Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/22f1d5-f269-4f4f-bf8a-1fbc641b50b1/1/VNCm6_FzOH2wvD6zP5chPBaMMwY.roa
File: VNCm6_FzOH2wvD6zP5chPBaMMwY.roa (raw, json)
Hash identifier: Y0Swh/SNbMijU4wn94W5cEpLxOM8OyzH9BGZ9D0MVqQ=
Subject key identifier: 54:D0:A6:EB:F1:73:38:7D:B0:BC:3E:B3:3F:97:21:3C:16:8C:33:06
Certificate issuer: /CN=70e5b30272e43053208978dbe44bfee10a5d007e
Certificate serial: 019A0AE0000CA6E2A268398E968AE94F3F39
Authority key identifier: 70:E5:B3:02:72:E4:30:53:20:89:78:DB:E4:4B:FE:E1:0A:5D:00:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cOWzAnLkMFMgiXjb5Ev-4QpdAH4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/22f1d5-f269-4f4f-bf8a-1fbc641b50b1/1/VNCm6_FzOH2wvD6zP5chPBaMMwY.roa
Signing time: Wed 22 Oct 2025 07:44:03 +0000
ROA not before: Wed 22 Oct 2025 07:44:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44051
IP address blocks: 2.58.64.0/24 maxlen: 24
103.75.124.0/24 maxlen: 24
103.75.127.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f1/22f1d5-f269-4f4f-bf8a-1fbc641b50b1/1/cOWzAnLkMFMgiXjb5Ev-4QpdAH4.crl
rsync://rpki.ripe.net/repository/DEFAULT/f1/22f1d5-f269-4f4f-bf8a-1fbc641b50b1/1/cOWzAnLkMFMgiXjb5Ev-4QpdAH4.mft
rsync://rpki.ripe.net/repository/DEFAULT/cOWzAnLkMFMgiXjb5Ev-4QpdAH4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 23 Oct 2025 13:42:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:0a:e0:00:0c:a6:e2:a2:68:39:8e:96:8a:e9:4f:3f:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70e5b30272e43053208978dbe44bfee10a5d007e
Validity
Not Before: Oct 22 07:44:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=54d0a6ebf173387db0bc3eb33f97213c168c3306
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:72:58:61:2a:ad:f3:b0:4f:d6:1b:4a:e8:98:
1c:c4:69:a0:d5:0a:0c:16:2d:de:fa:4e:97:63:03:
80:bf:ee:7a:e2:30:17:23:20:e9:e2:34:56:d0:ac:
8e:ad:3a:da:89:08:eb:44:a5:3c:c4:1e:2c:f9:11:
85:55:f4:b3:5a:a4:2d:81:f1:39:33:ee:03:d7:66:
87:b5:d8:45:db:19:5d:fa:d3:2c:0a:a2:9e:97:56:
91:07:e5:af:f4:de:2b:9b:b2:b7:1a:63:b0:0e:a4:
15:69:16:6b:8b:c8:3f:f9:4c:24:f2:2f:83:20:aa:
ed:a5:c1:03:c8:a8:7c:5f:13:10:4e:78:41:23:51:
6c:f6:2f:7b:2e:72:7d:c4:2b:59:49:df:8e:f1:fd:
2a:f3:f5:f1:9c:c3:68:09:9d:a8:91:69:e1:fb:ed:
88:10:2b:56:18:4e:15:f0:11:4c:67:3b:5b:9f:b1:
7d:c1:a6:71:b2:bf:9c:f7:be:99:a5:3d:d8:e5:b0:
e4:ea:95:4c:09:18:7d:2e:e5:3a:e2:34:02:0e:f5:
13:d5:6c:3a:0a:19:83:d2:cc:e1:af:8e:11:7e:38:
91:9c:ac:e0:7a:9c:92:3c:f1:40:24:c8:56:0c:3f:
6e:b7:b4:f8:48:72:46:c0:1a:57:9c:7a:db:58:a4:
96:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:D0:A6:EB:F1:73:38:7D:B0:BC:3E:B3:3F:97:21:3C:16:8C:33:06
X509v3 Authority Key Identifier:
keyid:70:E5:B3:02:72:E4:30:53:20:89:78:DB:E4:4B:FE:E1:0A:5D:00:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cOWzAnLkMFMgiXjb5Ev-4QpdAH4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/22f1d5-f269-4f4f-bf8a-1fbc641b50b1/1/VNCm6_FzOH2wvD6zP5chPBaMMwY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/22f1d5-f269-4f4f-bf8a-1fbc641b50b1/1/cOWzAnLkMFMgiXjb5Ev-4QpdAH4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.64.0/24
103.75.124.0/24
103.75.127.0/24
Signature Algorithm: sha256WithRSAEncryption
83:7c:2f:d5:3e:b4:12:dd:9b:ca:26:e4:43:b9:c2:84:7f:2b:
9c:0d:13:3b:ea:6a:6d:18:78:f6:ad:94:d6:e4:e4:25:e0:4d:
cd:e5:97:5d:aa:22:04:18:54:6c:c2:06:91:73:a7:2a:bc:98:
4c:6b:4c:c7:ba:77:09:17:ff:3a:49:4f:9e:12:4e:7c:a8:f7:
04:92:64:2a:83:03:62:37:79:70:b5:ff:44:58:cf:a3:0b:6d:
ec:32:20:01:7a:03:3b:f7:e5:9e:2f:1f:1c:9b:ff:6d:89:fd:
b8:b2:cf:2e:6a:42:7d:75:39:6e:7f:e4:b5:c5:62:51:04:e0:
0c:a7:fa:58:66:cd:39:2a:be:af:5b:08:51:62:99:a7:55:e0:
75:28:0e:62:da:b6:84:8a:41:69:ae:a1:70:12:c1:ab:8c:3d:
ca:70:00:2d:4b:6b:60:ce:43:da:18:91:34:b7:6f:e2:8c:2c:
17:7b:e5:1e:5b:c9:c8:eb:ba:50:f0:1d:af:63:20:43:70:b2:
ea:bf:5f:fa:a6:c7:2c:16:9f:81:45:4e:28:d4:bc:c8:97:1f:
97:08:f0:f5:0c:39:d2:18:71:73:f2:dc:3d:6d:98:06:af:eb:
25:f9:32:28:52:67:45:54:b9:98:15:56:e0:11:de:62:a8:9a:
34:2b:d8:d9
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZoK4AAMpuKiaDmOlorpTz85MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwZTViMzAyNzJlNDMwNTMyMDg5NzhkYmU0NGJmZWUxMGE1
ZDAwN2UwHhcNMjUxMDIyMDc0NDAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NGQwYTZlYmYxNzMzODdkYjBiYzNlYjMzZjk3MjEzYzE2OGMzMzA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArXJYYSqt87BP1htK6JgcxGmg1QoM
Fi3e+k6XYwOAv+564jAXIyDp4jRW0KyOrTraiQjrRKU8xB4s+RGFVfSzWqQtgfE5
M+4D12aHtdhF2xld+tMsCqKel1aRB+Wv9N4rm7K3GmOwDqQVaRZri8g/+Uwk8i+D
IKrtpcEDyKh8XxMQTnhBI1Fs9i97LnJ9xCtZSd+O8f0q8/XxnMNoCZ2okWnh++2I
ECtWGE4V8BFMZztbn7F9waZxsr+c976ZpT3Y5bDk6pVMCRh9LuU64jQCDvUT1Ww6
ChmD0szhr44RfjiRnKzgepySPPFAJMhWDD9ut7T4SHJGwBpXnHrbWKSWAQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFTQpuvxczh9sLw+sz+XITwWjDMGMB8GA1UdIwQY
MBaAFHDlswJy5DBTIIl42+RL/uEKXQB+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY09XekFuTGtNRk1naVhqYjVFdi00UXBkQUg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS8yMmYxZDUtZjI2OS00ZjRmLWJmOGEt
MWZiYzY0MWI1MGIxLzEvVk5DbTZfRnpPSDJ3dkQ2elA1Y2hQQmFNTXdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS8yMmYxZDUtZjI2OS00ZjRmLWJmOGEtMWZiYzY0MWI1MGIx
LzEvY09XekFuTGtNRk1naVhqYjVFdi00UXBkQUg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAAjpAAwQA
Z0t8AwQAZ0t/MA0GCSqGSIb3DQEBCwUAA4IBAQCDfC/VPrQS3ZvKJuRDucKEfyuc
DRM76mptGHj2rZTW5OQl4E3N5ZddqiIEGFRswgaRc6cqvJhMa0zHuncJF/86SU+e
Ek58qPcEkmQqgwNiN3lwtf9EWM+jC23sMiABegM79+WeLx8cm/9tif24ss8uakJ9
dTluf+S1xWJRBOAMp/pYZs05Kr6vWwhRYpmnVeB1KA5i2raEikFprqFwEsGrjD3K
cAAtS2tgzkPaGJE0t2/ijCwXe+UeW8nI67pQ8B2vYyBDcLLqv1/6pscsFp+BRU4o
1LzIlx+XCPD1DDnSGHFz8tw9bZgGr+sl+TIoUmdFVLmYFVbgEd5iqJo0K9jZ
-----END CERTIFICATE-----
Generated at Wed Oct 22 18:43:58 2025 by rpki-client