Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/db97d0-28f2-4329-b856-4a348e7be441/1/4ROwRVQLcyyTd3DVuAJMFyQNKLY.roa
File: 4ROwRVQLcyyTd3DVuAJMFyQNKLY.roa (raw, json)
Hash identifier: SwUWbeKPeqEXCp3WxEiP37PoAabylCHhCmtuQi7bx40=
Subject key identifier: E1:13:B0:45:54:0B:73:2C:93:77:70:D5:B8:02:4C:17:24:0D:28:B6
Certificate issuer: /CN=914aa557c3d3d1e6b7f0525c34cc1d488a5a9294
Certificate serial: 019D31A7DC583419132AC0FF2D2E71264B92
Authority key identifier: 91:4A:A5:57:C3:D3:D1:E6:B7:F0:52:5C:34:CC:1D:48:8A:5A:92:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kUqlV8PT0ea38FJcNMwdSIpakpQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/db97d0-28f2-4329-b856-4a348e7be441/1/4ROwRVQLcyyTd3DVuAJMFyQNKLY.roa
Signing time: Fri 27 Mar 2026 23:36:17 +0000
ROA not before: Fri 27 Mar 2026 23:36:17 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 199915
IP address blocks: 116.204.164.0/24 maxlen: 24
116.204.165.0/24 maxlen: 24
222.167.202.0/24 maxlen: 24
222.167.255.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/99/db97d0-28f2-4329-b856-4a348e7be441/1/kUqlV8PT0ea38FJcNMwdSIpakpQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/99/db97d0-28f2-4329-b856-4a348e7be441/1/kUqlV8PT0ea38FJcNMwdSIpakpQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/kUqlV8PT0ea38FJcNMwdSIpakpQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 28 Mar 2026 19:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:31:a7:dc:58:34:19:13:2a:c0:ff:2d:2e:71:26:4b:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=914aa557c3d3d1e6b7f0525c34cc1d488a5a9294
Validity
Not Before: Mar 27 23:36:17 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=e113b045540b732c937770d5b8024c17240d28b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:bc:73:17:42:53:63:fc:bf:6d:d8:28:2e:0f:
0d:5c:8c:60:4f:f7:3c:70:63:9f:90:76:f6:58:25:
89:6b:51:32:37:4f:35:2b:93:73:29:e0:a5:ef:5c:
24:2f:84:57:4e:cd:dc:ab:3b:c3:b4:71:75:3a:13:
c8:99:53:61:9b:89:55:3b:43:17:59:25:6b:e2:de:
e6:71:b2:02:89:1e:ef:1b:33:97:83:84:fb:6c:83:
64:a4:0b:27:89:65:b1:cb:ab:41:b9:0a:f7:c1:8b:
d5:98:83:8c:b9:f4:8d:73:1f:01:2a:3b:ae:aa:3b:
61:aa:ac:b5:cf:4c:ab:f8:e7:33:34:51:1d:d7:55:
96:a4:40:72:5e:98:d3:87:68:cd:bb:14:a9:77:83:
62:d7:99:a1:ab:a6:23:40:fe:a2:91:9c:ff:e1:a6:
43:02:68:ca:4b:6c:8e:1c:40:c6:5a:e4:fd:6c:f5:
86:61:61:a5:e8:b8:02:df:87:5c:c5:d4:25:be:71:
a5:3b:85:66:cb:66:1a:c1:c4:47:11:2c:ad:7a:8d:
32:92:6e:f8:83:ee:1e:3a:8b:8f:25:e4:da:55:06:
20:cd:dd:79:64:1d:91:ae:60:cc:68:09:ad:83:08:
51:fe:d1:0e:37:f9:38:2d:b6:11:7b:0d:d0:d1:53:
69:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:13:B0:45:54:0B:73:2C:93:77:70:D5:B8:02:4C:17:24:0D:28:B6
X509v3 Authority Key Identifier:
keyid:91:4A:A5:57:C3:D3:D1:E6:B7:F0:52:5C:34:CC:1D:48:8A:5A:92:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kUqlV8PT0ea38FJcNMwdSIpakpQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/db97d0-28f2-4329-b856-4a348e7be441/1/4ROwRVQLcyyTd3DVuAJMFyQNKLY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/db97d0-28f2-4329-b856-4a348e7be441/1/kUqlV8PT0ea38FJcNMwdSIpakpQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
116.204.164.0/23
222.167.202.0/24
222.167.255.0/24
Signature Algorithm: sha256WithRSAEncryption
72:76:d6:04:3a:36:86:1c:34:ae:26:1d:14:9a:ca:bd:a2:16:
f4:56:77:88:cb:b7:5d:47:a6:48:99:52:47:c5:18:c9:82:35:
cb:03:61:21:17:c1:6d:ef:a5:29:38:a8:a5:71:7e:19:49:c8:
fd:ee:de:b6:62:25:d3:a5:e9:4a:21:72:68:0f:44:bb:1d:db:
f5:63:e3:82:1d:d5:8d:74:c9:fa:81:4b:b7:09:82:0b:e1:fa:
32:f8:19:60:6b:40:72:0b:df:62:61:7e:13:fa:ac:c0:2b:da:
c7:b3:60:ae:f4:33:78:4d:77:56:45:63:f0:ac:1a:00:d4:00:
ee:35:ae:c8:5c:90:47:53:9e:6e:0c:fb:f0:ff:de:fd:32:36:
c5:47:4d:d7:3d:a7:12:6f:aa:de:98:36:94:f1:65:fd:63:60:
2c:ff:0e:d2:18:72:29:6f:10:56:2c:6d:c1:5c:a2:47:1c:18:
38:70:a5:a6:99:3e:95:d0:8f:78:96:f5:0d:52:10:27:ad:69:
b9:a9:55:5a:0e:cc:c3:8e:0a:84:7c:96:64:bc:fa:fe:58:aa:
a1:c4:ec:ce:25:f4:1b:93:4b:46:d8:df:38:6f:65:08:52:28:
ba:a8:c4:82:1c:84:5c:79:61:e6:4f:b0:86:32:73:d2:65:21:
0a:c9:25:ed
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZ0xp9xYNBkTKsD/LS5xJkuSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxNGFhNTU3YzNkM2QxZTZiN2YwNTI1YzM0Y2MxZDQ4OGE1
YTkyOTQwHhcNMjYwMzI3MjMzNjE3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTEzYjA0NTU0MGI3MzJjOTM3NzcwZDViODAyNGMxNzI0MGQyOGI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj7xzF0JTY/y/bdgoLg8NXIxgT/c8
cGOfkHb2WCWJa1EyN081K5NzKeCl71wkL4RXTs3cqzvDtHF1OhPImVNhm4lVO0MX
WSVr4t7mcbICiR7vGzOXg4T7bINkpAsniWWxy6tBuQr3wYvVmIOMufSNcx8BKjuu
qjthqqy1z0yr+OczNFEd11WWpEByXpjTh2jNuxSpd4Ni15mhq6YjQP6ikZz/4aZD
AmjKS2yOHEDGWuT9bPWGYWGl6LgC34dcxdQlvnGlO4Vmy2YawcRHESyteo0ykm74
g+4eOouPJeTaVQYgzd15ZB2RrmDMaAmtgwhR/tEON/k4LbYRew3Q0VNpGwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFOETsEVUC3Msk3dw1bgCTBckDSi2MB8GA1UdIwQY
MBaAFJFKpVfD09Hmt/BSXDTMHUiKWpKUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva1VxbFY4UFQwZWEzOEZKY05Nd2RTSXBha3BRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS9kYjk3ZDAtMjhmMi00MzI5LWI4NTYt
NGEzNDhlN2JlNDQxLzEvNFJPd1JWUUxjeXlUZDNEVnVBSk1GeVFOS0xZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS9kYjk3ZDAtMjhmMi00MzI5LWI4NTYtNGEzNDhlN2JlNDQx
LzEva1VxbFY4UFQwZWEzOEZKY05Nd2RTSXBha3BRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBdMykAwQA
3qfKAwQA3qf/MA0GCSqGSIb3DQEBCwUAA4IBAQBydtYEOjaGHDSuJh0Umsq9ohb0
VneIy7ddR6ZImVJHxRjJgjXLA2EhF8Ft76UpOKilcX4ZScj97t62YiXTpelKIXJo
D0S7Hdv1Y+OCHdWNdMn6gUu3CYIL4foy+Blga0ByC99iYX4T+qzAK9rHs2Cu9DN4
TXdWRWPwrBoA1ADuNa7IXJBHU55uDPvw/979MjbFR03XPacSb6remDaU8WX9Y2As
/w7SGHIpbxBWLG3BXKJHHBg4cKWmmT6V0I94lvUNUhAnrWm5qVVaDszDjgqEfJZk
vPr+WKqhxOzOJfQbk0tG2N84b2UIUii6qMSCHIRceWHmT7CGMnPSZSEKySXt
-----END CERTIFICATE-----
Generated at Sat Mar 28 03:21:59 2026 by rpki-client