Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/cb7b21-335c-42ca-859e-73428f9c7bff/1/bVwdAY_3tzeIYh1lGjq9dC2K998.roa
File: bVwdAY_3tzeIYh1lGjq9dC2K998.roa (raw, json)
Hash identifier: Cy+JJP0r30GikInnGPQvx8BcElRVxD8+sorOU6VuUOU=
Subject key identifier: 6D:5C:1D:01:8F:F7:B7:37:88:62:1D:65:1A:3A:BD:74:2D:8A:F7:DF
Certificate issuer: /CN=b45999899f76d2e2e4ccdfc817f9879cfac06bbe
Certificate serial: 0199A0CCB17A246EA37DF8308DAF9D388D5F
Authority key identifier: B4:59:99:89:9F:76:D2:E2:E4:CC:DF:C8:17:F9:87:9C:FA:C0:6B:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tFmZiZ920uLkzN_IF_mHnPrAa74.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/cb7b21-335c-42ca-859e-73428f9c7bff/1/bVwdAY_3tzeIYh1lGjq9dC2K998.roa
Signing time: Wed 01 Oct 2025 17:23:13 +0000
ROA not before: Wed 01 Oct 2025 17:23:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2914
IP address blocks: 103.85.35.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/44/cb7b21-335c-42ca-859e-73428f9c7bff/1/tFmZiZ920uLkzN_IF_mHnPrAa74.crl
rsync://rpki.ripe.net/repository/DEFAULT/44/cb7b21-335c-42ca-859e-73428f9c7bff/1/tFmZiZ920uLkzN_IF_mHnPrAa74.mft
rsync://rpki.ripe.net/repository/DEFAULT/tFmZiZ920uLkzN_IF_mHnPrAa74.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 Oct 2025 07:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:a0:cc:b1:7a:24:6e:a3:7d:f8:30:8d:af:9d:38:8d:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b45999899f76d2e2e4ccdfc817f9879cfac06bbe
Validity
Not Before: Oct 1 17:23:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6d5c1d018ff7b73788621d651a3abd742d8af7df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:51:16:db:7e:82:3c:a7:10:34:49:21:97:70:
0d:14:cf:cf:ea:f1:95:c4:7c:b3:fb:9a:f3:7a:bf:
de:3e:1c:41:af:b5:9f:f1:3d:c7:a2:43:62:fb:e0:
9a:64:6b:19:82:82:09:62:94:71:04:21:be:b1:c6:
f5:54:86:b2:69:69:6e:5f:04:a5:a7:c1:18:ff:7c:
c0:0b:cb:81:db:aa:26:84:88:52:55:3f:6d:a0:88:
e1:19:aa:79:72:38:a0:91:71:d7:2a:49:90:49:21:
98:e5:b4:22:28:4b:a8:9c:16:5f:98:b7:5b:58:da:
7e:0d:54:fc:39:6a:4f:5a:e4:d0:72:99:34:95:f5:
1d:f4:8d:dd:84:af:9a:95:da:8a:b5:e9:20:5e:b1:
96:23:57:51:7b:43:1b:65:36:70:44:4d:1c:3e:38:
c2:a1:a4:bb:58:68:7f:6f:c8:46:fc:23:63:c4:6b:
a4:e4:4a:d7:09:44:c6:88:4a:f9:ec:02:d1:2d:43:
b8:a5:a1:0f:82:14:80:24:d3:33:10:95:7f:f6:33:
e7:0e:14:8a:2f:b3:c7:d7:ff:86:48:ba:cd:73:a6:
4f:17:20:49:a7:25:5c:b0:5a:03:44:ff:73:79:ed:
79:69:cd:74:e7:77:68:39:6a:8e:f6:e9:21:fc:e9:
7a:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:5C:1D:01:8F:F7:B7:37:88:62:1D:65:1A:3A:BD:74:2D:8A:F7:DF
X509v3 Authority Key Identifier:
keyid:B4:59:99:89:9F:76:D2:E2:E4:CC:DF:C8:17:F9:87:9C:FA:C0:6B:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tFmZiZ920uLkzN_IF_mHnPrAa74.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/cb7b21-335c-42ca-859e-73428f9c7bff/1/bVwdAY_3tzeIYh1lGjq9dC2K998.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/cb7b21-335c-42ca-859e-73428f9c7bff/1/tFmZiZ920uLkzN_IF_mHnPrAa74.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.85.35.0/24
Signature Algorithm: sha256WithRSAEncryption
cf:b2:30:4c:be:2f:d6:27:94:2d:9d:06:08:12:fa:a6:bf:d9:
43:43:4a:08:26:14:58:07:86:d1:2a:7c:81:2e:57:33:d6:e9:
54:e9:d6:be:70:41:d0:b1:5d:3c:aa:2c:27:ad:17:84:ea:ed:
36:b5:1b:1c:3f:32:d7:1b:b3:6f:24:cb:9a:33:71:81:c1:e1:
a6:6a:93:8f:3e:b3:94:81:7a:4f:4d:2f:2c:9f:6c:f2:86:65:
0e:ce:db:9c:d4:64:0d:52:50:3a:c7:08:3e:19:c2:01:ac:61:
b6:ed:43:a6:84:bf:30:44:d2:49:24:9e:4e:8c:61:17:cc:8e:
96:6c:38:80:37:59:30:42:72:05:ad:a6:f4:e7:3c:65:f0:c2:
b1:31:36:ac:fa:75:62:ff:16:96:c2:d1:9b:0e:b1:bc:ec:a3:
f2:09:78:76:bd:bb:4e:5c:c3:61:86:0e:55:86:58:06:30:75:
a0:53:b1:a7:bc:49:74:1c:7d:40:ae:13:a5:e4:69:44:75:fd:
13:43:8e:09:d7:f0:bc:78:c2:42:0a:a0:66:41:85:a2:88:c8:
32:1c:fe:ee:1d:16:d0:02:3d:37:c4:73:b1:d1:f2:6d:9a:b4:
9f:06:91:b6:a7:f2:d7:ef:a4:18:84:7a:78:32:92:5c:d8:92:
ed:3b:22:3c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZmgzLF6JG6jffgwja+dOI1fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0NTk5OTg5OWY3NmQyZTJlNGNjZGZjODE3Zjk4NzljZmFj
MDZiYmUwHhcNMjUxMDAxMTcyMzEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDVjMWQwMThmZjdiNzM3ODg2MjFkNjUxYTNhYmQ3NDJkOGFmN2RmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4lEW236CPKcQNEkhl3ANFM/P6vGV
xHyz+5rzer/ePhxBr7Wf8T3HokNi++CaZGsZgoIJYpRxBCG+scb1VIayaWluXwSl
p8EY/3zAC8uB26omhIhSVT9toIjhGap5cjigkXHXKkmQSSGY5bQiKEuonBZfmLdb
WNp+DVT8OWpPWuTQcpk0lfUd9I3dhK+aldqKtekgXrGWI1dRe0MbZTZwRE0cPjjC
oaS7WGh/b8hG/CNjxGuk5ErXCUTGiEr57ALRLUO4paEPghSAJNMzEJV/9jPnDhSK
L7PH1/+GSLrNc6ZPFyBJpyVcsFoDRP9zee15ac1053doOWqO9ukh/Ol6nwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG1cHQGP97c3iGIdZRo6vXQtivffMB8GA1UdIwQY
MBaAFLRZmYmfdtLi5MzfyBf5h5z6wGu+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEZtWmlaOTIwdUxrek5fSUZfbUhuUHJBYTc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC9jYjdiMjEtMzM1Yy00MmNhLTg1OWUt
NzM0MjhmOWM3YmZmLzEvYlZ3ZEFZXzN0emVJWWgxbEdqcTlkQzJLOTk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC9jYjdiMjEtMzM1Yy00MmNhLTg1OWUtNzM0MjhmOWM3YmZm
LzEvdEZtWmlaOTIwdUxrek5fSUZfbUhuUHJBYTc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAZ1UjMA0G
CSqGSIb3DQEBCwUAA4IBAQDPsjBMvi/WJ5QtnQYIEvqmv9lDQ0oIJhRYB4bRKnyB
Llcz1ulU6da+cEHQsV08qiwnrReE6u02tRscPzLXG7NvJMuaM3GBweGmapOPPrOU
gXpPTS8sn2zyhmUOztuc1GQNUlA6xwg+GcIBrGG27UOmhL8wRNJJJJ5OjGEXzI6W
bDiAN1kwQnIFrab05zxl8MKxMTas+nVi/xaWwtGbDrG87KPyCXh2vbtOXMNhhg5V
hlgGMHWgU7GnvEl0HH1ArhOl5GlEdf0TQ44J1/C8eMJCCqBmQYWiiMgyHP7uHRbQ
Aj03xHOx0fJtmrSfBpG2p/LX76QYhHp4MpJc2JLtOyI8
-----END CERTIFICATE-----
Generated at Wed Oct 8 11:54:34 2025 by rpki-client