
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/9ufXbM9venYhxl-SvGpc6GfgiXw.roa
File: 9ufXbM9venYhxl-SvGpc6GfgiXw.roa (raw, json)
Hash identifier: Ac/t4dFO//WUk7pf4os6/uGOArEztMkq7kLNqY6xpWY=
Subject key identifier: F6:E7:D7:6C:CF:6F:7A:76:21:C6:5F:92:BC:6A:5C:E8:67:E0:89:7C
Certificate issuer: /CN=2e6a86e62f0ce98e02e980869ff4414ee2a0f0ce
Certificate serial: 0197AB6AF3A65F8F2D8E2C8FEDE951419964
Authority key identifier: 2E:6A:86:E6:2F:0C:E9:8E:02:E9:80:86:9F:F4:41:4E:E2:A0:F0:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/9ufXbM9venYhxl-SvGpc6GfgiXw.roa
Signing time: Thu 26 Jun 2025 08:46:42 +0000
ROA not before: Thu 26 Jun 2025 08:46:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59253
IP address blocks: 103.148.140.0/24 maxlen: 24
103.149.84.0/24 maxlen: 24
103.151.102.0/24 maxlen: 24
103.152.16.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.crl
rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.mft
rsync://rpki.ripe.net/repository/DEFAULT/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 03 Jul 2025 17:00:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:ab:6a:f3:a6:5f:8f:2d:8e:2c:8f:ed:e9:51:41:99:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e6a86e62f0ce98e02e980869ff4414ee2a0f0ce
Validity
Not Before: Jun 26 08:46:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f6e7d76ccf6f7a7621c65f92bc6a5ce867e0897c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:3c:79:26:e1:de:df:e1:0e:2e:45:db:20:ea:
d4:9e:a6:47:e8:a2:0f:16:90:33:78:62:0a:b7:fd:
e2:02:e7:18:42:a4:33:53:cb:e8:54:30:40:65:d6:
23:e3:3a:84:d4:7f:2d:e0:44:3b:11:5f:84:d3:2b:
e9:50:19:38:a4:82:91:aa:c0:0d:03:db:0f:4c:b5:
02:9f:e0:e2:8f:6b:a2:cf:76:00:53:c3:c6:e4:14:
bf:f9:3f:0d:53:b1:bb:95:dd:c5:43:bd:e3:6f:c2:
82:98:22:62:37:79:e3:94:04:9c:dd:07:90:74:ee:
94:64:62:4b:84:e6:16:53:d4:ef:af:ad:c6:08:b9:
68:0c:dd:e9:65:94:6a:21:23:e8:ea:b0:3f:ef:db:
87:aa:11:12:03:84:19:f1:77:2d:e9:e9:fe:7c:2d:
93:05:67:3b:09:c7:bf:aa:83:c6:a7:41:ac:97:f2:
71:6c:ee:60:c3:34:42:a1:0b:d0:46:25:6f:30:62:
35:4a:62:2c:f8:75:b4:f6:45:87:1b:4a:9a:13:aa:
94:42:52:de:d0:bc:03:05:71:81:7d:32:e8:ed:96:
9a:0e:b4:11:8b:4d:56:64:fb:0d:91:9a:e4:23:a3:
c6:f7:04:de:54:00:5c:76:f8:44:58:3e:cf:16:97:
f5:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:E7:D7:6C:CF:6F:7A:76:21:C6:5F:92:BC:6A:5C:E8:67:E0:89:7C
X509v3 Authority Key Identifier:
keyid:2E:6A:86:E6:2F:0C:E9:8E:02:E9:80:86:9F:F4:41:4E:E2:A0:F0:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/9ufXbM9venYhxl-SvGpc6GfgiXw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.148.140.0/24
103.149.84.0/24
103.151.102.0/24
103.152.16.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:c0:57:8e:f6:25:b8:42:2f:45:a9:f4:9d:3e:35:9e:38:8d:
fe:e0:f1:9e:d2:8e:7e:26:17:8d:6b:94:28:14:4b:73:67:82:
a2:02:d2:70:73:ca:84:f4:0a:7b:ae:36:63:f6:cb:ec:c1:49:
11:2e:3d:30:81:81:98:61:ed:02:f1:8a:20:f9:7a:5a:a8:32:
8c:d1:50:b2:4c:87:a2:db:c5:10:04:a2:32:32:b6:95:a6:90:
4d:39:54:1b:16:9b:f8:7d:de:a4:91:8e:f3:04:5a:5b:84:11:
30:fe:b1:1b:04:f2:0a:4d:ad:46:a6:a5:ce:11:c5:05:67:6e:
9e:3c:a3:aa:28:ba:ed:bc:21:d9:9d:8a:2e:1e:f5:69:f8:b6:
ee:bb:33:08:ac:64:bf:4b:fe:ab:e6:62:47:04:31:e1:32:17:
48:f9:ba:73:09:2a:f3:5b:82:7a:ca:b8:58:b2:d3:81:99:01:
0c:2e:ca:28:50:50:4c:17:ff:40:e2:d9:7e:84:22:cf:07:44:
e0:66:b0:4d:49:4f:08:77:19:57:b7:d7:f1:55:c3:46:fc:17:
f9:d3:3d:4c:2d:64:92:92:3e:a0:1e:d8:35:2c:d6:5c:cb:78:
7d:97:26:c0:c9:1b:8e:34:40:86:e5:ff:4b:b4:e1:73:63:93:
65:62:35:89
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZeravOmX48tjiyP7elRQZlkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlNmE4NmU2MmYwY2U5OGUwMmU5ODA4NjlmZjQ0MTRlZTJh
MGYwY2UwHhcNMjUwNjI2MDg0NjQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNmU3ZDc2Y2NmNmY3YTc2MjFjNjVmOTJiYzZhNWNlODY3ZTA4OTdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtTx5JuHe3+EOLkXbIOrUnqZH6KIP
FpAzeGIKt/3iAucYQqQzU8voVDBAZdYj4zqE1H8t4EQ7EV+E0yvpUBk4pIKRqsAN
A9sPTLUCn+Dij2uiz3YAU8PG5BS/+T8NU7G7ld3FQ73jb8KCmCJiN3njlASc3QeQ
dO6UZGJLhOYWU9Tvr63GCLloDN3pZZRqISPo6rA/79uHqhESA4QZ8Xct6en+fC2T
BWc7Cce/qoPGp0Gsl/JxbO5gwzRCoQvQRiVvMGI1SmIs+HW09kWHG0qaE6qUQlLe
0LwDBXGBfTLo7ZaaDrQRi01WZPsNkZrkI6PG9wTeVABcdvhEWD7PFpf1IQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPbn12zPb3p2IcZfkrxqXOhn4Il8MB8GA1UdIwQY
MBaAFC5qhuYvDOmOAumAhp/0QU7ioPDOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTG1xRzVpOE02WTRDNllDR25fUkJUdUtnOE00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC8yYjYwMzAtNmQ4OC00ZTNlLTlmM2Et
YTY2N2JiNzY1MDYwLzEvOXVmWGJNOXZlblloeGwtU3ZHcGM2R2ZnaVh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC8yYjYwMzAtNmQ4OC00ZTNlLTlmM2EtYTY2N2JiNzY1MDYw
LzEvTG1xRzVpOE02WTRDNllDR25fUkJUdUtnOE00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAZ5SMAwQA
Z5VUAwQAZ5dmAwQAZ5gQMA0GCSqGSIb3DQEBCwUAA4IBAQCKwFeO9iW4Qi9FqfSd
PjWeOI3+4PGe0o5+JheNa5QoFEtzZ4KiAtJwc8qE9Ap7rjZj9svswUkRLj0wgYGY
Ye0C8Yog+XpaqDKM0VCyTIei28UQBKIyMraVppBNOVQbFpv4fd6kkY7zBFpbhBEw
/rEbBPIKTa1GpqXOEcUFZ26ePKOqKLrtvCHZnYouHvVp+LbuuzMIrGS/S/6r5mJH
BDHhMhdI+bpzCSrzW4J6yrhYstOBmQEMLsooUFBMF/9A4tl+hCLPB0TgZrBNSU8I
dxlXt9fxVcNG/Bf50z1MLWSSkj6gHtg1LNZcy3h9lybAyRuONECG5f9LtOFzY5Nl
YjWJ
-----END CERTIFICATE-----
Generated at Wed Jul 2 23:56:05 2025 by rpki-client