Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/O0dA6ORgAzDqkWmj1R355BHaTrI.roa
File: O0dA6ORgAzDqkWmj1R355BHaTrI.roa (raw, json)
Hash identifier: 296lT6a3xrMsAitqkt1Jep7cJYB5SeLJP2n68zngwhU=
Subject key identifier: 3B:47:40:E8:E4:60:03:30:EA:91:69:A3:D5:1D:F9:E4:11:DA:4E:B2
Certificate issuer: /CN=21021b252222997bfe33b7e4b315ac8d5e067954
Certificate serial: 01999ABF7625FC567CDF219D1126909D8E67
Authority key identifier: 21:02:1B:25:22:22:99:7B:FE:33:B7:E4:B3:15:AC:8D:5E:06:79:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IQIbJSIimXv-M7fksxWsjV4GeVQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/O0dA6ORgAzDqkWmj1R355BHaTrI.roa
Signing time: Tue 30 Sep 2025 13:11:02 +0000
ROA not before: Tue 30 Sep 2025 13:11:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62874
IP address blocks: 72.63.12.0/22 maxlen: 22
72.63.68.0/22 maxlen: 22
72.63.72.0/22 maxlen: 22
72.63.80.0/22 maxlen: 22
72.63.100.0/22 maxlen: 22
72.63.104.0/22 maxlen: 22
72.63.112.0/22 maxlen: 22
72.63.116.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/IQIbJSIimXv-M7fksxWsjV4GeVQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/IQIbJSIimXv-M7fksxWsjV4GeVQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/IQIbJSIimXv-M7fksxWsjV4GeVQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 Oct 2025 10:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:9a:bf:76:25:fc:56:7c:df:21:9d:11:26:90:9d:8e:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21021b252222997bfe33b7e4b315ac8d5e067954
Validity
Not Before: Sep 30 13:11:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3b4740e8e4600330ea9169a3d51df9e411da4eb2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:ba:15:7c:69:0a:9d:f5:e0:c8:6b:7a:44:ab:
a8:40:42:c3:43:43:ba:66:b0:df:e8:10:13:1b:87:
ae:cf:73:17:a9:7c:68:5f:f3:e5:4e:18:df:7c:6d:
ad:96:e7:cc:f8:64:ab:fb:39:6a:d8:02:0c:10:0d:
c6:08:71:47:90:14:b1:f9:e2:cf:13:34:da:a2:c4:
26:e4:94:f4:38:5c:6f:44:5f:38:69:56:07:70:71:
5e:61:39:76:3c:f1:fb:2d:89:a1:af:92:c5:86:9d:
14:3e:c0:88:be:e8:56:84:5c:06:39:fc:c9:e8:03:
a0:76:99:8f:63:36:17:f8:44:ea:a2:95:f9:63:13:
f6:82:cf:11:9c:14:51:66:0a:8e:17:ec:71:51:07:
3b:4a:7b:54:c7:0d:ce:93:72:62:b2:42:cb:1c:65:
8a:7c:7c:da:75:2d:f7:af:30:c3:6f:56:75:34:89:
83:60:4c:3d:7b:ca:4a:98:c5:82:c1:69:52:9e:21:
34:21:17:0c:56:97:d2:f7:28:f0:28:4a:06:4d:78:
39:f8:4b:a9:be:02:55:55:ca:41:ec:c4:24:7b:2b:
49:60:0f:a2:6c:51:0c:de:39:23:fe:3f:9d:8a:2e:
a0:8f:00:2d:f4:a4:03:c9:aa:77:9b:cd:a8:68:6f:
ee:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:47:40:E8:E4:60:03:30:EA:91:69:A3:D5:1D:F9:E4:11:DA:4E:B2
X509v3 Authority Key Identifier:
keyid:21:02:1B:25:22:22:99:7B:FE:33:B7:E4:B3:15:AC:8D:5E:06:79:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IQIbJSIimXv-M7fksxWsjV4GeVQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/O0dA6ORgAzDqkWmj1R355BHaTrI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/IQIbJSIimXv-M7fksxWsjV4GeVQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
72.63.12.0/22
72.63.68.0-72.63.75.255
72.63.80.0/22
72.63.100.0-72.63.107.255
72.63.112.0/21
Signature Algorithm: sha256WithRSAEncryption
7f:af:96:ed:02:d7:8e:1e:a6:15:a5:60:c1:51:40:71:c7:37:
47:43:bf:a8:6c:9b:d2:9a:a5:c5:06:4c:e7:b7:50:6a:26:ce:
9e:5c:31:d2:e8:21:88:fe:49:9d:16:49:50:fa:8f:99:60:92:
26:54:49:9d:a2:1a:8d:ce:0f:11:f1:b0:39:9b:4f:bd:dc:97:
41:69:ff:54:11:cf:08:a5:8c:a9:6b:b4:c8:c1:e1:5d:a9:0b:
96:ae:e5:aa:94:58:a7:6a:81:21:59:91:e7:93:9e:8c:91:e4:
3d:a7:a5:26:94:77:d0:7e:11:0b:c5:db:e4:a5:66:5b:b2:4e:
f0:96:ac:c4:df:ba:18:6d:fc:67:41:71:95:ff:a7:3b:9e:56:
e8:c2:64:1c:e4:9d:65:d2:db:66:8b:99:8d:9f:f2:f4:23:01:
b6:49:8a:80:35:6a:41:db:e1:f9:03:3d:41:2b:7a:eb:03:55:
96:f6:48:c6:e9:d9:3d:49:22:42:bb:d3:22:6f:dc:c0:e8:52:
ad:ab:46:84:38:7a:a5:6e:fd:95:65:0a:ef:fd:15:5e:25:87:
01:9c:f8:98:32:1d:4a:15:b0:d6:50:7b:77:15:51:0a:11:07:
84:75:18:74:8c:cc:f2:5a:57:e3:4d:73:32:07:ce:6e:6d:a9:
c6:3a:0a:ac
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAZmav3Yl/FZ83yGdESaQnY5nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMDIxYjI1MjIyMjk5N2JmZTMzYjdlNGIzMTVhYzhkNWUw
Njc5NTQwHhcNMjUwOTMwMTMxMTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjQ3NDBlOGU0NjAwMzMwZWE5MTY5YTNkNTFkZjllNDExZGE0ZWIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwLoVfGkKnfXgyGt6RKuoQELDQ0O6
ZrDf6BATG4euz3MXqXxoX/PlThjffG2tlufM+GSr+zlq2AIMEA3GCHFHkBSx+eLP
EzTaosQm5JT0OFxvRF84aVYHcHFeYTl2PPH7LYmhr5LFhp0UPsCIvuhWhFwGOfzJ
6AOgdpmPYzYX+ETqopX5YxP2gs8RnBRRZgqOF+xxUQc7SntUxw3Ok3JiskLLHGWK
fHzadS33rzDDb1Z1NImDYEw9e8pKmMWCwWlSniE0IRcMVpfS9yjwKEoGTXg5+Eup
vgJVVcpB7MQkeytJYA+ibFEM3jkj/j+dii6gjwAt9KQDyap3m82oaG/udwIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFDtHQOjkYAMw6pFpo9Ud+eQR2k6yMB8GA1UdIwQY
MBaAFCECGyUiIpl7/jO35LMVrI1eBnlUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVFJYkpTSWltWHYtTTdma3N4V3NqVjRHZVZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC81OTI5NGMtMGYyNC00MGM1LWI1YzMt
NmVhYzYyZTYwZGY3LzEvTzBkQTZPUmdBekRxa1dtajFSMzU1QkhhVHJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC81OTI5NGMtMGYyNC00MGM1LWI1YzMtNmVhYzYyZTYwZGY3
LzEvSVFJYkpTSWltWHYtTTdma3N4V3NqVjRHZVZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjA0BAIAATAuAwQCSD8MMAwD
BAJIP0QDBAJIP0gDBAJIP1AwDAMEAkg/ZAMEAkg/aAMEA0g/cDANBgkqhkiG9w0B
AQsFAAOCAQEAf6+W7QLXjh6mFaVgwVFAccc3R0O/qGyb0pqlxQZM57dQaibOnlwx
0ughiP5JnRZJUPqPmWCSJlRJnaIajc4PEfGwOZtPvdyXQWn/VBHPCKWMqWu0yMHh
XakLlq7lqpRYp2qBIVmR55OejJHkPaelJpR30H4RC8Xb5KVmW7JO8JasxN+6GG38
Z0Fxlf+nO55W6MJkHOSdZdLbZouZjZ/y9CMBtkmKgDVqQdvh+QM9QSt66wNVlvZI
xunZPUkiQrvTIm/cwOhSratGhDh6pW79lWUK7/0VXiWHAZz4mDIdShWw1lB7dxVR
ChEHhHUYdIzM8lpX401zMgfObm2pxjoKrA==
-----END CERTIFICATE-----
Generated at Wed Oct 8 19:16:05 2025 by rpki-client