Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/15d271-05cd-461e-a7b6-43013b28d9d6/1/0GzKvriebMDpPb1E1HsluQGh42I.roa
File: 0GzKvriebMDpPb1E1HsluQGh42I.roa (raw, json)
Hash identifier: 3raTbUH1FMSBYoOvutu3uEcK38dbXtj8/4gcijx2asM=
Subject key identifier: D0:6C:CA:BE:B8:9E:6C:C0:E9:3D:BD:44:D4:7B:25:B9:01:A1:E3:62
Certificate issuer: /CN=d4b95330734c9aaf66d11bcd2bedd380f410f93f
Certificate serial: 019EF4F6310C46D4C0C5273D63028DF5D87F
Authority key identifier: D4:B9:53:30:73:4C:9A:AF:66:D1:1B:CD:2B:ED:D3:80:F4:10:F9:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1LlTMHNMmq9m0RvNK-3TgPQQ-T8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/15d271-05cd-461e-a7b6-43013b28d9d6/1/0GzKvriebMDpPb1E1HsluQGh42I.roa
Signing time: Tue 23 Jun 2026 14:50:35 +0000
ROA not before: Tue 23 Jun 2026 14:50:35 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 57043
IP address blocks: 103.27.156.0/24 maxlen: 24
103.31.76.0/24 maxlen: 24
132.243.194.0/24 maxlen: 24
132.243.198.0/24 maxlen: 24
132.243.201.0/24 maxlen: 24
132.243.207.0/24 maxlen: 24
132.243.208.0/24 maxlen: 24
132.243.209.0/24 maxlen: 24
132.243.213.0/24 maxlen: 24
132.243.224.0/24 maxlen: 24
132.243.228.0/24 maxlen: 24
132.243.234.0/24 maxlen: 24
132.243.235.0/24 maxlen: 24
132.243.236.0/24 maxlen: 24
132.243.244.0/24 maxlen: 24
132.243.252.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dc/15d271-05cd-461e-a7b6-43013b28d9d6/1/1LlTMHNMmq9m0RvNK-3TgPQQ-T8.crl
rsync://rpki.ripe.net/repository/DEFAULT/dc/15d271-05cd-461e-a7b6-43013b28d9d6/1/1LlTMHNMmq9m0RvNK-3TgPQQ-T8.mft
rsync://rpki.ripe.net/repository/DEFAULT/1LlTMHNMmq9m0RvNK-3TgPQQ-T8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 30 Jun 2026 02:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:f4:f6:31:0c:46:d4:c0:c5:27:3d:63:02:8d:f5:d8:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d4b95330734c9aaf66d11bcd2bedd380f410f93f
Validity
Not Before: Jun 23 14:50:35 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=d06ccabeb89e6cc0e93dbd44d47b25b901a1e362
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:1e:2d:43:d9:f0:c6:49:3f:c6:56:c8:4b:2f:
89:36:a2:73:8a:92:84:34:5e:51:29:97:81:9e:8b:
60:36:53:df:a1:7a:2b:cd:bf:df:87:46:09:22:11:
46:31:a3:7b:cc:cb:e1:2a:96:d9:92:8b:ba:1f:2c:
82:02:26:30:b9:88:0a:b9:af:c9:6d:b4:34:ad:9a:
9e:58:aa:2b:c6:a4:ce:e1:e8:bf:a6:63:46:c9:bc:
bc:55:e0:90:1b:6f:a5:14:ba:2e:0c:f8:76:48:60:
28:10:7d:67:6d:94:cc:50:8e:0b:15:6e:34:43:9c:
cf:2f:bc:75:10:3f:ed:4b:06:7a:bd:2c:c8:73:06:
13:8e:26:eb:63:7f:46:f0:08:87:b9:74:4c:94:43:
92:8b:45:32:7e:56:3c:2c:8b:48:4a:23:ed:69:01:
60:c4:c6:8c:7c:61:62:41:a7:a0:c8:52:20:fd:57:
ed:77:49:ac:00:ce:72:79:7b:f5:2c:48:cf:3e:66:
c3:5e:47:45:97:fa:bf:e2:27:dd:d4:03:51:dc:29:
9c:fd:ac:d8:e4:a0:cf:c3:32:cc:3a:99:71:54:84:
81:ac:94:20:60:65:14:6f:95:e6:83:51:93:8e:de:
30:c3:9c:2e:4f:4e:27:d9:54:83:57:de:b8:96:b4:
34:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:6C:CA:BE:B8:9E:6C:C0:E9:3D:BD:44:D4:7B:25:B9:01:A1:E3:62
X509v3 Authority Key Identifier:
keyid:D4:B9:53:30:73:4C:9A:AF:66:D1:1B:CD:2B:ED:D3:80:F4:10:F9:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1LlTMHNMmq9m0RvNK-3TgPQQ-T8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/15d271-05cd-461e-a7b6-43013b28d9d6/1/0GzKvriebMDpPb1E1HsluQGh42I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/15d271-05cd-461e-a7b6-43013b28d9d6/1/1LlTMHNMmq9m0RvNK-3TgPQQ-T8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.27.156.0/24
103.31.76.0/24
132.243.194.0/24
132.243.198.0/24
132.243.201.0/24
132.243.207.0-132.243.209.255
132.243.213.0/24
132.243.224.0/24
132.243.228.0/24
132.243.234.0-132.243.236.255
132.243.244.0/24
132.243.252.0/24
Signature Algorithm: sha256WithRSAEncryption
95:43:ba:79:f5:cf:c9:a5:ab:2e:bb:da:41:0a:7f:d3:53:6d:
f4:de:17:77:68:84:1f:4f:13:e2:38:db:53:0b:1a:0e:cb:5d:
4e:d8:93:29:66:37:ae:e3:28:f4:d9:83:40:cc:c4:7c:0d:2c:
ff:0e:7c:91:27:cc:4d:62:d8:74:fa:09:fe:d4:75:7d:ad:33:
99:3e:26:4b:3f:b2:bd:1e:11:8a:3b:ed:ef:9e:84:57:95:20:
2c:1e:31:95:d1:d3:93:a4:29:c1:81:3b:01:06:03:8c:94:5e:
3a:c9:a2:63:89:af:f7:8a:d2:5d:87:83:00:7b:61:1e:dc:7f:
a8:90:7b:3b:b3:f1:f5:c4:68:96:1c:55:5d:a5:d2:55:f0:d2:
c0:ad:2a:85:61:e6:9e:bb:d4:4e:7c:8b:ab:bf:52:6e:d0:22:
fc:43:16:06:5b:99:83:30:48:af:ae:e7:0f:14:0a:79:0d:e4:
8b:cb:93:1e:d0:55:3a:73:1b:8c:97:2f:16:b7:b0:bc:ec:64:
93:fa:0b:a5:83:6d:03:ed:98:dd:d3:45:4d:be:e2:ec:33:af:
ef:ac:4b:fd:8a:71:fe:52:ae:16:09:af:a4:fa:33:6e:39:2f:
46:1d:e5:18:83:0b:9d:23:df:9c:b3:bf:66:81:c9:b2:6e:af:
4e:a9:57:5e
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgISAZ709jEMRtTAxSc9YwKN9dh/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0Yjk1MzMwNzM0YzlhYWY2NmQxMWJjZDJiZWRkMzgwZjQx
MGY5M2YwHhcNMjYwNjIzMTQ1MDM1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDZjY2FiZWI4OWU2Y2MwZTkzZGJkNDRkNDdiMjViOTAxYTFlMzYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApB4tQ9nwxkk/xlbISy+JNqJzipKE
NF5RKZeBnotgNlPfoXorzb/fh0YJIhFGMaN7zMvhKpbZkou6HyyCAiYwuYgKua/J
bbQ0rZqeWKorxqTO4ei/pmNGyby8VeCQG2+lFLouDPh2SGAoEH1nbZTMUI4LFW40
Q5zPL7x1ED/tSwZ6vSzIcwYTjibrY39G8AiHuXRMlEOSi0UyflY8LItISiPtaQFg
xMaMfGFiQaegyFIg/Vftd0msAM5yeXv1LEjPPmbDXkdFl/q/4ifd1ANR3Cmc/azY
5KDPwzLMOplxVISBrJQgYGUUb5Xmg1GTjt4ww5wuT04n2VSDV964lrQ0kQIDAQAB
o4ICWzCCAlcwHQYDVR0OBBYEFNBsyr64nmzA6T29RNR7JbkBoeNiMB8GA1UdIwQY
MBaAFNS5UzBzTJqvZtEbzSvt04D0EPk/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUxsVE1ITk1tcTltMFJ2TkstM1RnUFFRLVQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy8xNWQyNzEtMDVjZC00NjFlLWE3YjYt
NDMwMTNiMjhkOWQ2LzEvMEd6S3ZyaWViTURwUGIxRTFIc2x1UUdoNDJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy8xNWQyNzEtMDVjZC00NjFlLWE3YjYtNDMwMTNiMjhkOWQ2
LzEvMUxsVE1ITk1tcTltMFJ2TkstM1RnUFFRLVQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHEGCCsGAQUFBwEHAQH/BGIwYDBeBAIAATBYAwQAZxucAwQA
Zx9MAwQAhPPCAwQAhPPGAwQAhPPJMAwDBACE888DBAGE89ADBACE89UDBACE8+AD
BACE8+QwDAMEAYTz6gMEAITz7AMEAITz9AMEAITz/DANBgkqhkiG9w0BAQsFAAOC
AQEAlUO6efXPyaWrLrvaQQp/01Nt9N4Xd2iEH08T4jjbUwsaDstdTtiTKWY3ruMo
9NmDQMzEfA0s/w58kSfMTWLYdPoJ/tR1fa0zmT4mSz+yvR4Rijvt756EV5UgLB4x
ldHTk6QpwYE7AQYDjJReOsmiY4mv94rSXYeDAHthHtx/qJB7O7Px9cRolhxVXaXS
VfDSwK0qhWHmnrvUTnyLq79SbtAi/EMWBluZgzBIr67nDxQKeQ3ki8uTHtBVOnMb
jJcvFrewvOxkk/oLpYNtA+2Y3dNFTb7i7DOv76xL/Ypx/lKuFgmvpPozbjkvRh3l
GIMLnSPfnLO/ZoHJsm6vTqlXXg==
-----END CERTIFICATE-----
Generated at Mon Jun 29 12:23:59 2026 by rpki-client