Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/15d271-05cd-461e-a7b6-43013b28d9d6/1/61MfO8SQp3vBR5JB_y2YdbgAXLo.roa
File: 61MfO8SQp3vBR5JB_y2YdbgAXLo.roa (raw, json)
Hash identifier: PoWNMDKcgqmVy1lLA0MOg4r884Oc6GZ6ceF9RY3nNNQ=
Subject key identifier: EB:53:1F:3B:C4:90:A7:7B:C1:47:92:41:FF:2D:98:75:B8:00:5C:BA
Certificate issuer: /CN=d4b95330734c9aaf66d11bcd2bedd380f410f93f
Certificate serial: 019CC32F5D48174B12909BB7181C6B5E3813
Authority key identifier: D4:B9:53:30:73:4C:9A:AF:66:D1:1B:CD:2B:ED:D3:80:F4:10:F9:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1LlTMHNMmq9m0RvNK-3TgPQQ-T8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/15d271-05cd-461e-a7b6-43013b28d9d6/1/61MfO8SQp3vBR5JB_y2YdbgAXLo.roa
Signing time: Fri 06 Mar 2026 12:46:27 +0000
ROA not before: Fri 06 Mar 2026 12:46:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 26383
IP address blocks: 103.31.76.0/24 maxlen: 24
103.31.77.0/24 maxlen: 24
103.110.65.0/24 maxlen: 24
103.110.66.0/24 maxlen: 24
103.146.119.0/24 maxlen: 24
132.243.192.0/24 maxlen: 24
132.243.193.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dc/15d271-05cd-461e-a7b6-43013b28d9d6/1/1LlTMHNMmq9m0RvNK-3TgPQQ-T8.crl
rsync://rpki.ripe.net/repository/DEFAULT/dc/15d271-05cd-461e-a7b6-43013b28d9d6/1/1LlTMHNMmq9m0RvNK-3TgPQQ-T8.mft
rsync://rpki.ripe.net/repository/DEFAULT/1LlTMHNMmq9m0RvNK-3TgPQQ-T8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 13 Mar 2026 13:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:c3:2f:5d:48:17:4b:12:90:9b:b7:18:1c:6b:5e:38:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d4b95330734c9aaf66d11bcd2bedd380f410f93f
Validity
Not Before: Mar 6 12:46:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=eb531f3bc490a77bc1479241ff2d9875b8005cba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:e4:13:7d:d0:34:4d:06:cb:6b:13:be:09:3f:
de:db:d6:e2:2d:10:b9:bc:d0:b7:a5:53:e6:9a:67:
a6:77:09:51:bc:17:20:b9:5d:74:1d:ff:8e:f2:fd:
c8:de:e1:9e:91:f4:82:87:43:95:f6:f7:a3:54:f9:
54:85:12:2a:26:08:6c:bd:41:a7:a6:8d:31:a4:15:
68:da:fe:65:69:fb:12:a5:72:4a:83:d0:93:6c:36:
cf:96:ce:7d:6b:70:71:f5:df:11:7c:2b:28:21:8a:
05:cc:c2:fa:da:69:f7:eb:6a:fe:37:9e:87:ff:55:
24:a7:09:63:de:a5:c9:5e:44:61:c9:28:d9:fc:8a:
22:92:e5:63:43:7e:97:0f:55:69:b5:d0:36:4a:cc:
14:3e:35:97:3d:f4:fe:62:33:18:b4:14:98:9a:09:
85:13:cf:5f:3d:e1:e2:16:51:74:56:bd:05:1c:14:
19:37:5b:f4:81:e9:d8:2b:c4:29:ce:d2:d3:13:59:
fb:c5:a4:4e:83:d0:14:24:ef:1b:eb:37:07:bc:3d:
54:0c:9b:66:db:e2:7c:7d:da:4d:67:bb:dc:77:25:
ac:10:6a:eb:ff:37:00:d4:63:52:c6:b2:17:97:7d:
a7:b0:da:f2:98:9c:6f:ee:13:fa:e1:a1:a9:b6:16:
f8:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:53:1F:3B:C4:90:A7:7B:C1:47:92:41:FF:2D:98:75:B8:00:5C:BA
X509v3 Authority Key Identifier:
keyid:D4:B9:53:30:73:4C:9A:AF:66:D1:1B:CD:2B:ED:D3:80:F4:10:F9:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1LlTMHNMmq9m0RvNK-3TgPQQ-T8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/15d271-05cd-461e-a7b6-43013b28d9d6/1/61MfO8SQp3vBR5JB_y2YdbgAXLo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/15d271-05cd-461e-a7b6-43013b28d9d6/1/1LlTMHNMmq9m0RvNK-3TgPQQ-T8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.31.76.0/23
103.110.65.0-103.110.66.255
103.146.119.0/24
132.243.192.0/23
Signature Algorithm: sha256WithRSAEncryption
68:83:d6:48:6f:ec:9e:7a:08:b9:2e:0c:3b:3d:3c:3c:26:62:
3d:f6:5d:1c:a5:c3:d2:9e:22:36:9e:77:fe:45:ba:23:6d:e5:
42:4b:7d:ed:e2:b3:a0:9a:3d:d0:c4:b9:83:d2:ba:01:01:99:
ef:c0:ea:0d:cc:42:ce:22:96:80:43:ab:5b:cb:8c:c0:4f:6c:
50:b7:30:0f:d7:93:d5:35:bf:44:b5:1c:8d:6e:6c:bd:17:d4:
e8:fd:6f:1f:48:0c:d1:7f:e9:8a:b2:84:f1:ec:4b:9d:df:76:
3f:9d:71:c8:e1:ce:35:91:9b:93:55:50:ea:16:ff:4f:1a:93:
ec:dc:4c:c2:77:e7:9a:e9:15:a7:d0:31:ab:df:4e:53:65:26:
b2:5a:2b:e6:95:e1:48:90:69:2b:18:83:02:33:d9:18:50:c5:
0f:c4:18:e3:24:13:b8:db:a6:83:1a:d2:04:ee:ce:28:78:da:
c9:cc:bb:49:92:00:40:91:ae:b9:45:75:cd:c9:a8:65:a3:61:
88:9c:94:11:c4:77:93:c4:f3:62:a4:e3:38:e3:ab:3b:6d:d1:
7a:18:54:cf:94:5a:1a:39:c3:3a:45:52:90:58:6c:ed:3e:56:
92:9a:75:37:03:95:16:25:b0:a0:19:95:a2:11:f1:21:8e:92:
de:b1:21:02
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZzDL11IF0sSkJu3GBxrXjgTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0Yjk1MzMwNzM0YzlhYWY2NmQxMWJjZDJiZWRkMzgwZjQx
MGY5M2YwHhcNMjYwMzA2MTI0NjI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjUzMWYzYmM0OTBhNzdiYzE0NzkyNDFmZjJkOTg3NWI4MDA1Y2JhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxeQTfdA0TQbLaxO+CT/e29biLRC5
vNC3pVPmmmemdwlRvBcguV10Hf+O8v3I3uGekfSCh0OV9vejVPlUhRIqJghsvUGn
po0xpBVo2v5lafsSpXJKg9CTbDbPls59a3Bx9d8RfCsoIYoFzML62mn362r+N56H
/1Ukpwlj3qXJXkRhySjZ/IoikuVjQ36XD1VptdA2SswUPjWXPfT+YjMYtBSYmgmF
E89fPeHiFlF0Vr0FHBQZN1v0genYK8QpztLTE1n7xaROg9AUJO8b6zcHvD1UDJtm
2+J8fdpNZ7vcdyWsEGrr/zcA1GNSxrIXl32nsNrymJxv7hP64aGpthb4RwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFOtTHzvEkKd7wUeSQf8tmHW4AFy6MB8GA1UdIwQY
MBaAFNS5UzBzTJqvZtEbzSvt04D0EPk/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUxsVE1ITk1tcTltMFJ2TkstM1RnUFFRLVQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy8xNWQyNzEtMDVjZC00NjFlLWE3YjYt
NDMwMTNiMjhkOWQ2LzEvNjFNZk84U1FwM3ZCUjVKQl95MllkYmdBWExvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy8xNWQyNzEtMDVjZC00NjFlLWE3YjYtNDMwMTNiMjhkOWQ2
LzEvMUxsVE1ITk1tcTltMFJ2TkstM1RnUFFRLVQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQBZx9MMAwD
BABnbkEDBABnbkIDBABnkncDBAGE88AwDQYJKoZIhvcNAQELBQADggEBAGiD1khv
7J56CLkuDDs9PDwmYj32XRylw9KeIjaed/5FuiNt5UJLfe3is6CaPdDEuYPSugEB
me/A6g3MQs4iloBDq1vLjMBPbFC3MA/Xk9U1v0S1HI1ubL0X1Oj9bx9IDNF/6Yqy
hPHsS53fdj+dccjhzjWRm5NVUOoW/08ak+zcTMJ355rpFafQMavfTlNlJrJaK+aV
4UiQaSsYgwIz2RhQxQ/EGOMkE7jbpoMa0gTuzih42snMu0mSAECRrrlFdc3JqGWj
YYiclBHEd5PE82Kk4zjjqztt0XoYVM+UWho5wzpFUpBYbO0+VpKadTcDlRYlsKAZ
laIR8SGOkt6xIQI=
-----END CERTIFICATE-----
Generated at Thu Mar 12 19:55:01 2026 by rpki-client