Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/db97d0-28f2-4329-b856-4a348e7be441/1/usONDL8T4fgTBytzqulEpYviayY.roa
File: usONDL8T4fgTBytzqulEpYviayY.roa (raw, json)
Hash identifier: Azu+8j0Xu9e6mdLb/nqd9cTH4O1l40KtbUavU6T1tq8=
Subject key identifier: BA:C3:8D:0C:BF:13:E1:F8:13:07:2B:73:AA:E9:44:A5:8B:E2:6B:26
Certificate issuer: /CN=914aa557c3d3d1e6b7f0525c34cc1d488a5a9294
Certificate serial: 019D590F4391A107F6AF5FBAFBB5AD623428
Authority key identifier: 91:4A:A5:57:C3:D3:D1:E6:B7:F0:52:5C:34:CC:1D:48:8A:5A:92:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kUqlV8PT0ea38FJcNMwdSIpakpQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/db97d0-28f2-4329-b856-4a348e7be441/1/usONDL8T4fgTBytzqulEpYviayY.roa
Signing time: Sat 04 Apr 2026 15:14:25 +0000
ROA not before: Sat 04 Apr 2026 15:14:25 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 9457
IP address blocks: 110.34.37.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/99/db97d0-28f2-4329-b856-4a348e7be441/1/kUqlV8PT0ea38FJcNMwdSIpakpQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/99/db97d0-28f2-4329-b856-4a348e7be441/1/kUqlV8PT0ea38FJcNMwdSIpakpQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/kUqlV8PT0ea38FJcNMwdSIpakpQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Apr 2026 02:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:59:0f:43:91:a1:07:f6:af:5f:ba:fb:b5:ad:62:34:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=914aa557c3d3d1e6b7f0525c34cc1d488a5a9294
Validity
Not Before: Apr 4 15:14:25 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=bac38d0cbf13e1f813072b73aae944a58be26b26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:97:a6:ac:16:2f:6e:f8:41:ac:28:1b:2c:fd:
30:fe:f3:4e:2f:6c:d1:ba:88:e6:db:47:13:48:51:
76:b6:43:fc:e9:d4:52:61:aa:04:ef:8b:91:a7:3d:
16:ac:87:5e:e8:cd:64:8d:c7:7b:3a:57:eb:31:1c:
2c:38:b3:4b:24:f9:10:53:eb:e2:55:2a:04:d1:25:
ae:96:5b:0b:de:76:3a:1f:21:d9:9f:a7:4f:9e:9b:
cb:89:d3:70:51:d8:4c:ec:41:3d:92:f2:bf:d4:25:
eb:54:ff:32:a3:85:2f:f3:9c:7a:00:47:37:9e:af:
0a:35:72:ec:5c:65:bd:50:c6:53:70:8c:79:a8:c8:
49:f0:2a:3c:1e:71:66:f7:57:81:6c:89:6e:6a:43:
e0:5d:7d:0d:0f:6d:1d:c4:29:46:11:96:6e:a3:8c:
2a:8f:cc:af:14:dd:09:93:ac:a2:f2:90:75:a0:b5:
6d:29:f1:31:ae:7c:67:14:bc:aa:04:b7:8d:06:43:
40:ea:f2:5d:bb:fa:b1:9b:3b:f4:25:5d:63:28:a9:
25:62:94:f4:ff:c1:0b:c8:be:c1:6b:d8:d1:a3:2e:
e6:3e:09:56:c6:e8:46:16:a9:70:69:ff:0c:eb:51:
22:66:c9:fd:7a:b9:8a:24:be:ab:41:98:4c:bf:93:
ed:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:C3:8D:0C:BF:13:E1:F8:13:07:2B:73:AA:E9:44:A5:8B:E2:6B:26
X509v3 Authority Key Identifier:
keyid:91:4A:A5:57:C3:D3:D1:E6:B7:F0:52:5C:34:CC:1D:48:8A:5A:92:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kUqlV8PT0ea38FJcNMwdSIpakpQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/db97d0-28f2-4329-b856-4a348e7be441/1/usONDL8T4fgTBytzqulEpYviayY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/db97d0-28f2-4329-b856-4a348e7be441/1/kUqlV8PT0ea38FJcNMwdSIpakpQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
110.34.37.0/24
Signature Algorithm: sha256WithRSAEncryption
ae:c4:23:f0:43:32:29:4c:01:99:5d:96:3c:b3:f7:92:37:9a:
5d:8e:c0:0b:7c:85:ba:9b:5b:6a:65:ae:06:ae:8a:d9:ee:ba:
b2:95:39:25:c9:28:d3:07:9b:c5:23:ec:7b:f6:a0:7e:f8:de:
1e:92:49:86:c5:44:06:1e:10:b5:5e:c7:03:d5:da:49:30:74:
73:05:23:60:29:02:7c:34:d6:a5:43:e8:f0:15:e4:45:7f:11:
0f:32:d5:bb:b0:b5:4c:07:e8:ca:28:d4:ec:d9:03:3a:f6:62:
9a:ae:69:9f:ea:14:9d:00:45:5f:7a:21:ab:33:87:e0:73:af:
9d:05:6f:71:0a:b5:4f:55:e9:98:da:32:d5:71:16:2d:f1:ea:
2c:e9:a8:e2:31:71:fb:29:bf:94:88:ac:ec:21:b3:fd:66:2d:
5e:7f:0e:86:d9:69:b4:92:bd:8c:72:af:04:d6:27:e7:2f:46:
5d:ad:37:4c:89:6d:8c:89:dc:b8:85:aa:f6:16:9e:26:4c:9e:
8e:ce:8b:44:b5:31:27:e4:2b:69:b3:c3:be:6a:0e:6f:0a:bb:
46:40:2d:11:5f:cf:47:ec:c8:9b:79:b3:99:fa:42:a6:6b:21:
5d:73:24:be:46:dc:38:d3:dc:1c:39:a1:76:e9:bf:b9:5d:fa:
d8:dc:c6:80
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ1ZD0ORoQf2r1+6+7WtYjQoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxNGFhNTU3YzNkM2QxZTZiN2YwNTI1YzM0Y2MxZDQ4OGE1
YTkyOTQwHhcNMjYwNDA0MTUxNDI1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYWMzOGQwY2JmMTNlMWY4MTMwNzJiNzNhYWU5NDRhNThiZTI2YjI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0ZemrBYvbvhBrCgbLP0w/vNOL2zR
uojm20cTSFF2tkP86dRSYaoE74uRpz0WrIde6M1kjcd7OlfrMRwsOLNLJPkQU+vi
VSoE0SWullsL3nY6HyHZn6dPnpvLidNwUdhM7EE9kvK/1CXrVP8yo4Uv85x6AEc3
nq8KNXLsXGW9UMZTcIx5qMhJ8Co8HnFm91eBbIluakPgXX0ND20dxClGEZZuo4wq
j8yvFN0Jk6yi8pB1oLVtKfExrnxnFLyqBLeNBkNA6vJdu/qxmzv0JV1jKKklYpT0
/8ELyL7Ba9jRoy7mPglWxuhGFqlwaf8M61EiZsn9ermKJL6rQZhMv5PtjQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLrDjQy/E+H4Ewcrc6rpRKWL4msmMB8GA1UdIwQY
MBaAFJFKpVfD09Hmt/BSXDTMHUiKWpKUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva1VxbFY4UFQwZWEzOEZKY05Nd2RTSXBha3BRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS9kYjk3ZDAtMjhmMi00MzI5LWI4NTYt
NGEzNDhlN2JlNDQxLzEvdXNPTkRMOFQ0ZmdUQnl0enF1bEVwWXZpYXlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS9kYjk3ZDAtMjhmMi00MzI5LWI4NTYtNGEzNDhlN2JlNDQx
LzEva1VxbFY4UFQwZWEzOEZKY05Nd2RTSXBha3BRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbiIlMA0G
CSqGSIb3DQEBCwUAA4IBAQCuxCPwQzIpTAGZXZY8s/eSN5pdjsALfIW6m1tqZa4G
rorZ7rqylTklySjTB5vFI+x79qB++N4ekkmGxUQGHhC1XscD1dpJMHRzBSNgKQJ8
NNalQ+jwFeRFfxEPMtW7sLVMB+jKKNTs2QM69mKarmmf6hSdAEVfeiGrM4fgc6+d
BW9xCrVPVemY2jLVcRYt8eos6ajiMXH7Kb+UiKzsIbP9Zi1efw6G2Wm0kr2Mcq8E
1ifnL0ZdrTdMiW2Midy4har2Fp4mTJ6OzotEtTEn5Ctps8O+ag5vCrtGQC0RX89H
7MibebOZ+kKmayFdcyS+Rtw409wcOaF26b+5XfrY3MaA
-----END CERTIFICATE-----
Generated at Sun Apr 19 08:57:06 2026 by rpki-client