Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/db97d0-28f2-4329-b856-4a348e7be441/1/n4VJToHSeaZ048nrx0RCFUgh-4A.roa
File: n4VJToHSeaZ048nrx0RCFUgh-4A.roa (raw, json)
Hash identifier: ufYQ2K75b3VNZBOfEf/BHtPHrCx/r1Ddr4foAeeoSLE=
Subject key identifier: 9F:85:49:4E:81:D2:79:A6:74:E3:C9:EB:C7:44:42:15:48:21:FB:80
Certificate issuer: /CN=914aa557c3d3d1e6b7f0525c34cc1d488a5a9294
Certificate serial: 019C9F59C81CBF92A1F694BDB7CA2CD3823C
Authority key identifier: 91:4A:A5:57:C3:D3:D1:E6:B7:F0:52:5C:34:CC:1D:48:8A:5A:92:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kUqlV8PT0ea38FJcNMwdSIpakpQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/db97d0-28f2-4329-b856-4a348e7be441/1/n4VJToHSeaZ048nrx0RCFUgh-4A.roa
Signing time: Fri 27 Feb 2026 13:46:27 +0000
ROA not before: Fri 27 Feb 2026 13:46:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 63199
IP address blocks: 110.34.37.0/24 maxlen: 24
116.204.165.0/24 maxlen: 24
150.107.50.0/24 maxlen: 24
222.167.224.0/24 maxlen: 24
222.167.231.0/24 maxlen: 24
222.167.255.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/99/db97d0-28f2-4329-b856-4a348e7be441/1/kUqlV8PT0ea38FJcNMwdSIpakpQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/99/db97d0-28f2-4329-b856-4a348e7be441/1/kUqlV8PT0ea38FJcNMwdSIpakpQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/kUqlV8PT0ea38FJcNMwdSIpakpQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 17:01:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:9f:59:c8:1c:bf:92:a1:f6:94:bd:b7:ca:2c:d3:82:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=914aa557c3d3d1e6b7f0525c34cc1d488a5a9294
Validity
Not Before: Feb 27 13:46:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=9f85494e81d279a674e3c9ebc74442154821fb80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:ff:f1:b0:5f:90:c9:f2:6f:e0:8a:b9:7d:9c:
70:1e:ff:db:82:95:e4:a8:e7:09:cd:31:07:82:49:
76:a5:97:f1:f9:52:1f:ab:d2:cd:a1:16:6a:df:57:
7e:3b:7b:6f:74:01:43:99:08:6f:25:08:87:3e:4d:
14:a7:05:61:cf:e8:62:f6:c6:61:31:de:cb:5b:70:
b0:a0:25:7a:b5:4d:01:ce:21:6e:26:fe:95:42:30:
dd:18:4a:b4:68:6d:a4:2d:e7:27:7a:01:08:ed:20:
d7:71:21:53:93:ab:f9:a8:fd:1b:97:65:cf:a2:09:
7c:d9:2d:fa:85:7b:31:7b:ad:81:06:2b:81:2c:88:
7b:16:6a:b0:b9:f0:cc:ce:f4:3f:fe:6b:a7:2a:c9:
89:d4:9e:f5:19:a9:c4:71:24:38:92:44:40:b1:d8:
9e:9e:ee:33:09:89:2f:ac:72:f6:16:18:0a:f6:35:
81:6a:ca:3b:41:22:8d:69:08:2c:fe:32:4f:f1:1c:
70:e2:65:ca:6b:71:af:49:a7:51:5b:0d:14:3c:cc:
b4:b4:8e:73:b9:93:0a:b0:f9:3a:7e:b8:47:d6:b7:
71:0f:ee:58:05:01:4d:05:f5:ef:f5:24:9e:d9:15:
27:d6:9c:b6:78:7a:59:e2:17:b6:e8:82:e7:02:e1:
44:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:85:49:4E:81:D2:79:A6:74:E3:C9:EB:C7:44:42:15:48:21:FB:80
X509v3 Authority Key Identifier:
keyid:91:4A:A5:57:C3:D3:D1:E6:B7:F0:52:5C:34:CC:1D:48:8A:5A:92:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kUqlV8PT0ea38FJcNMwdSIpakpQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/db97d0-28f2-4329-b856-4a348e7be441/1/n4VJToHSeaZ048nrx0RCFUgh-4A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/db97d0-28f2-4329-b856-4a348e7be441/1/kUqlV8PT0ea38FJcNMwdSIpakpQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
110.34.37.0/24
116.204.165.0/24
150.107.50.0/24
222.167.224.0/24
222.167.231.0/24
222.167.255.0/24
Signature Algorithm: sha256WithRSAEncryption
80:a9:ee:f0:6a:24:1b:22:96:99:88:d5:80:40:35:15:d8:e1:
22:85:d8:33:b2:f8:b7:4d:d8:52:1a:7d:52:dc:bf:14:0a:ad:
60:cc:03:98:c9:df:86:b4:3b:23:aa:d5:b2:a7:3b:f2:51:3e:
ed:12:fd:a2:93:0c:77:99:06:42:5b:34:b5:6a:a1:15:79:f7:
dd:ac:52:a4:19:82:56:9e:0c:41:54:1a:db:bd:62:c6:ed:6d:
43:7b:fa:e6:49:fd:db:6d:65:8e:51:89:08:bc:d3:fd:11:da:
f6:c6:b7:82:35:c9:7a:a6:85:84:47:6b:d6:4b:8c:f6:35:32:
f6:b3:46:39:8d:2a:69:57:1e:33:32:61:2e:c0:c9:1f:00:0d:
d2:f4:cd:3b:7e:0b:28:da:56:28:f6:e6:fb:b8:15:3a:0f:1d:
05:2b:e8:0d:34:6d:0c:80:0f:9e:59:fe:f1:51:ad:3d:dc:42:
03:90:24:1a:17:ec:e9:9d:80:32:09:a9:f8:c3:3a:5b:ad:b3:
e3:93:a7:16:54:0d:3d:02:15:31:28:14:eb:b6:d5:fe:dd:bb:
e2:79:9e:a6:0d:c8:11:78:9f:81:df:53:77:88:5f:aa:54:ad:
50:ae:66:b6:fb:40:5b:29:e5:20:db:73:2e:88:29:97:6b:c7:
bb:a8:f3:46
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZyfWcgcv5Kh9pS9t8os04I8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxNGFhNTU3YzNkM2QxZTZiN2YwNTI1YzM0Y2MxZDQ4OGE1
YTkyOTQwHhcNMjYwMjI3MTM0NjI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Zjg1NDk0ZTgxZDI3OWE2NzRlM2M5ZWJjNzQ0NDIxNTQ4MjFmYjgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqP/xsF+QyfJv4Iq5fZxwHv/bgpXk
qOcJzTEHgkl2pZfx+VIfq9LNoRZq31d+O3tvdAFDmQhvJQiHPk0UpwVhz+hi9sZh
Md7LW3CwoCV6tU0BziFuJv6VQjDdGEq0aG2kLecnegEI7SDXcSFTk6v5qP0bl2XP
ogl82S36hXsxe62BBiuBLIh7FmqwufDMzvQ//munKsmJ1J71GanEcSQ4kkRAsdie
nu4zCYkvrHL2FhgK9jWBaso7QSKNaQgs/jJP8Rxw4mXKa3GvSadRWw0UPMy0tI5z
uZMKsPk6frhH1rdxD+5YBQFNBfXv9SSe2RUn1py2eHpZ4he26ILnAuFE3QIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFJ+FSU6B0nmmdOPJ68dEQhVIIfuAMB8GA1UdIwQY
MBaAFJFKpVfD09Hmt/BSXDTMHUiKWpKUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva1VxbFY4UFQwZWEzOEZKY05Nd2RTSXBha3BRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS9kYjk3ZDAtMjhmMi00MzI5LWI4NTYt
NGEzNDhlN2JlNDQxLzEvbjRWSlRvSFNlYVowNDhucngwUkNGVWdoLTRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS9kYjk3ZDAtMjhmMi00MzI5LWI4NTYtNGEzNDhlN2JlNDQx
LzEva1VxbFY4UFQwZWEzOEZKY05Nd2RTSXBha3BRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAbiIlAwQA
dMylAwQAlmsyAwQA3qfgAwQA3qfnAwQA3qf/MA0GCSqGSIb3DQEBCwUAA4IBAQCA
qe7waiQbIpaZiNWAQDUV2OEihdgzsvi3TdhSGn1S3L8UCq1gzAOYyd+GtDsjqtWy
pzvyUT7tEv2ikwx3mQZCWzS1aqEVeffdrFKkGYJWngxBVBrbvWLG7W1De/rmSf3b
bWWOUYkIvNP9Edr2xreCNcl6poWER2vWS4z2NTL2s0Y5jSppVx4zMmEuwMkfAA3S
9M07fgso2lYo9ub7uBU6Dx0FK+gNNG0MgA+eWf7xUa093EIDkCQaF+zpnYAyCan4
wzpbrbPjk6cWVA09AhUxKBTrttX+3bvieZ6mDcgReJ+B31N3iF+qVK1Qrma2+0Bb
KeUg23MuiCmXa8e7qPNG
-----END CERTIFICATE-----
Generated at Mon Mar 2 02:42:34 2026 by rpki-client