Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/aNB_XJHrIC5i0w1C8J0tAQ5wod4.roa
File: aNB_XJHrIC5i0w1C8J0tAQ5wod4.roa (raw, json)
Hash identifier: HmJhzb+MSwBGsvb147oYI8ZGMjU0fqGVz7CWkvHxdOE=
Subject key identifier: 68:D0:7F:5C:91:EB:20:2E:62:D3:0D:42:F0:9D:2D:01:0E:70:A1:DE
Certificate issuer: /CN=57c670c8db32dd748df797c5c93013d8c91fa839
Certificate serial: 0198EB34D595F3498F6C771BF49D9CABBF0B
Authority key identifier: 57:C6:70:C8:DB:32:DD:74:8D:F7:97:C5:C9:30:13:D8:C9:1F:A8:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/aNB_XJHrIC5i0w1C8J0tAQ5wod4.roa
Signing time: Wed 27 Aug 2025 11:06:04 +0000
ROA not before: Wed 27 Aug 2025 11:06:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211522
IP address blocks: 45.134.12.0/24 maxlen: 24
45.134.13.0/24 maxlen: 24
45.134.14.0/24 maxlen: 24
45.134.15.0/24 maxlen: 24
103.71.22.0/24 maxlen: 24
103.71.23.0/24 maxlen: 24
103.249.132.0/24 maxlen: 24
103.249.133.0/24 maxlen: 24
103.249.134.0/24 maxlen: 24
103.249.135.0/24 maxlen: 24
185.128.104.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/V8ZwyNsy3XSN95fFyTAT2MkfqDk.crl
rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/V8ZwyNsy3XSN95fFyTAT2MkfqDk.mft
rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 07 Sep 2025 11:14:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:eb:34:d5:95:f3:49:8f:6c:77:1b:f4:9d:9c:ab:bf:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=57c670c8db32dd748df797c5c93013d8c91fa839
Validity
Not Before: Aug 27 11:06:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=68d07f5c91eb202e62d30d42f09d2d010e70a1de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:df:bd:d9:dd:14:9d:3d:c5:fb:f7:26:3f:a2:
b0:6f:2c:6f:92:5e:fe:08:c3:fa:d5:bb:99:a9:46:
f1:5f:e0:0c:f4:4d:bb:e5:af:4b:cf:a4:58:4d:91:
86:27:d9:be:54:f7:08:44:8a:b2:44:9c:62:ed:3b:
67:10:ee:4b:80:85:bb:c6:bb:22:ab:9c:62:b6:73:
2c:d1:aa:59:81:4e:9a:b9:a4:19:a5:fa:21:23:54:
6e:ad:93:0d:fa:c0:8c:84:1d:d9:e0:bd:65:af:c1:
b3:0f:9a:94:25:dd:99:9c:31:ec:9a:80:0e:10:74:
b1:d2:79:71:90:a9:4e:04:75:cd:5a:0e:4e:1b:35:
69:30:19:e4:63:3b:f9:70:5a:02:f8:2d:78:5a:cd:
9d:83:e4:48:5b:c1:25:1c:52:c6:38:49:52:cb:3e:
7a:fb:98:99:a0:68:4f:14:fb:e9:17:97:67:ef:15:
06:3d:e1:0b:b8:78:17:e5:be:58:37:58:8e:7c:5a:
ce:73:bd:06:13:50:88:5f:b1:85:e2:48:fa:55:2b:
b3:bf:61:0c:5e:f7:e7:51:89:0d:1e:c8:df:58:c0:
51:42:d4:f7:d8:59:53:e3:24:5e:05:a6:bb:54:bb:
ec:09:ca:91:9b:44:95:82:ed:26:66:63:52:5b:fe:
50:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:D0:7F:5C:91:EB:20:2E:62:D3:0D:42:F0:9D:2D:01:0E:70:A1:DE
X509v3 Authority Key Identifier:
keyid:57:C6:70:C8:DB:32:DD:74:8D:F7:97:C5:C9:30:13:D8:C9:1F:A8:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/aNB_XJHrIC5i0w1C8J0tAQ5wod4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/V8ZwyNsy3XSN95fFyTAT2MkfqDk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.134.12.0/22
103.71.22.0/23
103.249.132.0/22
185.128.104.0/24
Signature Algorithm: sha256WithRSAEncryption
bc:fd:a4:b1:74:76:94:7b:54:2a:b7:21:14:b1:87:17:a8:72:
15:61:74:b0:d5:97:23:11:e4:c3:76:09:e5:35:2f:63:a5:45:
08:9e:66:ce:85:c5:67:84:71:18:de:c9:0a:3a:ca:a1:1a:5f:
a6:36:fc:31:38:df:ca:d3:5e:29:e4:1b:11:59:61:48:51:2c:
97:e0:54:e5:4e:b0:64:2a:10:57:eb:ff:86:0c:fb:f1:35:d6:
6c:3a:05:45:ea:a4:20:5a:54:92:20:c7:57:f3:a5:94:97:08:
b0:3c:09:51:06:32:d9:7b:c8:3b:40:6c:dd:4d:5b:ca:05:1c:
78:92:ad:c2:d8:b7:a6:f4:3d:8e:d4:d1:10:fa:29:74:d4:b7:
75:b8:dd:7a:f7:0e:c8:5e:e4:c7:11:f9:af:8a:a0:c7:e6:17:
53:81:9c:c2:00:66:63:f1:86:be:2b:ca:23:a2:74:ac:4d:f8:
c0:df:29:72:23:67:c3:21:dd:a8:94:c9:27:38:63:90:d7:fe:
b5:da:d7:1e:71:da:53:4c:5a:e4:88:87:78:c8:10:8e:79:ad:
39:20:cb:1f:38:5d:ac:f6:80:5f:94:fb:54:05:b1:40:3e:dc:
30:1f:e6:fa:8a:a7:b7:6b:08:9b:73:0e:bd:4e:b8:fa:3e:fc:
eb:72:d0:d9
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZjrNNWV80mPbHcb9J2cq78LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3YzY3MGM4ZGIzMmRkNzQ4ZGY3OTdjNWM5MzAxM2Q4Yzkx
ZmE4MzkwHhcNMjUwODI3MTEwNjA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OGQwN2Y1YzkxZWIyMDJlNjJkMzBkNDJmMDlkMmQwMTBlNzBhMWRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwt+92d0UnT3F+/cmP6Kwbyxvkl7+
CMP61buZqUbxX+AM9E275a9Lz6RYTZGGJ9m+VPcIRIqyRJxi7TtnEO5LgIW7xrsi
q5xitnMs0apZgU6auaQZpfohI1RurZMN+sCMhB3Z4L1lr8GzD5qUJd2ZnDHsmoAO
EHSx0nlxkKlOBHXNWg5OGzVpMBnkYzv5cFoC+C14Ws2dg+RIW8ElHFLGOElSyz56
+5iZoGhPFPvpF5dn7xUGPeELuHgX5b5YN1iOfFrOc70GE1CIX7GF4kj6VSuzv2EM
XvfnUYkNHsjfWMBRQtT32FlT4yReBaa7VLvsCcqRm0SVgu0mZmNSW/5QyQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFGjQf1yR6yAuYtMNQvCdLQEOcKHeMB8GA1UdIwQY
MBaAFFfGcMjbMt10jfeXxckwE9jJH6g5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjhad3lOc3kzWFNOOTVmRnlUQVQyTWtmcURrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC81YTZmZGEtNzg5Ni00YzUwLWFmZmQt
MzA0OTVmNDAzNzg0LzEvYU5CX1hKSHJJQzVpMHcxQzhKMHRBUTV3b2Q0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC81YTZmZGEtNzg5Ni00YzUwLWFmZmQtMzA0OTVmNDAzNzg0
LzEvVjhad3lOc3kzWFNOOTVmRnlUQVQyTWtmcURrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCLYYMAwQB
Z0cWAwQCZ/mEAwQAuYBoMA0GCSqGSIb3DQEBCwUAA4IBAQC8/aSxdHaUe1QqtyEU
sYcXqHIVYXSw1ZcjEeTDdgnlNS9jpUUInmbOhcVnhHEY3skKOsqhGl+mNvwxON/K
014p5BsRWWFIUSyX4FTlTrBkKhBX6/+GDPvxNdZsOgVF6qQgWlSSIMdX86WUlwiw
PAlRBjLZe8g7QGzdTVvKBRx4kq3C2Lem9D2O1NEQ+il01Ld1uN169w7IXuTHEfmv
iqDH5hdTgZzCAGZj8Ya+K8ojonSsTfjA3ylyI2fDId2olMknOGOQ1/612tcecdpT
TFrkiId4yBCOea05IMsfOF2s9oBflPtUBbFAPtwwH+b6iqe3awibcw69Trj6Pvzr
ctDZ
-----END CERTIFICATE-----
Generated at Sat Sep 6 17:21:52 2025 by rpki-client