Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/ccnMCuhn6ybYxRsGTA2e1jMu_As.roa
File: ccnMCuhn6ybYxRsGTA2e1jMu_As.roa (raw, json)
Hash identifier: /BPcjY1JXLBg9JebhD/t+8MY/IcUITQ9QS8ydvPweo8=
Subject key identifier: 71:C9:CC:0A:E8:67:EB:26:D8:C5:1B:06:4C:0D:9E:D6:33:2E:FC:0B
Certificate issuer: /CN=21021b252222997bfe33b7e4b315ac8d5e067954
Certificate serial: 019C99B513EA50A14DC1047C79DD86029A1C
Authority key identifier: 21:02:1B:25:22:22:99:7B:FE:33:B7:E4:B3:15:AC:8D:5E:06:79:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IQIbJSIimXv-M7fksxWsjV4GeVQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/ccnMCuhn6ybYxRsGTA2e1jMu_As.roa
Signing time: Thu 26 Feb 2026 11:28:26 +0000
ROA not before: Thu 26 Feb 2026 11:28:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 3356
IP address blocks: 103.108.88.0/23 maxlen: 23
103.137.162.0/23 maxlen: 23
195.64.97.0/24 maxlen: 24
205.188.22.0/23 maxlen: 23
205.188.208.0/22 maxlen: 22
205.188.212.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/IQIbJSIimXv-M7fksxWsjV4GeVQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/IQIbJSIimXv-M7fksxWsjV4GeVQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/IQIbJSIimXv-M7fksxWsjV4GeVQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:99:b5:13:ea:50:a1:4d:c1:04:7c:79:dd:86:02:9a:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21021b252222997bfe33b7e4b315ac8d5e067954
Validity
Not Before: Feb 26 11:28:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=71c9cc0ae867eb26d8c51b064c0d9ed6332efc0b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:69:93:b6:4d:87:1f:b0:68:ed:42:19:08:3a:
bd:d7:6f:05:1e:3c:a2:88:22:27:11:db:39:73:47:
3c:c6:50:32:d0:be:a3:04:ce:e4:d0:50:71:ce:8c:
07:3a:76:b8:8b:e7:d3:6a:25:ce:8f:e8:73:aa:63:
e9:b5:8f:16:2a:95:83:fb:de:9c:1d:f0:39:a3:f8:
df:45:ca:62:1b:a6:04:67:c6:69:02:ac:0a:58:d5:
a3:06:1c:ca:71:20:db:36:b5:f8:85:c3:83:4a:27:
6f:df:02:1d:8a:45:4c:a2:3d:8b:70:a0:2d:7c:e5:
d0:c6:58:e9:49:e7:3f:5c:8e:93:51:66:c0:35:5e:
1e:44:71:51:19:07:80:2a:b7:bd:37:27:b1:24:96:
7c:c5:e7:fe:bb:01:a7:b9:b4:1c:9d:6e:41:fa:ee:
57:67:73:f0:21:0f:b9:ed:0f:a2:28:4e:3f:33:de:
53:07:1e:a8:85:df:e5:be:40:cb:28:14:2c:54:9f:
ee:5a:d4:20:45:ef:ce:20:0d:ca:49:1e:e2:7b:cd:
8f:ce:c0:d9:f9:05:c7:e4:fc:47:d8:f3:fd:59:bb:
2c:c4:09:dc:2c:6d:76:d7:00:c6:e9:90:f7:bb:f6:
1b:b5:0c:47:c2:39:9a:6a:cc:97:76:24:9c:bb:15:
9e:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:C9:CC:0A:E8:67:EB:26:D8:C5:1B:06:4C:0D:9E:D6:33:2E:FC:0B
X509v3 Authority Key Identifier:
keyid:21:02:1B:25:22:22:99:7B:FE:33:B7:E4:B3:15:AC:8D:5E:06:79:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IQIbJSIimXv-M7fksxWsjV4GeVQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/ccnMCuhn6ybYxRsGTA2e1jMu_As.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/IQIbJSIimXv-M7fksxWsjV4GeVQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.108.88.0/23
103.137.162.0/23
195.64.97.0/24
205.188.22.0/23
205.188.208.0-205.188.213.255
Signature Algorithm: sha256WithRSAEncryption
3e:b4:19:cb:9c:49:84:ec:ee:b3:1b:df:6f:fd:f7:0a:51:bb:
28:66:a8:79:c1:86:1d:19:87:9b:10:ad:99:cb:74:f6:bd:06:
fc:3c:42:a0:01:c4:bd:a3:93:0d:58:ac:e6:34:97:24:14:5d:
71:1b:36:fa:2e:83:b4:8a:3d:94:de:e0:13:4b:9b:fd:7f:06:
f8:0e:f9:64:28:e5:3c:31:ad:b7:d4:ec:3d:22:e5:ad:6f:19:
e9:e5:00:80:1e:4d:f1:48:df:2b:4c:d1:fe:43:49:2e:0b:5c:
be:12:f2:95:bc:36:1b:cf:e8:dc:8d:b2:3b:a5:8d:07:47:3b:
55:75:06:a8:2e:3d:91:9c:52:a5:f5:7e:05:7a:53:ce:85:f9:
bd:29:1c:7e:4f:f6:07:57:a8:12:2e:9e:07:8a:86:fb:7e:73:
8b:b2:fd:03:f1:60:ec:df:5c:58:41:f2:be:30:be:5e:18:b7:
a2:aa:0c:82:b2:22:85:eb:48:bc:0b:3f:03:df:e9:fc:87:f5:
09:49:94:08:77:c3:4a:ba:16:9f:29:57:a9:72:76:f9:8e:3d:
c8:df:f4:79:bb:be:0b:e6:3a:29:e0:3e:ca:cc:dc:1c:36:f5:
4f:cf:7e:e2:70:25:06:7b:85:77:15:7d:04:8e:97:e9:c7:c4:
03:65:9a:bb
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZyZtRPqUKFNwQR8ed2GApocMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMDIxYjI1MjIyMjk5N2JmZTMzYjdlNGIzMTVhYzhkNWUw
Njc5NTQwHhcNMjYwMjI2MTEyODI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MWM5Y2MwYWU4NjdlYjI2ZDhjNTFiMDY0YzBkOWVkNjMzMmVmYzBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvWmTtk2HH7Bo7UIZCDq9128FHjyi
iCInEds5c0c8xlAy0L6jBM7k0FBxzowHOna4i+fTaiXOj+hzqmPptY8WKpWD+96c
HfA5o/jfRcpiG6YEZ8ZpAqwKWNWjBhzKcSDbNrX4hcODSidv3wIdikVMoj2LcKAt
fOXQxljpSec/XI6TUWbANV4eRHFRGQeAKre9NyexJJZ8xef+uwGnubQcnW5B+u5X
Z3PwIQ+57Q+iKE4/M95TBx6ohd/lvkDLKBQsVJ/uWtQgRe/OIA3KSR7ie82PzsDZ
+QXH5PxH2PP9WbssxAncLG121wDG6ZD3u/YbtQxHwjmaasyXdiScuxWekwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFHHJzAroZ+sm2MUbBkwNntYzLvwLMB8GA1UdIwQY
MBaAFCECGyUiIpl7/jO35LMVrI1eBnlUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVFJYkpTSWltWHYtTTdma3N4V3NqVjRHZVZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC81OTI5NGMtMGYyNC00MGM1LWI1YzMt
NmVhYzYyZTYwZGY3LzEvY2NuTUN1aG42eWJZeFJzR1RBMmUxak11X0FzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC81OTI5NGMtMGYyNC00MGM1LWI1YzMtNmVhYzYyZTYwZGY3
LzEvSVFJYkpTSWltWHYtTTdma3N4V3NqVjRHZVZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQBZ2xYAwQB
Z4miAwQAw0BhAwQBzbwWMAwDBATNvNADBAHNvNQwDQYJKoZIhvcNAQELBQADggEB
AD60GcucSYTs7rMb32/99wpRuyhmqHnBhh0Zh5sQrZnLdPa9Bvw8QqABxL2jkw1Y
rOY0lyQUXXEbNvoug7SKPZTe4BNLm/1/BvgO+WQo5TwxrbfU7D0i5a1vGenlAIAe
TfFI3ytM0f5DSS4LXL4S8pW8NhvP6NyNsjuljQdHO1V1BqguPZGcUqX1fgV6U86F
+b0pHH5P9gdXqBIungeKhvt+c4uy/QPxYOzfXFhB8r4wvl4Yt6KqDIKyIoXrSLwL
PwPf6fyH9QlJlAh3w0q6Fp8pV6lydvmOPcjf9Hm7vgvmOingPsrM3Bw29U/PfuJw
JQZ7hXcVfQSOl+nHxANlmrs=
-----END CERTIFICATE-----
Generated at Mon Mar 2 07:36:55 2026 by rpki-client