Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/GsdwkRswQwsiHVAvjxgs3y-ljcU.roa
File: GsdwkRswQwsiHVAvjxgs3y-ljcU.roa (raw, json)
Hash identifier: 8aBionJxUsPqiMFKG+K1+zKOrICiST94ZOL/Hw+ANhs=
Subject key identifier: 1A:C7:70:91:1B:30:43:0B:22:1D:50:2F:8F:18:2C:DF:2F:A5:8D:C5
Certificate issuer: /CN=21021b252222997bfe33b7e4b315ac8d5e067954
Certificate serial: 019CAF202C1C7949CFEC5A1ADA6F849CBE8C
Authority key identifier: 21:02:1B:25:22:22:99:7B:FE:33:B7:E4:B3:15:AC:8D:5E:06:79:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IQIbJSIimXv-M7fksxWsjV4GeVQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/GsdwkRswQwsiHVAvjxgs3y-ljcU.roa
Signing time: Mon 02 Mar 2026 15:17:27 +0000
ROA not before: Mon 02 Mar 2026 15:17:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 3356
IP address blocks: 103.108.88.0/23 maxlen: 23
103.137.162.0/23 maxlen: 23
195.64.97.0/24 maxlen: 24
205.188.22.0/23 maxlen: 23
205.188.156.0/22 maxlen: 22
205.188.208.0/22 maxlen: 22
205.188.212.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/IQIbJSIimXv-M7fksxWsjV4GeVQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/IQIbJSIimXv-M7fksxWsjV4GeVQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/IQIbJSIimXv-M7fksxWsjV4GeVQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 11 Mar 2026 00:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:af:20:2c:1c:79:49:cf:ec:5a:1a:da:6f:84:9c:be:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21021b252222997bfe33b7e4b315ac8d5e067954
Validity
Not Before: Mar 2 15:17:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=1ac770911b30430b221d502f8f182cdf2fa58dc5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:66:df:7a:d7:87:c9:03:5e:e1:51:49:ef:61:
9f:2b:ed:87:a5:58:75:d8:fd:bd:d8:ba:59:ea:22:
f9:69:0b:70:5d:da:b4:99:8f:79:e1:be:9e:54:48:
57:a3:29:10:0b:58:11:b9:a2:28:ae:d1:19:4e:72:
52:41:87:5f:a8:78:f1:f6:75:51:9b:23:17:1f:a5:
ed:9c:f6:af:2f:f9:0b:4a:6b:ca:22:cb:75:cf:6b:
22:90:bc:b0:b4:b1:f3:b2:82:56:d0:1a:79:62:39:
89:b9:53:f3:b5:f0:ea:f5:b0:3a:13:3e:7e:27:0e:
d4:28:aa:af:ce:67:d4:c1:43:5d:39:c4:b7:f4:cc:
ea:20:2a:fc:bb:11:be:6c:65:63:40:ba:f1:dd:90:
a0:bf:45:ba:85:68:c7:ad:c5:06:b3:1a:be:51:21:
11:a9:82:fd:61:83:9f:a2:2e:a2:49:13:a3:23:34:
28:a3:e6:b2:f0:6b:f5:5f:4b:df:63:21:3f:0c:8e:
77:c8:d3:49:5d:61:7a:7a:35:f1:38:ea:15:2c:88:
d6:10:49:b7:9d:ca:9a:30:da:a0:3e:81:62:d1:d1:
7e:ad:03:7b:33:96:c0:78:d8:2e:c4:ae:8c:3c:5c:
ea:a7:b2:ba:88:d5:c6:b8:ac:45:2a:d0:bc:51:e0:
f1:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:C7:70:91:1B:30:43:0B:22:1D:50:2F:8F:18:2C:DF:2F:A5:8D:C5
X509v3 Authority Key Identifier:
keyid:21:02:1B:25:22:22:99:7B:FE:33:B7:E4:B3:15:AC:8D:5E:06:79:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IQIbJSIimXv-M7fksxWsjV4GeVQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/GsdwkRswQwsiHVAvjxgs3y-ljcU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/IQIbJSIimXv-M7fksxWsjV4GeVQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.108.88.0/23
103.137.162.0/23
195.64.97.0/24
205.188.22.0/23
205.188.156.0/22
205.188.208.0-205.188.213.255
Signature Algorithm: sha256WithRSAEncryption
2e:69:23:7b:26:91:fd:11:c7:ce:90:95:1a:1a:6e:1b:1c:a8:
04:40:22:bd:cf:e7:37:3e:b1:4b:d7:86:9d:52:1f:4b:c2:5f:
00:e6:cb:1e:e6:d8:58:6c:6f:96:f4:23:86:9e:6c:1c:1f:51:
36:96:f7:17:b1:b3:b5:dd:37:a4:3d:34:19:e7:67:7b:da:e3:
9d:b8:77:e8:4c:cb:52:7d:35:fc:d9:49:a7:b9:1f:a2:4c:2d:
eb:b6:2d:73:e9:b0:ac:a0:61:9c:ef:5c:62:09:89:30:c5:2b:
03:89:22:68:f7:c1:ef:99:9b:43:94:7e:4a:22:69:54:56:f8:
b4:b1:0a:f1:04:ff:97:88:b4:4f:c2:82:89:83:7c:1a:fa:c7:
84:ee:cd:be:0d:e1:ad:31:ed:d9:d0:85:6a:ee:22:34:fb:b9:
94:57:63:ca:86:18:4a:0b:6a:1b:07:47:9f:8d:cc:d9:d3:3d:
75:47:b1:9d:06:f9:67:a3:db:7b:b2:a3:b8:13:09:78:fb:58:
6f:62:3f:27:d6:8a:33:41:38:27:49:23:96:bd:19:15:84:58:
9c:84:ff:23:c7:8e:d1:26:cb:9c:31:c4:7c:ec:de:4f:6a:be:
4b:c9:f0:47:a8:1d:42:61:8e:cc:c4:c8:62:d2:61:86:5c:4a:
37:11:8c:95
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZyvICwceUnP7Foa2m+EnL6MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMDIxYjI1MjIyMjk5N2JmZTMzYjdlNGIzMTVhYzhkNWUw
Njc5NTQwHhcNMjYwMzAyMTUxNzI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYWM3NzA5MTFiMzA0MzBiMjIxZDUwMmY4ZjE4MmNkZjJmYTU4ZGM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1mbfeteHyQNe4VFJ72GfK+2HpVh1
2P292LpZ6iL5aQtwXdq0mY954b6eVEhXoykQC1gRuaIortEZTnJSQYdfqHjx9nVR
myMXH6XtnPavL/kLSmvKIst1z2sikLywtLHzsoJW0Bp5YjmJuVPztfDq9bA6Ez5+
Jw7UKKqvzmfUwUNdOcS39MzqICr8uxG+bGVjQLrx3ZCgv0W6hWjHrcUGsxq+USER
qYL9YYOfoi6iSROjIzQoo+ay8Gv1X0vfYyE/DI53yNNJXWF6ejXxOOoVLIjWEEm3
ncqaMNqgPoFi0dF+rQN7M5bAeNguxK6MPFzqp7K6iNXGuKxFKtC8UeDxgwIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFBrHcJEbMEMLIh1QL48YLN8vpY3FMB8GA1UdIwQY
MBaAFCECGyUiIpl7/jO35LMVrI1eBnlUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVFJYkpTSWltWHYtTTdma3N4V3NqVjRHZVZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC81OTI5NGMtMGYyNC00MGM1LWI1YzMt
NmVhYzYyZTYwZGY3LzEvR3Nkd2tSc3dRd3NpSFZBdmp4Z3MzeS1samNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC81OTI5NGMtMGYyNC00MGM1LWI1YzMtNmVhYzYyZTYwZGY3
LzEvSVFJYkpTSWltWHYtTTdma3N4V3NqVjRHZVZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQBZ2xYAwQB
Z4miAwQAw0BhAwQBzbwWAwQCzbycMAwDBATNvNADBAHNvNQwDQYJKoZIhvcNAQEL
BQADggEBAC5pI3smkf0Rx86QlRoabhscqARAIr3P5zc+sUvXhp1SH0vCXwDmyx7m
2Fhsb5b0I4aebBwfUTaW9xexs7XdN6Q9NBnnZ3va4524d+hMy1J9NfzZSae5H6JM
Leu2LXPpsKygYZzvXGIJiTDFKwOJImj3we+Zm0OUfkoiaVRW+LSxCvEE/5eItE/C
gomDfBr6x4Tuzb4N4a0x7dnQhWruIjT7uZRXY8qGGEoLahsHR5+NzNnTPXVHsZ0G
+Wej23uyo7gTCXj7WG9iPyfWijNBOCdJI5a9GRWEWJyE/yPHjtEmy5wxxHzs3k9q
vkvJ8EeoHUJhjszEyGLSYYZcSjcRjJU=
-----END CERTIFICATE-----
Generated at Tue Mar 10 05:35:05 2026 by rpki-client