Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/20b3fe-eebf-42ff-b012-7a3e394c0493/1/3MukuvAjChzbkXUiH7AnQDbb0l4.roa
File: 3MukuvAjChzbkXUiH7AnQDbb0l4.roa (raw, json)
Hash identifier: kY3n/ZTy9g9zEH976kSVtvidmHz0YnZOSjj64JdMJqA=
Subject key identifier: DC:CB:A4:BA:F0:23:0A:1C:DB:91:75:22:1F:B0:27:40:36:DB:D2:5E
Certificate issuer: /CN=97f19047f3f1e0593d1c317997bede2890aa0ffb
Certificate serial: 0199E32C5901DDCAFFD37C6E0B024BEC425E
Authority key identifier: 97:F1:90:47:F3:F1:E0:59:3D:1C:31:79:97:BE:DE:28:90:AA:0F:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l_GQR_Px4Fk9HDF5l77eKJCqD_s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/20b3fe-eebf-42ff-b012-7a3e394c0493/1/3MukuvAjChzbkXUiH7AnQDbb0l4.roa
Signing time: Tue 14 Oct 2025 14:42:38 +0000
ROA not before: Tue 14 Oct 2025 14:42:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 38136
IP address blocks: 103.156.184.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/eb/20b3fe-eebf-42ff-b012-7a3e394c0493/1/l_GQR_Px4Fk9HDF5l77eKJCqD_s.crl
rsync://rpki.ripe.net/repository/DEFAULT/eb/20b3fe-eebf-42ff-b012-7a3e394c0493/1/l_GQR_Px4Fk9HDF5l77eKJCqD_s.mft
rsync://rpki.ripe.net/repository/DEFAULT/l_GQR_Px4Fk9HDF5l77eKJCqD_s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:01:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:e3:2c:59:01:dd:ca:ff:d3:7c:6e:0b:02:4b:ec:42:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=97f19047f3f1e0593d1c317997bede2890aa0ffb
Validity
Not Before: Oct 14 14:42:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dccba4baf0230a1cdb9175221fb0274036dbd25e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:4a:d0:df:a6:6e:aa:22:12:f6:d0:9c:4d:7d:
27:24:1b:a4:8d:51:aa:0a:35:06:a2:e6:6c:f0:eb:
73:d8:19:ba:70:7e:d9:a7:7c:9e:63:81:72:3a:c0:
f7:7e:8d:7e:98:b0:da:3c:1b:8c:4b:8b:ae:37:e4:
22:81:d4:f6:fe:95:18:8e:d0:62:7b:2f:a9:e9:1b:
2a:12:07:fb:81:fc:0c:3a:f3:ef:15:a6:db:07:11:
3a:df:32:44:8f:e6:dd:7d:ce:14:91:28:1b:a6:62:
0b:ea:de:c1:0e:2f:0d:25:f2:82:b8:b5:90:47:78:
a4:a4:13:9e:94:97:84:39:3c:ea:ed:9e:a5:28:00:
43:d3:e6:87:37:06:4d:88:37:e0:c1:1c:36:6f:df:
13:51:6e:e0:f4:5c:03:4e:05:e7:04:a5:8c:11:72:
17:b0:9f:7d:12:33:54:82:46:fd:9b:bb:40:3d:5a:
3e:6d:87:92:1f:9a:4e:01:28:f6:c2:77:8a:9f:76:
9e:85:63:d1:40:af:eb:85:e9:da:12:88:2b:4a:63:
90:b0:55:d0:25:a7:af:c8:79:7e:ee:12:6d:2b:71:
34:37:c1:24:87:13:0b:51:46:82:be:f9:51:fc:00:
ff:02:5c:72:6c:f0:0c:fc:1f:61:b2:8a:a2:be:e8:
e1:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:CB:A4:BA:F0:23:0A:1C:DB:91:75:22:1F:B0:27:40:36:DB:D2:5E
X509v3 Authority Key Identifier:
keyid:97:F1:90:47:F3:F1:E0:59:3D:1C:31:79:97:BE:DE:28:90:AA:0F:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l_GQR_Px4Fk9HDF5l77eKJCqD_s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/20b3fe-eebf-42ff-b012-7a3e394c0493/1/3MukuvAjChzbkXUiH7AnQDbb0l4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/20b3fe-eebf-42ff-b012-7a3e394c0493/1/l_GQR_Px4Fk9HDF5l77eKJCqD_s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.156.184.0/24
Signature Algorithm: sha256WithRSAEncryption
63:16:9e:1e:cb:9d:98:66:01:e1:de:93:7a:a1:5b:fc:48:fb:
85:cf:fc:7d:15:44:47:32:63:5d:5b:2c:a4:64:95:ef:3a:63:
2f:fb:5f:42:92:86:8a:c7:2a:24:93:33:25:d2:d6:f7:d9:83:
a0:37:11:49:93:19:a4:4b:8a:61:3a:28:8b:56:39:58:a2:28:
5a:63:20:6d:b1:ef:ac:c1:fc:08:48:f6:b9:51:22:12:3b:f6:
52:67:bb:16:0b:33:42:66:db:e2:24:9a:ce:ea:08:da:5e:4d:
be:b0:fc:f0:a2:42:d1:77:aa:4d:0d:dc:99:7a:27:31:c3:21:
c2:e7:60:65:9c:fb:15:91:ed:30:9b:fa:45:85:e8:b1:ee:69:
c8:8e:a2:aa:36:3e:1c:15:a3:f4:f7:8f:56:8b:49:06:3e:8d:
4a:96:f1:cf:06:38:71:a5:ff:51:8a:34:b2:87:5a:73:24:a0:
ab:91:a8:a9:18:cb:e4:5a:43:fa:5a:84:ea:e7:b7:77:4e:cb:
89:04:3d:f8:8b:9f:e3:ba:05:d6:2c:be:f9:2c:91:59:1a:c6:
1a:e1:6d:ae:17:bc:d6:88:df:21:20:49:9c:34:21:4a:92:82:
31:6b:a6:42:92:1a:5e:fe:e2:04:c5:95:4a:09:8a:94:dc:1d:
e0:74:9a:23
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZnjLFkB3cr/03xuCwJL7EJeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3ZjE5MDQ3ZjNmMWUwNTkzZDFjMzE3OTk3YmVkZTI4OTBh
YTBmZmIwHhcNMjUxMDE0MTQ0MjM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkY2NiYTRiYWYwMjMwYTFjZGI5MTc1MjIxZmIwMjc0MDM2ZGJkMjVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuErQ36ZuqiIS9tCcTX0nJBukjVGq
CjUGouZs8Otz2Bm6cH7Zp3yeY4FyOsD3fo1+mLDaPBuMS4uuN+QigdT2/pUYjtBi
ey+p6RsqEgf7gfwMOvPvFabbBxE63zJEj+bdfc4UkSgbpmIL6t7BDi8NJfKCuLWQ
R3ikpBOelJeEOTzq7Z6lKABD0+aHNwZNiDfgwRw2b98TUW7g9FwDTgXnBKWMEXIX
sJ99EjNUgkb9m7tAPVo+bYeSH5pOASj2wneKn3aehWPRQK/rhenaEogrSmOQsFXQ
JaevyHl+7hJtK3E0N8EkhxMLUUaCvvlR/AD/AlxybPAM/B9hsoqivujhtQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNzLpLrwIwoc25F1Ih+wJ0A229JeMB8GA1UdIwQY
MBaAFJfxkEfz8eBZPRwxeZe+3iiQqg/7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbF9HUVJfUHg0Rms5SERGNWw3N2VLSkNxRF9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi8yMGIzZmUtZWViZi00MmZmLWIwMTIt
N2EzZTM5NGMwNDkzLzEvM011a3V2QWpDaHpia1hVaUg3QW5RRGJiMGw0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi8yMGIzZmUtZWViZi00MmZmLWIwMTItN2EzZTM5NGMwNDkz
LzEvbF9HUVJfUHg0Rms5SERGNWw3N2VLSkNxRF9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAZ5y4MA0G
CSqGSIb3DQEBCwUAA4IBAQBjFp4ey52YZgHh3pN6oVv8SPuFz/x9FURHMmNdWyyk
ZJXvOmMv+19CkoaKxyokkzMl0tb32YOgNxFJkxmkS4phOiiLVjlYoihaYyBtse+s
wfwISPa5USISO/ZSZ7sWCzNCZtviJJrO6gjaXk2+sPzwokLRd6pNDdyZeicxwyHC
52BlnPsVke0wm/pFheix7mnIjqKqNj4cFaP0949Wi0kGPo1KlvHPBjhxpf9RijSy
h1pzJKCrkaipGMvkWkP6WoTq57d3TsuJBD34i5/jugXWLL75LJFZGsYa4W2uF7zW
iN8hIEmcNCFKkoIxa6ZCkhpe/uIExZVKCYqU3B3gdJoj
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:32:30 2025 by rpki-client