Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/e744bd-f6d9-4f74-8c01-8c4bc45927a3/1/gVKSPISn7WOtLgcYX82T_CB0k8w.roa
File: gVKSPISn7WOtLgcYX82T_CB0k8w.roa (raw, json)
Hash identifier: Ym9+8pOqwFm62YT9wllYnMmkH1dr3oLLznDhqgDjeLA=
Subject key identifier: 81:52:92:3C:84:A7:ED:63:AD:2E:07:18:5F:CD:93:FC:20:74:93:CC
Certificate issuer: /CN=5dd7336fa915721ce3bfee217f4e99164db9532b
Certificate serial: 0197CA3112FA52464987960AE8C0AD0810CC
Authority key identifier: 5D:D7:33:6F:A9:15:72:1C:E3:BF:EE:21:7F:4E:99:16:4D:B9:53:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xdczb6kVchzjv-4hf06ZFk25Uys.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/e744bd-f6d9-4f74-8c01-8c4bc45927a3/1/gVKSPISn7WOtLgcYX82T_CB0k8w.roa
Signing time: Wed 02 Jul 2025 08:11:43 +0000
ROA not before: Wed 02 Jul 2025 08:11:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198605
IP address blocks: 5.62.16.0/24 maxlen: 24
5.62.17.0/24 maxlen: 24
5.62.18.0/24 maxlen: 24
5.62.19.0/24 maxlen: 24
5.62.20.0/24 maxlen: 24
5.62.24.0/24 maxlen: 24
5.62.25.0/24 maxlen: 24
5.62.30.0/24 maxlen: 24
5.62.32.0/24 maxlen: 24
5.62.36.0/23 maxlen: 23
5.62.38.0/23 maxlen: 24
5.62.38.0/24 maxlen: 24
5.62.40.0/23 maxlen: 23
5.62.42.0/23 maxlen: 23
5.62.44.0/23 maxlen: 23
5.62.46.0/23 maxlen: 23
5.62.46.0/24 maxlen: 24
5.62.47.0/24 maxlen: 24
5.62.48.0/23 maxlen: 23
5.62.50.0/24 maxlen: 24
5.62.52.0/24 maxlen: 24
5.62.53.0/24 maxlen: 24
5.62.54.0/24 maxlen: 24
5.62.55.0/24 maxlen: 24
5.62.56.0/23 maxlen: 23
5.62.56.0/24 maxlen: 24
5.62.57.0/24 maxlen: 24
5.62.58.0/23 maxlen: 23
5.62.60.0/23 maxlen: 23
5.62.62.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/e744bd-f6d9-4f74-8c01-8c4bc45927a3/1/Xdczb6kVchzjv-4hf06ZFk25Uys.crl
rsync://rpki.ripe.net/repository/DEFAULT/5b/e744bd-f6d9-4f74-8c01-8c4bc45927a3/1/Xdczb6kVchzjv-4hf06ZFk25Uys.mft
rsync://rpki.ripe.net/repository/DEFAULT/Xdczb6kVchzjv-4hf06ZFk25Uys.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Jul 2025 05:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:ca:31:12:fa:52:46:49:87:96:0a:e8:c0:ad:08:10:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5dd7336fa915721ce3bfee217f4e99164db9532b
Validity
Not Before: Jul 2 08:11:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8152923c84a7ed63ad2e07185fcd93fc207493cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:89:19:ec:7a:13:31:ca:10:84:22:e7:15:8c:
55:46:2c:b5:3e:3e:b5:cd:b8:52:62:aa:75:7e:c7:
fc:01:d6:3f:e0:86:4b:a2:21:04:18:98:55:27:4b:
77:76:6c:d5:1e:56:3f:15:64:7a:30:68:d3:b7:f6:
7b:8e:c7:35:4d:7d:17:96:d0:d3:0c:c4:06:12:01:
60:28:7f:21:6a:f6:a8:77:f1:d8:0f:96:55:94:15:
71:20:8c:06:79:12:20:24:55:10:a5:4d:55:9f:ea:
95:36:6e:c9:35:b1:74:c6:15:a8:d8:fe:6b:62:1f:
ed:b5:1d:e3:61:cd:13:30:40:7d:06:72:0e:0b:a8:
b6:31:fc:0e:ca:4c:df:ea:d5:ba:e1:5a:e4:b0:c6:
de:58:2a:d9:91:61:2b:c5:b6:38:c2:f1:cb:8f:48:
2c:25:8e:f6:07:45:dd:5b:bc:ce:35:10:c1:04:5e:
0c:95:41:0a:16:04:23:e6:72:f3:fd:23:53:ad:b1:
89:cb:88:67:83:64:31:5e:d0:dc:6f:cd:a7:3f:db:
3d:ed:25:ce:0c:92:b0:65:48:4d:95:2e:49:dd:31:
54:0d:19:50:55:42:0c:27:8a:a3:0d:01:16:22:86:
b3:3d:2d:68:cf:f8:91:1a:db:2e:02:a0:4e:49:af:
c3:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:52:92:3C:84:A7:ED:63:AD:2E:07:18:5F:CD:93:FC:20:74:93:CC
X509v3 Authority Key Identifier:
keyid:5D:D7:33:6F:A9:15:72:1C:E3:BF:EE:21:7F:4E:99:16:4D:B9:53:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xdczb6kVchzjv-4hf06ZFk25Uys.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/e744bd-f6d9-4f74-8c01-8c4bc45927a3/1/gVKSPISn7WOtLgcYX82T_CB0k8w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/e744bd-f6d9-4f74-8c01-8c4bc45927a3/1/Xdczb6kVchzjv-4hf06ZFk25Uys.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.62.16.0-5.62.20.255
5.62.24.0/23
5.62.30.0/24
5.62.32.0/24
5.62.36.0-5.62.50.255
5.62.52.0-5.62.63.255
Signature Algorithm: sha256WithRSAEncryption
2d:05:21:16:fb:cf:e4:d9:95:ee:2e:c9:d5:9b:ce:d3:b1:a6:
6a:ba:e6:c4:c0:84:94:24:ae:f2:64:24:93:c6:ab:8b:1a:af:
d1:ce:bb:46:31:72:8d:8a:9c:e9:ad:3f:4f:9a:a4:fa:cc:a2:
3e:a3:61:04:32:23:c9:a9:1e:39:c7:9a:57:52:34:96:ac:38:
30:d3:07:73:6a:22:60:b1:e4:b5:9b:37:c4:8d:ed:7d:8c:95:
e3:df:70:32:e5:6d:0a:d0:bc:6d:23:c2:d1:92:8c:08:9c:e1:
37:92:c4:8d:06:af:ae:82:bc:ae:b7:5d:b2:c1:7c:61:78:ce:
03:0d:ba:ef:d7:c3:c6:61:f8:b4:d2:ab:d8:ef:ed:08:9f:ce:
77:43:9b:2c:2c:7c:25:05:26:8e:b1:a3:78:8e:52:38:bb:de:
17:cd:4a:c0:9f:4e:ab:f5:c0:74:ff:ee:c1:87:c6:61:1c:c6:
f3:a5:a9:55:48:91:f9:07:c7:0e:2c:c4:a4:2d:d2:9e:1e:4e:
9a:1f:5b:34:db:86:4f:db:a6:25:29:40:f5:a0:3b:4e:e8:fa:
f9:80:e7:9f:68:70:a3:23:c1:de:fe:b9:c0:3e:93:dc:7a:be:
78:64:36:29:c0:fb:87:54:60:d1:88:03:f3:f4:54:87:68:6a:
9f:4c:77:61
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZfKMRL6UkZJh5YK6MCtCBDMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkZDczMzZmYTkxNTcyMWNlM2JmZWUyMTdmNGU5OTE2NGRi
OTUzMmIwHhcNMjUwNzAyMDgxMTQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MTUyOTIzYzg0YTdlZDYzYWQyZTA3MTg1ZmNkOTNmYzIwNzQ5M2NjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvYkZ7HoTMcoQhCLnFYxVRiy1Pj61
zbhSYqp1fsf8AdY/4IZLoiEEGJhVJ0t3dmzVHlY/FWR6MGjTt/Z7jsc1TX0XltDT
DMQGEgFgKH8havaod/HYD5ZVlBVxIIwGeRIgJFUQpU1Vn+qVNm7JNbF0xhWo2P5r
Yh/ttR3jYc0TMEB9BnIOC6i2MfwOykzf6tW64VrksMbeWCrZkWErxbY4wvHLj0gs
JY72B0XdW7zONRDBBF4MlUEKFgQj5nLz/SNTrbGJy4hng2QxXtDcb82nP9s97SXO
DJKwZUhNlS5J3TFUDRlQVUIMJ4qjDQEWIoazPS1oz/iRGtsuAqBOSa/DHwIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFIFSkjyEp+1jrS4HGF/Nk/wgdJPMMB8GA1UdIwQY
MBaAFF3XM2+pFXIc47/uIX9OmRZNuVMrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGRjemI2a1ZjaHpqdi00aGYwNlpGazI1VXlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi9lNzQ0YmQtZjZkOS00Zjc0LThjMDEt
OGM0YmM0NTkyN2EzLzEvZ1ZLU1BJU243V090TGdjWVg4MlRfQ0Iwazh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi9lNzQ0YmQtZjZkOS00Zjc0LThjMDEtOGM0YmM0NTkyN2Ez
LzEvWGRjemI2a1ZjaHpqdi00aGYwNlpGazI1VXlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8MAwDBAQFPhAD
BAAFPhQDBAEFPhgDBAAFPh4DBAAFPiAwDAMEAgU+JAMEAAU+MjAMAwQCBT40AwQG
BT4AMA0GCSqGSIb3DQEBCwUAA4IBAQAtBSEW+8/k2ZXuLsnVm87TsaZquubEwISU
JK7yZCSTxquLGq/RzrtGMXKNipzprT9PmqT6zKI+o2EEMiPJqR45x5pXUjSWrDgw
0wdzaiJgseS1mzfEje19jJXj33Ay5W0K0LxtI8LRkowInOE3ksSNBq+ugryut12y
wXxheM4DDbrv18PGYfi00qvY7+0In853Q5ssLHwlBSaOsaN4jlI4u94XzUrAn06r
9cB0/+7Bh8ZhHMbzpalVSJH5B8cOLMSkLdKeHk6aH1s024ZP26YlKUD1oDtO6Pr5
gOefaHCjI8He/rnAPpPcer54ZDYpwPuHVGDRiAPz9FSHaGqfTHdh
-----END CERTIFICATE-----
Generated at Sun Jul 27 12:49:38 2025 by rpki-client