Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/a7ee99-6161-49da-87eb-a8bf8357079f/1/u49LP2KZbug5chay4GBuyj76KF4.roa
File: u49LP2KZbug5chay4GBuyj76KF4.roa (raw, json)
Hash identifier: iitJr/xtGKA9fcThsDwdBfqlW1f+LjPeCOduA3NSE/w=
Subject key identifier: BB:8F:4B:3F:62:99:6E:E8:39:72:16:B2:E0:60:6E:CA:3E:FA:28:5E
Certificate issuer: /CN=d95bdfd7ae206871e38267f4577862111864d82f
Certificate serial: 01984FD3EACD7AE6E224E64218C0D0EFB8E9
Authority key identifier: D9:5B:DF:D7:AE:20:68:71:E3:82:67:F4:57:78:62:11:18:64:D8:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2Vvf164gaHHjgmf0V3hiERhk2C8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/a7ee99-6161-49da-87eb-a8bf8357079f/1/u49LP2KZbug5chay4GBuyj76KF4.roa
Signing time: Mon 28 Jul 2025 06:59:04 +0000
ROA not before: Mon 28 Jul 2025 06:59:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49033
IP address blocks: 103.66.56.0/22 maxlen: 24
216.152.64.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/a7ee99-6161-49da-87eb-a8bf8357079f/1/2Vvf164gaHHjgmf0V3hiERhk2C8.crl
rsync://rpki.ripe.net/repository/DEFAULT/c8/a7ee99-6161-49da-87eb-a8bf8357079f/1/2Vvf164gaHHjgmf0V3hiERhk2C8.mft
rsync://rpki.ripe.net/repository/DEFAULT/2Vvf164gaHHjgmf0V3hiERhk2C8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 30 Jul 2025 08:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:4f:d3:ea:cd:7a:e6:e2:24:e6:42:18:c0:d0:ef:b8:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d95bdfd7ae206871e38267f4577862111864d82f
Validity
Not Before: Jul 28 06:59:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bb8f4b3f62996ee8397216b2e0606eca3efa285e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:cc:d5:0d:1a:8c:27:59:cd:ef:e6:aa:25:25:
61:48:f6:f5:e4:6d:8b:81:7d:48:ae:fc:a7:d8:90:
0a:2b:d4:6a:51:d6:b0:9e:58:7d:51:0c:59:e2:92:
04:3f:95:20:0d:3d:ef:c6:95:35:aa:85:92:8d:1d:
37:1c:f8:ba:ea:08:85:c6:48:27:fa:3f:86:74:8f:
6d:70:bf:98:02:f9:07:ae:ee:bd:46:91:b3:cf:7c:
bc:f1:18:e1:53:c9:f1:20:1d:91:28:a9:75:88:47:
ad:57:b1:2e:67:67:40:5e:63:f2:f0:fc:ed:32:35:
52:85:e4:9c:da:70:c8:fe:eb:1d:c3:a9:e7:90:3f:
a7:0f:7a:e2:02:2e:20:dc:69:f2:02:26:cc:71:15:
54:9f:cf:68:77:7d:91:57:a3:54:e6:be:92:c9:cd:
20:d6:96:36:c8:6f:4a:e8:cc:f3:e8:4d:bb:b6:c9:
b4:3b:29:83:af:9d:14:6c:8d:70:38:be:3b:6c:c4:
c8:4d:9d:14:a6:6f:85:73:78:5c:ce:de:7c:32:60:
ca:f8:a9:8e:46:e8:eb:14:ca:ad:74:2b:2f:c9:c8:
e6:80:0a:c6:4b:8d:0f:18:e8:64:1a:f9:4d:8e:ee:
9b:c0:1f:8b:91:b7:cd:07:50:06:96:d2:db:ea:d4:
d8:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:8F:4B:3F:62:99:6E:E8:39:72:16:B2:E0:60:6E:CA:3E:FA:28:5E
X509v3 Authority Key Identifier:
keyid:D9:5B:DF:D7:AE:20:68:71:E3:82:67:F4:57:78:62:11:18:64:D8:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2Vvf164gaHHjgmf0V3hiERhk2C8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a7ee99-6161-49da-87eb-a8bf8357079f/1/u49LP2KZbug5chay4GBuyj76KF4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a7ee99-6161-49da-87eb-a8bf8357079f/1/2Vvf164gaHHjgmf0V3hiERhk2C8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.66.56.0/22
216.152.64.0/22
Signature Algorithm: sha256WithRSAEncryption
5e:63:bf:d2:c7:98:86:67:99:29:fb:9a:18:ab:21:08:65:40:
4d:7c:a7:99:1b:ce:a6:27:ee:c6:6f:45:7d:62:c8:46:81:53:
8a:71:14:b7:3e:3c:cf:57:f8:df:69:1a:4e:e1:1f:91:ca:09:
8d:96:e3:df:c9:5e:20:ee:37:92:1a:b2:95:e1:88:39:83:fa:
26:e4:79:7e:4a:15:00:12:62:05:f8:16:44:06:e2:34:2c:f6:
68:2d:56:3f:60:d6:65:00:d4:de:55:d0:88:6a:e5:5a:66:e3:
f0:61:a9:a4:3c:4b:c7:56:6c:7d:f5:7c:08:82:6f:66:db:20:
8c:44:f1:e0:7b:d0:b8:98:87:dc:d5:db:cc:7a:33:6c:64:d6:
0a:13:c0:4f:f1:65:45:95:3b:02:3c:a0:62:b3:a8:c5:60:12:
10:38:a8:31:48:9c:21:4b:4c:8f:c5:24:0c:ce:52:43:ec:c8:
e8:b1:72:6e:9a:6d:82:65:92:ea:83:b6:0a:88:9c:cf:94:ed:
a6:7a:2d:ab:fd:22:5f:af:e0:7f:05:8c:be:0e:6c:84:d5:60:
c2:f6:34:c3:6b:62:31:6e:e0:40:c1:a2:a9:d4:a1:ef:5c:d0:
1b:53:72:21:19:f2:0a:ba:1f:f2:ac:6a:2c:16:d6:70:2a:e3:
a8:ff:d4:1e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZhP0+rNeubiJOZCGMDQ77jpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5NWJkZmQ3YWUyMDY4NzFlMzgyNjdmNDU3Nzg2MjExMTg2
NGQ4MmYwHhcNMjUwNzI4MDY1OTA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjhmNGIzZjYyOTk2ZWU4Mzk3MjE2YjJlMDYwNmVjYTNlZmEyODVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsszVDRqMJ1nN7+aqJSVhSPb15G2L
gX1Irvyn2JAKK9RqUdawnlh9UQxZ4pIEP5UgDT3vxpU1qoWSjR03HPi66giFxkgn
+j+GdI9tcL+YAvkHru69RpGzz3y88RjhU8nxIB2RKKl1iEetV7EuZ2dAXmPy8Pzt
MjVSheSc2nDI/usdw6nnkD+nD3riAi4g3GnyAibMcRVUn89od32RV6NU5r6Syc0g
1pY2yG9K6Mzz6E27tsm0OymDr50UbI1wOL47bMTITZ0Upm+Fc3hczt58MmDK+KmO
RujrFMqtdCsvycjmgArGS40PGOhkGvlNju6bwB+LkbfNB1AGltLb6tTYcQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLuPSz9imW7oOXIWsuBgbso++iheMB8GA1UdIwQY
MBaAFNlb39euIGhx44Jn9Fd4YhEYZNgvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlZ2ZjE2NGdhSEhqZ21mMFYzaGlFUmhrMkM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9hN2VlOTktNjE2MS00OWRhLTg3ZWIt
YThiZjgzNTcwNzlmLzEvdTQ5TFAyS1pidWc1Y2hheTRHQnV5ajc2S0Y0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9hN2VlOTktNjE2MS00OWRhLTg3ZWItYThiZjgzNTcwNzlm
LzEvMlZ2ZjE2NGdhSEhqZ21mMFYzaGlFUmhrMkM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCZ0I4AwQC
2JhAMA0GCSqGSIb3DQEBCwUAA4IBAQBeY7/Sx5iGZ5kp+5oYqyEIZUBNfKeZG86m
J+7Gb0V9YshGgVOKcRS3PjzPV/jfaRpO4R+RygmNluPfyV4g7jeSGrKV4Yg5g/om
5Hl+ShUAEmIF+BZEBuI0LPZoLVY/YNZlANTeVdCIauVaZuPwYamkPEvHVmx99XwI
gm9m2yCMRPHge9C4mIfc1dvMejNsZNYKE8BP8WVFlTsCPKBis6jFYBIQOKgxSJwh
S0yPxSQMzlJD7MjosXJumm2CZZLqg7YKiJzPlO2mei2r/SJfr+B/BYy+DmyE1WDC
9jTDa2IxbuBAwaKp1KHvXNAbU3IhGfIKuh/yrGosFtZwKuOo/9Qe
-----END CERTIFICATE-----
Generated at Tue Jul 29 14:43:35 2025 by rpki-client