Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/IwDqZKiIXAbyT0feWX9bJBGld6Q.roa
File: IwDqZKiIXAbyT0feWX9bJBGld6Q.roa (raw, json)
Hash identifier: wY+VUgoyN7i5AyJJiJejqhHekIBuZ/O0/LzJSXaQcEo=
Subject key identifier: 23:00:EA:64:A8:88:5C:06:F2:4F:47:DE:59:7F:5B:24:11:A5:77:A4
Certificate issuer: /CN=c3c18527e3a206af2842028d95aec41338e8daf8
Certificate serial: 019821607384CAC87EA57F09C3667BA1F6C9
Authority key identifier: C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/IwDqZKiIXAbyT0feWX9bJBGld6Q.roa
Signing time: Sat 19 Jul 2025 06:30:25 +0000
ROA not before: Sat 19 Jul 2025 06:30:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214922
IP address blocks: 62.60.185.0/24 maxlen: 24
62.60.192.0/24 maxlen: 24
62.60.193.0/24 maxlen: 24
62.60.220.0/24 maxlen: 24
62.60.221.0/24 maxlen: 24
62.60.222.0/23 maxlen: 24
62.60.223.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.crl
rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.mft
rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 13:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:21:60:73:84:ca:c8:7e:a5:7f:09:c3:66:7b:a1:f6:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3c18527e3a206af2842028d95aec41338e8daf8
Validity
Not Before: Jul 19 06:30:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2300ea64a8885c06f24f47de597f5b2411a577a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:89:99:b9:90:ed:9c:d3:30:53:1f:de:8b:c1:
73:03:25:98:d8:a3:23:00:46:b2:21:93:3e:ab:3a:
8f:fe:be:77:9e:6d:6f:01:5b:87:8d:f5:a7:4b:f9:
40:4e:1e:8f:39:13:8d:fd:c8:63:2d:a1:d7:4f:2d:
f7:f7:13:aa:04:2b:c8:0b:48:35:fb:18:8b:6a:28:
7d:fb:85:cb:14:04:54:9e:ba:f0:dc:7e:ef:f9:9b:
31:00:14:6f:b0:74:c0:f8:dc:04:67:9e:4b:da:37:
80:88:f9:4d:95:21:84:af:9f:46:55:25:bd:62:71:
c0:e5:c7:f3:24:8d:55:54:5b:9f:af:40:06:e0:bf:
47:3a:af:d6:15:6f:15:66:0c:c8:91:e4:92:ef:44:
17:92:1f:75:60:14:eb:b6:f2:6e:41:7f:41:b8:cb:
7c:50:d3:e2:9f:ca:0e:42:f2:82:f7:e7:62:d1:73:
75:44:d5:15:78:f7:ae:65:35:d9:df:23:03:81:95:
ed:e9:70:79:23:97:cd:20:6c:71:d8:31:08:9e:ca:
84:a0:81:b4:56:6d:b9:20:e3:9a:84:cb:9d:e2:65:
41:5d:89:01:de:cf:7c:b0:4c:0c:2d:3a:3b:c9:cc:
7a:53:e6:43:ae:28:82:67:22:70:e0:94:2d:33:54:
91:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:00:EA:64:A8:88:5C:06:F2:4F:47:DE:59:7F:5B:24:11:A5:77:A4
X509v3 Authority Key Identifier:
keyid:C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/IwDqZKiIXAbyT0feWX9bJBGld6Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.60.185.0/24
62.60.192.0/23
62.60.220.0/22
Signature Algorithm: sha256WithRSAEncryption
17:b0:3e:ae:b0:20:64:b6:4f:44:38:23:9d:13:c6:bf:6e:f0:
d6:bf:74:53:78:d5:d7:4f:5b:70:dc:c8:01:94:77:40:ec:3d:
e7:0f:2d:9b:af:ae:2d:23:5b:c9:da:a2:e2:4c:47:76:27:33:
b9:27:f1:ee:47:a7:d7:7b:1e:c7:c1:27:72:36:81:d6:26:05:
ff:b2:c3:21:97:1d:52:68:ae:0e:b5:08:f0:26:62:8b:d9:34:
d2:be:d2:bb:60:7a:8f:5f:24:a0:86:aa:ce:49:a6:36:64:38:
94:ac:0e:9f:42:1a:69:4c:e9:f7:69:14:ef:7f:9e:d3:0f:ad:
6d:b6:8e:a3:ea:04:2f:1e:8b:34:e5:cf:d3:6e:a8:2d:64:d8:
4a:cd:db:f0:5b:b5:97:06:0a:f0:ad:81:31:43:59:17:be:e1:
bd:6b:47:79:ba:fb:c9:f2:2f:cb:4e:37:08:66:e3:87:38:ac:
2e:70:94:8a:85:db:00:3b:02:5a:ce:dd:d7:dd:a3:6b:61:b4:
61:38:ba:02:87:e0:10:93:04:f2:68:15:79:b5:4d:63:0f:ea:
a7:a6:92:2d:b4:6b:12:63:c2:13:2c:58:0d:d3:3c:28:22:d3:
e3:3d:49:c1:1c:85:14:91:dc:e6:22:6a:00:a4:91:5a:b4:9e:
f5:5c:a8:2e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZghYHOEysh+pX8Jw2Z7ofbJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYzE4NTI3ZTNhMjA2YWYyODQyMDI4ZDk1YWVjNDEzMzhl
OGRhZjgwHhcNMjUwNzE5MDYzMDI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzAwZWE2NGE4ODg1YzA2ZjI0ZjQ3ZGU1OTdmNWIyNDExYTU3N2E0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxomZuZDtnNMwUx/ei8FzAyWY2KMj
AEayIZM+qzqP/r53nm1vAVuHjfWnS/lATh6PORON/chjLaHXTy339xOqBCvIC0g1
+xiLaih9+4XLFARUnrrw3H7v+ZsxABRvsHTA+NwEZ55L2jeAiPlNlSGEr59GVSW9
YnHA5cfzJI1VVFufr0AG4L9HOq/WFW8VZgzIkeSS70QXkh91YBTrtvJuQX9BuMt8
UNPin8oOQvKC9+di0XN1RNUVePeuZTXZ3yMDgZXt6XB5I5fNIGxx2DEInsqEoIG0
Vm25IOOahMud4mVBXYkB3s98sEwMLTo7ycx6U+ZDriiCZyJw4JQtM1SRtQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCMA6mSoiFwG8k9H3ll/WyQRpXekMB8GA1UdIwQY
MBaAFMPBhSfjogavKEICjZWuxBM46Nr4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMt
MGNiYTMzZWZjNWJiLzEvSXdEcVpLaUlYQWJ5VDBmZVdYOWJKQkdsZDZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMtMGNiYTMzZWZjNWJi
LzEvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAPjy5AwQB
PjzAAwQCPjzcMA0GCSqGSIb3DQEBCwUAA4IBAQAXsD6usCBktk9EOCOdE8a/bvDW
v3RTeNXXT1tw3MgBlHdA7D3nDy2br64tI1vJ2qLiTEd2JzO5J/HuR6fXex7HwSdy
NoHWJgX/ssMhlx1SaK4OtQjwJmKL2TTSvtK7YHqPXySghqrOSaY2ZDiUrA6fQhpp
TOn3aRTvf57TD61tto6j6gQvHos05c/TbqgtZNhKzdvwW7WXBgrwrYExQ1kXvuG9
a0d5uvvJ8i/LTjcIZuOHOKwucJSKhdsAOwJazt3X3aNrYbRhOLoCh+AQkwTyaBV5
tU1jD+qnppIttGsSY8ITLFgN0zwoItPjPUnBHIUUkdzmImoApJFatJ71XKgu
-----END CERTIFICATE-----
Generated at Sun Jul 20 20:22:58 2025 by rpki-client