Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/15d271-05cd-461e-a7b6-43013b28d9d6/1/X0c4I_BAgU2v7ARs3HVFAisU0Qw.roa
File: X0c4I_BAgU2v7ARs3HVFAisU0Qw.roa (raw, json)
Hash identifier: hk26qRxBwk4K1/UKarRSJR+Q8l5nG6HljF/qq2SPatU=
Subject key identifier: 5F:47:38:23:F0:40:81:4D:AF:EC:04:6C:DC:75:45:02:2B:14:D1:0C
Certificate issuer: /CN=d4b95330734c9aaf66d11bcd2bedd380f410f93f
Certificate serial: 019D9AF1089B320D009B71E95C885CBCECE3
Authority key identifier: D4:B9:53:30:73:4C:9A:AF:66:D1:1B:CD:2B:ED:D3:80:F4:10:F9:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1LlTMHNMmq9m0RvNK-3TgPQQ-T8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/15d271-05cd-461e-a7b6-43013b28d9d6/1/X0c4I_BAgU2v7ARs3HVFAisU0Qw.roa
Signing time: Fri 17 Apr 2026 10:16:20 +0000
ROA not before: Fri 17 Apr 2026 10:16:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 57043
IP address blocks: 103.27.156.0/24 maxlen: 24
103.31.76.0/24 maxlen: 24
132.243.194.0/24 maxlen: 24
132.243.195.0/24 maxlen: 24
132.243.198.0/24 maxlen: 24
132.243.199.0/24 maxlen: 24
132.243.200.0/24 maxlen: 24
132.243.201.0/24 maxlen: 24
132.243.204.0/24 maxlen: 24
132.243.205.0/24 maxlen: 24
132.243.207.0/24 maxlen: 24
132.243.208.0/24 maxlen: 24
132.243.209.0/24 maxlen: 24
132.243.212.0/24 maxlen: 24
132.243.213.0/24 maxlen: 24
132.243.224.0/24 maxlen: 24
132.243.228.0/24 maxlen: 24
132.243.234.0/24 maxlen: 24
132.243.252.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dc/15d271-05cd-461e-a7b6-43013b28d9d6/1/1LlTMHNMmq9m0RvNK-3TgPQQ-T8.crl
rsync://rpki.ripe.net/repository/DEFAULT/dc/15d271-05cd-461e-a7b6-43013b28d9d6/1/1LlTMHNMmq9m0RvNK-3TgPQQ-T8.mft
rsync://rpki.ripe.net/repository/DEFAULT/1LlTMHNMmq9m0RvNK-3TgPQQ-T8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Apr 2026 02:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:9a:f1:08:9b:32:0d:00:9b:71:e9:5c:88:5c:bc:ec:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d4b95330734c9aaf66d11bcd2bedd380f410f93f
Validity
Not Before: Apr 17 10:16:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=5f473823f040814dafec046cdc7545022b14d10c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:f3:25:71:65:72:59:a2:ec:7b:c1:dd:c8:cc:
3d:c0:84:32:91:47:46:74:d4:52:1d:bd:6f:5a:c9:
65:80:81:9c:d3:5f:fe:35:41:26:a2:56:6c:4b:24:
d7:85:c4:60:b9:3c:49:4f:bc:68:19:e5:3c:d8:43:
f0:8b:0b:dc:71:47:9f:22:0e:c5:33:6b:00:df:d5:
18:0d:02:b9:8c:cb:5b:62:3d:f8:e4:ab:9b:f2:67:
b5:dc:ef:2f:45:5d:26:92:de:d4:ea:0a:2e:8b:00:
68:36:e5:5f:78:46:9c:c8:40:8a:88:a5:da:8d:58:
af:0b:ce:4f:f5:d9:6a:45:6b:8f:a5:f7:80:a9:76:
29:e2:91:d7:eb:79:d4:ca:37:8a:4e:f0:f2:9a:d6:
3b:51:a2:c3:f4:3e:bd:82:df:94:ea:81:2f:15:eb:
bc:77:80:50:fb:2b:d9:5f:7b:1b:cc:00:95:8b:a7:
c6:b4:1b:59:56:da:8d:4c:4e:71:34:33:6b:1b:e9:
31:91:75:f6:a9:0e:2b:fa:e3:0c:c4:7a:c8:5d:a0:
53:da:b1:93:d2:5f:87:90:c7:17:8b:37:56:ff:bd:
6f:9b:93:00:b1:8e:0c:a8:04:f7:4e:0d:f6:27:87:
92:36:c3:b5:e3:7f:8d:bb:d3:99:14:78:88:70:cd:
a8:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:47:38:23:F0:40:81:4D:AF:EC:04:6C:DC:75:45:02:2B:14:D1:0C
X509v3 Authority Key Identifier:
keyid:D4:B9:53:30:73:4C:9A:AF:66:D1:1B:CD:2B:ED:D3:80:F4:10:F9:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1LlTMHNMmq9m0RvNK-3TgPQQ-T8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/15d271-05cd-461e-a7b6-43013b28d9d6/1/X0c4I_BAgU2v7ARs3HVFAisU0Qw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/15d271-05cd-461e-a7b6-43013b28d9d6/1/1LlTMHNMmq9m0RvNK-3TgPQQ-T8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.27.156.0/24
103.31.76.0/24
132.243.194.0/23
132.243.198.0-132.243.201.255
132.243.204.0/23
132.243.207.0-132.243.209.255
132.243.212.0/23
132.243.224.0/24
132.243.228.0/24
132.243.234.0/24
132.243.252.0/24
Signature Algorithm: sha256WithRSAEncryption
70:b7:d9:46:97:94:c9:36:de:65:8f:1c:e1:b4:81:a7:6f:56:
d2:ee:7e:f2:05:f5:38:8c:ef:23:04:eb:a7:71:ac:8c:06:7d:
9d:45:ae:68:ec:e7:39:2b:0e:eb:64:00:88:7d:dc:ba:d2:c3:
b0:ba:7e:aa:97:ef:c8:08:36:72:b6:bb:e8:d8:72:37:fe:9e:
7d:f1:d8:6a:d3:6c:c2:17:02:74:6c:de:91:f1:86:05:6f:0d:
7e:4c:13:51:4e:06:85:54:57:fd:ed:08:24:01:82:e3:29:6a:
d9:7c:8c:80:2b:d1:c1:ba:57:e5:78:dd:a3:fc:7c:d0:1c:ca:
60:01:22:bc:56:4a:36:81:36:37:b0:d4:50:00:ba:5c:1f:61:
cd:4b:e5:48:18:66:a0:1b:d4:02:86:4c:84:a1:4a:c6:54:4e:
8e:da:5b:96:f6:e0:c2:22:cc:57:ec:4f:ce:48:21:2f:63:59:
ad:39:da:d9:34:74:24:78:7c:7c:e2:73:ae:bc:9c:9c:12:50:
87:a3:e2:ee:72:ad:12:fc:f1:03:90:72:2c:a8:0d:8f:3c:9d:
8c:55:3d:10:dc:44:f7:50:93:d3:54:4e:ab:8c:c1:c3:31:76:
dd:87:2d:84:2f:c6:c9:46:44:56:ba:0a:0c:d9:ff:d4:67:71:
15:6b:f1:97
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgISAZ2a8QibMg0Am3HpXIhcvOzjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0Yjk1MzMwNzM0YzlhYWY2NmQxMWJjZDJiZWRkMzgwZjQx
MGY5M2YwHhcNMjYwNDE3MTAxNjIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjQ3MzgyM2YwNDA4MTRkYWZlYzA0NmNkYzc1NDUwMjJiMTRkMTBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwfMlcWVyWaLse8HdyMw9wIQykUdG
dNRSHb1vWsllgIGc01/+NUEmolZsSyTXhcRguTxJT7xoGeU82EPwiwvccUefIg7F
M2sA39UYDQK5jMtbYj345Kub8me13O8vRV0mkt7U6gouiwBoNuVfeEacyECKiKXa
jVivC85P9dlqRWuPpfeAqXYp4pHX63nUyjeKTvDymtY7UaLD9D69gt+U6oEvFeu8
d4BQ+yvZX3sbzACVi6fGtBtZVtqNTE5xNDNrG+kxkXX2qQ4r+uMMxHrIXaBT2rGT
0l+HkMcXizdW/71vm5MAsY4MqAT3Tg32J4eSNsO143+Nu9OZFHiIcM2oUwIDAQAB
o4ICVTCCAlEwHQYDVR0OBBYEFF9HOCPwQIFNr+wEbNx1RQIrFNEMMB8GA1UdIwQY
MBaAFNS5UzBzTJqvZtEbzSvt04D0EPk/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUxsVE1ITk1tcTltMFJ2TkstM1RnUFFRLVQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy8xNWQyNzEtMDVjZC00NjFlLWE3YjYt
NDMwMTNiMjhkOWQ2LzEvWDBjNElfQkFnVTJ2N0FSczNIVkZBaXNVMFF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy8xNWQyNzEtMDVjZC00NjFlLWE3YjYtNDMwMTNiMjhkOWQ2
LzEvMUxsVE1ITk1tcTltMFJ2TkstM1RnUFFRLVQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGsGCCsGAQUFBwEHAQH/BFwwWjBYBAIAATBSAwQAZxucAwQA
Zx9MAwQBhPPCMAwDBAGE88YDBAGE88gDBAGE88wwDAMEAITzzwMEAYTz0AMEAYTz
1AMEAITz4AMEAITz5AMEAITz6gMEAITz/DANBgkqhkiG9w0BAQsFAAOCAQEAcLfZ
RpeUyTbeZY8c4bSBp29W0u5+8gX1OIzvIwTrp3GsjAZ9nUWuaOznOSsO62QAiH3c
utLDsLp+qpfvyAg2cra76NhyN/6effHYatNswhcCdGzekfGGBW8NfkwTUU4GhVRX
/e0IJAGC4ylq2XyMgCvRwbpX5Xjdo/x80BzKYAEivFZKNoE2N7DUUAC6XB9hzUvl
SBhmoBvUAoZMhKFKxlROjtpblvbgwiLMV+xPzkghL2NZrTna2TR0JHh8fOJzrryc
nBJQh6Pi7nKtEvzxA5ByLKgNjzydjFU9ENxE91CT01ROq4zBwzF23YcthC/GyUZE
VroKDNn/1GdxFWvxlw==
-----END CERTIFICATE-----
Generated at Sun Apr 19 10:24:58 2026 by rpki-client