Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/bk6oayvXG79hoq3pFxyP6Pr3oSY.roa
File: bk6oayvXG79hoq3pFxyP6Pr3oSY.roa (raw, json)
Hash identifier: B8dS3cQaeNUDtUqQPZBEiqyCq3G0FkhFPYq6zSK3mPg=
Subject key identifier: 6E:4E:A8:6B:2B:D7:1B:BF:61:A2:AD:E9:17:1C:8F:E8:FA:F7:A1:26
Certificate issuer: /CN=17d03f298180cc109f19d4b1992c7d71c56c8dcc
Certificate serial: 019D1DC6C45666ACCFC44C81A1EE684500ED
Authority key identifier: 17:D0:3F:29:81:80:CC:10:9F:19:D4:B1:99:2C:7D:71:C5:6C:8D:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/bk6oayvXG79hoq3pFxyP6Pr3oSY.roa
Signing time: Tue 24 Mar 2026 02:57:38 +0000
ROA not before: Tue 24 Mar 2026 02:57:38 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 141718
IP address blocks: 45.155.90.0/24 maxlen: 24
45.155.226.0/24 maxlen: 24
45.156.222.0/24 maxlen: 24
45.156.223.0/24 maxlen: 24
103.100.169.0/24 maxlen: 24
103.211.103.0/24 maxlen: 24
172.110.210.0/24 maxlen: 24
172.110.211.0/24 maxlen: 24
172.110.220.0/24 maxlen: 24
172.110.221.0/24 maxlen: 24
185.233.17.0/24 maxlen: 24
202.71.10.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/F9A_KYGAzBCfGdSxmSx9ccVsjcw.crl
rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/F9A_KYGAzBCfGdSxmSx9ccVsjcw.mft
rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 23:01:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:1d:c6:c4:56:66:ac:cf:c4:4c:81:a1:ee:68:45:00:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17d03f298180cc109f19d4b1992c7d71c56c8dcc
Validity
Not Before: Mar 24 02:57:38 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=6e4ea86b2bd71bbf61a2ade9171c8fe8faf7a126
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:76:55:1f:eb:ca:37:8a:67:bf:da:9b:aa:49:
e0:aa:54:d0:5e:33:4c:e1:bb:ff:c7:b5:26:96:66:
e9:e5:68:3a:63:bb:1b:b5:3d:44:47:e9:fc:b3:47:
99:8c:ee:c1:52:3a:da:6a:b2:0f:fb:25:93:ff:3b:
ae:13:f0:e1:f9:39:00:5b:13:48:d4:20:59:ad:3a:
08:9e:95:2a:6c:04:22:5b:74:58:c7:ee:58:76:3d:
53:68:fd:78:48:4d:b3:07:72:37:69:97:26:df:52:
c1:f0:5b:0d:a5:7e:1f:cc:dd:e1:66:e9:1e:ea:e9:
ea:d6:d2:d2:a8:8d:49:9e:15:d9:9a:4f:21:5b:62:
60:78:4f:0b:72:df:e5:67:c9:40:71:b7:f2:20:4a:
a5:85:9e:7f:80:30:b1:09:ac:60:e0:11:65:b3:2d:
b6:3b:2f:23:e6:c2:28:e0:a9:0e:70:d2:1b:4c:95:
60:e1:ac:b9:d5:47:db:83:1e:5d:2e:e2:72:5e:0b:
54:89:8c:45:b3:8e:98:c7:a1:95:5e:df:3c:3f:5c:
68:48:84:a8:fe:f1:05:03:d5:f0:c7:58:bc:8a:09:
75:d0:10:d7:cf:b0:22:c2:87:34:dc:df:53:10:b1:
37:d3:09:3e:ab:92:a6:b6:eb:c7:ff:4b:ef:31:bb:
47:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:4E:A8:6B:2B:D7:1B:BF:61:A2:AD:E9:17:1C:8F:E8:FA:F7:A1:26
X509v3 Authority Key Identifier:
keyid:17:D0:3F:29:81:80:CC:10:9F:19:D4:B1:99:2C:7D:71:C5:6C:8D:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/bk6oayvXG79hoq3pFxyP6Pr3oSY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/F9A_KYGAzBCfGdSxmSx9ccVsjcw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.90.0/24
45.155.226.0/24
45.156.222.0/23
103.100.169.0/24
103.211.103.0/24
172.110.210.0/23
172.110.220.0/23
185.233.17.0/24
202.71.10.0/24
Signature Algorithm: sha256WithRSAEncryption
36:a6:73:e8:cc:26:29:cd:52:8f:f3:38:26:d8:9b:44:fd:a6:
31:b1:0e:f5:31:bc:fa:24:21:6b:1d:3f:ec:fc:d8:ae:fd:bd:
a1:1f:99:80:a3:f1:2c:d8:44:f9:95:8a:96:1b:6e:c8:7d:77:
af:6e:ff:10:c0:d2:db:e6:ae:b6:29:d6:cd:41:15:a2:da:79:
60:56:af:ea:2a:f3:04:87:30:20:f0:4f:5a:72:89:eb:4d:30:
d1:6c:98:e8:f1:6d:22:9d:cf:b3:99:01:eb:94:28:39:4d:2a:
e8:4d:1f:7c:42:2f:51:ca:cd:50:95:9b:8c:06:15:b5:e2:c8:
3a:71:a2:db:0c:f3:f4:f9:e5:85:7a:5f:2c:f5:82:69:71:4e:
55:2f:df:02:e9:f9:c2:10:96:6d:36:cd:c9:b8:a1:dc:6c:9e:
f8:c8:90:98:61:85:b3:72:26:52:00:d5:d8:6e:65:5a:0a:1e:
40:10:a5:82:c9:74:e6:7d:c8:0f:7b:a1:0a:80:c6:f2:76:d2:
c7:a6:a4:e7:81:c6:bf:fe:2b:e1:cf:81:b9:d6:27:7e:34:e4:
69:99:1f:9f:89:8d:bf:ee:c4:f7:c9:c1:4f:49:69:b9:43:6e:
e0:83:5e:ef:7d:c7:67:82:ed:5e:f1:52:54:20:8b:5b:2a:92:
48:15:de:cd
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZ0dxsRWZqzPxEyBoe5oRQDtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3ZDAzZjI5ODE4MGNjMTA5ZjE5ZDRiMTk5MmM3ZDcxYzU2
YzhkY2MwHhcNMjYwMzI0MDI1NzM4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTRlYTg2YjJiZDcxYmJmNjFhMmFkZTkxNzFjOGZlOGZhZjdhMTI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzHZVH+vKN4pnv9qbqkngqlTQXjNM
4bv/x7Umlmbp5Wg6Y7sbtT1ER+n8s0eZjO7BUjraarIP+yWT/zuuE/Dh+TkAWxNI
1CBZrToInpUqbAQiW3RYx+5Ydj1TaP14SE2zB3I3aZcm31LB8FsNpX4fzN3hZuke
6unq1tLSqI1JnhXZmk8hW2JgeE8Lct/lZ8lAcbfyIEqlhZ5/gDCxCaxg4BFlsy22
Oy8j5sIo4KkOcNIbTJVg4ay51Ufbgx5dLuJyXgtUiYxFs46Yx6GVXt88P1xoSISo
/vEFA9Xwx1i8igl10BDXz7Aiwoc03N9TELE30wk+q5KmtuvH/0vvMbtHBwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFG5OqGsr1xu/YaKt6Rccj+j696EmMB8GA1UdIwQY
MBaAFBfQPymBgMwQnxnUsZksfXHFbI3MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjlBX0tZR0F6QkNmR2RTeG1TeDljY1ZzamN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC84MmUyNTMtMDE3Ny00YTIwLWJlZmUt
OTE4YWM2NDYyNjc5LzEvYms2b2F5dlhHNzlob3EzcEZ4eVA2UHIzb1NZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC84MmUyNTMtMDE3Ny00YTIwLWJlZmUtOTE4YWM2NDYyNjc5
LzEvRjlBX0tZR0F6QkNmR2RTeG1TeDljY1ZzamN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQALZtaAwQA
LZviAwQBLZzeAwQAZ2SpAwQAZ9NnAwQBrG7SAwQBrG7cAwQAuekRAwQAykcKMA0G
CSqGSIb3DQEBCwUAA4IBAQA2pnPozCYpzVKP8zgm2JtE/aYxsQ71Mbz6JCFrHT/s
/Niu/b2hH5mAo/Es2ET5lYqWG27IfXevbv8QwNLb5q62KdbNQRWi2nlgVq/qKvME
hzAg8E9aconrTTDRbJjo8W0inc+zmQHrlCg5TSroTR98Qi9Rys1QlZuMBhW14sg6
caLbDPP0+eWFel8s9YJpcU5VL98C6fnCEJZtNs3JuKHcbJ74yJCYYYWzciZSANXY
bmVaCh5AEKWCyXTmfcgPe6EKgMbydtLHpqTngca//ivhz4G51id+NORpmR+fiY2/
7sT3ycFPSWm5Q27gg17vfcdngu1e8VJUIItbKpJIFd7N
-----END CERTIFICATE-----
Generated at Thu Mar 26 05:12:49 2026 by rpki-client