Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/db97d0-28f2-4329-b856-4a348e7be441/1/c4Il-JnXROB_VkMf-eIk0R39vBs.roa
File: c4Il-JnXROB_VkMf-eIk0R39vBs.roa (raw, json)
Hash identifier: xLL28ItsoEWb/fqkyK5VOixb4nmCnjVB1sa6bHGaIOg=
Subject key identifier: 73:82:25:F8:99:D7:44:E0:7F:56:43:1F:F9:E2:24:D1:1D:FD:BC:1B
Certificate issuer: /CN=914aa557c3d3d1e6b7f0525c34cc1d488a5a9294
Certificate serial: 019D1AFD2042DE5B2E432CE8AAB3E2C7B034
Authority key identifier: 91:4A:A5:57:C3:D3:D1:E6:B7:F0:52:5C:34:CC:1D:48:8A:5A:92:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kUqlV8PT0ea38FJcNMwdSIpakpQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/db97d0-28f2-4329-b856-4a348e7be441/1/c4Il-JnXROB_VkMf-eIk0R39vBs.roa
Signing time: Mon 23 Mar 2026 13:58:09 +0000
ROA not before: Mon 23 Mar 2026 13:58:09 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 63199
IP address blocks: 110.34.37.0/24 maxlen: 24
222.167.209.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/99/db97d0-28f2-4329-b856-4a348e7be441/1/kUqlV8PT0ea38FJcNMwdSIpakpQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/99/db97d0-28f2-4329-b856-4a348e7be441/1/kUqlV8PT0ea38FJcNMwdSIpakpQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/kUqlV8PT0ea38FJcNMwdSIpakpQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:1a:fd:20:42:de:5b:2e:43:2c:e8:aa:b3:e2:c7:b0:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=914aa557c3d3d1e6b7f0525c34cc1d488a5a9294
Validity
Not Before: Mar 23 13:58:09 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=738225f899d744e07f56431ff9e224d11dfdbc1b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:0d:3b:af:9b:f0:ab:95:45:dd:ea:50:a1:76:
22:73:66:12:47:d6:c7:4f:bf:8d:94:3f:ac:94:7c:
6d:f0:9e:91:bc:bc:bc:ea:db:b1:fb:aa:b5:88:b7:
a4:52:f1:7f:34:2e:0d:bc:5a:5c:e6:ed:e8:b9:64:
1b:e7:95:05:78:8a:97:78:d1:a9:6f:ef:7e:96:a1:
da:be:b5:98:59:77:6b:27:4a:91:5d:97:10:23:02:
32:94:98:3b:bc:b8:7f:a1:b6:05:33:cf:f1:87:9d:
3e:0b:5d:0a:02:e6:6d:a3:64:eb:1f:a9:37:b7:5a:
ea:cc:42:02:c3:ce:e6:70:f6:27:f9:99:ef:d4:9f:
1b:13:01:f3:3d:4e:10:bc:2c:63:0e:ac:e1:98:39:
24:20:30:8a:b6:3a:f3:33:9e:77:c1:cb:21:60:70:
62:74:ef:e7:a5:7d:53:3c:31:1a:00:7b:b2:2d:98:
5d:aa:61:32:1a:50:80:03:ea:77:ad:b9:39:59:7c:
82:0a:67:71:b3:83:3c:e2:3d:be:f6:3d:36:d9:a3:
36:16:9b:d3:bb:6a:3d:be:d2:6b:b8:4f:f9:d6:9c:
6e:3f:d6:23:44:42:2c:33:b2:59:56:e1:c6:15:e8:
d2:6b:61:7a:9b:96:71:67:be:8f:bb:d7:62:f6:c4:
c8:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:82:25:F8:99:D7:44:E0:7F:56:43:1F:F9:E2:24:D1:1D:FD:BC:1B
X509v3 Authority Key Identifier:
keyid:91:4A:A5:57:C3:D3:D1:E6:B7:F0:52:5C:34:CC:1D:48:8A:5A:92:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kUqlV8PT0ea38FJcNMwdSIpakpQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/db97d0-28f2-4329-b856-4a348e7be441/1/c4Il-JnXROB_VkMf-eIk0R39vBs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/db97d0-28f2-4329-b856-4a348e7be441/1/kUqlV8PT0ea38FJcNMwdSIpakpQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
110.34.37.0/24
222.167.209.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:f9:bd:6e:3b:65:bf:66:31:19:04:92:ae:7a:28:c6:e0:fb:
d8:eb:56:c5:be:fd:97:2d:b1:3d:72:82:9a:e7:17:29:7f:7f:
3a:17:06:09:e8:c4:a3:c3:25:75:73:35:1f:1f:46:25:9a:37:
bf:30:5e:b4:cf:7d:f4:e0:77:18:f9:cd:db:d7:80:69:a0:3d:
04:73:02:d1:ad:ae:43:67:b3:ad:ee:bf:ac:35:e9:94:75:06:
12:49:b4:aa:4f:fd:3d:d6:b8:56:c9:6f:af:a7:21:b1:07:3e:
61:ad:45:2a:ff:f5:ed:ca:26:6e:1e:f3:79:99:d1:96:2d:e5:
f6:11:47:fe:03:28:d5:37:cc:69:23:ad:34:97:8b:e7:1c:7b:
43:e7:c9:af:4c:1f:f7:54:c3:cd:7d:dd:9b:5a:31:61:8d:bc:
50:da:70:9d:33:54:6d:3e:29:2b:8e:6e:07:67:e0:1c:8d:8a:
8c:d4:99:67:7e:d3:2b:da:92:4e:cd:ac:07:54:8b:02:a8:78:
09:09:76:3e:dc:23:16:cb:be:9c:b3:c8:38:a8:45:93:bc:04:
eb:e5:bc:22:27:f4:b6:14:1f:8e:ee:95:b0:01:5d:9a:29:b4:
8d:2e:63:ef:8e:6f:3f:82:7f:a3:95:34:f9:54:84:f6:9d:3a:
77:27:67:0f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZ0a/SBC3lsuQyzoqrPix7A0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxNGFhNTU3YzNkM2QxZTZiN2YwNTI1YzM0Y2MxZDQ4OGE1
YTkyOTQwHhcNMjYwMzIzMTM1ODA5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MzgyMjVmODk5ZDc0NGUwN2Y1NjQzMWZmOWUyMjRkMTFkZmRiYzFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiA07r5vwq5VF3epQoXYic2YSR9bH
T7+NlD+slHxt8J6RvLy86tux+6q1iLekUvF/NC4NvFpc5u3ouWQb55UFeIqXeNGp
b+9+lqHavrWYWXdrJ0qRXZcQIwIylJg7vLh/obYFM8/xh50+C10KAuZto2TrH6k3
t1rqzEICw87mcPYn+Znv1J8bEwHzPU4QvCxjDqzhmDkkIDCKtjrzM553wcshYHBi
dO/npX1TPDEaAHuyLZhdqmEyGlCAA+p3rbk5WXyCCmdxs4M84j2+9j022aM2FpvT
u2o9vtJruE/51pxuP9YjREIsM7JZVuHGFejSa2F6m5ZxZ76Pu9di9sTINwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHOCJfiZ10Tgf1ZDH/niJNEd/bwbMB8GA1UdIwQY
MBaAFJFKpVfD09Hmt/BSXDTMHUiKWpKUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva1VxbFY4UFQwZWEzOEZKY05Nd2RTSXBha3BRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS9kYjk3ZDAtMjhmMi00MzI5LWI4NTYt
NGEzNDhlN2JlNDQxLzEvYzRJbC1KblhST0JfVmtNZi1lSWswUjM5dkJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS9kYjk3ZDAtMjhmMi00MzI5LWI4NTYtNGEzNDhlN2JlNDQx
LzEva1VxbFY4UFQwZWEzOEZKY05Nd2RTSXBha3BRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAbiIlAwQA
3qfRMA0GCSqGSIb3DQEBCwUAA4IBAQA9+b1uO2W/ZjEZBJKueijG4PvY61bFvv2X
LbE9coKa5xcpf386FwYJ6MSjwyV1czUfH0Ylmje/MF60z3304HcY+c3b14BpoD0E
cwLRra5DZ7Ot7r+sNemUdQYSSbSqT/091rhWyW+vpyGxBz5hrUUq//XtyiZuHvN5
mdGWLeX2EUf+AyjVN8xpI600l4vnHHtD58mvTB/3VMPNfd2bWjFhjbxQ2nCdM1Rt
Pikrjm4HZ+AcjYqM1JlnftMr2pJOzawHVIsCqHgJCXY+3CMWy76cs8g4qEWTvATr
5bwiJ/S2FB+O7pWwAV2aKbSNLmPvjm8/gn+jlTT5VIT2nTp3J2cP
-----END CERTIFICATE-----
Generated at Thu Mar 26 11:01:18 2026 by rpki-client