Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/OgGvgzQ7dezw8MDcZi6buKfdUb8.roa
File: OgGvgzQ7dezw8MDcZi6buKfdUb8.roa (raw, json)
Hash identifier: L8eq3es2reZC3hgT7YVcEjNHAAKE3EkZ31nJkzTykBw=
Subject key identifier: 3A:01:AF:83:34:3B:75:EC:F0:F0:C0:DC:66:2E:9B:B8:A7:DD:51:BF
Certificate issuer: /CN=15f19074548d2a294e4385d95cd6752490ee46d7
Certificate serial: 019D02A91A12727CE1E7BA26F4336DBF45B5
Authority key identifier: 15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/OgGvgzQ7dezw8MDcZi6buKfdUb8.roa
Signing time: Wed 18 Mar 2026 20:35:29 +0000
ROA not before: Wed 18 Mar 2026 20:35:29 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 50670
IP address blocks: 62.72.161.0/24 maxlen: 24
62.72.162.0/24 maxlen: 24
62.72.170.0/24 maxlen: 24
62.72.171.0/24 maxlen: 24
62.72.174.0/24 maxlen: 24
62.72.187.0/24 maxlen: 24
62.72.191.0/24 maxlen: 24
81.21.8.0/22 maxlen: 22
81.21.8.0/24 maxlen: 24
81.21.9.0/24 maxlen: 24
81.21.10.0/24 maxlen: 24
81.21.11.0/24 maxlen: 24
81.21.12.0/24 maxlen: 24
81.21.13.0/24 maxlen: 24
81.21.14.0/24 maxlen: 24
81.21.15.0/24 maxlen: 24
109.237.192.0/20 maxlen: 24
109.237.192.0/24 maxlen: 24
109.237.193.0/24 maxlen: 24
109.237.194.0/24 maxlen: 24
109.237.195.0/24 maxlen: 24
109.237.196.0/24 maxlen: 24
109.237.197.0/24 maxlen: 24
109.237.198.0/24 maxlen: 24
109.237.199.0/24 maxlen: 24
109.237.200.0/24 maxlen: 24
109.237.201.0/24 maxlen: 24
109.237.202.0/24 maxlen: 24
109.237.203.0/24 maxlen: 24
109.237.204.0/24 maxlen: 24
109.237.205.0/24 maxlen: 24
109.237.206.0/24 maxlen: 24
109.237.207.0/24 maxlen: 24
176.57.56.0/24 maxlen: 24
176.57.57.0/24 maxlen: 24
176.241.64.0/21 maxlen: 24
176.241.64.0/24 maxlen: 24
176.241.65.0/24 maxlen: 24
176.241.66.0/24 maxlen: 24
176.241.67.0/24 maxlen: 24
176.241.68.0/24 maxlen: 24
176.241.69.0/24 maxlen: 24
176.241.70.0/24 maxlen: 24
176.241.71.0/24 maxlen: 24
178.20.184.0/21 maxlen: 24
178.20.184.0/24 maxlen: 24
178.20.185.0/24 maxlen: 24
178.20.186.0/24 maxlen: 24
178.20.187.0/24 maxlen: 24
178.20.188.0/24 maxlen: 24
178.20.189.0/24 maxlen: 24
178.20.190.0/24 maxlen: 24
178.20.191.0/24 maxlen: 24
185.51.212.0/22 maxlen: 22
185.51.212.0/24 maxlen: 24
185.51.213.0/24 maxlen: 24
185.51.214.0/24 maxlen: 24
185.51.215.0/24 maxlen: 24
185.193.176.0/22 maxlen: 22
185.193.176.0/24 maxlen: 24
185.193.177.0/24 maxlen: 24
185.193.178.0/24 maxlen: 24
185.193.179.0/24 maxlen: 24
2a01:1d0::/29 maxlen: 29
2a01:1d0::/32 maxlen: 32
2a0a:2740::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.mft
rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 23 Mar 2026 12:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:02:a9:1a:12:72:7c:e1:e7:ba:26:f4:33:6d:bf:45:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=15f19074548d2a294e4385d95cd6752490ee46d7
Validity
Not Before: Mar 18 20:35:29 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=3a01af83343b75ecf0f0c0dc662e9bb8a7dd51bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:b2:af:8a:ae:93:40:23:f8:2b:46:a4:85:45:
74:20:2d:7c:dd:1c:b0:e8:ac:79:b0:4a:e9:26:d6:
f2:6b:c9:ab:08:67:96:52:50:76:84:03:1d:c6:a0:
22:e3:80:8c:3b:c1:8d:6c:2a:99:db:80:e0:97:34:
a3:31:4d:40:73:d1:68:27:27:72:b7:3c:89:67:98:
0d:67:f6:c4:fd:af:40:ff:f1:f6:34:67:72:f3:d0:
e1:1f:71:4d:dc:a2:c7:d7:05:9b:c3:1e:1f:1f:2d:
ab:9e:ac:89:9d:b5:26:9a:d7:c6:98:96:0d:54:e8:
a0:32:f6:72:59:ff:9b:cd:30:ff:1a:78:8b:31:e8:
31:0a:01:43:1b:2f:c1:39:de:c0:3b:12:dd:c5:82:
35:2a:00:ce:18:8f:d1:e3:09:1e:09:59:11:44:16:
76:55:b3:91:04:19:00:f6:31:1b:b3:98:fa:41:0b:
d1:64:29:04:75:c0:64:ac:53:d3:bf:1a:72:f8:0a:
fc:75:23:5d:d7:66:39:d5:12:0a:48:21:01:f9:9d:
02:dc:0e:3f:ee:04:bb:51:ab:e4:59:76:78:6d:0b:
d5:84:74:d4:9f:6f:0c:66:8d:81:3a:a0:d2:7a:e0:
e5:29:5a:60:51:a1:b0:0f:a8:b8:00:d2:f3:f2:73:
a4:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:01:AF:83:34:3B:75:EC:F0:F0:C0:DC:66:2E:9B:B8:A7:DD:51:BF
X509v3 Authority Key Identifier:
keyid:15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/OgGvgzQ7dezw8MDcZi6buKfdUb8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.72.161.0-62.72.162.255
62.72.170.0/23
62.72.174.0/24
62.72.187.0/24
62.72.191.0/24
81.21.8.0/21
109.237.192.0/20
176.57.56.0/23
176.241.64.0/21
178.20.184.0/21
185.51.212.0/22
185.193.176.0/22
IPv6:
2a01:1d0::/29
2a0a:2740::/29
Signature Algorithm: sha256WithRSAEncryption
6e:47:a3:fa:c9:d9:7a:09:56:f5:58:8d:5b:4b:f1:77:67:19:
2a:57:14:42:49:39:81:02:39:aa:1a:0b:89:a8:79:71:b9:13:
1b:7e:b3:33:3d:be:68:c0:3c:6e:08:ed:f6:9e:4a:e8:72:d8:
7e:7a:52:6e:75:21:87:c5:0c:7a:6c:97:de:00:4a:26:0b:d2:
a7:78:8d:fe:c8:dc:08:76:1f:ed:52:d9:43:e3:9f:a0:3b:6a:
6b:93:f5:32:2e:c0:ec:cc:8d:51:90:5f:a7:72:fe:b5:92:d1:
b0:5d:38:ff:7e:40:15:ca:7a:89:47:e6:13:a0:7f:fe:9c:3c:
c8:e1:1c:c4:99:ba:78:0b:97:a1:79:07:d9:07:ea:6b:77:0d:
86:8e:d7:4b:72:ec:a6:da:63:bd:91:66:45:e5:f7:09:27:02:
07:41:17:94:22:1f:b6:a1:53:1a:50:84:4a:bb:6a:ee:e2:63:
f9:9e:9e:6d:0a:f1:18:71:5c:c9:21:fe:10:30:16:ba:14:cc:
c6:2e:a6:bd:67:00:46:ce:af:97:10:fb:18:2f:9a:2d:02:ba:
24:9f:1d:c8:1c:d9:be:c3:cb:80:bc:e4:94:89:e5:9f:26:78:
18:5c:88:23:c2:ff:25:73:80:0b:d5:1f:43:2d:da:94:a6:c0:
4a:40:06:08
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgISAZ0CqRoScnzh57om9DNtv0W1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1ZjE5MDc0NTQ4ZDJhMjk0ZTQzODVkOTVjZDY3NTI0OTBl
ZTQ2ZDcwHhcNMjYwMzE4MjAzNTI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTAxYWY4MzM0M2I3NWVjZjBmMGMwZGM2NjJlOWJiOGE3ZGQ1MWJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAubKviq6TQCP4K0akhUV0IC183Ryw
6Kx5sErpJtbya8mrCGeWUlB2hAMdxqAi44CMO8GNbCqZ24DglzSjMU1Ac9FoJydy
tzyJZ5gNZ/bE/a9A//H2NGdy89DhH3FN3KLH1wWbwx4fHy2rnqyJnbUmmtfGmJYN
VOigMvZyWf+bzTD/GniLMegxCgFDGy/BOd7AOxLdxYI1KgDOGI/R4wkeCVkRRBZ2
VbORBBkA9jEbs5j6QQvRZCkEdcBkrFPTvxpy+Ar8dSNd12Y51RIKSCEB+Z0C3A4/
7gS7UavkWXZ4bQvVhHTUn28MZo2BOqDSeuDlKVpgUaGwD6i4ANLz8nOkjQIDAQAB
o4ICaTCCAmUwHQYDVR0OBBYEFDoBr4M0O3Xs8PDA3GYum7in3VG/MB8GA1UdIwQY
MBaAFBXxkHRUjSopTkOF2VzWdSSQ7kbXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2Qt
NTYyNDRmNDMwZGNjLzEvT2dHdmd6UTdkZXp3OE1EY1ppNmJ1S2ZkVWI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2QtNTYyNDRmNDMwZGNj
LzEvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH8GCCsGAQUFBwEHAQH/BHAwbjBWBAIAATBQMAwDBAA+SKED
BAA+SKIDBAE+SKoDBAA+SK4DBAA+SLsDBAA+SL8DBANRFQgDBARt7cADBAGwOTgD
BAOw8UADBAOyFLgDBAK5M9QDBAK5wbAwFAQCAAIwDgMFAyoBAdADBQMqCidAMA0G
CSqGSIb3DQEBCwUAA4IBAQBuR6P6ydl6CVb1WI1bS/F3ZxkqVxRCSTmBAjmqGguJ
qHlxuRMbfrMzPb5owDxuCO32nkrocth+elJudSGHxQx6bJfeAEomC9KneI3+yNwI
dh/tUtlD45+gO2prk/UyLsDszI1RkF+ncv61ktGwXTj/fkAVynqJR+YToH/+nDzI
4RzEmbp4C5eheQfZB+prdw2GjtdLcuym2mO9kWZF5fcJJwIHQReUIh+2oVMaUIRK
u2ru4mP5np5tCvEYcVzJIf4QMBa6FMzGLqa9ZwBGzq+XEPsYL5otAroknx3IHNm+
w8uAvOSUieWfJngYXIgjwv8lc4AL1R9DLdqUpsBKQAYI
-----END CERTIFICATE-----
Generated at Sun Mar 22 22:01:34 2026 by rpki-client