Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/Ie255GVZaYey7rhYagBRzHE7H3E.roa
File: Ie255GVZaYey7rhYagBRzHE7H3E.roa (raw, json)
Hash identifier: or7M3EclkAzV5jogXbEouItR69VJgo+P2gUgbnwZ1yw=
Subject key identifier: 21:ED:B9:E4:65:59:69:87:B2:EE:B8:58:6A:00:51:CC:71:3B:1F:71
Certificate issuer: /CN=15f19074548d2a294e4385d95cd6752490ee46d7
Certificate serial: 019D0FA8209A57DEAD1CEFD71CACC36D734F
Authority key identifier: 15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/Ie255GVZaYey7rhYagBRzHE7H3E.roa
Signing time: Sat 21 Mar 2026 09:09:29 +0000
ROA not before: Sat 21 Mar 2026 09:09:29 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 6079
IP address blocks: 62.72.172.0/24 maxlen: 24
62.72.173.0/24 maxlen: 24
62.72.183.0/24 maxlen: 24
62.72.190.0/24 maxlen: 24
81.21.5.0/24 maxlen: 24
81.21.6.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.mft
rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 23 Mar 2026 12:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:0f:a8:20:9a:57:de:ad:1c:ef:d7:1c:ac:c3:6d:73:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=15f19074548d2a294e4385d95cd6752490ee46d7
Validity
Not Before: Mar 21 09:09:29 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=21edb9e465596987b2eeb8586a0051cc713b1f71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:40:c2:91:64:4d:80:de:95:5d:be:e0:57:97:
84:66:0a:b0:5c:16:b6:90:e9:31:6f:40:47:eb:0c:
0f:a7:95:05:8e:4a:2a:47:3f:42:a5:1c:f5:fc:62:
2a:0e:9b:94:bc:02:64:b1:a9:27:b7:4a:e9:39:93:
a9:1f:cb:b4:cd:f0:73:2d:d7:90:c1:dd:dd:73:d2:
2c:ed:2c:56:47:78:bf:cb:51:55:b6:1a:dc:84:b5:
4d:bd:2f:ea:96:13:29:e7:6d:00:f0:73:eb:5f:ab:
41:bf:a3:a2:d7:ba:4e:4b:6b:1a:3e:53:69:d8:9b:
86:13:97:c1:3a:cf:3c:39:21:ed:8e:b6:ff:5d:f6:
c0:c2:b7:9f:85:40:4a:b5:f4:a0:68:84:b2:22:a0:
43:e8:54:94:da:2a:93:19:8a:3d:49:04:65:b7:e1:
e9:17:16:d2:f6:a1:42:4e:27:e5:67:27:dd:95:84:
07:ae:26:31:85:6f:b5:3a:0a:f3:f0:cc:89:4f:72:
b9:6c:10:26:cc:ed:d3:dc:55:6f:48:d0:9e:f2:f8:
10:24:8c:f2:d8:d9:33:6e:68:13:ad:34:2b:62:b9:
80:be:3b:f6:7c:45:64:5d:64:39:0c:71:b3:ca:8c:
fa:fe:d0:21:ff:e1:5f:55:2e:75:67:ee:4f:7d:97:
c0:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:ED:B9:E4:65:59:69:87:B2:EE:B8:58:6A:00:51:CC:71:3B:1F:71
X509v3 Authority Key Identifier:
keyid:15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/Ie255GVZaYey7rhYagBRzHE7H3E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.72.172.0/23
62.72.183.0/24
62.72.190.0/24
81.21.5.0-81.21.6.255
Signature Algorithm: sha256WithRSAEncryption
15:02:39:8a:7b:cf:7f:df:1c:2c:76:23:1c:22:d5:16:03:79:
54:59:3a:90:b5:8e:1f:e6:f2:51:eb:b7:27:03:37:42:05:fe:
12:12:cf:26:e0:15:26:e0:cc:d4:35:f6:49:fc:fb:06:76:d7:
2c:d9:1c:7d:58:62:8d:f6:f2:5e:bd:43:98:6e:9a:a1:95:4d:
ba:90:29:de:1a:d0:b3:fb:f4:3d:d1:76:ed:25:89:9d:a2:18:
3f:a6:47:bb:42:4f:98:c8:d3:a2:ac:7b:97:1b:b5:ea:f1:b4:
66:85:98:4a:a0:58:4f:ae:0d:8d:a4:40:bc:e4:20:ae:eb:0d:
83:e7:1f:01:1e:ed:b3:22:5c:38:57:1d:34:b4:dd:38:0a:d6:
f3:64:ce:4d:5a:e4:fb:98:33:29:d5:46:06:7d:de:53:68:fa:
b9:2e:ae:43:63:88:e8:39:17:03:2c:71:74:54:67:b5:63:9b:
83:95:cc:52:42:32:25:07:f1:dd:be:bd:fd:08:2d:93:44:eb:
97:19:b8:19:d0:78:5f:99:68:1f:fc:87:f5:6b:d6:20:2f:76:
63:6e:72:9d:c9:16:df:df:55:40:e6:02:8a:68:9a:a2:34:5f:
a5:b4:1e:06:b1:fd:40:78:da:55:04:a5:9d:52:1c:ee:45:6a:
b2:3e:bf:de
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZ0PqCCaV96tHO/XHKzDbXNPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1ZjE5MDc0NTQ4ZDJhMjk0ZTQzODVkOTVjZDY3NTI0OTBl
ZTQ2ZDcwHhcNMjYwMzIxMDkwOTI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMWVkYjllNDY1NTk2OTg3YjJlZWI4NTg2YTAwNTFjYzcxM2IxZjcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp0DCkWRNgN6VXb7gV5eEZgqwXBa2
kOkxb0BH6wwPp5UFjkoqRz9CpRz1/GIqDpuUvAJksaknt0rpOZOpH8u0zfBzLdeQ
wd3dc9Is7SxWR3i/y1FVthrchLVNvS/qlhMp520A8HPrX6tBv6Oi17pOS2saPlNp
2JuGE5fBOs88OSHtjrb/XfbAwrefhUBKtfSgaISyIqBD6FSU2iqTGYo9SQRlt+Hp
FxbS9qFCTiflZyfdlYQHriYxhW+1Ogrz8MyJT3K5bBAmzO3T3FVvSNCe8vgQJIzy
2NkzbmgTrTQrYrmAvjv2fEVkXWQ5DHGzyoz6/tAh/+FfVS51Z+5PfZfAcwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFCHtueRlWWmHsu64WGoAUcxxOx9xMB8GA1UdIwQY
MBaAFBXxkHRUjSopTkOF2VzWdSSQ7kbXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2Qt
NTYyNDRmNDMwZGNjLzEvSWUyNTVHVlphWWV5N3JoWWFnQlJ6SEU3SDNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2QtNTYyNDRmNDMwZGNj
LzEvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQBPkisAwQA
Pki3AwQAPki+MAwDBABRFQUDBABRFQYwDQYJKoZIhvcNAQELBQADggEBABUCOYp7
z3/fHCx2Ixwi1RYDeVRZOpC1jh/m8lHrtycDN0IF/hISzybgFSbgzNQ19kn8+wZ2
1yzZHH1YYo328l69Q5humqGVTbqQKd4a0LP79D3Rdu0liZ2iGD+mR7tCT5jI06Ks
e5cbterxtGaFmEqgWE+uDY2kQLzkIK7rDYPnHwEe7bMiXDhXHTS03TgK1vNkzk1a
5PuYMynVRgZ93lNo+rkurkNjiOg5FwMscXRUZ7Vjm4OVzFJCMiUH8d2+vf0ILZNE
65cZuBnQeF+ZaB/8h/Vr1iAvdmNucp3JFt/fVUDmAopomqI0X6W0Hgax/UB42lUE
pZ1SHO5FarI+v94=
-----END CERTIFICATE-----
Generated at Sun Mar 22 22:00:27 2026 by rpki-client