Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/_AhqSMXzSMZFbHcqNodKDi0IAzM.roa
File: _AhqSMXzSMZFbHcqNodKDi0IAzM.roa (raw, json)
Hash identifier: wvol9PJfQddzQCHHullYDweNMpi9bpx2stFM7mxl7Do=
Subject key identifier: FC:08:6A:48:C5:F3:48:C6:45:6C:77:2A:36:87:4A:0E:2D:08:03:33
Certificate issuer: /CN=e0559ce889ae4241121fe0a1653e4b955f3edf4b
Certificate serial: 019E01FB730EA19FABE59FD3EACC865DC186
Authority key identifier: E0:55:9C:E8:89:AE:42:41:12:1F:E0:A1:65:3E:4B:95:5F:3E:DF:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4FWc6ImuQkESH-ChZT5LlV8-30s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/_AhqSMXzSMZFbHcqNodKDi0IAzM.roa
Signing time: Thu 07 May 2026 10:28:36 +0000
ROA not before: Thu 07 May 2026 10:28:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 44382
IP address blocks: 103.83.86.0/24 maxlen: 24
103.83.87.0/24 maxlen: 24
203.202.232.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/4FWc6ImuQkESH-ChZT5LlV8-30s.crl
rsync://rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/4FWc6ImuQkESH-ChZT5LlV8-30s.mft
rsync://rpki.ripe.net/repository/DEFAULT/4FWc6ImuQkESH-ChZT5LlV8-30s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 14 May 2026 00:01:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:01:fb:73:0e:a1:9f:ab:e5:9f:d3:ea:cc:86:5d:c1:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e0559ce889ae4241121fe0a1653e4b955f3edf4b
Validity
Not Before: May 7 10:28:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=fc086a48c5f348c6456c772a36874a0e2d080333
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:9c:f1:aa:e8:68:0b:3e:57:8b:a3:a0:ed:b2:
71:91:dd:f9:aa:af:79:da:a5:c6:0a:d1:53:07:0c:
ba:da:6b:38:94:70:72:73:bb:66:93:3a:9c:1a:c5:
a4:cb:c4:ec:e0:4d:0e:77:8f:5d:b8:1f:cd:60:e4:
c4:74:54:99:dc:76:c1:ca:43:f5:fa:97:e4:58:c7:
eb:fa:9a:10:bc:79:78:e8:c8:3c:48:e3:69:d6:70:
be:36:c2:e9:23:67:77:9b:56:4e:d3:ac:a2:ec:0a:
96:21:e4:c1:36:76:4d:64:f9:e3:2d:b0:35:a0:8e:
a9:29:1a:41:2a:2a:44:32:e0:8e:08:c8:17:72:1e:
84:c0:fa:97:60:fc:25:5e:fb:90:22:5b:0e:d7:17:
b7:d0:d0:e9:f1:1f:9b:d8:b3:74:f7:dd:a3:f4:a2:
d0:f5:83:f8:bc:89:84:ac:08:5e:0f:c0:06:47:e9:
5d:df:d3:fc:82:a9:16:7f:42:1c:6b:50:93:22:61:
04:64:ff:1e:f7:42:3b:d0:e9:a2:1e:db:a5:70:d6:
3f:cb:de:32:81:41:a8:6c:a4:f6:9c:c2:dc:0d:01:
30:5f:7e:93:48:1e:db:c2:df:53:18:53:f9:77:1b:
06:40:ee:46:d8:bd:02:5f:8c:0a:dd:06:1b:a8:35:
60:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:08:6A:48:C5:F3:48:C6:45:6C:77:2A:36:87:4A:0E:2D:08:03:33
X509v3 Authority Key Identifier:
keyid:E0:55:9C:E8:89:AE:42:41:12:1F:E0:A1:65:3E:4B:95:5F:3E:DF:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4FWc6ImuQkESH-ChZT5LlV8-30s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/_AhqSMXzSMZFbHcqNodKDi0IAzM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/4FWc6ImuQkESH-ChZT5LlV8-30s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.83.86.0/23
203.202.232.0/24
Signature Algorithm: sha256WithRSAEncryption
85:0e:d8:89:8e:01:d3:d7:a0:96:df:b5:04:d6:8e:6d:00:13:
4a:11:3b:5f:79:59:df:77:cd:de:e0:65:d8:14:81:99:98:a0:
31:00:06:24:f5:e4:35:3a:a2:d8:57:c3:51:03:01:48:98:ed:
37:9e:89:34:c3:15:32:c7:7e:47:4b:c0:6f:46:c6:04:6b:01:
59:a7:51:79:2a:e7:08:5a:48:dd:b8:03:0b:5d:ee:0e:0b:08:
ff:19:d8:bf:ea:90:42:a5:a7:af:0f:db:72:17:72:d8:9d:88:
d9:83:e6:90:67:ac:a2:67:04:ed:f2:cc:8b:58:90:25:74:16:
dd:16:c3:e1:3b:51:9b:aa:9c:aa:1c:1f:87:55:58:b6:e9:3f:
ea:98:1b:2b:be:1c:f1:17:4c:ce:93:95:6a:12:56:b5:cf:0c:
78:43:b3:1e:a4:b4:71:e7:46:5a:bb:dd:e1:45:35:d0:7e:be:
44:68:36:a0:16:57:68:78:e6:6f:4e:bc:a3:c8:21:3a:c9:ac:
f8:a8:0d:4a:fa:21:74:58:90:85:40:bf:e5:1c:4f:a1:7e:83:
8f:8a:4f:b3:99:86:9c:48:66:77:4e:8e:87:e8:bc:94:09:35:
3d:d9:1f:b1:01:a9:b0:03:39:39:67:f6:8f:51:b6:17:a9:ba:
25:7b:1d:fe
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZ4B+3MOoZ+r5Z/T6syGXcGGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwNTU5Y2U4ODlhZTQyNDExMjFmZTBhMTY1M2U0Yjk1NWYz
ZWRmNGIwHhcNMjYwNTA3MTAyODM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYzA4NmE0OGM1ZjM0OGM2NDU2Yzc3MmEzNjg3NGEwZTJkMDgwMzMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs5zxquhoCz5Xi6Og7bJxkd35qq95
2qXGCtFTBwy62ms4lHByc7tmkzqcGsWky8Ts4E0Od49duB/NYOTEdFSZ3HbBykP1
+pfkWMfr+poQvHl46Mg8SONp1nC+NsLpI2d3m1ZO06yi7AqWIeTBNnZNZPnjLbA1
oI6pKRpBKipEMuCOCMgXch6EwPqXYPwlXvuQIlsO1xe30NDp8R+b2LN0992j9KLQ
9YP4vImErAheD8AGR+ld39P8gqkWf0Ica1CTImEEZP8e90I70OmiHtulcNY/y94y
gUGobKT2nMLcDQEwX36TSB7bwt9TGFP5dxsGQO5G2L0CX4wK3QYbqDVg0wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPwIakjF80jGRWx3KjaHSg4tCAMzMB8GA1UdIwQY
MBaAFOBVnOiJrkJBEh/goWU+S5VfPt9LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNEZXYzZJbXVRa0VTSC1DaFpUNUxsVjgtMzBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi8xZmE0YTEtOWExYy00N2RlLWFjYTYt
OTQ0OTk1N2ZkNWE1LzEvX0FocVNNWHpTTVpGYkhjcU5vZEtEaTBJQXpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi8xZmE0YTEtOWExYy00N2RlLWFjYTYtOTQ0OTk1N2ZkNWE1
LzEvNEZXYzZJbXVRa0VTSC1DaFpUNUxsVjgtMzBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBZ1NWAwQA
y8roMA0GCSqGSIb3DQEBCwUAA4IBAQCFDtiJjgHT16CW37UE1o5tABNKETtfeVnf
d83e4GXYFIGZmKAxAAYk9eQ1OqLYV8NRAwFImO03nok0wxUyx35HS8BvRsYEawFZ
p1F5KucIWkjduAMLXe4OCwj/Gdi/6pBCpaevD9tyF3LYnYjZg+aQZ6yiZwTt8syL
WJAldBbdFsPhO1GbqpyqHB+HVVi26T/qmBsrvhzxF0zOk5VqEla1zwx4Q7MepLRx
50Zau93hRTXQfr5EaDagFldoeOZvTryjyCE6yaz4qA1K+iF0WJCFQL/lHE+hfoOP
ik+zmYacSGZ3To6H6LyUCTU92R+xAamwAzk5Z/aPUbYXqbolex3+
-----END CERTIFICATE-----
Generated at Wed May 13 10:42:31 2026 by rpki-client