Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/db97d0-28f2-4329-b856-4a348e7be441/1/xgjFzhXYhGbGqiBS917YkkfDj1Y.roa
File: xgjFzhXYhGbGqiBS917YkkfDj1Y.roa (raw, json)
Hash identifier: 3tm6YEfTpXDMNLGtjMc8bpqY8eSNfuk7xz8kgfbIog8=
Subject key identifier: C6:08:C5:CE:15:D8:84:66:C6:AA:20:52:F7:5E:D8:92:47:C3:8F:56
Certificate issuer: /CN=914aa557c3d3d1e6b7f0525c34cc1d488a5a9294
Certificate serial: 019DFDF0FEC77E8F2227E1E268B5BF69790D
Authority key identifier: 91:4A:A5:57:C3:D3:D1:E6:B7:F0:52:5C:34:CC:1D:48:8A:5A:92:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kUqlV8PT0ea38FJcNMwdSIpakpQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/db97d0-28f2-4329-b856-4a348e7be441/1/xgjFzhXYhGbGqiBS917YkkfDj1Y.roa
Signing time: Wed 06 May 2026 15:38:42 +0000
ROA not before: Wed 06 May 2026 15:38:42 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 9304
IP address blocks: 110.34.32.0/24 maxlen: 24
222.167.226.0/24 maxlen: 24
222.167.234.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/99/db97d0-28f2-4329-b856-4a348e7be441/1/kUqlV8PT0ea38FJcNMwdSIpakpQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/99/db97d0-28f2-4329-b856-4a348e7be441/1/kUqlV8PT0ea38FJcNMwdSIpakpQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/kUqlV8PT0ea38FJcNMwdSIpakpQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 May 2026 22:00:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:fd:f0:fe:c7:7e:8f:22:27:e1:e2:68:b5:bf:69:79:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=914aa557c3d3d1e6b7f0525c34cc1d488a5a9294
Validity
Not Before: May 6 15:38:42 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=c608c5ce15d88466c6aa2052f75ed89247c38f56
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:74:49:82:c7:b3:d7:59:4a:e3:73:3d:87:0e:
ca:93:16:b9:4a:ab:f7:87:7f:f6:98:18:b0:28:49:
a0:f5:76:85:cf:b8:1b:b3:e2:c7:78:1c:be:61:cb:
8c:0d:06:67:5d:4e:5c:da:a2:df:ce:74:3f:a1:d5:
e3:0d:87:3e:61:55:b0:7d:3c:3a:98:55:ca:38:49:
19:f0:53:0f:25:f6:1c:cc:25:25:2d:4f:ff:e7:55:
23:47:cc:b3:32:8f:01:91:9d:76:de:2b:e8:1d:19:
b9:c4:27:e7:11:81:b8:99:cc:8a:22:25:e8:f6:ad:
52:fb:41:da:a4:24:79:6b:53:cc:04:f3:dc:3c:5d:
1d:6a:68:c5:9e:ee:72:e0:fb:40:36:e3:34:9b:a4:
10:04:07:f0:fb:d0:e4:98:f6:e9:c0:10:04:de:41:
6d:15:2d:9b:5f:8b:ef:b4:6d:4f:0b:30:78:7e:79:
b9:79:34:e9:cc:19:54:b6:d9:6e:1d:c8:54:d5:6c:
7f:34:cc:57:1c:be:9c:af:ee:62:5e:d2:3b:82:6e:
8c:af:cb:4a:8b:c4:8b:ae:10:73:a8:72:32:56:f7:
2c:b3:1d:a4:b6:92:05:ce:b2:58:9a:98:9b:04:2c:
91:8c:88:69:d7:69:c6:c9:ab:2b:12:80:34:7e:cc:
9e:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:08:C5:CE:15:D8:84:66:C6:AA:20:52:F7:5E:D8:92:47:C3:8F:56
X509v3 Authority Key Identifier:
keyid:91:4A:A5:57:C3:D3:D1:E6:B7:F0:52:5C:34:CC:1D:48:8A:5A:92:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kUqlV8PT0ea38FJcNMwdSIpakpQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/db97d0-28f2-4329-b856-4a348e7be441/1/xgjFzhXYhGbGqiBS917YkkfDj1Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/db97d0-28f2-4329-b856-4a348e7be441/1/kUqlV8PT0ea38FJcNMwdSIpakpQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
110.34.32.0/24
222.167.226.0/24
222.167.234.0/24
Signature Algorithm: sha256WithRSAEncryption
12:fa:b4:19:87:01:14:94:ec:be:7a:4c:2f:29:87:aa:57:fd:
59:55:84:66:d1:5e:24:3a:17:68:99:51:ac:26:78:78:08:3d:
cf:10:d4:b0:f0:0d:d5:86:91:73:48:25:13:8b:01:43:70:fe:
71:ab:51:a1:27:20:e3:88:6c:5f:17:b1:a3:ef:12:56:b2:29:
07:5c:25:b7:22:fe:d5:12:dd:66:d7:7d:3b:6b:e8:49:76:21:
65:5e:0b:d6:c9:2c:0a:be:3d:ba:71:16:17:19:e7:71:0c:4c:
12:42:54:ab:d0:34:4b:8a:76:d0:dc:5c:6b:39:2e:e4:40:b6:
fa:d7:fe:18:7a:8d:09:db:d3:71:4b:95:a9:22:cb:c3:eb:ab:
ea:4c:18:d2:51:0c:6b:20:bf:98:a1:43:e2:56:15:a1:0a:66:
7b:b8:ad:74:41:bd:fa:08:23:0b:cc:23:1e:50:83:1e:7e:e9:
84:8d:02:9f:bd:04:37:41:59:26:89:82:90:b6:d5:80:56:63:
4b:0b:8f:3b:75:4f:89:d5:4a:9f:e2:bc:71:f8:29:c1:c6:d3:
9a:66:eb:11:25:5f:ac:c6:ff:a4:5d:d0:6a:b8:b7:7b:ad:bb:
a1:26:4a:be:40:85:dd:4b:28:2f:2e:91:5d:8a:2b:35:bd:6e:
9d:3f:47:df
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZ398P7Hfo8iJ+HiaLW/aXkNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxNGFhNTU3YzNkM2QxZTZiN2YwNTI1YzM0Y2MxZDQ4OGE1
YTkyOTQwHhcNMjYwNTA2MTUzODQyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjA4YzVjZTE1ZDg4NDY2YzZhYTIwNTJmNzVlZDg5MjQ3YzM4ZjU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyXRJgsez11lK43M9hw7Kkxa5Sqv3
h3/2mBiwKEmg9XaFz7gbs+LHeBy+YcuMDQZnXU5c2qLfznQ/odXjDYc+YVWwfTw6
mFXKOEkZ8FMPJfYczCUlLU//51UjR8yzMo8BkZ123ivoHRm5xCfnEYG4mcyKIiXo
9q1S+0HapCR5a1PMBPPcPF0damjFnu5y4PtANuM0m6QQBAfw+9DkmPbpwBAE3kFt
FS2bX4vvtG1PCzB4fnm5eTTpzBlUttluHchU1Wx/NMxXHL6cr+5iXtI7gm6Mr8tK
i8SLrhBzqHIyVvcssx2ktpIFzrJYmpibBCyRjIhp12nGyasrEoA0fsyeVQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMYIxc4V2IRmxqogUvde2JJHw49WMB8GA1UdIwQY
MBaAFJFKpVfD09Hmt/BSXDTMHUiKWpKUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva1VxbFY4UFQwZWEzOEZKY05Nd2RTSXBha3BRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS9kYjk3ZDAtMjhmMi00MzI5LWI4NTYt
NGEzNDhlN2JlNDQxLzEveGdqRnpoWFloR2JHcWlCUzkxN1lra2ZEajFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS9kYjk3ZDAtMjhmMi00MzI5LWI4NTYtNGEzNDhlN2JlNDQx
LzEva1VxbFY4UFQwZWEzOEZKY05Nd2RTSXBha3BRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAbiIgAwQA
3qfiAwQA3qfqMA0GCSqGSIb3DQEBCwUAA4IBAQAS+rQZhwEUlOy+ekwvKYeqV/1Z
VYRm0V4kOhdomVGsJnh4CD3PENSw8A3VhpFzSCUTiwFDcP5xq1GhJyDjiGxfF7Gj
7xJWsikHXCW3Iv7VEt1m1307a+hJdiFlXgvWySwKvj26cRYXGedxDEwSQlSr0DRL
inbQ3FxrOS7kQLb61/4Yeo0J29NxS5WpIsvD66vqTBjSUQxrIL+YoUPiVhWhCmZ7
uK10Qb36CCMLzCMeUIMefumEjQKfvQQ3QVkmiYKQttWAVmNLC487dU+J1Uqf4rxx
+CnBxtOaZusRJV+sxv+kXdBquLd7rbuhJkq+QIXdSygvLpFdiis1vW6dP0ff
-----END CERTIFICATE-----
Generated at Wed May 13 04:26:53 2026 by rpki-client