Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/bce18c-7203-44c9-bec8-df01b4eb25e9/1/9Rl0BbPzjGtJ5SxKkQlNSxcKRIA.roa
File: 9Rl0BbPzjGtJ5SxKkQlNSxcKRIA.roa (raw, json)
Hash identifier: wlrYCSoZjr9jkjpsQGaOjVzZDExzEHE+3MSzP3WRJC0=
Subject key identifier: F5:19:74:05:B3:F3:8C:6B:49:E5:2C:4A:91:09:4D:4B:17:0A:44:80
Certificate issuer: /CN=44e9101a29c938f84f86045d6be5df4b3f517bd1
Certificate serial: 0196F1C1C659E9D5E54DF825532CB448170A
Authority key identifier: 44:E9:10:1A:29:C9:38:F8:4F:86:04:5D:6B:E5:DF:4B:3F:51:7B:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ROkQGinJOPhPhgRda-XfSz9Re9E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/bce18c-7203-44c9-bec8-df01b4eb25e9/1/9Rl0BbPzjGtJ5SxKkQlNSxcKRIA.roa
Signing time: Wed 21 May 2025 07:32:10 +0000
ROA not before: Wed 21 May 2025 07:32:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206318
IP address blocks: 103.77.228.0/22 maxlen: 22
185.185.196.0/22 maxlen: 22
193.32.212.0/22 maxlen: 22
2a0b:6380::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/bce18c-7203-44c9-bec8-df01b4eb25e9/1/ROkQGinJOPhPhgRda-XfSz9Re9E.crl
rsync://rpki.ripe.net/repository/DEFAULT/fe/bce18c-7203-44c9-bec8-df01b4eb25e9/1/ROkQGinJOPhPhgRda-XfSz9Re9E.mft
rsync://rpki.ripe.net/repository/DEFAULT/ROkQGinJOPhPhgRda-XfSz9Re9E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 09:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:f1:c1:c6:59:e9:d5:e5:4d:f8:25:53:2c:b4:48:17:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=44e9101a29c938f84f86045d6be5df4b3f517bd1
Validity
Not Before: May 21 07:32:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f5197405b3f38c6b49e52c4a91094d4b170a4480
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:1f:46:4f:bf:71:78:55:b9:3c:df:ed:b5:64:
65:9b:71:5d:d0:22:e8:63:59:9e:12:89:88:75:a5:
83:78:bb:1e:42:9b:88:06:fe:db:a5:94:a7:c0:41:
d5:59:b1:62:0f:94:14:37:4c:43:f3:6c:19:44:7e:
49:f4:ee:2c:fa:33:1d:a2:18:a1:b8:1c:87:41:9c:
1f:f5:07:11:b5:58:d3:20:0f:d1:8f:2c:ca:2e:b4:
72:f2:fe:f5:31:91:0d:08:95:b9:27:a7:2b:1a:fd:
84:8d:8c:47:dc:25:01:46:84:57:36:11:3a:fb:ff:
20:48:4a:e1:a0:45:39:59:ec:eb:49:64:15:6e:f0:
32:e2:83:6b:e1:ce:a7:83:7d:d9:0a:25:ea:9d:aa:
5c:c3:d6:68:ec:4b:f4:e3:7b:a0:47:1a:54:60:96:
49:25:74:b9:81:75:6f:88:e9:e2:2d:5a:59:5f:5e:
d4:c0:cc:73:3d:bd:8f:18:56:50:54:f6:79:6e:27:
59:9c:7e:4e:e0:a8:b0:a8:11:97:46:ee:c5:de:cb:
6b:fd:84:03:b5:87:7d:ef:74:4c:e9:27:34:72:0e:
24:36:90:5c:43:f0:58:1c:29:a7:3c:f4:86:ba:7d:
ea:2b:44:6a:5e:c3:07:87:fc:67:a2:8d:fb:b7:75:
bc:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:19:74:05:B3:F3:8C:6B:49:E5:2C:4A:91:09:4D:4B:17:0A:44:80
X509v3 Authority Key Identifier:
keyid:44:E9:10:1A:29:C9:38:F8:4F:86:04:5D:6B:E5:DF:4B:3F:51:7B:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ROkQGinJOPhPhgRda-XfSz9Re9E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/bce18c-7203-44c9-bec8-df01b4eb25e9/1/9Rl0BbPzjGtJ5SxKkQlNSxcKRIA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/bce18c-7203-44c9-bec8-df01b4eb25e9/1/ROkQGinJOPhPhgRda-XfSz9Re9E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.77.228.0/22
185.185.196.0/22
193.32.212.0/22
IPv6:
2a0b:6380::/29
Signature Algorithm: sha256WithRSAEncryption
91:a0:53:2b:95:b7:11:3d:f7:43:52:f1:bf:da:15:37:6c:40:
fc:92:b0:58:95:b0:ad:a5:ce:b1:87:13:e4:b7:c4:35:9c:a0:
55:47:f1:c0:95:a8:ea:64:55:5c:02:4b:01:6e:e7:87:2e:e9:
02:09:e7:01:cd:db:e4:42:42:c9:3a:1f:64:f1:48:c3:56:98:
fe:21:b9:d5:73:2f:4c:da:58:33:d1:cc:c4:b1:52:76:5d:9b:
b3:1c:90:ec:20:ed:a7:22:8d:a3:2d:73:8c:14:9c:3d:86:ec:
fe:52:d4:75:f6:24:20:65:01:ae:89:ff:f4:7f:c4:44:c6:80:
b0:e3:f6:50:b1:00:34:51:95:79:94:52:1f:51:54:67:62:66:
c0:bb:2e:19:67:ae:ef:8e:73:a5:1d:80:a6:8e:6b:4d:65:7b:
78:93:0a:ce:0e:92:09:fb:91:5d:96:a7:cd:78:c5:af:80:a2:
cb:56:57:bb:cc:f4:e1:67:37:d5:c2:20:8c:0a:fe:e1:95:8f:
30:d9:1d:aa:f8:ca:ec:2f:2b:48:a0:5c:46:06:42:98:6e:af:
0b:27:14:48:f6:42:35:af:82:18:7e:b0:4f:1d:ea:48:8a:67:
f0:d4:d6:c8:3b:fd:e9:b5:00:5b:0f:d5:60:17:81:9f:4d:bd:
c9:84:81:dd
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZbxwcZZ6dXlTfglUyy0SBcKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0ZTkxMDFhMjljOTM4Zjg0Zjg2MDQ1ZDZiZTVkZjRiM2Y1
MTdiZDEwHhcNMjUwNTIxMDczMjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTE5NzQwNWIzZjM4YzZiNDllNTJjNGE5MTA5NGQ0YjE3MGE0NDgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmR9GT79xeFW5PN/ttWRlm3Fd0CLo
Y1meEomIdaWDeLseQpuIBv7bpZSnwEHVWbFiD5QUN0xD82wZRH5J9O4s+jMdohih
uByHQZwf9QcRtVjTIA/RjyzKLrRy8v71MZENCJW5J6crGv2EjYxH3CUBRoRXNhE6
+/8gSErhoEU5WezrSWQVbvAy4oNr4c6ng33ZCiXqnapcw9Zo7Ev043ugRxpUYJZJ
JXS5gXVviOniLVpZX17UwMxzPb2PGFZQVPZ5bidZnH5O4KiwqBGXRu7F3str/YQD
tYd973RM6Sc0cg4kNpBcQ/BYHCmnPPSGun3qK0RqXsMHh/xnoo37t3W86wIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFPUZdAWz84xrSeUsSpEJTUsXCkSAMB8GA1UdIwQY
MBaAFETpEBopyTj4T4YEXWvl30s/UXvRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUk9rUUdpbkpPUGhQaGdSZGEtWGZTejlSZTlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS9iY2UxOGMtNzIwMy00NGM5LWJlYzgt
ZGYwMWI0ZWIyNWU5LzEvOVJsMEJiUHpqR3RKNVN4S2tRbE5TeGNLUklBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS9iY2UxOGMtNzIwMy00NGM5LWJlYzgtZGYwMWI0ZWIyNWU5
LzEvUk9rUUdpbkpPUGhQaGdSZGEtWGZTejlSZTlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCZ03kAwQC
ubnEAwQCwSDUMA0EAgACMAcDBQMqC2OAMA0GCSqGSIb3DQEBCwUAA4IBAQCRoFMr
lbcRPfdDUvG/2hU3bED8krBYlbCtpc6xhxPkt8Q1nKBVR/HAlajqZFVcAksBbueH
LukCCecBzdvkQkLJOh9k8UjDVpj+IbnVcy9M2lgz0czEsVJ2XZuzHJDsIO2nIo2j
LXOMFJw9huz+UtR19iQgZQGuif/0f8RExoCw4/ZQsQA0UZV5lFIfUVRnYmbAuy4Z
Z67vjnOlHYCmjmtNZXt4kwrODpIJ+5FdlqfNeMWvgKLLVle7zPThZzfVwiCMCv7h
lY8w2R2q+MrsLytIoFxGBkKYbq8LJxRI9kI1r4IYfrBPHepIimfw1NbIO/3ptQBb
D9VgF4GfTb3JhIHd
-----END CERTIFICATE-----
Generated at Sat Jun 7 19:48:30 2025 by rpki-client