Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/H85sOAhghTea9a0fF7V97F8PmPU.roa
File: H85sOAhghTea9a0fF7V97F8PmPU.roa (raw, json)
Hash identifier: 2OxoGkdCVVcRfuQOFsn/tuCAYUwqPM6hV+wTzXUpbKk=
Subject key identifier: 1F:CE:6C:38:08:60:85:37:9A:F5:AD:1F:17:B5:7D:EC:5F:0F:98:F5
Certificate issuer: /CN=21021b252222997bfe33b7e4b315ac8d5e067954
Certificate serial: 019A103336B375107D99AA6E2F42449FA15B
Authority key identifier: 21:02:1B:25:22:22:99:7B:FE:33:B7:E4:B3:15:AC:8D:5E:06:79:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IQIbJSIimXv-M7fksxWsjV4GeVQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/H85sOAhghTea9a0fF7V97F8PmPU.roa
Signing time: Thu 23 Oct 2025 08:33:03 +0000
ROA not before: Thu 23 Oct 2025 08:33:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 396356
IP address blocks: 72.63.48.0/22 maxlen: 22
72.63.120.0/22 maxlen: 22
72.63.132.0/22 maxlen: 22
72.63.136.0/22 maxlen: 22
72.63.140.0/22 maxlen: 22
72.63.144.0/22 maxlen: 22
72.63.148.0/22 maxlen: 22
72.63.160.0/22 maxlen: 22
72.63.164.0/22 maxlen: 22
72.63.168.0/22 maxlen: 22
72.63.172.0/22 maxlen: 22
72.63.176.0/22 maxlen: 22
72.63.180.0/22 maxlen: 22
72.63.184.0/22 maxlen: 22
72.63.192.0/22 maxlen: 22
72.63.196.0/22 maxlen: 22
72.63.200.0/22 maxlen: 22
72.63.204.0/22 maxlen: 22
72.63.208.0/22 maxlen: 22
72.63.216.0/22 maxlen: 22
72.63.224.0/22 maxlen: 22
72.63.228.0/22 maxlen: 22
72.63.232.0/22 maxlen: 22
72.63.236.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/IQIbJSIimXv-M7fksxWsjV4GeVQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/IQIbJSIimXv-M7fksxWsjV4GeVQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/IQIbJSIimXv-M7fksxWsjV4GeVQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 25 Oct 2025 11:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:10:33:36:b3:75:10:7d:99:aa:6e:2f:42:44:9f:a1:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21021b252222997bfe33b7e4b315ac8d5e067954
Validity
Not Before: Oct 23 08:33:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1fce6c38086085379af5ad1f17b57dec5f0f98f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:c8:6b:39:18:72:0c:0c:ab:1b:b6:39:4a:20:
23:c7:f7:56:48:89:55:10:ab:4c:06:5e:83:b0:bf:
78:79:c7:c4:d0:8e:b1:2a:44:61:39:05:70:1f:78:
e9:f4:b5:da:cd:50:17:1a:b2:d4:1e:73:9c:0f:f5:
e6:ff:19:1f:8b:5a:7f:cc:9b:99:74:a5:e1:5e:e4:
0d:b3:92:6c:db:83:f2:93:67:01:96:7e:7e:f0:ec:
f5:98:58:d7:51:ac:e6:06:c0:b3:7e:81:bc:f5:fd:
b8:da:d9:ec:e6:86:b8:29:32:eb:df:04:75:74:4b:
1d:3a:c0:da:c7:69:c6:99:66:1a:3b:d8:91:21:b1:
63:91:98:54:b8:31:2f:a7:06:01:1f:ef:15:9b:c4:
c3:a5:4a:93:7f:73:cc:5a:c6:44:71:58:69:87:b4:
df:b5:1b:ca:bc:52:fb:14:50:21:c7:36:1c:73:c3:
c4:b6:44:34:54:9d:76:f3:d8:41:d1:93:42:9d:90:
42:4f:9c:c5:eb:ed:5c:63:1d:98:4e:4f:d8:25:49:
d7:ad:e6:ec:f3:f3:7b:75:bc:e4:b8:30:b0:c8:9c:
6b:22:ae:18:ef:1d:17:6b:b3:df:60:f5:a9:f1:af:
25:52:49:e5:7c:5a:1d:57:4f:3b:9b:93:df:fa:e1:
c3:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:CE:6C:38:08:60:85:37:9A:F5:AD:1F:17:B5:7D:EC:5F:0F:98:F5
X509v3 Authority Key Identifier:
keyid:21:02:1B:25:22:22:99:7B:FE:33:B7:E4:B3:15:AC:8D:5E:06:79:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IQIbJSIimXv-M7fksxWsjV4GeVQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/H85sOAhghTea9a0fF7V97F8PmPU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/IQIbJSIimXv-M7fksxWsjV4GeVQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
72.63.48.0/22
72.63.120.0/22
72.63.132.0-72.63.151.255
72.63.160.0-72.63.187.255
72.63.192.0-72.63.211.255
72.63.216.0/22
72.63.224.0/20
Signature Algorithm: sha256WithRSAEncryption
53:a5:61:b8:70:46:95:11:45:e0:19:0e:76:34:27:c2:43:24:
f1:5c:6b:18:a1:27:94:13:a5:ce:34:5d:59:d7:95:cd:ce:19:
2f:11:5d:e8:9f:e4:ef:eb:93:87:be:52:91:b3:11:8f:a7:3b:
21:47:f6:12:77:f8:4f:e4:65:52:07:39:30:62:ba:8d:ab:33:
e0:c6:ae:5a:ed:7d:78:e5:14:92:03:ff:8b:c9:a0:00:df:59:
f8:c2:e6:82:19:30:99:02:c1:38:9c:60:a2:c2:06:5e:51:4b:
c6:6d:0e:de:f6:96:e8:92:7b:3f:f4:a0:0d:3f:c6:26:dc:da:
bc:ef:88:3d:bc:d2:b9:ff:c1:f4:47:b3:65:09:99:a2:f1:bf:
8a:8e:dc:de:ca:76:46:e2:ba:d0:41:12:90:1f:84:83:76:fd:
c8:03:7e:dc:9e:12:59:23:31:20:e9:b6:ab:d2:18:fb:c3:18:
02:54:50:c5:91:f3:05:86:86:e2:a4:6f:f8:83:34:75:42:c9:
f5:d8:04:99:88:ef:64:c9:9e:59:a4:91:ec:b4:d3:95:14:c4:
ff:da:4d:3c:d9:3f:f0:61:0d:16:2c:07:5c:31:3b:3f:38:9e:
43:96:21:6c:00:20:b1:ce:c2:ac:0e:50:79:40:10:73:43:39:
be:92:9c:2f
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAZoQMzazdRB9mapuL0JEn6FbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMDIxYjI1MjIyMjk5N2JmZTMzYjdlNGIzMTVhYzhkNWUw
Njc5NTQwHhcNMjUxMDIzMDgzMzAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZmNlNmMzODA4NjA4NTM3OWFmNWFkMWYxN2I1N2RlYzVmMGY5OGY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0MhrORhyDAyrG7Y5SiAjx/dWSIlV
EKtMBl6DsL94ecfE0I6xKkRhOQVwH3jp9LXazVAXGrLUHnOcD/Xm/xkfi1p/zJuZ
dKXhXuQNs5Js24Pyk2cBln5+8Oz1mFjXUazmBsCzfoG89f242tns5oa4KTLr3wR1
dEsdOsDax2nGmWYaO9iRIbFjkZhUuDEvpwYBH+8Vm8TDpUqTf3PMWsZEcVhph7Tf
tRvKvFL7FFAhxzYcc8PEtkQ0VJ1289hB0ZNCnZBCT5zF6+1cYx2YTk/YJUnXrebs
8/N7dbzkuDCwyJxrIq4Y7x0Xa7PfYPWp8a8lUknlfFodV087m5Pf+uHD2QIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFB/ObDgIYIU3mvWtHxe1fexfD5j1MB8GA1UdIwQY
MBaAFCECGyUiIpl7/jO35LMVrI1eBnlUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVFJYkpTSWltWHYtTTdma3N4V3NqVjRHZVZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC81OTI5NGMtMGYyNC00MGM1LWI1YzMt
NmVhYzYyZTYwZGY3LzEvSDg1c09BaGdoVGVhOWEwZkY3Vjk3RjhQbVBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC81OTI5NGMtMGYyNC00MGM1LWI1YzMtNmVhYzYyZTYwZGY3
LzEvSVFJYkpTSWltWHYtTTdma3N4V3NqVjRHZVZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQCSD8wAwQC
SD94MAwDBAJIP4QDBANIP5AwDAMEBUg/oAMEAkg/uDAMAwQGSD/AAwQCSD/QAwQC
SD/YAwQESD/gMA0GCSqGSIb3DQEBCwUAA4IBAQBTpWG4cEaVEUXgGQ52NCfCQyTx
XGsYoSeUE6XONF1Z15XNzhkvEV3on+Tv65OHvlKRsxGPpzshR/YSd/hP5GVSBzkw
YrqNqzPgxq5a7X145RSSA/+LyaAA31n4wuaCGTCZAsE4nGCiwgZeUUvGbQ7e9pbo
kns/9KANP8Ym3Nq874g9vNK5/8H0R7NlCZmi8b+KjtzeynZG4rrQQRKQH4SDdv3I
A37cnhJZIzEg6bar0hj7wxgCVFDFkfMFhobipG/4gzR1Qsn12ASZiO9kyZ5ZpJHs
tNOVFMT/2k082T/wYQ0WLAdcMTs/OJ5DliFsACCxzsKsDlB5QBBzQzm+kpwv
-----END CERTIFICATE-----
Generated at Fri Oct 24 21:25:31 2025 by rpki-client