7hXddWVC0.mft
rsync://rpki.ripe.net/repository/DEFAULT/nzEukpe8HSfr60dt6g7hXddWVC0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:10:e7:a4:fc:bb:e9:20:01:91:93:bc:ea:61:34:fb:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f312e9297bc1d27ebeb476dea0ee15dd756542d
Validity
Not Before: Mar 21 14:58:29 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=65426150d9a01a3fd81e66d16bcf9575ed069ba6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:e0:bf:45:6b:33:78:1c:28:06:d2:e0:7a:bb:
07:3f:a3:a0:8b:60:e7:ae:72:fd:b6:b6:a7:19:df:
22:1c:cb:5b:a5:4e:2a:3f:ff:8e:e7:1f:4d:1a:8c:
f3:aa:06:66:97:b0:a2:f5:99:4d:4c:8c:db:6f:dd:
1b:67:d5:24:e1:d8:cf:6e:fb:3f:44:ed:6c:c7:0b:
79:1a:e6:d7:a4:ad:8d:84:cb:ff:a1:eb:76:99:18:
45:05:18:32:be:45:e0:c5:e0:1f:84:74:33:a3:ac:
6a:1a:09:87:d4:38:4f:34:4e:2a:6f:33:4a:a4:b4:
5f:01:45:a3:e8:3a:81:d6:71:75:ff:7d:f8:bb:10:
41:a7:2c:ab:9c:81:c1:1d:db:88:a3:43:26:eb:2d:
9b:21:5b:83:47:0e:52:91:9e:a1:cf:64:dc:e2:9d:
8d:6d:49:b8:6b:ae:d7:17:2d:a1:00:19:5e:a3:08:
b4:bb:34:49:aa:af:1a:b9:00:a2:ea:70:45:2d:9d:
bd:9a:62:b2:f9:53:9e:1d:24:4b:02:bf:4b:2d:7b:
40:a9:09:29:81:e4:29:77:8d:ad:e5:79:d4:4e:8b:
09:9c:42:d2:a3:3f:57:7e:5c:f7:8a:90:07:ae:22:
fc:b7:33:4a:da:4d:9f:11:3b:11:be:96:70:53:c5:
fc:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:42:61:50:D9:A0:1A:3F:D8:1E:66:D1:6B:CF:95:75:ED:06:9B:A6
X509v3 Authority Key Identifier:
keyid:9F:31:2E:92:97:BC:1D:27:EB:EB:47:6D:EA:0E:E1:5D:D7:56:54:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nzEukpe8HSfr60dt6g7hXddWVC0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/dd5a28-df9d-4627-809d-bd5d3f00fbb2/1/ZUJhUNmgGj_YHmbRa8-Vde0Gm6Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/dd5a28-df9d-4627-809d-bd5d3f00fbb2/1/nzEukpe8HSfr60dt6g7hXddWVC0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.76.87.0/24
103.200.28.0/23
144.48.10.0/24
195.78.49.0/24
Signature Algorithm: sha256WithRSAEncryption
12:0c:4f:5e:50:0b:1a:f7:a8:37:01:c6:6e:b8:75:bc:cc:c2:
8d:b8:78:2d:e3:82:2b:52:44:c4:e9:9d:0b:7a:06:c0:cc:65:
eb:50:01:8d:64:c0:49:03:03:b5:d0:3a:11:ca:cd:37:80:b3:
c9:fc:d6:00:8f:a9:e9:c4:bc:be:12:2e:a7:f9:a2:3d:12:53:
07:1f:7f:d0:5c:db:04:0b:00:46:be:b9:8e:aa:9c:1a:17:b1:
16:83:2b:d4:4a:4c:4a:48:eb:9f:1f:9f:7e:61:57:52:e7:d0:
24:56:70:6f:02:30:08:dc:f5:7b:9a:aa:4a:f3:38:f1:4e:21:
fe:94:0b:63:77:3a:a1:7e:57:55:ab:17:8f:20:26:57:ef:b8:
16:70:b6:ef:65:2d:e2:06:69:f5:f1:f9:1c:fb:45:0f:ea:86:
7e:24:20:cc:33:a4:2b:17:0d:51:aa:70:2e:36:54:e9:8e:8a:
44:1f:3b:f8:5d:86:2d:8d:04:12:07:1a:36:34:a2:fc:2d:a1:
f9:9c:aa:64:89:7a:b1:01:16:7e:bf:86:ed:c5:10:f2:69:7f:
55:ca:9d:52:89:ea:50:cc:ff:4e:1e:67:b0:3b:24:4d:09:2c:
10:a0:98:bd:9c:ed:3d:83:eb:72:d7:5a:44:af:4a:1d:42:f9:
b8:71:02:03
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZ0Q56T8u+kgAZGTvOphNPt0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmMzEyZTkyOTdiYzFkMjdlYmViNDc2ZGVhMGVlMTVkZDc1
NjU0MmQwHhcNMjYwMzIxMTQ1ODI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTQyNjE1MGQ5YTAxYTNmZDgxZTY2ZDE2YmNmOTU3NWVkMDY5YmE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+C/RWszeBwoBtLgersHP6Ogi2Dn
rnL9tranGd8iHMtbpU4qP/+O5x9NGozzqgZml7Ci9ZlNTIzbb90bZ9Uk4djPbvs/
RO1sxwt5GubXpK2NhMv/oet2mRhFBRgyvkXgxeAfhHQzo6xqGgmH1DhPNE4qbzNK
pLRfAUWj6DqB1nF1/334uxBBpyyrnIHBHduIo0Mm6y2bIVuDRw5SkZ6hz2Tc4p2N
bUm4a67XFy2hABleowi0uzRJqq8auQCi6nBFLZ29mmKy+VOeHSRLAr9LLXtAqQkp
geQpd42t5XnUTosJnELSoz9Xflz3ipAHriL8tzNK2k2fETsRvpZwU8X82QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFGVCYVDZoBo/2B5m0WvPlXXtBpumMB8GA1UdIwQY
MBaAFJ8xLpKXvB0n6+tHbeoO4V3XVlQtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnpFdWtwZThIU2ZyNjBkdDZnN2hYZGRXVkMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS9kZDVhMjgtZGY5ZC00NjI3LTgwOWQt
YmQ1ZDNmMDBmYmIyLzEvWlVKaFVObWdHal9ZSG1iUmE4LVZkZTBHbTZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS9kZDVhMjgtZGY5ZC00NjI3LTgwOWQtYmQ1ZDNmMDBmYmIy
LzEvbnpFdWtwZThIU2ZyNjBkdDZnN2hYZGRXVkMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAZ0xXAwQB
Z8gcAwQAkDAKAwQAw04xMA0GCSqGSIb3DQEBCwUAA4IBAQASDE9eUAsa96g3AcZu
uHW8zMKNuHgt44IrUkTE6Z0LegbAzGXrUAGNZMBJAwO10DoRys03gLPJ/NYAj6np
xLy+Ei6n+aI9ElMHH3/QXNsECwBGvrmOqpwaF7EWgyvUSkxKSOufH59+YVdS59Ak
VnBvAjAI3PV7mqpK8zjxTiH+lAtjdzqhfldVqxePICZX77gWcLbvZS3iBmn18fkc
+0UP6oZ+JCDMM6QrFw1RqnAuNlTpjopEHzv4XYYtjQQSBxo2NKL8LaH5nKpkiXqx
ARZ+v4btxRDyaX9Vyp1SiepQzP9OHmewOyRNCSwQoJi9nO09g+ty11pEr0odQvm4
cQID
-----END CERTIFICATE-----
Generated at Thu Mar 26 07:47:04 2026 by rpki-client