Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/db97d0-28f2-4329-b856-4a348e7be441/1/Pw-VGHVRvc6luOI9__dRyZYZHq0.roa
File: Pw-VGHVRvc6luOI9__dRyZYZHq0.roa (raw, json)
Hash identifier: MbWLvSkHttDMe2mtMuSEoDdvuvJr7mZ4yIhnLjtsuZE=
Subject key identifier: 3F:0F:95:18:75:51:BD:CE:A5:B8:E2:3D:FF:F7:51:C9:96:19:1E:AD
Certificate issuer: /CN=914aa557c3d3d1e6b7f0525c34cc1d488a5a9294
Certificate serial: 019CB9113244B88F7E13342B32A6DCA81529
Authority key identifier: 91:4A:A5:57:C3:D3:D1:E6:B7:F0:52:5C:34:CC:1D:48:8A:5A:92:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kUqlV8PT0ea38FJcNMwdSIpakpQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/db97d0-28f2-4329-b856-4a348e7be441/1/Pw-VGHVRvc6luOI9__dRyZYZHq0.roa
Signing time: Wed 04 Mar 2026 13:37:17 +0000
ROA not before: Wed 04 Mar 2026 13:37:17 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 214025
IP address blocks: 116.204.164.0/24 maxlen: 24
150.107.50.0/24 maxlen: 24
222.167.224.0/24 maxlen: 24
222.167.231.0/24 maxlen: 24
222.167.255.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/99/db97d0-28f2-4329-b856-4a348e7be441/1/kUqlV8PT0ea38FJcNMwdSIpakpQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/99/db97d0-28f2-4329-b856-4a348e7be441/1/kUqlV8PT0ea38FJcNMwdSIpakpQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/kUqlV8PT0ea38FJcNMwdSIpakpQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Mar 2026 07:01:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:b9:11:32:44:b8:8f:7e:13:34:2b:32:a6:dc:a8:15:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=914aa557c3d3d1e6b7f0525c34cc1d488a5a9294
Validity
Not Before: Mar 4 13:37:17 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=3f0f95187551bdcea5b8e23dfff751c996191ead
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:ff:65:92:61:78:0e:36:fd:a0:88:bb:0c:13:
5c:27:16:e1:41:b2:62:22:3e:68:32:38:39:f4:87:
b7:c5:9b:bd:b6:6d:2f:67:4b:fa:13:a0:47:ec:01:
02:a8:6a:55:f1:b9:7c:c0:dc:41:a6:22:33:2a:49:
30:ec:7c:0c:c5:28:8c:fa:44:81:6f:3f:82:4c:2b:
db:34:27:d5:ab:7e:52:ff:76:47:70:33:3f:eb:fa:
a6:da:6a:87:8e:b3:1e:f3:89:2b:17:eb:d3:66:4c:
74:b0:b6:84:c1:50:71:39:c1:02:b8:4d:5a:03:c1:
b4:f9:45:7f:e6:ff:41:33:7a:85:bf:1b:ec:25:5f:
2b:06:c3:86:1f:60:6a:5f:5b:9d:93:d5:9d:31:d0:
d3:ea:75:7a:7b:d1:a7:41:ab:d1:67:72:a4:94:8f:
31:83:27:0c:04:5c:29:20:70:dc:d8:07:17:61:ac:
9e:36:5c:e9:19:5c:ee:dc:14:44:c1:83:6c:93:f4:
69:01:00:5b:58:51:11:ad:22:f6:97:9a:61:8a:05:
d0:46:09:0b:af:8e:8b:ff:db:cb:de:bf:30:07:4f:
fe:00:9a:28:5c:8e:a7:79:10:53:95:f2:aa:30:fa:
79:05:21:0d:39:99:02:f1:b9:31:8a:2b:aa:76:3d:
3a:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:0F:95:18:75:51:BD:CE:A5:B8:E2:3D:FF:F7:51:C9:96:19:1E:AD
X509v3 Authority Key Identifier:
keyid:91:4A:A5:57:C3:D3:D1:E6:B7:F0:52:5C:34:CC:1D:48:8A:5A:92:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kUqlV8PT0ea38FJcNMwdSIpakpQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/db97d0-28f2-4329-b856-4a348e7be441/1/Pw-VGHVRvc6luOI9__dRyZYZHq0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/db97d0-28f2-4329-b856-4a348e7be441/1/kUqlV8PT0ea38FJcNMwdSIpakpQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
116.204.164.0/24
150.107.50.0/24
222.167.224.0/24
222.167.231.0/24
222.167.255.0/24
Signature Algorithm: sha256WithRSAEncryption
61:ae:35:42:ae:10:fa:4d:4b:e8:0e:35:35:b3:74:e6:fa:cb:
90:48:e8:d9:3e:c2:d9:ff:72:93:ef:cf:89:e6:e7:9f:d3:58:
f5:a6:f0:0a:aa:a5:8d:14:b8:a9:fb:e5:b5:64:11:a1:73:f5:
26:a2:3b:62:d6:37:d9:e1:31:6d:28:dd:d6:84:6c:38:65:b4:
c2:65:c6:28:19:e4:c6:9e:d0:f0:e7:8f:72:46:4f:59:97:1e:
c1:40:20:87:8a:fe:bc:b6:f6:0f:39:f2:15:37:e7:ea:42:3f:
f5:bc:b8:38:be:f7:e1:50:bc:00:00:c2:d3:f8:c5:8b:82:8a:
8b:50:35:35:29:66:38:3f:dc:35:28:89:51:cb:a0:74:82:64:
d9:3b:7f:97:c4:20:6b:3e:03:38:3b:00:01:2f:11:76:01:e8:
a8:71:a3:ad:04:f7:84:ad:4d:b2:65:5e:7e:f6:fd:ae:29:96:
13:8f:bf:ef:9e:d7:1b:82:39:f6:6f:d7:d5:ca:76:47:ac:c1:
f7:10:ab:cf:1b:60:9d:b5:bc:2f:4a:31:ca:3b:0e:3c:59:75:
fe:e1:42:cb:ec:d8:57:4e:b8:e6:07:21:64:2d:e0:46:6e:09:
a8:17:11:c5:82:d3:c7:c5:40:51:3d:62:cd:1b:57:45:ba:1f:
77:8b:5e:0d
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZy5ETJEuI9+EzQrMqbcqBUpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxNGFhNTU3YzNkM2QxZTZiN2YwNTI1YzM0Y2MxZDQ4OGE1
YTkyOTQwHhcNMjYwMzA0MTMzNzE3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjBmOTUxODc1NTFiZGNlYTViOGUyM2RmZmY3NTFjOTk2MTkxZWFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvP9lkmF4Djb9oIi7DBNcJxbhQbJi
Ij5oMjg59Ie3xZu9tm0vZ0v6E6BH7AECqGpV8bl8wNxBpiIzKkkw7HwMxSiM+kSB
bz+CTCvbNCfVq35S/3ZHcDM/6/qm2mqHjrMe84krF+vTZkx0sLaEwVBxOcECuE1a
A8G0+UV/5v9BM3qFvxvsJV8rBsOGH2BqX1udk9WdMdDT6nV6e9GnQavRZ3KklI8x
gycMBFwpIHDc2AcXYayeNlzpGVzu3BREwYNsk/RpAQBbWFERrSL2l5phigXQRgkL
r46L/9vL3r8wB0/+AJooXI6neRBTlfKqMPp5BSENOZkC8bkxiiuqdj06UwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFD8PlRh1Ub3OpbjiPf/3UcmWGR6tMB8GA1UdIwQY
MBaAFJFKpVfD09Hmt/BSXDTMHUiKWpKUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva1VxbFY4UFQwZWEzOEZKY05Nd2RTSXBha3BRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS9kYjk3ZDAtMjhmMi00MzI5LWI4NTYt
NGEzNDhlN2JlNDQxLzEvUHctVkdIVlJ2YzZsdU9JOV9fZFJ5WllaSHEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS9kYjk3ZDAtMjhmMi00MzI5LWI4NTYtNGEzNDhlN2JlNDQx
LzEva1VxbFY4UFQwZWEzOEZKY05Nd2RTSXBha3BRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAdMykAwQA
lmsyAwQA3qfgAwQA3qfnAwQA3qf/MA0GCSqGSIb3DQEBCwUAA4IBAQBhrjVCrhD6
TUvoDjU1s3Tm+suQSOjZPsLZ/3KT78+J5uef01j1pvAKqqWNFLip++W1ZBGhc/Um
ojti1jfZ4TFtKN3WhGw4ZbTCZcYoGeTGntDw549yRk9Zlx7BQCCHiv68tvYPOfIV
N+fqQj/1vLg4vvfhULwAAMLT+MWLgoqLUDU1KWY4P9w1KIlRy6B0gmTZO3+XxCBr
PgM4OwABLxF2AeiocaOtBPeErU2yZV5+9v2uKZYTj7/vntcbgjn2b9fVynZHrMH3
EKvPG2CdtbwvSjHKOw48WXX+4ULL7NhXTrjmByFkLeBGbgmoFxHFgtPHxUBRPWLN
G1dFuh93i14N
-----END CERTIFICATE-----
Generated at Thu Mar 5 09:30:28 2026 by rpki-client