
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/8797de-3ae9-4e05-80ff-c2534096c60d/1/0zxUpfCnMxnC7BmWv3aVshv8TcQ.roa
File: 0zxUpfCnMxnC7BmWv3aVshv8TcQ.roa (raw, json)
Hash identifier: At2E2OqVsxNF3HD6gagnKwGJStCqOJgn2ugZM5EeTko=
Subject key identifier: D3:3C:54:A5:F0:A7:33:19:C2:EC:19:96:BF:76:95:B2:1B:FC:4D:C4
Certificate issuer: /CN=7af57dd52c75fce39ffe2915469d9e656dbcb873
Certificate serial: 0199B941C9EA22FF2ACB0186F12983A5BBAE
Authority key identifier: 7A:F5:7D:D5:2C:75:FC:E3:9F:FE:29:15:46:9D:9E:65:6D:BC:B8:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/evV91Sx1_OOf_ikVRp2eZW28uHM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/8797de-3ae9-4e05-80ff-c2534096c60d/1/0zxUpfCnMxnC7BmWv3aVshv8TcQ.roa
Signing time: Mon 06 Oct 2025 11:22:00 +0000
ROA not before: Mon 06 Oct 2025 11:22:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211261
IP address blocks: 103.226.194.0/23 maxlen: 23
103.229.168.0/24 maxlen: 24
185.117.46.0/24 maxlen: 24
185.145.71.0/24 maxlen: 24
185.204.200.0/24 maxlen: 24
185.204.201.0/24 maxlen: 24
185.223.176.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cf/8797de-3ae9-4e05-80ff-c2534096c60d/1/evV91Sx1_OOf_ikVRp2eZW28uHM.crl
rsync://rpki.ripe.net/repository/DEFAULT/cf/8797de-3ae9-4e05-80ff-c2534096c60d/1/evV91Sx1_OOf_ikVRp2eZW28uHM.mft
rsync://rpki.ripe.net/repository/DEFAULT/evV91Sx1_OOf_ikVRp2eZW28uHM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 05:01:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:b9:41:c9:ea:22:ff:2a:cb:01:86:f1:29:83:a5:bb:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7af57dd52c75fce39ffe2915469d9e656dbcb873
Validity
Not Before: Oct 6 11:22:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d33c54a5f0a73319c2ec1996bf7695b21bfc4dc4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:57:cf:08:87:48:19:0e:e2:45:68:89:7f:c0:
f2:5c:b4:25:77:80:d7:63:4d:23:32:05:c9:5b:3a:
96:5d:c0:e1:fe:09:a5:82:ab:da:84:01:7e:59:cb:
02:20:0f:92:78:84:8e:03:05:83:2e:d4:40:a3:6d:
97:46:b8:85:84:5f:53:7f:2c:73:32:4d:7b:48:39:
f4:43:1c:57:95:5c:06:d2:d3:49:82:1a:2e:52:c9:
3f:e5:b7:a3:68:c1:ef:5b:d4:76:46:da:fc:0a:be:
78:21:73:1b:93:eb:f8:06:63:bb:2b:9b:2d:d4:ae:
e3:23:71:8c:62:6c:a8:92:30:9f:25:75:e3:1d:55:
31:d9:b1:d6:0f:be:1e:e1:d8:4c:96:03:d9:cd:93:
4b:58:19:36:a7:f0:77:4a:8c:e9:89:c7:b3:a8:1f:
ae:84:fa:7c:63:c8:f0:98:d8:58:c4:d2:43:5e:96:
03:2c:e6:3e:ad:40:ef:be:b7:02:3a:28:9d:0c:92:
40:eb:e8:2a:f9:6e:57:3c:36:70:d8:67:72:02:eb:
b9:5c:18:cb:96:d2:b1:cb:b2:fa:5a:05:76:ff:7c:
20:b1:7d:ce:91:50:aa:de:c1:8e:d0:bd:55:bb:71:
2e:32:1f:ca:93:05:75:1d:92:7b:7c:59:8e:59:dc:
a6:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:3C:54:A5:F0:A7:33:19:C2:EC:19:96:BF:76:95:B2:1B:FC:4D:C4
X509v3 Authority Key Identifier:
keyid:7A:F5:7D:D5:2C:75:FC:E3:9F:FE:29:15:46:9D:9E:65:6D:BC:B8:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/evV91Sx1_OOf_ikVRp2eZW28uHM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/8797de-3ae9-4e05-80ff-c2534096c60d/1/0zxUpfCnMxnC7BmWv3aVshv8TcQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/8797de-3ae9-4e05-80ff-c2534096c60d/1/evV91Sx1_OOf_ikVRp2eZW28uHM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.226.194.0/23
103.229.168.0/24
185.117.46.0/24
185.145.71.0/24
185.204.200.0/23
185.223.176.0/24
Signature Algorithm: sha256WithRSAEncryption
76:10:cc:3b:9e:0a:1e:aa:ed:9f:a4:33:fe:83:88:2a:45:7a:
92:c1:0e:55:8d:28:94:54:7a:ed:70:62:e2:0c:88:31:cf:9e:
20:c6:3a:04:28:12:47:8f:34:25:d9:be:cc:f8:e5:64:c6:27:
6b:ec:f9:92:64:a1:bf:b1:09:f1:51:38:82:07:c6:59:42:e6:
d0:4f:26:98:d9:fe:cb:8a:a9:22:15:a8:f9:9e:21:12:85:70:
79:ef:e4:74:4e:fb:3e:78:99:38:93:dd:08:c4:26:5b:24:10:
fe:49:e9:0d:c2:21:c4:1d:4f:fb:44:81:1e:55:01:5c:73:b0:
c8:d1:8e:4d:43:c5:c8:8c:0e:e8:f6:6e:c4:51:1e:07:04:5a:
2f:38:df:f4:47:b5:c2:41:f5:19:84:6c:b5:5e:3d:07:22:6d:
6c:49:d9:46:65:d9:10:e5:28:e0:f9:4d:02:b6:92:d7:18:57:
ca:0c:68:ca:da:4a:f6:f3:c6:8b:c0:1f:0a:94:12:40:f3:ca:
26:71:15:47:19:b6:3a:cb:ba:b6:f1:f5:56:9c:b4:c1:6b:21:
fa:3e:78:72:db:73:96:c9:42:2c:31:8b:af:c0:a7:f4:e3:77:
0b:f7:43:67:42:c6:96:38:e8:7c:0b:0f:5e:5a:9e:60:9b:bd:
51:1e:10:42
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZm5QcnqIv8qywGG8SmDpbuuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhZjU3ZGQ1MmM3NWZjZTM5ZmZlMjkxNTQ2OWQ5ZTY1NmRi
Y2I4NzMwHhcNMjUxMDA2MTEyMjAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzNjNTRhNWYwYTczMzE5YzJlYzE5OTZiZjc2OTViMjFiZmM0ZGM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu1fPCIdIGQ7iRWiJf8DyXLQld4DX
Y00jMgXJWzqWXcDh/gmlgqvahAF+WcsCIA+SeISOAwWDLtRAo22XRriFhF9Tfyxz
Mk17SDn0QxxXlVwG0tNJghouUsk/5bejaMHvW9R2Rtr8Cr54IXMbk+v4BmO7K5st
1K7jI3GMYmyokjCfJXXjHVUx2bHWD74e4dhMlgPZzZNLWBk2p/B3SozpicezqB+u
hPp8Y8jwmNhYxNJDXpYDLOY+rUDvvrcCOiidDJJA6+gq+W5XPDZw2GdyAuu5XBjL
ltKxy7L6WgV2/3wgsX3OkVCq3sGO0L1Vu3EuMh/KkwV1HZJ7fFmOWdymvwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFNM8VKXwpzMZwuwZlr92lbIb/E3EMB8GA1UdIwQY
MBaAFHr1fdUsdfzjn/4pFUadnmVtvLhzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXZWOTFTeDFfT09mX2lrVlJwMmVaVzI4dUhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi84Nzk3ZGUtM2FlOS00ZTA1LTgwZmYt
YzI1MzQwOTZjNjBkLzEvMHp4VXBmQ25NeG5DN0JtV3YzYVZzaHY4VGNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi84Nzk3ZGUtM2FlOS00ZTA1LTgwZmYtYzI1MzQwOTZjNjBk
LzEvZXZWOTFTeDFfT09mX2lrVlJwMmVaVzI4dUhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQBZ+LCAwQA
Z+WoAwQAuXUuAwQAuZFHAwQBuczIAwQAud+wMA0GCSqGSIb3DQEBCwUAA4IBAQB2
EMw7ngoequ2fpDP+g4gqRXqSwQ5VjSiUVHrtcGLiDIgxz54gxjoEKBJHjzQl2b7M
+OVkxidr7PmSZKG/sQnxUTiCB8ZZQubQTyaY2f7LiqkiFaj5niEShXB57+R0Tvs+
eJk4k90IxCZbJBD+SekNwiHEHU/7RIEeVQFcc7DI0Y5NQ8XIjA7o9m7EUR4HBFov
ON/0R7XCQfUZhGy1Xj0HIm1sSdlGZdkQ5Sjg+U0CtpLXGFfKDGjK2kr288aLwB8K
lBJA88omcRVHGbY6y7q28fVWnLTBayH6Pnhy23OWyUIsMYuvwKf043cL90NnQsaW
OOh8Cw9eWp5gm71RHhBC
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:22:50 2025 by rpki-client