Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/db97d0-28f2-4329-b856-4a348e7be441/1/iUlzt6cmUe77EdlWQK1wWK2_iVg.roa
File: iUlzt6cmUe77EdlWQK1wWK2_iVg.roa (raw, json)
Hash identifier: cLVoe27rp7i+l2nFfKIDTigze3skW5fopNbkCBI57RI=
Subject key identifier: 89:49:73:B7:A7:26:51:EE:FB:11:D9:56:40:AD:70:58:AD:BF:89:58
Certificate issuer: /CN=914aa557c3d3d1e6b7f0525c34cc1d488a5a9294
Certificate serial: 019CAEC9321413B1A1D4DBDEF4204DADE0D4
Authority key identifier: 91:4A:A5:57:C3:D3:D1:E6:B7:F0:52:5C:34:CC:1D:48:8A:5A:92:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kUqlV8PT0ea38FJcNMwdSIpakpQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/db97d0-28f2-4329-b856-4a348e7be441/1/iUlzt6cmUe77EdlWQK1wWK2_iVg.roa
Signing time: Mon 02 Mar 2026 13:42:26 +0000
ROA not before: Mon 02 Mar 2026 13:42:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 25198
IP address blocks: 110.34.32.0/24 maxlen: 24
150.107.49.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/99/db97d0-28f2-4329-b856-4a348e7be441/1/kUqlV8PT0ea38FJcNMwdSIpakpQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/99/db97d0-28f2-4329-b856-4a348e7be441/1/kUqlV8PT0ea38FJcNMwdSIpakpQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/kUqlV8PT0ea38FJcNMwdSIpakpQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Mar 2026 16:05:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:ae:c9:32:14:13:b1:a1:d4:db:de:f4:20:4d:ad:e0:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=914aa557c3d3d1e6b7f0525c34cc1d488a5a9294
Validity
Not Before: Mar 2 13:42:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=894973b7a72651eefb11d95640ad7058adbf8958
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:44:dd:0d:a6:35:c9:8b:1b:e9:12:21:7e:09:
1e:4a:91:af:f5:b5:78:66:d8:60:0c:a1:ef:69:d1:
29:2a:ef:f4:17:2e:42:b5:dc:30:4c:fc:27:0f:6c:
e7:15:c6:13:05:76:a1:c9:13:2a:84:d9:57:e6:6e:
16:1e:52:d4:0b:01:21:ab:e3:55:07:db:b7:71:be:
c9:9a:ab:f8:a0:9f:7d:0d:ad:54:7e:bb:e0:6c:ed:
43:08:c4:14:e6:44:1e:0c:77:32:30:0b:98:6c:ba:
8d:5c:9f:2d:05:32:50:c1:f2:08:69:02:99:af:6c:
78:f8:53:6a:84:90:54:79:d5:3b:c1:fa:03:a8:83:
0a:aa:c0:96:c1:26:5a:6d:31:f8:8b:f0:3e:e3:c8:
4d:07:14:9d:f2:4f:20:d6:c4:e1:7f:a6:03:36:ea:
74:75:70:df:7b:c9:96:25:43:48:4b:dc:15:64:b2:
87:16:17:d6:91:eb:43:1f:02:a8:a5:a7:c1:ad:f0:
6f:ce:6d:32:11:cc:99:3a:9e:29:e0:a4:f5:9f:96:
d8:04:3e:33:d6:d9:60:29:6b:18:d4:e7:8f:a5:1b:
2b:56:51:f0:62:da:6d:65:02:d5:9e:28:2e:09:bb:
1a:9c:0c:11:c1:a2:97:d7:26:40:87:b4:0d:d8:4c:
06:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:49:73:B7:A7:26:51:EE:FB:11:D9:56:40:AD:70:58:AD:BF:89:58
X509v3 Authority Key Identifier:
keyid:91:4A:A5:57:C3:D3:D1:E6:B7:F0:52:5C:34:CC:1D:48:8A:5A:92:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kUqlV8PT0ea38FJcNMwdSIpakpQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/db97d0-28f2-4329-b856-4a348e7be441/1/iUlzt6cmUe77EdlWQK1wWK2_iVg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/db97d0-28f2-4329-b856-4a348e7be441/1/kUqlV8PT0ea38FJcNMwdSIpakpQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
110.34.32.0/24
150.107.49.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:3e:f4:7d:86:d4:8e:2c:15:da:82:b2:03:43:ae:df:0f:35:
35:7f:3d:3a:64:48:98:e6:4f:39:9b:52:89:3c:c8:2b:eb:46:
34:2d:5e:81:57:80:d2:3a:df:77:72:ba:e0:a8:40:29:3a:d1:
39:aa:87:e6:4c:ed:3d:1a:d5:97:72:14:e0:03:92:a2:4b:37:
df:60:fc:18:9f:71:1b:c0:2f:91:b4:0c:cd:ae:63:80:20:d6:
20:d0:72:e9:0c:35:88:10:48:9b:85:b5:d0:b4:e5:fb:af:c6:
14:cc:1b:95:20:15:39:98:7c:da:e7:37:1d:25:68:5b:ce:8e:
56:7f:e6:56:9a:cc:d8:86:ee:8b:c7:42:14:76:01:8c:f6:e7:
3b:23:28:c4:10:b7:0d:ee:f3:57:11:07:69:93:01:66:f1:bd:
3b:7c:fc:0a:d5:e6:b5:d5:40:d1:29:b6:79:b5:16:88:55:5e:
4a:8e:7b:98:8d:32:b9:15:17:b3:ed:d8:1a:7c:a1:8a:d0:54:
51:f7:76:45:e7:07:34:fc:1f:34:0b:fa:6f:20:39:d6:a3:99:
c8:3e:44:5e:21:c6:1e:db:a4:7b:96:52:59:b2:2d:a6:49:70:
59:72:40:a0:ef:2d:4f:b3:c0:2e:43:61:43:b8:41:45:c2:59:
3f:97:a4:9b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZyuyTIUE7Gh1Nve9CBNreDUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxNGFhNTU3YzNkM2QxZTZiN2YwNTI1YzM0Y2MxZDQ4OGE1
YTkyOTQwHhcNMjYwMzAyMTM0MjI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTQ5NzNiN2E3MjY1MWVlZmIxMWQ5NTY0MGFkNzA1OGFkYmY4OTU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5UTdDaY1yYsb6RIhfgkeSpGv9bV4
ZthgDKHvadEpKu/0Fy5CtdwwTPwnD2znFcYTBXahyRMqhNlX5m4WHlLUCwEhq+NV
B9u3cb7Jmqv4oJ99Da1UfrvgbO1DCMQU5kQeDHcyMAuYbLqNXJ8tBTJQwfIIaQKZ
r2x4+FNqhJBUedU7wfoDqIMKqsCWwSZabTH4i/A+48hNBxSd8k8g1sThf6YDNup0
dXDfe8mWJUNIS9wVZLKHFhfWketDHwKopafBrfBvzm0yEcyZOp4p4KT1n5bYBD4z
1tlgKWsY1OePpRsrVlHwYtptZQLVniguCbsanAwRwaKX1yZAh7QN2EwGRwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIlJc7enJlHu+xHZVkCtcFitv4lYMB8GA1UdIwQY
MBaAFJFKpVfD09Hmt/BSXDTMHUiKWpKUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva1VxbFY4UFQwZWEzOEZKY05Nd2RTSXBha3BRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS9kYjk3ZDAtMjhmMi00MzI5LWI4NTYt
NGEzNDhlN2JlNDQxLzEvaVVsenQ2Y21VZTc3RWRsV1FLMXdXSzJfaVZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS9kYjk3ZDAtMjhmMi00MzI5LWI4NTYtNGEzNDhlN2JlNDQx
LzEva1VxbFY4UFQwZWEzOEZKY05Nd2RTSXBha3BRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAbiIgAwQA
lmsxMA0GCSqGSIb3DQEBCwUAA4IBAQB+PvR9htSOLBXagrIDQ67fDzU1fz06ZEiY
5k85m1KJPMgr60Y0LV6BV4DSOt93crrgqEApOtE5qofmTO09GtWXchTgA5KiSzff
YPwYn3EbwC+RtAzNrmOAINYg0HLpDDWIEEibhbXQtOX7r8YUzBuVIBU5mHza5zcd
JWhbzo5Wf+ZWmszYhu6Lx0IUdgGM9uc7IyjEELcN7vNXEQdpkwFm8b07fPwK1ea1
1UDRKbZ5tRaIVV5KjnuYjTK5FRez7dgafKGK0FRR93ZF5wc0/B80C/pvIDnWo5nI
PkReIcYe26R7llJZsi2mSXBZckCg7y1Ps8AuQ2FDuEFFwlk/l6Sb
-----END CERTIFICATE-----
Generated at Thu Mar 5 20:42:36 2026 by rpki-client