Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/db97d0-28f2-4329-b856-4a348e7be441/1/iwaWDmSS-6Re9wxogF4sWzri_9g.roa
File: iwaWDmSS-6Re9wxogF4sWzri_9g.roa (raw, json)
Hash identifier: e05J2BPkeSVBCtDmSxWT8RLPNU5QBIyZlxZ4bxlchvI=
Subject key identifier: 8B:06:96:0E:64:92:FB:A4:5E:F7:0C:68:80:5E:2C:5B:3A:E2:FF:D8
Certificate issuer: /CN=914aa557c3d3d1e6b7f0525c34cc1d488a5a9294
Certificate serial: 019DE406452000373C5D29B8F0162D7FEB70
Authority key identifier: 91:4A:A5:57:C3:D3:D1:E6:B7:F0:52:5C:34:CC:1D:48:8A:5A:92:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kUqlV8PT0ea38FJcNMwdSIpakpQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/db97d0-28f2-4329-b856-4a348e7be441/1/iwaWDmSS-6Re9wxogF4sWzri_9g.roa
Signing time: Fri 01 May 2026 14:51:49 +0000
ROA not before: Fri 01 May 2026 14:51:49 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 203156
IP address blocks: 103.86.36.0/24 maxlen: 24
222.167.227.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/99/db97d0-28f2-4329-b856-4a348e7be441/1/kUqlV8PT0ea38FJcNMwdSIpakpQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/99/db97d0-28f2-4329-b856-4a348e7be441/1/kUqlV8PT0ea38FJcNMwdSIpakpQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/kUqlV8PT0ea38FJcNMwdSIpakpQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 May 2026 13:50:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:e4:06:45:20:00:37:3c:5d:29:b8:f0:16:2d:7f:eb:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=914aa557c3d3d1e6b7f0525c34cc1d488a5a9294
Validity
Not Before: May 1 14:51:49 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=8b06960e6492fba45ef70c68805e2c5b3ae2ffd8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:b5:04:a6:93:f7:3c:47:4a:02:51:83:46:9f:
4f:e2:1c:14:39:01:50:f7:8b:ae:33:47:01:92:e8:
ce:67:a5:02:7e:a5:dd:4a:0a:ab:64:58:68:e2:2f:
f8:d2:cc:e8:d3:7c:d4:f1:79:7f:c6:3a:b3:3f:88:
3a:f1:eb:09:56:40:e2:f1:51:9f:4c:a7:c0:9f:f6:
40:53:4c:6e:45:94:98:4f:2e:c6:39:96:b3:1a:be:
11:7f:32:4c:1c:c9:23:1d:d1:5f:d1:65:8e:13:38:
d7:d7:5b:f6:67:4d:14:0f:df:ec:43:46:3e:50:b0:
ea:2f:df:b9:5c:a0:c2:08:7e:fc:98:dd:be:41:08:
b6:e8:a6:c0:a7:b3:0a:86:46:d5:41:50:da:37:ee:
dd:8d:b9:45:41:28:75:86:41:bf:01:c4:34:76:25:
42:b4:29:a4:76:f5:33:94:eb:1b:64:3d:c3:a3:0c:
90:3d:0c:e1:4b:dd:58:32:94:6e:c1:3e:a2:53:93:
64:8b:06:02:73:c9:e0:22:a5:9d:13:ca:b4:71:78:
b2:c1:08:c2:99:1d:07:9a:06:d8:05:74:58:e6:dd:
38:7f:81:d4:1b:08:d7:74:3e:3f:3d:2b:e2:ff:2a:
2c:ec:4f:5c:94:9b:3a:47:93:dc:10:d0:a1:a3:ed:
0d:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:06:96:0E:64:92:FB:A4:5E:F7:0C:68:80:5E:2C:5B:3A:E2:FF:D8
X509v3 Authority Key Identifier:
keyid:91:4A:A5:57:C3:D3:D1:E6:B7:F0:52:5C:34:CC:1D:48:8A:5A:92:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kUqlV8PT0ea38FJcNMwdSIpakpQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/db97d0-28f2-4329-b856-4a348e7be441/1/iwaWDmSS-6Re9wxogF4sWzri_9g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/db97d0-28f2-4329-b856-4a348e7be441/1/kUqlV8PT0ea38FJcNMwdSIpakpQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.86.36.0/24
222.167.227.0/24
Signature Algorithm: sha256WithRSAEncryption
76:40:85:ec:e7:a3:76:64:06:c7:13:fb:3c:d3:ce:e9:4d:64:
71:41:4a:ba:0a:4f:80:3a:98:48:67:6e:fa:a0:37:a8:28:3e:
58:67:76:80:59:d7:67:0e:38:08:db:d6:8b:ea:24:5d:d5:fd:
8a:7e:0a:7b:39:60:1a:b6:94:8d:50:c7:ac:5e:49:cb:d1:db:
d0:8a:e0:e7:97:5b:fc:46:ba:7f:21:20:80:62:41:ae:10:83:
3d:05:1e:5a:e6:85:5d:be:82:5b:1f:32:f4:a6:89:84:2e:c7:
10:f9:37:1c:05:95:d3:81:26:12:d4:3c:61:08:aa:96:38:ec:
70:f9:07:d0:4d:b6:7b:83:cb:34:ba:d2:f4:35:47:31:d1:3c:
19:e5:6b:56:4a:36:de:49:31:ea:dd:35:06:34:72:05:68:d5:
53:88:d7:e4:52:dc:b3:72:1b:5c:37:6d:9e:1c:50:00:26:1b:
2d:a2:06:02:07:e4:a8:65:53:e5:91:2f:4f:be:5b:4e:99:52:
93:7a:05:21:08:e4:ad:1f:ad:d0:8d:a6:31:d1:f1:9b:09:52:
1e:f6:72:18:cf:11:77:ba:0b:37:1c:ad:38:27:c0:2f:9d:45:
29:28:c8:e8:90:27:7c:fa:c7:52:8c:6c:ea:24:8a:48:52:a9:
62:38:3d:25
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZ3kBkUgADc8XSm48BYtf+twMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxNGFhNTU3YzNkM2QxZTZiN2YwNTI1YzM0Y2MxZDQ4OGE1
YTkyOTQwHhcNMjYwNTAxMTQ1MTQ5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjA2OTYwZTY0OTJmYmE0NWVmNzBjNjg4MDVlMmM1YjNhZTJmZmQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlrUEppP3PEdKAlGDRp9P4hwUOQFQ
94uuM0cBkujOZ6UCfqXdSgqrZFho4i/40szo03zU8Xl/xjqzP4g68esJVkDi8VGf
TKfAn/ZAU0xuRZSYTy7GOZazGr4RfzJMHMkjHdFf0WWOEzjX11v2Z00UD9/sQ0Y+
ULDqL9+5XKDCCH78mN2+QQi26KbAp7MKhkbVQVDaN+7djblFQSh1hkG/AcQ0diVC
tCmkdvUzlOsbZD3DowyQPQzhS91YMpRuwT6iU5NkiwYCc8ngIqWdE8q0cXiywQjC
mR0HmgbYBXRY5t04f4HUGwjXdD4/PSvi/yos7E9clJs6R5PcENCho+0N+wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIsGlg5kkvukXvcMaIBeLFs64v/YMB8GA1UdIwQY
MBaAFJFKpVfD09Hmt/BSXDTMHUiKWpKUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva1VxbFY4UFQwZWEzOEZKY05Nd2RTSXBha3BRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS9kYjk3ZDAtMjhmMi00MzI5LWI4NTYt
NGEzNDhlN2JlNDQxLzEvaXdhV0RtU1MtNlJlOXd4b2dGNHNXenJpXzlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS9kYjk3ZDAtMjhmMi00MzI5LWI4NTYtNGEzNDhlN2JlNDQx
LzEva1VxbFY4UFQwZWEzOEZKY05Nd2RTSXBha3BRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAZ1YkAwQA
3qfjMA0GCSqGSIb3DQEBCwUAA4IBAQB2QIXs56N2ZAbHE/s8087pTWRxQUq6Ck+A
OphIZ276oDeoKD5YZ3aAWddnDjgI29aL6iRd1f2Kfgp7OWAatpSNUMesXknL0dvQ
iuDnl1v8Rrp/ISCAYkGuEIM9BR5a5oVdvoJbHzL0pomELscQ+TccBZXTgSYS1Dxh
CKqWOOxw+QfQTbZ7g8s0utL0NUcx0TwZ5WtWSjbeSTHq3TUGNHIFaNVTiNfkUtyz
chtcN22eHFAAJhstogYCB+SoZVPlkS9PvltOmVKTegUhCOStH63QjaYx0fGbCVIe
9nIYzxF3ugs3HK04J8AvnUUpKMjokCd8+sdSjGzqJIpIUqliOD0l
-----END CERTIFICATE-----
Generated at Fri May 8 19:13:13 2026 by rpki-client