Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/dd5a28-df9d-4627-809d-bd5d3f00fbb2/1/yefHGqoy_vY6UIn_R3TQMREwj3k.roa
File: yefHGqoy_vY6UIn_R3TQMREwj3k.roa (raw, json)
Hash identifier: B1VLvaZ4NnymL6VHVlSUOOS/upHHX90n9eExa5FLhNw=
Subject key identifier: C9:E7:C7:1A:AA:32:FE:F6:3A:50:89:FF:47:74:D0:31:11:30:8F:79
Certificate issuer: /CN=9f312e9297bc1d27ebeb476dea0ee15dd756542d
Certificate serial: 019CAA214872A587D56317F35BDB4C2CD6E2
Authority key identifier: 9F:31:2E:92:97:BC:1D:27:EB:EB:47:6D:EA:0E:E1:5D:D7:56:54:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nzEukpe8HSfr60dt6g7hXddWVC0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/dd5a28-df9d-4627-809d-bd5d3f00fbb2/1/yefHGqoy_vY6UIn_R3TQMREwj3k.roa
Signing time: Sun 01 Mar 2026 16:00:33 +0000
ROA not before: Sun 01 Mar 2026 16:00:33 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 51847
IP address blocks: 103.76.85.0/24 maxlen: 24
103.76.87.0/24 maxlen: 24
116.206.92.0/24 maxlen: 24
116.206.93.0/24 maxlen: 24
195.78.48.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3e/dd5a28-df9d-4627-809d-bd5d3f00fbb2/1/nzEukpe8HSfr60dt6g7hXddWVC0.crl
rsync://rpki.ripe.net/repository/DEFAULT/3e/dd5a28-df9d-4627-809d-bd5d3f00fbb2/1/nzEukpe8HSfr60dt6g7hXddWVC0.mft
rsync://rpki.ripe.net/repository/DEFAULT/nzEukpe8HSfr60dt6g7hXddWVC0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:aa:21:48:72:a5:87:d5:63:17:f3:5b:db:4c:2c:d6:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f312e9297bc1d27ebeb476dea0ee15dd756542d
Validity
Not Before: Mar 1 16:00:33 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=c9e7c71aaa32fef63a5089ff4774d03111308f79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:a5:33:67:7c:c0:b0:d6:14:07:37:ed:6e:94:
3c:36:c7:d0:c1:41:1e:2d:68:a3:11:80:75:fa:9c:
6a:5e:4b:a2:49:1a:a9:d7:12:23:5f:e2:d7:d4:4c:
72:51:e2:7c:05:f9:50:6c:a6:9a:18:a4:36:6c:92:
6c:9b:cd:6a:cd:9e:cb:3c:80:6e:a5:d2:84:a3:86:
f5:8a:69:69:24:d3:14:2f:29:16:4f:e0:9e:9c:5f:
09:72:bf:64:dd:b7:9a:ca:a2:26:e8:88:38:5e:4d:
a5:8f:d1:08:f1:31:03:85:83:0c:21:83:6f:23:72:
b9:d5:99:08:74:c4:da:e9:3e:16:99:57:d6:95:85:
a8:5c:3a:26:e2:2d:1c:21:90:7e:1d:42:ef:b5:ed:
c6:dc:51:d3:3e:18:4d:a1:16:dd:df:78:46:60:57:
d9:0e:af:70:82:82:e2:16:95:ce:13:4f:51:2a:e5:
d7:50:9a:54:99:ab:91:cd:eb:da:9d:2e:2a:90:d9:
82:47:a6:3b:08:5e:07:4c:6e:dd:a1:f6:8a:c6:bd:
e5:98:10:67:fb:2b:64:66:ac:44:00:56:4e:99:cf:
2e:78:28:aa:04:b6:f1:c2:61:23:48:20:57:6d:ea:
c3:b5:3a:97:bf:12:c9:90:8f:79:0f:7d:99:75:1d:
7d:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:E7:C7:1A:AA:32:FE:F6:3A:50:89:FF:47:74:D0:31:11:30:8F:79
X509v3 Authority Key Identifier:
keyid:9F:31:2E:92:97:BC:1D:27:EB:EB:47:6D:EA:0E:E1:5D:D7:56:54:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nzEukpe8HSfr60dt6g7hXddWVC0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/dd5a28-df9d-4627-809d-bd5d3f00fbb2/1/yefHGqoy_vY6UIn_R3TQMREwj3k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/dd5a28-df9d-4627-809d-bd5d3f00fbb2/1/nzEukpe8HSfr60dt6g7hXddWVC0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.76.85.0/24
103.76.87.0/24
116.206.92.0/23
195.78.48.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:bc:eb:a9:89:dd:ed:18:cf:b9:99:a4:61:7d:57:f5:40:ad:
e6:d9:bf:07:d2:6f:e4:ec:aa:af:ae:1d:59:ce:45:a5:45:72:
fa:d1:99:38:37:b6:7b:34:1d:06:31:ce:37:a1:0f:89:64:57:
10:bf:e9:71:ae:ea:5c:2b:f2:aa:3a:be:64:ea:9d:7a:b0:4a:
5d:99:80:75:67:e3:2d:1c:bf:df:b4:7b:08:53:ed:51:45:e3:
1c:a7:f9:4a:f4:3b:88:f4:3b:d4:06:ec:5a:e7:d7:0f:6c:ea:
9e:95:57:87:24:3c:c5:f9:d9:80:8d:1a:c1:85:91:45:06:37:
9c:f0:9f:79:fc:7d:9f:ac:65:71:2c:6e:de:38:70:6d:f8:7f:
1e:93:cf:f3:20:8b:f7:c6:0d:ca:99:47:e5:60:59:62:24:43:
49:8b:3f:5d:8b:39:cf:bb:23:36:f4:d8:87:cf:7d:6a:78:ee:
c0:d4:69:d2:6b:4a:39:46:5a:6b:af:07:6f:56:68:a7:05:a5:
ae:ac:98:fd:23:94:06:c9:89:ae:3d:cb:61:2f:f6:9a:e1:a2:
a8:ae:7a:0f:71:84:cb:84:32:fd:78:30:86:21:46:61:4b:ab:
b6:fd:13:04:f6:ed:61:b6:b6:d4:be:4d:ef:a4:48:6b:60:23:
9c:d8:2c:7d
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZyqIUhypYfVYxfzW9tMLNbiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmMzEyZTkyOTdiYzFkMjdlYmViNDc2ZGVhMGVlMTVkZDc1
NjU0MmQwHhcNMjYwMzAxMTYwMDMzWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOWU3YzcxYWFhMzJmZWY2M2E1MDg5ZmY0Nzc0ZDAzMTExMzA4Zjc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiaUzZ3zAsNYUBzftbpQ8NsfQwUEe
LWijEYB1+pxqXkuiSRqp1xIjX+LX1ExyUeJ8BflQbKaaGKQ2bJJsm81qzZ7LPIBu
pdKEo4b1imlpJNMULykWT+CenF8Jcr9k3beayqIm6Ig4Xk2lj9EI8TEDhYMMIYNv
I3K51ZkIdMTa6T4WmVfWlYWoXDom4i0cIZB+HULvte3G3FHTPhhNoRbd33hGYFfZ
Dq9wgoLiFpXOE09RKuXXUJpUmauRzevanS4qkNmCR6Y7CF4HTG7dofaKxr3lmBBn
+ytkZqxEAFZOmc8ueCiqBLbxwmEjSCBXberDtTqXvxLJkI95D32ZdR19CwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFMnnxxqqMv72OlCJ/0d00DERMI95MB8GA1UdIwQY
MBaAFJ8xLpKXvB0n6+tHbeoO4V3XVlQtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnpFdWtwZThIU2ZyNjBkdDZnN2hYZGRXVkMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS9kZDVhMjgtZGY5ZC00NjI3LTgwOWQt
YmQ1ZDNmMDBmYmIyLzEveWVmSEdxb3lfdlk2VUluX1IzVFFNUkV3ajNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS9kZDVhMjgtZGY5ZC00NjI3LTgwOWQtYmQ1ZDNmMDBmYmIy
LzEvbnpFdWtwZThIU2ZyNjBkdDZnN2hYZGRXVkMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAZ0xVAwQA
Z0xXAwQBdM5cAwQAw04wMA0GCSqGSIb3DQEBCwUAA4IBAQAOvOupid3tGM+5maRh
fVf1QK3m2b8H0m/k7Kqvrh1ZzkWlRXL60Zk4N7Z7NB0GMc43oQ+JZFcQv+lxrupc
K/KqOr5k6p16sEpdmYB1Z+MtHL/ftHsIU+1RReMcp/lK9DuI9DvUBuxa59cPbOqe
lVeHJDzF+dmAjRrBhZFFBjec8J95/H2frGVxLG7eOHBt+H8ek8/zIIv3xg3KmUfl
YFliJENJiz9diznPuyM29NiHz31qeO7A1GnSa0o5RlprrwdvVminBaWurJj9I5QG
yYmuPcthL/aa4aKornoPcYTLhDL9eDCGIUZhS6u2/RME9u1htrbUvk3vpEhrYCOc
2Cx9
-----END CERTIFICATE-----
Generated at Mon Mar 2 01:37:24 2026 by rpki-client