Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/OoN59isFo_rAN_zj36QjJukTo8Q.roa
File: OoN59isFo_rAN_zj36QjJukTo8Q.roa (raw, json)
Hash identifier: QW7f2AvJV/DOzN/xGJTfHNMIRsNFwzDwCNvJ2spqNQU=
Subject key identifier: 3A:83:79:F6:2B:05:A3:FA:C0:37:FC:E3:DF:A4:23:26:E9:13:A3:C4
Certificate issuer: /CN=2e6a86e62f0ce98e02e980869ff4414ee2a0f0ce
Certificate serial: 0199994F6AC2FDDB2F320C987CA1F9376741
Authority key identifier: 2E:6A:86:E6:2F:0C:E9:8E:02:E9:80:86:9F:F4:41:4E:E2:A0:F0:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/OoN59isFo_rAN_zj36QjJukTo8Q.roa
Signing time: Tue 30 Sep 2025 06:29:02 +0000
ROA not before: Tue 30 Sep 2025 06:29:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62240
IP address blocks: 103.151.103.0/24 maxlen: 24
103.152.17.0/24 maxlen: 24
103.155.127.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.crl
rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.mft
rsync://rpki.ripe.net/repository/DEFAULT/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:99:4f:6a:c2:fd:db:2f:32:0c:98:7c:a1:f9:37:67:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e6a86e62f0ce98e02e980869ff4414ee2a0f0ce
Validity
Not Before: Sep 30 06:29:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3a8379f62b05a3fac037fce3dfa42326e913a3c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:1f:eb:74:d4:ca:b8:dc:c0:05:67:9e:ec:f7:
bb:f6:57:c8:fc:89:88:11:6d:92:02:52:8c:15:18:
5b:9e:0e:09:e6:a7:8e:2a:07:fb:f6:29:e6:fe:54:
b4:b8:91:ac:fd:79:5a:64:b2:e0:91:20:f9:04:51:
d1:c2:10:34:d3:c2:b6:b8:93:36:03:f6:6a:c9:42:
8e:15:96:38:91:3c:e7:e1:88:d2:db:da:37:a5:4a:
a9:c1:70:e2:c6:e9:7e:87:18:3e:5e:50:96:19:01:
8d:cf:1d:10:ca:2a:c5:d9:cf:33:0b:60:71:c3:a0:
49:f7:2d:07:d9:68:41:ec:f3:ca:be:90:17:83:72:
d3:ec:28:e1:57:f2:15:de:a8:41:b4:c5:76:85:8a:
7c:fa:2a:36:d5:2e:5a:0e:d7:2e:55:de:71:78:d5:
04:1c:79:f4:8f:50:16:a0:2f:ec:d4:83:5f:f3:fd:
c6:f7:e1:1d:13:04:61:37:54:73:c2:b0:2d:f5:86:
58:98:ef:2b:86:9e:02:5a:07:80:df:13:6c:29:f1:
c1:af:b5:de:41:5e:3f:57:b7:42:27:61:9b:38:a5:
eb:85:9a:53:8b:ae:44:18:8f:a7:fc:d6:6e:09:9d:
f8:60:fa:de:5f:ed:3f:ad:1b:4c:6d:f2:2d:84:51:
6f:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:83:79:F6:2B:05:A3:FA:C0:37:FC:E3:DF:A4:23:26:E9:13:A3:C4
X509v3 Authority Key Identifier:
keyid:2E:6A:86:E6:2F:0C:E9:8E:02:E9:80:86:9F:F4:41:4E:E2:A0:F0:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/OoN59isFo_rAN_zj36QjJukTo8Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.151.103.0/24
103.152.17.0/24
103.155.127.0/24
Signature Algorithm: sha256WithRSAEncryption
17:e5:36:54:d2:bb:f4:f0:e2:75:4f:a9:38:64:61:3e:76:12:
39:5c:70:41:68:7c:dd:f2:43:6e:54:41:6c:05:a7:ee:ae:d2:
f7:7b:14:f8:7d:85:e5:d9:cd:73:35:ed:5b:ee:e8:7f:3e:6d:
a2:2e:4c:ad:ea:fd:e5:54:86:1d:8c:5e:8c:a0:3f:79:36:3a:
4e:97:7c:cb:d2:d7:04:d4:57:ce:5f:29:15:82:c4:85:d1:fb:
2a:56:cd:0c:90:1d:bd:43:1e:f0:13:8e:75:cd:ff:0c:85:c2:
b3:f9:16:d3:71:d9:fb:a9:7a:d8:f1:60:04:ea:23:bf:66:ae:
05:2b:46:2b:60:09:9d:0a:08:ad:91:a4:ce:60:0f:5c:a0:a8:
7e:20:fc:7b:51:33:04:20:66:e9:10:9e:54:84:76:69:7e:09:
1b:61:14:1e:c8:9f:9f:d1:3c:47:8b:42:65:24:e5:20:c6:43:
4b:e5:84:32:0f:6f:ff:d2:32:9e:47:28:b6:4f:e8:a6:22:b0:
77:eb:9f:4c:06:83:e2:3b:db:83:0a:b5:b1:06:c0:bf:28:73:
cf:61:04:37:fd:9a:72:36:f1:33:1b:75:19:f2:3e:fd:02:be:
42:e0:d7:67:6b:aa:e3:8e:2f:67:8e:1f:a9:81:39:c9:4f:fd:
8d:d3:e1:a2
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZmZT2rC/dsvMgyYfKH5N2dBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlNmE4NmU2MmYwY2U5OGUwMmU5ODA4NjlmZjQ0MTRlZTJh
MGYwY2UwHhcNMjUwOTMwMDYyOTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTgzNzlmNjJiMDVhM2ZhYzAzN2ZjZTNkZmE0MjMyNmU5MTNhM2M0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6B/rdNTKuNzABWee7Pe79lfI/ImI
EW2SAlKMFRhbng4J5qeOKgf79inm/lS0uJGs/XlaZLLgkSD5BFHRwhA008K2uJM2
A/ZqyUKOFZY4kTzn4YjS29o3pUqpwXDixul+hxg+XlCWGQGNzx0QyirF2c8zC2Bx
w6BJ9y0H2WhB7PPKvpAXg3LT7CjhV/IV3qhBtMV2hYp8+io21S5aDtcuVd5xeNUE
HHn0j1AWoC/s1INf8/3G9+EdEwRhN1RzwrAt9YZYmO8rhp4CWgeA3xNsKfHBr7Xe
QV4/V7dCJ2GbOKXrhZpTi65EGI+n/NZuCZ34YPreX+0/rRtMbfIthFFv4wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDqDefYrBaP6wDf849+kIybpE6PEMB8GA1UdIwQY
MBaAFC5qhuYvDOmOAumAhp/0QU7ioPDOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTG1xRzVpOE02WTRDNllDR25fUkJUdUtnOE00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC8yYjYwMzAtNmQ4OC00ZTNlLTlmM2Et
YTY2N2JiNzY1MDYwLzEvT29ONTlpc0ZvX3JBTl96ajM2UWpKdWtUbzhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC8yYjYwMzAtNmQ4OC00ZTNlLTlmM2EtYTY2N2JiNzY1MDYw
LzEvTG1xRzVpOE02WTRDNllDR25fUkJUdUtnOE00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAZ5dnAwQA
Z5gRAwQAZ5t/MA0GCSqGSIb3DQEBCwUAA4IBAQAX5TZU0rv08OJ1T6k4ZGE+dhI5
XHBBaHzd8kNuVEFsBafurtL3exT4fYXl2c1zNe1b7uh/Pm2iLkyt6v3lVIYdjF6M
oD95NjpOl3zL0tcE1FfOXykVgsSF0fsqVs0MkB29Qx7wE451zf8MhcKz+RbTcdn7
qXrY8WAE6iO/Zq4FK0YrYAmdCgitkaTOYA9coKh+IPx7UTMEIGbpEJ5UhHZpfgkb
YRQeyJ+f0TxHi0JlJOUgxkNL5YQyD2//0jKeRyi2T+imIrB3659MBoPiO9uDCrWx
BsC/KHPPYQQ3/ZpyNvEzG3UZ8j79Ar5C4Ndna6rjji9njh+pgTnJT/2N0+Gi
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:54:57 2025 by rpki-client