Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/mmVQ6qP0efEzsBwQl8uFv-maAhU.roa
File: mmVQ6qP0efEzsBwQl8uFv-maAhU.roa (raw, json)
Hash identifier: x5/b2I/rl330TUgO1kqKEXRgFLBYZOfNxKHdzeEEvd0=
Subject key identifier: 9A:65:50:EA:A3:F4:79:F1:33:B0:1C:10:97:CB:85:BF:E9:9A:02:15
Certificate issuer: /CN=c3c18527e3a206af2842028d95aec41338e8daf8
Certificate serial: 019E8BCC111452DFB51A376387ADFC6096F1
Authority key identifier: C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/mmVQ6qP0efEzsBwQl8uFv-maAhU.roa
Signing time: Wed 03 Jun 2026 04:44:27 +0000
ROA not before: Wed 03 Jun 2026 04:44:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 213852
IP address blocks: 62.60.188.0/24 maxlen: 24
62.60.189.0/24 maxlen: 24
62.60.191.0/24 maxlen: 24
62.60.192.0/24 maxlen: 24
62.60.194.0/23 maxlen: 24
62.60.198.0/24 maxlen: 24
62.60.220.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.crl
rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.mft
rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 07 Jun 2026 02:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:8b:cc:11:14:52:df:b5:1a:37:63:87:ad:fc:60:96:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3c18527e3a206af2842028d95aec41338e8daf8
Validity
Not Before: Jun 3 04:44:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=9a6550eaa3f479f133b01c1097cb85bfe99a0215
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:98:30:57:34:54:9e:0a:ad:00:d1:d6:81:7e:
d5:c6:f0:84:98:8c:76:a8:d1:c5:e1:5d:62:30:b5:
1e:82:0e:47:02:62:de:c1:17:98:5b:45:22:53:20:
04:c6:67:2f:e3:8e:ec:fd:20:d2:d8:ae:05:6e:86:
e5:14:70:1a:14:5e:4a:7f:ad:fc:18:4b:dc:9d:f2:
32:1b:16:3c:1c:ab:56:dc:81:a9:d4:67:54:d9:16:
16:d3:f6:a9:f2:39:d0:c3:a2:4d:96:68:c5:5c:e1:
52:03:9b:41:c6:41:4b:84:55:9e:ce:63:dc:ba:e1:
c9:b3:fc:cb:37:b7:ac:c8:01:27:0d:3e:dd:f4:e9:
83:96:55:89:c7:44:15:ab:a4:f1:fe:52:d8:9e:cb:
27:9a:4c:0c:cb:e8:83:c5:96:e8:e9:08:3a:ce:49:
d6:e8:20:78:2a:43:d0:ca:1a:38:ce:e3:22:2e:cf:
f3:ca:2b:96:b5:57:67:86:c7:29:4c:a5:29:7f:e5:
69:78:51:e7:21:39:ce:d5:5b:56:af:bb:a6:08:3d:
e1:5f:20:9b:2c:5e:d9:d8:26:ab:2e:c4:69:b5:a4:
54:87:f2:ed:84:08:be:9d:dc:97:3e:d2:ef:73:41:
fb:df:59:fe:83:bb:25:60:a4:a6:fc:83:8b:23:80:
d3:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:65:50:EA:A3:F4:79:F1:33:B0:1C:10:97:CB:85:BF:E9:9A:02:15
X509v3 Authority Key Identifier:
keyid:C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/mmVQ6qP0efEzsBwQl8uFv-maAhU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.60.188.0/23
62.60.191.0-62.60.192.255
62.60.194.0/23
62.60.198.0/24
62.60.220.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:6d:6c:46:af:a3:ae:72:02:b0:75:5f:69:bb:29:53:be:ed:
cd:60:eb:f5:f5:5d:f9:bc:89:38:bf:41:a2:62:b0:f9:33:02:
5b:4d:1c:17:d8:5f:0c:85:45:da:d6:e7:b9:f0:61:38:79:6f:
b9:67:c9:dc:b0:fa:46:cc:e3:2d:a9:b0:69:ca:70:4a:25:55:
00:ee:34:1c:22:d2:8d:2c:91:96:a7:32:59:f2:17:26:a0:68:
c3:8b:0d:73:2b:93:5e:3a:2d:3a:37:3e:35:ac:23:63:f3:9f:
36:c6:08:50:3b:e7:4b:70:d1:10:14:48:13:80:a1:a8:be:b9:
09:de:ba:59:da:4f:20:6c:d9:f8:fa:b3:ec:75:9c:b5:73:68:
57:57:a9:09:3b:bf:12:94:25:4e:ac:bd:4a:bc:c0:2b:49:5a:
f5:d5:c9:84:b6:91:04:a4:94:c9:4c:03:92:1c:e6:41:83:7d:
f7:33:ce:a0:7f:59:58:1d:c3:d4:02:3c:14:61:71:3f:5d:c8:
50:47:a2:fc:0d:44:b3:99:3c:d3:3f:24:0b:71:7b:3c:70:e3:
a9:b2:83:d5:97:c5:a6:23:1b:14:d5:51:4d:d5:cc:7e:b9:d7:
d1:8d:a3:36:8f:c1:c7:8f:48:64:29:43:22:1b:3f:30:3c:22:
ed:09:6a:04
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZ6LzBEUUt+1Gjdjh638YJbxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYzE4NTI3ZTNhMjA2YWYyODQyMDI4ZDk1YWVjNDEzMzhl
OGRhZjgwHhcNMjYwNjAzMDQ0NDI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTY1NTBlYWEzZjQ3OWYxMzNiMDFjMTA5N2NiODViZmU5OWEwMjE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt5gwVzRUngqtANHWgX7VxvCEmIx2
qNHF4V1iMLUegg5HAmLewReYW0UiUyAExmcv447s/SDS2K4FboblFHAaFF5Kf638
GEvcnfIyGxY8HKtW3IGp1GdU2RYW0/ap8jnQw6JNlmjFXOFSA5tBxkFLhFWezmPc
uuHJs/zLN7esyAEnDT7d9OmDllWJx0QVq6Tx/lLYnssnmkwMy+iDxZbo6Qg6zknW
6CB4KkPQyho4zuMiLs/zyiuWtVdnhscpTKUpf+VpeFHnITnO1VtWr7umCD3hXyCb
LF7Z2CarLsRptaRUh/LthAi+ndyXPtLvc0H731n+g7slYKSm/IOLI4DTGwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFJplUOqj9HnxM7AcEJfLhb/pmgIVMB8GA1UdIwQY
MBaAFMPBhSfjogavKEICjZWuxBM46Nr4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMt
MGNiYTMzZWZjNWJiLzEvbW1WUTZxUDBlZkV6c0J3UWw4dUZ2LW1hQWhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMtMGNiYTMzZWZjNWJi
LzEvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQBPjy8MAwD
BAA+PL8DBAA+PMADBAE+PMIDBAA+PMYDBAA+PNwwDQYJKoZIhvcNAQELBQADggEB
AExtbEavo65yArB1X2m7KVO+7c1g6/X1Xfm8iTi/QaJisPkzAltNHBfYXwyFRdrW
57nwYTh5b7lnydyw+kbM4y2psGnKcEolVQDuNBwi0o0skZanMlnyFyagaMOLDXMr
k146LTo3PjWsI2PznzbGCFA750tw0RAUSBOAoai+uQneulnaTyBs2fj6s+x1nLVz
aFdXqQk7vxKUJU6svUq8wCtJWvXVyYS2kQSklMlMA5Ic5kGDffczzqB/WVgdw9QC
PBRhcT9dyFBHovwNRLOZPNM/JAtxezxw46myg9WXxaYjGxTVUU3VzH6519GNozaP
wcePSGQpQyIbPzA8Iu0JagQ=
-----END CERTIFICATE-----
Generated at Sat Jun 6 08:03:45 2026 by rpki-client