Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FRRNkkTSWmnOVoavPLAsyLq_tXk.roa
File: FRRNkkTSWmnOVoavPLAsyLq_tXk.roa (raw, json)
Hash identifier: K0cBvsjegMcnzNsB3/N8519/P5F8rLewkA+UhBI3MRs=
Subject key identifier: 15:14:4D:92:44:D2:5A:69:CE:56:86:AF:3C:B0:2C:C8:BA:BF:B5:79
Certificate issuer: /CN=15f19074548d2a294e4385d95cd6752490ee46d7
Certificate serial: 01973490DB3BD6896E3641E841CAA3C009A3
Authority key identifier: 15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FRRNkkTSWmnOVoavPLAsyLq_tXk.roa
Signing time: Tue 03 Jun 2025 06:53:17 +0000
ROA not before: Tue 03 Jun 2025 06:53:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 62.72.162.0/23 maxlen: 23
62.72.164.0/22 maxlen: 22
62.72.164.0/23 maxlen: 23
62.72.170.0/24 maxlen: 24
62.72.187.0/24 maxlen: 24
62.72.191.0/24 maxlen: 24
81.21.2.0/23 maxlen: 23
81.21.4.0/22 maxlen: 24
176.57.51.0/24 maxlen: 24
176.57.56.0/24 maxlen: 24
176.57.63.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.mft
rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Jun 2025 12:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:34:90:db:3b:d6:89:6e:36:41:e8:41:ca:a3:c0:09:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=15f19074548d2a294e4385d95cd6752490ee46d7
Validity
Not Before: Jun 3 06:53:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=15144d9244d25a69ce5686af3cb02cc8babfb579
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:57:bb:bc:e6:b6:1b:04:59:8b:25:50:72:86:
14:ad:62:62:86:fb:e1:25:9f:17:a6:01:4e:f6:ff:
3b:a5:dc:b3:75:77:d3:ba:02:77:3e:1f:c0:8d:9b:
0c:b6:2b:b1:8a:19:02:fc:7e:aa:75:7e:dc:57:09:
de:75:70:97:c7:69:5e:81:a4:95:ba:3c:d9:57:d4:
fb:d9:2f:36:33:f0:52:87:7c:44:7b:61:e0:d4:cd:
2b:ae:c0:81:ee:ca:cd:db:9b:ec:6f:3c:f7:be:47:
de:17:84:20:cf:c6:b4:09:47:34:6a:2a:1b:92:33:
51:6d:0a:2a:9f:3f:e3:c6:50:f1:ce:4a:e4:ae:b7:
67:74:c5:6e:c5:89:1a:a7:b9:0d:a3:6e:de:d5:96:
e8:f2:33:17:69:10:fb:96:59:be:b4:7b:e3:ed:3a:
1d:d1:03:90:46:41:65:d9:c4:c3:0a:a1:4b:5c:96:
f8:d8:c1:17:e0:39:03:60:58:f0:9d:03:6d:9a:bf:
15:58:49:99:24:58:9e:7f:e5:23:f5:bd:3e:84:1d:
94:8a:5c:3b:e9:40:88:4d:6f:97:90:49:75:0d:c9:
a6:f2:8e:49:21:af:e3:55:74:03:67:80:3d:55:a7:
eb:52:b8:b7:fc:84:e6:8e:09:55:7b:37:21:78:6b:
11:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:14:4D:92:44:D2:5A:69:CE:56:86:AF:3C:B0:2C:C8:BA:BF:B5:79
X509v3 Authority Key Identifier:
keyid:15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FRRNkkTSWmnOVoavPLAsyLq_tXk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.72.162.0-62.72.167.255
62.72.170.0/24
62.72.187.0/24
62.72.191.0/24
81.21.2.0-81.21.7.255
176.57.51.0/24
176.57.56.0/24
176.57.63.0/24
Signature Algorithm: sha256WithRSAEncryption
24:43:13:fc:45:d0:a3:ac:94:79:d8:33:13:b4:e1:16:1b:42:
3e:6a:a8:84:ff:1b:e4:ef:2c:36:0f:c8:25:c5:25:32:0f:b9:
23:19:df:a9:6c:4a:49:bb:ae:f4:0d:35:53:e2:46:47:e7:48:
1b:3a:09:45:e1:ff:11:62:a4:fc:65:5d:8b:b6:1f:39:9b:3c:
12:0d:46:24:3e:3e:81:26:ee:4d:37:b3:1e:e1:b6:de:f0:35:
49:ff:18:28:f6:64:75:19:45:88:08:6a:03:00:66:6a:4a:9e:
c5:e7:74:9a:13:88:5b:78:ab:fd:ed:3f:62:5b:1c:c5:c8:16:
8b:c4:d1:87:fb:c4:ee:7a:17:a2:e1:20:65:05:42:ae:ab:b0:
a3:34:d7:21:02:07:0f:4a:b4:0f:f6:51:3c:35:5f:61:4f:36:
ac:01:11:16:18:5f:4e:47:60:ff:a7:b4:e7:0f:d7:7c:77:93:
09:58:e1:6b:98:2b:f7:f7:69:de:36:ee:17:b1:87:d1:c0:c9:
6a:0c:29:6e:74:c4:b3:ac:35:98:10:93:c4:14:f4:44:07:17:
4b:17:65:12:bb:0c:0b:8f:cf:07:d6:c6:7e:7b:75:ca:19:b9:
a8:4a:45:aa:b1:bb:19:2d:df:ba:74:f7:2f:f6:d3:0f:5f:dd:
6d:1c:ea:a6
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAZc0kNs71oluNkHoQcqjwAmjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1ZjE5MDc0NTQ4ZDJhMjk0ZTQzODVkOTVjZDY3NTI0OTBl
ZTQ2ZDcwHhcNMjUwNjAzMDY1MzE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNTE0NGQ5MjQ0ZDI1YTY5Y2U1Njg2YWYzY2IwMmNjOGJhYmZiNTc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq1e7vOa2GwRZiyVQcoYUrWJihvvh
JZ8XpgFO9v87pdyzdXfTugJ3Ph/AjZsMtiuxihkC/H6qdX7cVwnedXCXx2legaSV
ujzZV9T72S82M/BSh3xEe2Hg1M0rrsCB7srN25vsbzz3vkfeF4Qgz8a0CUc0aiob
kjNRbQoqnz/jxlDxzkrkrrdndMVuxYkap7kNo27e1Zbo8jMXaRD7llm+tHvj7Tod
0QOQRkFl2cTDCqFLXJb42MEX4DkDYFjwnQNtmr8VWEmZJFief+Uj9b0+hB2Uilw7
6UCITW+XkEl1Dcmm8o5JIa/jVXQDZ4A9VafrUri3/ITmjglVezcheGsRhQIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFBUUTZJE0lppzlaGrzywLMi6v7V5MB8GA1UdIwQY
MBaAFBXxkHRUjSopTkOF2VzWdSSQ7kbXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2Qt
NTYyNDRmNDMwZGNjLzEvRlJSTmtrVFNXbW5PVm9hdlBMQXN5THFfdFhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2QtNTYyNDRmNDMwZGNj
LzEvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDBGBAIAATBAMAwDBAE+SKID
BAM+SKADBAA+SKoDBAA+SLsDBAA+SL8wDAMEAVEVAgMEA1EVAAMEALA5MwMEALA5
OAMEALA5PzANBgkqhkiG9w0BAQsFAAOCAQEAJEMT/EXQo6yUedgzE7ThFhtCPmqo
hP8b5O8sNg/IJcUlMg+5IxnfqWxKSbuu9A01U+JGR+dIGzoJReH/EWKk/GVdi7Yf
OZs8Eg1GJD4+gSbuTTezHuG23vA1Sf8YKPZkdRlFiAhqAwBmakqexed0mhOIW3ir
/e0/YlscxcgWi8TRh/vE7noXouEgZQVCrquwozTXIQIHD0q0D/ZRPDVfYU82rAER
FhhfTkdg/6e05w/XfHeTCVjha5gr9/dp3jbuF7GH0cDJagwpbnTEs6w1mBCTxBT0
RAcXSxdlErsMC4/PB9bGfnt1yhm5qEpFqrG7GS3funT3L/bTD1/dbRzqpg==
-----END CERTIFICATE-----
Generated at Thu Jun 5 19:21:09 2025 by rpki-client