Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/15d271-05cd-461e-a7b6-43013b28d9d6/1/rf9KTHpYwkkNInVQ5EifsWm0nxA.roa
File: rf9KTHpYwkkNInVQ5EifsWm0nxA.roa (raw, json)
Hash identifier: djP7Njwn08dcs5j6JOQWdwZwxz1jVEkhEi92YG/q5uQ=
Subject key identifier: AD:FF:4A:4C:7A:58:C2:49:0D:22:75:50:E4:48:9F:B1:69:B4:9F:10
Certificate issuer: /CN=d4b95330734c9aaf66d11bcd2bedd380f410f93f
Certificate serial: 019C900140619F1EAED8BAD9710D9200397C
Authority key identifier: D4:B9:53:30:73:4C:9A:AF:66:D1:1B:CD:2B:ED:D3:80:F4:10:F9:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1LlTMHNMmq9m0RvNK-3TgPQQ-T8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/15d271-05cd-461e-a7b6-43013b28d9d6/1/rf9KTHpYwkkNInVQ5EifsWm0nxA.roa
Signing time: Tue 24 Feb 2026 14:15:26 +0000
ROA not before: Tue 24 Feb 2026 14:15:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 216475
IP address blocks: 103.27.158.0/24 maxlen: 24
195.226.94.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dc/15d271-05cd-461e-a7b6-43013b28d9d6/1/1LlTMHNMmq9m0RvNK-3TgPQQ-T8.crl
rsync://rpki.ripe.net/repository/DEFAULT/dc/15d271-05cd-461e-a7b6-43013b28d9d6/1/1LlTMHNMmq9m0RvNK-3TgPQQ-T8.mft
rsync://rpki.ripe.net/repository/DEFAULT/1LlTMHNMmq9m0RvNK-3TgPQQ-T8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:90:01:40:61:9f:1e:ae:d8:ba:d9:71:0d:92:00:39:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d4b95330734c9aaf66d11bcd2bedd380f410f93f
Validity
Not Before: Feb 24 14:15:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=adff4a4c7a58c2490d227550e4489fb169b49f10
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f7:06:da:fd:1d:7e:24:98:8e:a7:f9:a8:8a:c2:
29:40:52:70:fc:6e:83:b3:35:b9:db:60:7f:fd:a3:
e7:db:74:4e:18:67:c4:b0:e7:b9:40:ff:f6:54:db:
7c:2c:4a:b8:8b:5f:c6:3b:82:dd:09:1c:98:5b:89:
5c:41:21:1f:5b:af:a8:2c:a0:cb:7f:01:41:c3:6c:
30:b0:a4:d3:81:3c:e2:72:5e:99:c5:7e:77:b7:06:
ca:2a:fe:48:35:bb:d5:5a:52:a4:9b:d6:10:f1:f6:
43:fd:a1:c4:c3:f3:21:2d:93:7d:7b:85:cb:cc:10:
e1:93:e1:1c:2c:07:8e:9d:de:7e:cd:92:07:de:87:
cf:8f:42:3f:92:f8:aa:d2:21:7e:49:e6:b6:88:17:
57:f9:7a:be:4c:37:ab:a7:f3:c2:4c:78:a3:d6:09:
5b:93:ed:f3:18:a2:0c:9c:25:ee:5f:1a:0c:0d:17:
4a:0d:0e:0a:ae:85:76:54:60:ef:43:d2:db:29:ca:
c6:57:fe:ef:9d:2c:43:ef:41:86:e3:8f:82:a5:99:
d1:85:ae:a2:8a:59:5a:8a:c7:8a:f5:4d:2d:18:f2:
f4:af:be:ee:be:72:b4:c9:df:58:3e:b6:84:31:4f:
7e:d6:f6:cf:6f:ef:a3:67:05:c6:eb:18:1a:3f:bf:
f1:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:FF:4A:4C:7A:58:C2:49:0D:22:75:50:E4:48:9F:B1:69:B4:9F:10
X509v3 Authority Key Identifier:
keyid:D4:B9:53:30:73:4C:9A:AF:66:D1:1B:CD:2B:ED:D3:80:F4:10:F9:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1LlTMHNMmq9m0RvNK-3TgPQQ-T8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/15d271-05cd-461e-a7b6-43013b28d9d6/1/rf9KTHpYwkkNInVQ5EifsWm0nxA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/15d271-05cd-461e-a7b6-43013b28d9d6/1/1LlTMHNMmq9m0RvNK-3TgPQQ-T8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.27.158.0/24
195.226.94.0/24
Signature Algorithm: sha256WithRSAEncryption
35:aa:43:6f:d6:d0:44:11:60:6c:25:bb:55:f4:3f:31:bd:40:
85:d9:ba:cd:a4:78:79:fd:de:dd:b2:82:e3:42:e9:0a:b9:ed:
77:71:dd:91:bd:8e:ee:31:ce:a8:c6:e9:af:52:f7:26:be:7c:
82:b6:7f:d3:5c:37:ca:ea:3f:8a:10:65:6c:e2:22:5d:48:a8:
51:f1:72:36:61:29:55:f9:c6:9d:a3:34:28:0c:fc:cf:0b:fc:
b8:cd:05:f0:52:b8:de:ec:b0:3b:ab:47:43:cc:09:14:f0:60:
56:81:25:a8:ed:0b:de:4f:c0:7b:98:f7:fb:bc:cd:d1:39:83:
a7:11:e5:17:c2:0e:e2:0c:3c:43:5d:65:79:56:c4:41:22:57:
60:be:52:37:cc:0f:8e:3b:3e:27:dd:75:a4:e7:7c:01:00:c2:
f7:56:a3:b7:3f:11:98:dd:b2:51:15:fb:3a:ac:1a:ec:bd:dc:
f0:b8:c7:ee:ee:d7:55:c6:4d:ef:78:ac:e2:8d:fe:1b:db:34:
44:7e:ed:a3:96:34:a3:1c:b5:e3:02:da:e2:2c:0f:f6:d8:3b:
d2:4d:3b:16:b7:62:7a:ef:89:35:01:60:e6:1e:c4:2c:73:53:
4c:98:b1:f7:20:f6:a3:6a:05:5c:0a:36:14:4a:30:4a:be:b3:
74:42:74:54
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZyQAUBhnx6u2LrZcQ2SADl8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0Yjk1MzMwNzM0YzlhYWY2NmQxMWJjZDJiZWRkMzgwZjQx
MGY5M2YwHhcNMjYwMjI0MTQxNTI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZGZmNGE0YzdhNThjMjQ5MGQyMjc1NTBlNDQ4OWZiMTY5YjQ5ZjEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9wba/R1+JJiOp/moisIpQFJw/G6D
szW522B//aPn23ROGGfEsOe5QP/2VNt8LEq4i1/GO4LdCRyYW4lcQSEfW6+oLKDL
fwFBw2wwsKTTgTzicl6ZxX53twbKKv5INbvVWlKkm9YQ8fZD/aHEw/MhLZN9e4XL
zBDhk+EcLAeOnd5+zZIH3ofPj0I/kviq0iF+Sea2iBdX+Xq+TDerp/PCTHij1glb
k+3zGKIMnCXuXxoMDRdKDQ4KroV2VGDvQ9LbKcrGV/7vnSxD70GG44+CpZnRha6i
illaiseK9U0tGPL0r77uvnK0yd9YPraEMU9+1vbPb++jZwXG6xgaP7/xqQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFK3/Skx6WMJJDSJ1UORIn7FptJ8QMB8GA1UdIwQY
MBaAFNS5UzBzTJqvZtEbzSvt04D0EPk/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUxsVE1ITk1tcTltMFJ2TkstM1RnUFFRLVQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy8xNWQyNzEtMDVjZC00NjFlLWE3YjYt
NDMwMTNiMjhkOWQ2LzEvcmY5S1RIcFl3a2tOSW5WUTVFaWZzV20wbnhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy8xNWQyNzEtMDVjZC00NjFlLWE3YjYtNDMwMTNiMjhkOWQ2
LzEvMUxsVE1ITk1tcTltMFJ2TkstM1RnUFFRLVQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAZxueAwQA
w+JeMA0GCSqGSIb3DQEBCwUAA4IBAQA1qkNv1tBEEWBsJbtV9D8xvUCF2brNpHh5
/d7dsoLjQukKue13cd2RvY7uMc6oxumvUvcmvnyCtn/TXDfK6j+KEGVs4iJdSKhR
8XI2YSlV+cadozQoDPzPC/y4zQXwUrje7LA7q0dDzAkU8GBWgSWo7QveT8B7mPf7
vM3ROYOnEeUXwg7iDDxDXWV5VsRBIldgvlI3zA+OOz4n3XWk53wBAML3VqO3PxGY
3bJRFfs6rBrsvdzwuMfu7tdVxk3veKzijf4b2zREfu2jljSjHLXjAtriLA/22DvS
TTsWt2J674k1AWDmHsQsc1NMmLH3IPajagVcCjYUSjBKvrN0QnRU
-----END CERTIFICATE-----
Generated at Sun Mar 1 22:53:05 2026 by rpki-client