Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/22f1d5-f269-4f4f-bf8a-1fbc641b50b1/1/dRVNIEivbcvCfy8ob6dWGU0J1O4.roa
File: dRVNIEivbcvCfy8ob6dWGU0J1O4.roa (raw, json)
Hash identifier: ts72C0/LCxBdmdNjvI5bOvMgVAWjg8chP/9czsk1hCI=
Subject key identifier: 75:15:4D:20:48:AF:6D:CB:C2:7F:2F:28:6F:A7:56:19:4D:09:D4:EE
Certificate issuer: /CN=70e5b30272e43053208978dbe44bfee10a5d007e
Certificate serial: 0198EA6240425263E0FFD04BBB9373A28F0E
Authority key identifier: 70:E5:B3:02:72:E4:30:53:20:89:78:DB:E4:4B:FE:E1:0A:5D:00:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cOWzAnLkMFMgiXjb5Ev-4QpdAH4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/22f1d5-f269-4f4f-bf8a-1fbc641b50b1/1/dRVNIEivbcvCfy8ob6dWGU0J1O4.roa
Signing time: Wed 27 Aug 2025 07:16:04 +0000
ROA not before: Wed 27 Aug 2025 07:16:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44051
IP address blocks: 103.75.124.0/24 maxlen: 24
103.75.127.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f1/22f1d5-f269-4f4f-bf8a-1fbc641b50b1/1/cOWzAnLkMFMgiXjb5Ev-4QpdAH4.crl
rsync://rpki.ripe.net/repository/DEFAULT/f1/22f1d5-f269-4f4f-bf8a-1fbc641b50b1/1/cOWzAnLkMFMgiXjb5Ev-4QpdAH4.mft
rsync://rpki.ripe.net/repository/DEFAULT/cOWzAnLkMFMgiXjb5Ev-4QpdAH4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:ea:62:40:42:52:63:e0:ff:d0:4b:bb:93:73:a2:8f:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70e5b30272e43053208978dbe44bfee10a5d007e
Validity
Not Before: Aug 27 07:16:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=75154d2048af6dcbc27f2f286fa756194d09d4ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:0c:c6:69:21:d6:95:88:80:6d:19:46:f4:0b:
17:3c:0c:54:ed:5e:a8:df:e5:1e:12:c5:aa:68:7f:
51:6c:b4:7c:02:67:7b:89:7e:f6:fb:d6:7e:10:b9:
86:0d:0f:f5:b1:43:05:83:96:92:21:59:72:33:dd:
ca:21:0c:d2:33:fa:12:17:55:43:b8:fb:ba:9b:34:
90:f4:48:5f:97:5f:bb:93:80:77:bb:e7:61:40:f1:
18:19:34:22:35:03:47:4e:6f:0f:9c:83:e5:b6:e6:
69:72:60:ee:78:d8:08:5b:63:b6:d4:80:99:5b:b5:
de:4d:6a:57:da:74:42:96:65:13:38:54:6b:37:81:
a8:c3:ee:8a:ab:95:13:4a:83:7f:c0:d2:2a:04:69:
4e:88:b0:ba:12:18:34:05:ec:50:11:8e:71:6c:22:
53:8f:f1:94:00:04:bc:65:0f:07:96:ee:ce:31:54:
57:fb:5c:84:af:5f:82:be:31:d2:47:18:78:16:14:
89:62:c2:52:3f:3a:c3:94:ba:70:8b:8c:6a:f9:a3:
17:46:25:cc:0b:60:ef:cd:8e:19:0b:cd:47:72:7e:
d0:44:a2:b6:06:bc:4f:31:7f:03:14:c1:78:2f:69:
6a:f4:f1:d5:6b:32:88:85:34:46:8a:78:ae:4a:13:
bf:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:15:4D:20:48:AF:6D:CB:C2:7F:2F:28:6F:A7:56:19:4D:09:D4:EE
X509v3 Authority Key Identifier:
keyid:70:E5:B3:02:72:E4:30:53:20:89:78:DB:E4:4B:FE:E1:0A:5D:00:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cOWzAnLkMFMgiXjb5Ev-4QpdAH4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/22f1d5-f269-4f4f-bf8a-1fbc641b50b1/1/dRVNIEivbcvCfy8ob6dWGU0J1O4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/22f1d5-f269-4f4f-bf8a-1fbc641b50b1/1/cOWzAnLkMFMgiXjb5Ev-4QpdAH4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.75.124.0/24
103.75.127.0/24
Signature Algorithm: sha256WithRSAEncryption
52:5d:ef:a1:fb:ae:1a:90:05:00:18:38:6f:f4:9f:79:3f:ad:
16:b6:f9:12:c0:46:63:f8:4f:25:ee:da:b0:9f:0b:e0:56:19:
b7:bc:64:8a:85:b9:e4:e2:db:fc:f2:b3:e3:bc:06:33:ea:13:
ad:58:56:c5:a0:b2:25:70:bb:85:4c:eb:cc:04:64:f7:e4:e0:
a1:00:03:a2:87:62:ee:7e:dd:bc:74:60:64:e0:29:1a:6a:73:
e0:10:d4:11:2b:79:3b:39:24:f6:08:7c:64:43:fc:92:49:4e:
fb:7c:25:c3:82:4f:f6:77:2e:e4:14:21:21:50:77:c1:2c:dc:
a0:6b:be:87:fd:4d:21:df:d1:07:ca:47:39:77:ee:1d:f2:c4:
de:b1:c4:2a:c2:a3:d1:39:d8:22:f3:cc:50:0b:05:21:4d:85:
38:ed:00:a3:54:09:45:fd:48:fe:23:cd:56:70:e6:5e:8f:ae:
ba:c0:ab:9d:3a:a9:25:43:b8:32:28:3c:e6:e4:0b:3a:8c:bf:
36:20:da:07:94:ec:06:f7:ed:55:ca:50:a7:83:d6:fa:75:50:
54:c3:e7:5b:c3:20:36:b9:0c:ba:76:45:f3:48:b8:f1:66:dc:
0f:67:8f:5e:93:4f:51:3d:a5:3b:90:d3:d4:59:04:cf:5b:38:
8c:ff:bf:81
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZjqYkBCUmPg/9BLu5Nzoo8OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwZTViMzAyNzJlNDMwNTMyMDg5NzhkYmU0NGJmZWUxMGE1
ZDAwN2UwHhcNMjUwODI3MDcxNjA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTE1NGQyMDQ4YWY2ZGNiYzI3ZjJmMjg2ZmE3NTYxOTRkMDlkNGVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArwzGaSHWlYiAbRlG9AsXPAxU7V6o
3+UeEsWqaH9RbLR8Amd7iX72+9Z+ELmGDQ/1sUMFg5aSIVlyM93KIQzSM/oSF1VD
uPu6mzSQ9Ehfl1+7k4B3u+dhQPEYGTQiNQNHTm8PnIPltuZpcmDueNgIW2O21ICZ
W7XeTWpX2nRClmUTOFRrN4Gow+6Kq5UTSoN/wNIqBGlOiLC6Ehg0BexQEY5xbCJT
j/GUAAS8ZQ8Hlu7OMVRX+1yEr1+CvjHSRxh4FhSJYsJSPzrDlLpwi4xq+aMXRiXM
C2DvzY4ZC81Hcn7QRKK2BrxPMX8DFMF4L2lq9PHVazKIhTRGiniuShO/pwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHUVTSBIr23Lwn8vKG+nVhlNCdTuMB8GA1UdIwQY
MBaAFHDlswJy5DBTIIl42+RL/uEKXQB+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY09XekFuTGtNRk1naVhqYjVFdi00UXBkQUg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS8yMmYxZDUtZjI2OS00ZjRmLWJmOGEt
MWZiYzY0MWI1MGIxLzEvZFJWTklFaXZiY3ZDZnk4b2I2ZFdHVTBKMU80LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS8yMmYxZDUtZjI2OS00ZjRmLWJmOGEtMWZiYzY0MWI1MGIx
LzEvY09XekFuTGtNRk1naVhqYjVFdi00UXBkQUg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAZ0t8AwQA
Z0t/MA0GCSqGSIb3DQEBCwUAA4IBAQBSXe+h+64akAUAGDhv9J95P60WtvkSwEZj
+E8l7tqwnwvgVhm3vGSKhbnk4tv88rPjvAYz6hOtWFbFoLIlcLuFTOvMBGT35OCh
AAOih2Luft28dGBk4CkaanPgENQRK3k7OST2CHxkQ/ySSU77fCXDgk/2dy7kFCEh
UHfBLNyga76H/U0h39EHykc5d+4d8sTescQqwqPROdgi88xQCwUhTYU47QCjVAlF
/Uj+I81WcOZej666wKudOqklQ7gyKDzm5As6jL82INoHlOwG9+1VylCng9b6dVBU
w+dbwyA2uQy6dkXzSLjxZtwPZ49ek09RPaU7kNPUWQTPWziM/7+B
-----END CERTIFICATE-----
Generated at Sun Oct 19 22:55:20 2025 by rpki-client