Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/dd5a28-df9d-4627-809d-bd5d3f00fbb2/1/J0qqTAAsGkf6qiaeb382_RfBdXM.roa
File: J0qqTAAsGkf6qiaeb382_RfBdXM.roa (raw, json)
Hash identifier: Y9ndLFyx75oY7FFN5334BUdA7IQC1ytDaM5DwK8SbB8=
Subject key identifier: 27:4A:AA:4C:00:2C:1A:47:FA:AA:26:9E:6F:7F:36:FD:17:C1:75:73
Certificate issuer: /CN=9f312e9297bc1d27ebeb476dea0ee15dd756542d
Certificate serial: 019E97BE947CF84BF52FC6806D9CC024738B
Authority key identifier: 9F:31:2E:92:97:BC:1D:27:EB:EB:47:6D:EA:0E:E1:5D:D7:56:54:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nzEukpe8HSfr60dt6g7hXddWVC0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/dd5a28-df9d-4627-809d-bd5d3f00fbb2/1/J0qqTAAsGkf6qiaeb382_RfBdXM.roa
Signing time: Fri 05 Jun 2026 12:25:09 +0000
ROA not before: Fri 05 Jun 2026 12:25:09 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 138968
IP address blocks: 103.24.204.0/22 maxlen: 22
103.76.85.0/24 maxlen: 24
103.76.86.0/23 maxlen: 23
103.76.86.0/24 maxlen: 24
103.76.87.0/24 maxlen: 24
103.100.156.0/24 maxlen: 24
103.100.157.0/24 maxlen: 24
103.137.212.0/22 maxlen: 22
103.200.30.0/23 maxlen: 23
103.212.33.0/24 maxlen: 24
103.212.34.0/23 maxlen: 23
103.213.248.0/23 maxlen: 23
116.206.92.0/22 maxlen: 24
144.48.8.0/22 maxlen: 24
203.189.232.0/23 maxlen: 24
203.189.234.0/24 maxlen: 24
2a0f:6700::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3e/dd5a28-df9d-4627-809d-bd5d3f00fbb2/1/nzEukpe8HSfr60dt6g7hXddWVC0.crl
rsync://rpki.ripe.net/repository/DEFAULT/3e/dd5a28-df9d-4627-809d-bd5d3f00fbb2/1/nzEukpe8HSfr60dt6g7hXddWVC0.mft
rsync://rpki.ripe.net/repository/DEFAULT/nzEukpe8HSfr60dt6g7hXddWVC0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 13:27:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:97:be:94:7c:f8:4b:f5:2f:c6:80:6d:9c:c0:24:73:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f312e9297bc1d27ebeb476dea0ee15dd756542d
Validity
Not Before: Jun 5 12:25:09 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=274aaa4c002c1a47faaa269e6f7f36fd17c17573
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:b0:38:f4:a7:a7:0e:52:1f:23:89:11:a5:dd:
69:36:c4:60:45:fe:21:19:bf:56:8d:14:a7:ed:a8:
b7:1c:24:6d:24:9c:de:49:5a:81:72:4c:8f:10:fc:
34:2c:35:01:79:91:a6:90:0a:46:2c:26:48:c8:a6:
16:71:ab:1f:01:c5:d7:d5:e5:4d:94:2d:fb:39:9b:
0c:d7:1f:a3:b9:d2:f2:df:c9:13:b9:e2:5b:49:26:
28:c5:a4:49:f1:b1:bd:df:a2:41:ea:ae:33:0d:b2:
79:bc:ac:5c:d2:6e:a2:e9:0a:ab:fc:95:b0:d5:40:
c1:32:0d:ad:76:f1:6d:80:9d:3b:85:55:e6:23:31:
5f:50:da:ae:a5:92:12:21:be:7a:98:d5:70:ed:5a:
8b:83:7f:a2:e8:cb:61:85:79:81:17:54:30:99:9d:
0a:b1:cf:77:ae:73:cd:0a:1f:55:33:3f:d6:0e:ec:
ae:a4:d6:4a:f3:26:cd:a5:4f:bd:1b:17:95:ad:53:
a5:bf:22:6a:91:0f:80:87:87:16:92:e2:61:9b:df:
a3:82:6c:e3:ba:43:82:33:b2:1e:f6:4c:5d:16:87:
48:a2:53:3b:0c:b4:10:84:71:dd:3e:e0:db:ec:b4:
03:33:32:28:03:8c:05:05:5f:25:c0:72:7c:9e:36:
5e:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:4A:AA:4C:00:2C:1A:47:FA:AA:26:9E:6F:7F:36:FD:17:C1:75:73
X509v3 Authority Key Identifier:
keyid:9F:31:2E:92:97:BC:1D:27:EB:EB:47:6D:EA:0E:E1:5D:D7:56:54:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nzEukpe8HSfr60dt6g7hXddWVC0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/dd5a28-df9d-4627-809d-bd5d3f00fbb2/1/J0qqTAAsGkf6qiaeb382_RfBdXM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/dd5a28-df9d-4627-809d-bd5d3f00fbb2/1/nzEukpe8HSfr60dt6g7hXddWVC0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.24.204.0/22
103.76.85.0-103.76.87.255
103.100.156.0/23
103.137.212.0/22
103.200.30.0/23
103.212.33.0-103.212.35.255
103.213.248.0/23
116.206.92.0/22
144.48.8.0/22
203.189.232.0-203.189.234.255
IPv6:
2a0f:6700::/29
Signature Algorithm: sha256WithRSAEncryption
55:f3:02:32:27:d7:34:fb:34:e0:68:e9:7b:a6:11:cf:a3:be:
fe:31:75:73:c3:91:d2:36:2d:ee:9f:ff:af:e7:e9:40:c9:d7:
47:ae:04:4c:07:70:1c:d7:d3:5a:5f:ba:0c:b7:ef:70:a5:2a:
49:e7:c4:a5:6e:de:ed:7f:2d:a7:d2:6d:5c:46:4a:1b:68:a7:
df:e3:10:38:56:97:dd:83:e2:e0:43:3d:09:2b:f0:8c:75:3a:
ed:59:a9:d6:6d:47:59:d0:1e:d8:d6:22:04:b6:f8:9f:04:b4:
dc:37:52:c2:c2:a5:14:27:32:d5:b7:cf:6b:9b:da:74:71:90:
67:82:3b:be:90:5c:4d:7e:14:84:6e:e0:a9:8b:0f:6c:7a:c0:
a5:21:77:4e:f6:e2:94:00:67:86:8d:26:ca:00:01:92:00:84:
96:df:31:03:e1:fe:c5:a5:cf:9b:27:b4:96:37:82:54:51:31:
46:9b:32:74:a0:92:34:23:99:1d:76:a7:1c:f3:30:44:e5:83:
a9:07:bb:69:e8:9b:de:cf:88:6c:03:21:77:73:16:ba:e3:cf:
db:aa:81:d4:c1:a2:f1:36:b5:29:d9:b6:b1:77:88:ae:50:e2:
f6:82:bb:b9:3d:76:bd:48:28:9f:ee:65:95:22:76:e3:e6:34:
c3:f9:5c:3a
-----BEGIN CERTIFICATE-----
MIIFWjCCBEKgAwIBAgISAZ6XvpR8+Ev1L8aAbZzAJHOLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmMzEyZTkyOTdiYzFkMjdlYmViNDc2ZGVhMGVlMTVkZDc1
NjU0MmQwHhcNMjYwNjA1MTIyNTA5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNzRhYWE0YzAwMmMxYTQ3ZmFhYTI2OWU2ZjdmMzZmZDE3YzE3NTczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA17A49KenDlIfI4kRpd1pNsRgRf4h
Gb9WjRSn7ai3HCRtJJzeSVqBckyPEPw0LDUBeZGmkApGLCZIyKYWcasfAcXX1eVN
lC37OZsM1x+judLy38kTueJbSSYoxaRJ8bG936JB6q4zDbJ5vKxc0m6i6Qqr/JWw
1UDBMg2tdvFtgJ07hVXmIzFfUNqupZISIb56mNVw7VqLg3+i6MthhXmBF1QwmZ0K
sc93rnPNCh9VMz/WDuyupNZK8ybNpU+9GxeVrVOlvyJqkQ+Ah4cWkuJhm9+jgmzj
ukOCM7Ie9kxdFodIolM7DLQQhHHdPuDb7LQDMzIoA4wFBV8lwHJ8njZe2QIDAQAB
o4ICZjCCAmIwHQYDVR0OBBYEFCdKqkwALBpH+qomnm9/Nv0XwXVzMB8GA1UdIwQY
MBaAFJ8xLpKXvB0n6+tHbeoO4V3XVlQtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnpFdWtwZThIU2ZyNjBkdDZnN2hYZGRXVkMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS9kZDVhMjgtZGY5ZC00NjI3LTgwOWQt
YmQ1ZDNmMDBmYmIyLzEvSjBxcVRBQXNHa2Y2cWlhZWIzODJfUmZCZFhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS9kZDVhMjgtZGY5ZC00NjI3LTgwOWQtYmQ1ZDNmMDBmYmIy
LzEvbnpFdWtwZThIU2ZyNjBkdDZnN2hYZGRXVkMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHwGCCsGAQUFBwEHAQH/BG0wazBaBAIAATBUAwQCZxjMMAwD
BABnTFUDBANnTFADBAFnZJwDBAJnidQDBAFnyB4wDAMEAGfUIQMEAmfUIAMEAWfV
+AMEAnTOXAMEApAwCDAMAwQDy73oAwQAy73qMA0EAgACMAcDBQMqD2cAMA0GCSqG
SIb3DQEBCwUAA4IBAQBV8wIyJ9c0+zTgaOl7phHPo77+MXVzw5HSNi3un/+v5+lA
yddHrgRMB3Ac19NaX7oMt+9wpSpJ58Slbt7tfy2n0m1cRkobaKff4xA4Vpfdg+Lg
Qz0JK/CMdTrtWanWbUdZ0B7Y1iIEtvifBLTcN1LCwqUUJzLVt89rm9p0cZBngju+
kFxNfhSEbuCpiw9sesClIXdO9uKUAGeGjSbKAAGSAISW3zED4f7Fpc+bJ7SWN4JU
UTFGmzJ0oJI0I5kddqcc8zBE5YOpB7tp6Jvez4hsAyF3cxa648/bqoHUwaLxNrUp
2baxd4iuUOL2gru5PXa9SCif7mWVInbj5jTD+Vw6
-----END CERTIFICATE-----
Generated at Thu Jun 11 21:19:40 2026 by rpki-client