Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/GD4tXWh9oTy1WxS2wPaeKNWcmUI.roa
File: GD4tXWh9oTy1WxS2wPaeKNWcmUI.roa (raw, json)
Hash identifier: mBNcX/WqJfjCB2Cyrf9v4sQvKsy+5c3ghnc3nDATeAw=
Subject key identifier: 18:3E:2D:5D:68:7D:A1:3C:B5:5B:14:B6:C0:F6:9E:28:D5:9C:99:42
Certificate issuer: /CN=e0559ce889ae4241121fe0a1653e4b955f3edf4b
Certificate serial: 019D56443CA6FBF836DF58D8F13A2FFED62B
Authority key identifier: E0:55:9C:E8:89:AE:42:41:12:1F:E0:A1:65:3E:4B:95:5F:3E:DF:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4FWc6ImuQkESH-ChZT5LlV8-30s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/GD4tXWh9oTy1WxS2wPaeKNWcmUI.roa
Signing time: Sat 04 Apr 2026 02:13:25 +0000
ROA not before: Sat 04 Apr 2026 02:13:25 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 51722
IP address blocks: 103.83.86.0/24 maxlen: 24
103.83.87.0/24 maxlen: 24
203.202.232.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/4FWc6ImuQkESH-ChZT5LlV8-30s.crl
rsync://rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/4FWc6ImuQkESH-ChZT5LlV8-30s.mft
rsync://rpki.ripe.net/repository/DEFAULT/4FWc6ImuQkESH-ChZT5LlV8-30s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:56:44:3c:a6:fb:f8:36:df:58:d8:f1:3a:2f:fe:d6:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e0559ce889ae4241121fe0a1653e4b955f3edf4b
Validity
Not Before: Apr 4 02:13:25 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=183e2d5d687da13cb55b14b6c0f69e28d59c9942
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:e0:3a:8e:8b:c0:91:25:e0:d4:7f:f6:0a:de:
58:5b:80:cb:22:ac:ce:a8:cf:c7:38:86:28:eb:b6:
8d:07:8e:c6:e8:ba:09:c9:b2:67:d2:cf:92:de:f3:
b9:35:5c:fe:d9:52:8c:15:ba:87:89:41:cb:8a:1f:
97:f6:fe:4f:73:3f:bc:e9:be:30:64:2a:c3:71:11:
75:15:b5:e6:3f:c7:9f:af:84:1d:49:a9:18:17:1b:
0e:53:90:99:fb:ec:db:18:df:4b:d3:27:f3:e0:e2:
95:6c:eb:68:bc:b2:00:c1:c1:d9:79:25:1d:26:fa:
c6:b6:50:00:7e:78:6e:59:18:9c:40:69:f3:d9:8c:
ef:e1:37:e7:f8:ab:87:6e:41:c9:b5:4c:9b:e1:93:
73:e9:a6:bf:2d:ac:55:12:e9:61:8c:60:40:0c:d6:
d0:2c:fb:3e:a1:2a:4b:06:e3:0f:5f:4f:bb:61:6b:
1a:fd:10:26:9a:e0:99:6f:a4:c8:10:f6:15:d6:7c:
d9:f4:d7:45:a5:75:19:60:d5:89:09:a0:70:2f:60:
c2:01:46:3d:c4:12:ba:f7:1e:a6:76:8d:b8:a7:29:
74:ca:19:a8:ab:b1:e7:6d:05:68:af:f6:4e:ce:43:
e8:d3:41:58:52:43:f6:5b:3e:8a:28:cd:47:3f:58:
2d:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:3E:2D:5D:68:7D:A1:3C:B5:5B:14:B6:C0:F6:9E:28:D5:9C:99:42
X509v3 Authority Key Identifier:
keyid:E0:55:9C:E8:89:AE:42:41:12:1F:E0:A1:65:3E:4B:95:5F:3E:DF:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4FWc6ImuQkESH-ChZT5LlV8-30s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/GD4tXWh9oTy1WxS2wPaeKNWcmUI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/4FWc6ImuQkESH-ChZT5LlV8-30s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.83.86.0/23
203.202.232.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:84:a2:a6:6a:12:3e:e3:8b:09:78:e5:7a:a4:e3:a4:81:63:
a3:39:92:df:af:8a:53:5f:9b:98:c3:98:31:7e:4b:8d:bd:ec:
23:d7:39:4a:1f:2f:b0:f5:4f:ea:2a:39:ff:62:df:8f:ae:12:
96:a2:ef:e2:fe:ae:fd:4c:0e:2f:d4:06:a4:20:d4:3e:08:5b:
ea:42:19:f4:e5:26:8d:61:16:7e:04:0c:f3:97:fa:f9:93:37:
70:1c:79:f7:39:91:e9:25:69:a7:15:47:e6:a9:af:d5:62:99:
db:64:f2:46:87:5b:e3:28:1f:a6:f2:12:34:9d:fd:0b:41:a8:
76:d9:1c:03:e4:87:8b:6a:4a:55:20:bf:00:f2:d0:1e:02:b0:
66:5a:a5:3f:35:dc:0a:de:95:96:9e:b8:73:41:38:bf:81:5a:
c9:e3:ba:93:47:13:2d:47:8a:c6:be:a8:23:d2:2c:a9:3f:96:
68:b5:2e:0b:b5:b6:73:42:4c:ac:8b:35:40:c0:e9:69:b3:db:
f0:c6:3b:d0:1d:22:01:ac:fa:3a:45:e6:c5:54:a1:de:e2:cf:
34:67:e1:9a:8b:9c:f4:42:ef:d7:91:7b:7e:69:9e:73:74:0b:
ba:c5:3e:7b:5d:4b:06:a8:89:80:aa:14:0b:8b:03:f4:4e:21:
a9:51:e9:48
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZ1WRDym+/g231jY8Tov/tYrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwNTU5Y2U4ODlhZTQyNDExMjFmZTBhMTY1M2U0Yjk1NWYz
ZWRmNGIwHhcNMjYwNDA0MDIxMzI1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODNlMmQ1ZDY4N2RhMTNjYjU1YjE0YjZjMGY2OWUyOGQ1OWM5OTQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxeA6jovAkSXg1H/2Ct5YW4DLIqzO
qM/HOIYo67aNB47G6LoJybJn0s+S3vO5NVz+2VKMFbqHiUHLih+X9v5Pcz+86b4w
ZCrDcRF1FbXmP8efr4QdSakYFxsOU5CZ++zbGN9L0yfz4OKVbOtovLIAwcHZeSUd
JvrGtlAAfnhuWRicQGnz2Yzv4Tfn+KuHbkHJtUyb4ZNz6aa/LaxVEulhjGBADNbQ
LPs+oSpLBuMPX0+7YWsa/RAmmuCZb6TIEPYV1nzZ9NdFpXUZYNWJCaBwL2DCAUY9
xBK69x6mdo24pyl0yhmoq7HnbQVor/ZOzkPo00FYUkP2Wz6KKM1HP1gtxwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBg+LV1ofaE8tVsUtsD2nijVnJlCMB8GA1UdIwQY
MBaAFOBVnOiJrkJBEh/goWU+S5VfPt9LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNEZXYzZJbXVRa0VTSC1DaFpUNUxsVjgtMzBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi8xZmE0YTEtOWExYy00N2RlLWFjYTYt
OTQ0OTk1N2ZkNWE1LzEvR0Q0dFhXaDlvVHkxV3hTMndQYWVLTldjbVVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi8xZmE0YTEtOWExYy00N2RlLWFjYTYtOTQ0OTk1N2ZkNWE1
LzEvNEZXYzZJbXVRa0VTSC1DaFpUNUxsVjgtMzBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBZ1NWAwQA
y8roMA0GCSqGSIb3DQEBCwUAA4IBAQAuhKKmahI+44sJeOV6pOOkgWOjOZLfr4pT
X5uYw5gxfkuNvewj1zlKHy+w9U/qKjn/Yt+PrhKWou/i/q79TA4v1AakINQ+CFvq
Qhn05SaNYRZ+BAzzl/r5kzdwHHn3OZHpJWmnFUfmqa/VYpnbZPJGh1vjKB+m8hI0
nf0LQah22RwD5IeLakpVIL8A8tAeArBmWqU/NdwK3pWWnrhzQTi/gVrJ47qTRxMt
R4rGvqgj0iypP5ZotS4LtbZzQkysizVAwOlps9vwxjvQHSIBrPo6RebFVKHe4s80
Z+Gai5z0Qu/XkXt+aZ5zdAu6xT57XUsGqImAqhQLiwP0TiGpUelI
-----END CERTIFICATE-----
Generated at Fri Apr 17 06:57:02 2026 by rpki-client