Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/db97d0-28f2-4329-b856-4a348e7be441/1/86J3w2KHwC3IOQFcig1RsCiNiqI.roa
File: 86J3w2KHwC3IOQFcig1RsCiNiqI.roa (raw, json)
Hash identifier: YYIEpXZweId3RWAxfqfUUaYUG93HllQHD6f5j3LzIes=
Subject key identifier: F3:A2:77:C3:62:87:C0:2D:C8:39:01:5C:8A:0D:51:B0:28:8D:8A:A2
Certificate issuer: /CN=914aa557c3d3d1e6b7f0525c34cc1d488a5a9294
Certificate serial: 01963A51A2FA15723EBC7DC657178C1543D6
Authority key identifier: 91:4A:A5:57:C3:D3:D1:E6:B7:F0:52:5C:34:CC:1D:48:8A:5A:92:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kUqlV8PT0ea38FJcNMwdSIpakpQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/db97d0-28f2-4329-b856-4a348e7be441/1/86J3w2KHwC3IOQFcig1RsCiNiqI.roa
Signing time: Tue 15 Apr 2025 16:39:10 +0000
ROA not before: Tue 15 Apr 2025 16:39:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 399195
IP address blocks: 103.17.201.0/24 maxlen: 24
150.107.48.0/22 maxlen: 24
192.144.78.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/99/db97d0-28f2-4329-b856-4a348e7be441/1/kUqlV8PT0ea38FJcNMwdSIpakpQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/99/db97d0-28f2-4329-b856-4a348e7be441/1/kUqlV8PT0ea38FJcNMwdSIpakpQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/kUqlV8PT0ea38FJcNMwdSIpakpQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Apr 2025 16:00:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:3a:51:a2:fa:15:72:3e:bc:7d:c6:57:17:8c:15:43:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=914aa557c3d3d1e6b7f0525c34cc1d488a5a9294
Validity
Not Before: Apr 15 16:39:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f3a277c36287c02dc839015c8a0d51b0288d8aa2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:1a:13:93:de:8c:8b:37:88:83:36:0b:67:e6:
13:ee:77:59:f9:19:37:70:6a:f4:7d:9a:38:15:42:
92:79:e1:1d:08:8a:03:e9:33:b1:ea:11:02:3e:58:
54:60:cb:aa:ed:1b:b5:c8:e7:cb:08:86:6f:97:50:
3c:5f:d3:b9:4c:60:ad:ee:fe:0a:51:68:37:28:36:
ed:fa:90:57:56:23:47:96:40:f1:43:cc:dd:3f:3c:
b7:50:8e:58:fa:5e:69:19:ec:60:1f:3b:dc:bb:ee:
75:cd:a6:07:33:e2:38:ea:83:a0:e2:d8:07:da:ab:
1c:54:e6:19:a1:4e:fd:16:48:0e:77:aa:df:14:3c:
5b:67:db:58:bf:30:61:df:0b:8c:00:35:b7:dd:67:
c3:41:69:ed:12:fc:74:0a:b3:a2:6d:2c:5e:f9:00:
1c:cd:fa:b9:06:16:f7:cc:c9:63:1e:77:20:b2:85:
ff:fb:af:29:06:39:eb:5f:b5:0b:fb:c8:32:bc:31:
80:8f:bb:42:b3:e5:d5:f9:d6:73:5a:40:5d:a7:68:
fc:08:b1:04:95:33:17:c9:fe:0e:7c:69:ad:01:5e:
6b:5e:52:0c:1a:26:38:a4:af:cb:d4:1d:d0:65:f5:
d4:ae:66:ad:ca:5a:90:8d:64:95:1b:60:06:b1:21:
24:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:A2:77:C3:62:87:C0:2D:C8:39:01:5C:8A:0D:51:B0:28:8D:8A:A2
X509v3 Authority Key Identifier:
keyid:91:4A:A5:57:C3:D3:D1:E6:B7:F0:52:5C:34:CC:1D:48:8A:5A:92:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kUqlV8PT0ea38FJcNMwdSIpakpQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/db97d0-28f2-4329-b856-4a348e7be441/1/86J3w2KHwC3IOQFcig1RsCiNiqI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/db97d0-28f2-4329-b856-4a348e7be441/1/kUqlV8PT0ea38FJcNMwdSIpakpQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.17.201.0/24
150.107.48.0/22
192.144.78.0/23
Signature Algorithm: sha256WithRSAEncryption
a6:1b:07:16:2e:bf:f8:93:d1:13:cb:c4:34:52:aa:1c:86:9d:
c0:59:36:4a:07:69:c0:a0:92:e6:3e:98:17:07:66:65:14:1b:
1f:50:14:93:75:7a:16:a7:be:24:91:c3:2e:dd:39:88:a5:5f:
60:0a:30:29:ab:1f:c5:cd:44:1a:f7:08:bf:c1:6c:bb:af:30:
0f:c0:4d:1b:35:ee:fa:12:07:0a:2c:27:24:09:e9:be:bd:34:
e0:4f:f9:e6:c2:35:b9:3e:1e:2f:f4:ff:65:e0:98:83:6d:05:
1d:99:de:b0:91:7d:35:ad:bb:26:43:f1:93:bb:b2:59:bc:4d:
e1:58:d1:ec:d2:ab:78:9c:eb:8f:56:ac:8d:f1:f9:c5:49:7d:
e7:e0:5e:f5:a8:6f:96:ff:85:18:40:c9:a0:eb:f8:ba:65:ec:
e4:41:cc:a3:85:34:ed:0f:48:81:90:c0:c0:f0:75:96:19:9c:
b5:79:0b:df:4d:af:72:cf:0d:3c:45:02:46:87:c7:0b:40:00:
8e:fd:7e:45:06:ed:bf:4d:50:76:90:de:8d:6d:52:78:4d:ca:
76:99:5e:a9:0a:c7:0c:f3:4e:60:a0:f2:86:94:44:ba:42:fd:
62:2a:da:6c:9e:28:8c:f1:a0:eb:a0:41:30:63:04:2b:99:71:
22:89:39:71
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZY6UaL6FXI+vH3GVxeMFUPWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxNGFhNTU3YzNkM2QxZTZiN2YwNTI1YzM0Y2MxZDQ4OGE1
YTkyOTQwHhcNMjUwNDE1MTYzOTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmM2EyNzdjMzYyODdjMDJkYzgzOTAxNWM4YTBkNTFiMDI4OGQ4YWEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3xoTk96MizeIgzYLZ+YT7ndZ+Rk3
cGr0fZo4FUKSeeEdCIoD6TOx6hECPlhUYMuq7Ru1yOfLCIZvl1A8X9O5TGCt7v4K
UWg3KDbt+pBXViNHlkDxQ8zdPzy3UI5Y+l5pGexgHzvcu+51zaYHM+I46oOg4tgH
2qscVOYZoU79FkgOd6rfFDxbZ9tYvzBh3wuMADW33WfDQWntEvx0CrOibSxe+QAc
zfq5Bhb3zMljHncgsoX/+68pBjnrX7UL+8gyvDGAj7tCs+XV+dZzWkBdp2j8CLEE
lTMXyf4OfGmtAV5rXlIMGiY4pK/L1B3QZfXUrmatylqQjWSVG2AGsSEkxQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFPOid8Nih8AtyDkBXIoNUbAojYqiMB8GA1UdIwQY
MBaAFJFKpVfD09Hmt/BSXDTMHUiKWpKUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva1VxbFY4UFQwZWEzOEZKY05Nd2RTSXBha3BRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS9kYjk3ZDAtMjhmMi00MzI5LWI4NTYt
NGEzNDhlN2JlNDQxLzEvODZKM3cyS0h3QzNJT1FGY2lnMVJzQ2lOaXFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS9kYjk3ZDAtMjhmMi00MzI5LWI4NTYtNGEzNDhlN2JlNDQx
LzEva1VxbFY4UFQwZWEzOEZKY05Nd2RTSXBha3BRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAZxHJAwQC
lmswAwQBwJBOMA0GCSqGSIb3DQEBCwUAA4IBAQCmGwcWLr/4k9ETy8Q0Uqochp3A
WTZKB2nAoJLmPpgXB2ZlFBsfUBSTdXoWp74kkcMu3TmIpV9gCjApqx/FzUQa9wi/
wWy7rzAPwE0bNe76EgcKLCckCem+vTTgT/nmwjW5Ph4v9P9l4JiDbQUdmd6wkX01
rbsmQ/GTu7JZvE3hWNHs0qt4nOuPVqyN8fnFSX3n4F71qG+W/4UYQMmg6/i6Zezk
QcyjhTTtD0iBkMDA8HWWGZy1eQvfTa9yzw08RQJGh8cLQACO/X5FBu2/TVB2kN6N
bVJ4Tcp2mV6pCscM805goPKGlES6Qv1iKtpsniiM8aDroEEwYwQrmXEiiTlx
-----END CERTIFICATE-----
Generated at Tue Apr 22 01:04:41 2025 by rpki-client