Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/AmIGK373rCGbBPFc7_nbosKkicU.roa
File: AmIGK373rCGbBPFc7_nbosKkicU.roa (raw, json)
Hash identifier: 0XQK/+c4hCfqbI3DZGBwcuSbhhKi3m83NW35JwTU9vs=
Subject key identifier: 02:62:06:2B:7E:F7:AC:21:9B:04:F1:5C:EF:F9:DB:A2:C2:A4:89:C5
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0196BADA9A408432B022FB4863ECD3B132C6
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/AmIGK373rCGbBPFc7_nbosKkicU.roa
Signing time: Sat 10 May 2025 15:40:10 +0000
ROA not before: Sat 10 May 2025 15:40:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 137409
IP address blocks: 103.227.87.0/24 maxlen: 24
2a0f:31c1::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.mft
rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 11 May 2025 22:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:ba:da:9a:40:84:32:b0:22:fb:48:63:ec:d3:b1:32:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: May 10 15:40:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0262062b7ef7ac219b04f15ceff9dba2c2a489c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:67:ba:d7:4f:92:f2:68:20:92:60:c8:3d:0b:
34:a9:24:04:c5:09:72:2c:91:44:3b:02:3f:02:a1:
0a:fe:2e:40:e2:04:64:ba:6f:10:d4:19:07:9a:c7:
96:55:fa:30:b2:83:d6:bd:e5:49:92:0d:3c:5f:64:
0c:51:a4:89:05:c8:42:f7:de:4c:63:f9:a4:0d:29:
61:98:f2:38:38:6e:b4:92:3d:b3:c5:03:cb:0f:13:
c4:e1:ea:8e:84:52:91:d4:90:9e:9a:d4:7f:07:97:
c6:08:88:4b:92:99:a2:79:d3:f9:1d:be:ac:d8:28:
e3:61:91:e2:15:92:74:18:5f:7b:ea:d1:c7:2d:05:
4b:0a:de:16:fe:46:21:1f:38:e4:00:94:c7:4d:31:
fe:d7:a1:34:ab:7b:60:9d:ac:d4:f3:f2:98:cf:a2:
1a:7e:35:9c:88:38:67:b2:be:c8:7f:7c:51:10:68:
de:06:a2:b9:ba:51:fd:f1:84:f6:82:c4:d4:30:91:
f5:25:a4:96:7f:01:96:ff:0f:88:7b:d5:5f:94:7f:
0c:3b:17:f4:d4:61:90:95:36:96:7c:a3:cb:e6:e3:
94:a1:3f:4e:7e:9d:f6:ab:b7:53:d0:3f:9c:37:43:
db:e8:5f:e1:db:04:ad:42:5d:c7:ed:fa:18:4b:0e:
d3:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:62:06:2B:7E:F7:AC:21:9B:04:F1:5C:EF:F9:DB:A2:C2:A4:89:C5
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/AmIGK373rCGbBPFc7_nbosKkicU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.227.87.0/24
IPv6:
2a0f:31c1::/32
Signature Algorithm: sha256WithRSAEncryption
9d:ab:85:1c:4f:a9:b9:88:da:d6:6e:c7:98:cb:5e:98:f7:74:
e4:e2:75:c4:5a:4e:df:f7:eb:68:d1:2a:f0:40:58:45:5b:df:
c2:31:1d:fc:1b:3c:1c:f0:07:93:97:1b:61:da:06:03:ed:9a:
22:51:75:9b:0a:9d:5a:c2:be:4f:ca:05:98:00:9f:3d:ff:31:
20:48:cc:e2:96:55:b1:94:07:75:3c:9c:a4:53:bf:af:6f:5d:
f1:8e:66:e5:4e:a5:1b:55:82:e0:d2:8f:58:61:b6:66:05:aa:
24:23:5b:48:b7:75:56:58:b3:f4:75:19:68:e8:f1:a0:0c:93:
65:8a:53:c6:cc:16:7b:ad:3f:5a:b0:dd:9b:10:69:5d:f8:cb:
25:57:0b:7e:3b:66:fe:2b:0c:da:b8:7b:4b:a0:7b:95:9c:da:
21:49:2b:1c:df:f2:52:1a:41:d0:5f:df:c9:f8:62:d5:b0:2d:
9f:f7:e7:c2:00:cc:92:b2:15:26:3b:60:08:14:29:a9:3b:5d:
59:3b:05:d6:e0:00:b2:89:3d:2d:7b:7c:48:9b:90:eb:aa:2b:
4b:e6:d3:76:a5:00:5e:df:9b:b6:60:97:58:75:b1:06:ee:36:
31:ea:e3:6f:27:02:04:22:55:b1:c2:80:2d:bf:6c:f7:a2:a7:
25:c4:a4:76
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZa62ppAhDKwIvtIY+zTsTLGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjUwNTEwMTU0MDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjYyMDYyYjdlZjdhYzIxOWIwNGYxNWNlZmY5ZGJhMmMyYTQ4OWM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6me610+S8mggkmDIPQs0qSQExQly
LJFEOwI/AqEK/i5A4gRkum8Q1BkHmseWVfowsoPWveVJkg08X2QMUaSJBchC995M
Y/mkDSlhmPI4OG60kj2zxQPLDxPE4eqOhFKR1JCemtR/B5fGCIhLkpmiedP5Hb6s
2CjjYZHiFZJ0GF976tHHLQVLCt4W/kYhHzjkAJTHTTH+16E0q3tgnazU8/KYz6Ia
fjWciDhnsr7If3xREGjeBqK5ulH98YT2gsTUMJH1JaSWfwGW/w+Ie9VflH8MOxf0
1GGQlTaWfKPL5uOUoT9Ofp32q7dT0D+cN0Pb6F/h2wStQl3H7foYSw7TvwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAJiBit+96whmwTxXO/526LCpInFMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvQW1JR0szNzNyQ0diQlBGYzdfbmJvc0traWNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAZ+NXMA0E
AgACMAcDBQAqDzHBMA0GCSqGSIb3DQEBCwUAA4IBAQCdq4UcT6m5iNrWbseYy16Y
93Tk4nXEWk7f9+to0SrwQFhFW9/CMR38Gzwc8AeTlxth2gYD7ZoiUXWbCp1awr5P
ygWYAJ89/zEgSMzillWxlAd1PJykU7+vb13xjmblTqUbVYLg0o9YYbZmBaokI1tI
t3VWWLP0dRlo6PGgDJNlilPGzBZ7rT9asN2bEGld+MslVwt+O2b+KwzauHtLoHuV
nNohSSsc3/JSGkHQX9/J+GLVsC2f9+fCAMySshUmO2AIFCmpO11ZOwXW4ACyiT0t
e3xIm5DrqitL5tN2pQBe35u2YJdYdbEG7jYx6uNvJwIEIlWxwoAtv2z3oqclxKR2
-----END CERTIFICATE-----
Generated at Sun May 11 02:41:25 2025 by rpki-client