Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/R5tvCe0yrnM86VrHIuRfz1LTt-M.roa
File: R5tvCe0yrnM86VrHIuRfz1LTt-M.roa (raw, json)
Hash identifier: as05R3UNSvXGTL4W9RvrUX7POh9FNO1TNlRUnR2EAUs=
Subject key identifier: 47:9B:6F:09:ED:32:AE:73:3C:E9:5A:C7:22:E4:5F:CF:52:D3:B7:E3
Certificate issuer: /CN=15f19074548d2a294e4385d95cd6752490ee46d7
Certificate serial: 019D02A919CA0C97C2929B05A97B24A1BEC4
Authority key identifier: 15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/R5tvCe0yrnM86VrHIuRfz1LTt-M.roa
Signing time: Wed 18 Mar 2026 20:35:29 +0000
ROA not before: Wed 18 Mar 2026 20:35:29 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 834
IP address blocks: 62.72.162.0/23 maxlen: 23
62.72.164.0/22 maxlen: 22
62.72.164.0/23 maxlen: 23
62.72.174.0/24 maxlen: 24
81.21.1.0/24 maxlen: 24
81.21.2.0/23 maxlen: 23
81.21.3.0/24 maxlen: 24
81.21.4.0/22 maxlen: 24
81.21.4.0/24 maxlen: 24
81.21.7.0/24 maxlen: 24
176.57.63.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.mft
rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 23 Mar 2026 12:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:02:a9:19:ca:0c:97:c2:92:9b:05:a9:7b:24:a1:be:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=15f19074548d2a294e4385d95cd6752490ee46d7
Validity
Not Before: Mar 18 20:35:29 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=479b6f09ed32ae733ce95ac722e45fcf52d3b7e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:01:20:42:c9:8d:b8:5b:2e:3e:4b:b5:35:6f:
40:ea:d7:b3:a7:a7:2f:81:4b:09:ef:92:f2:fd:bd:
6c:93:7b:f4:f9:b8:39:10:3e:99:58:97:19:8f:a3:
fc:5c:c4:6e:26:ff:76:86:dd:05:31:c8:d5:af:c4:
e9:ee:b0:4a:25:1d:c1:4b:64:9f:2d:d3:56:07:77:
35:8a:0c:59:35:06:7a:86:f2:22:ed:d9:ed:41:aa:
f3:6c:80:d5:1b:41:0e:ed:f2:04:8b:c8:c4:7d:53:
f7:2a:94:9d:4d:e3:40:09:25:e9:0b:b5:22:b3:9b:
c7:74:57:e3:ac:2f:0c:e5:ba:dd:f3:20:bc:6f:3e:
86:3d:35:25:8f:09:cb:b1:b1:1f:a6:c9:4d:63:f5:
12:d7:fe:8f:52:fc:e3:df:93:11:05:c0:3b:37:19:
3d:c8:00:32:fb:6e:3c:54:07:a7:90:62:79:5d:97:
64:ea:78:b4:98:f2:4e:0a:e0:f7:10:aa:53:84:1a:
96:16:ca:6b:a3:ab:7c:05:b1:4e:66:9e:88:d5:81:
d0:f6:aa:97:f6:5d:a6:88:46:84:d9:a0:91:62:93:
b3:91:56:96:90:43:5c:4e:65:ba:1d:c8:2f:8a:ac:
a0:f7:60:a6:2d:40:64:e4:22:c5:91:e3:08:05:07:
72:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:9B:6F:09:ED:32:AE:73:3C:E9:5A:C7:22:E4:5F:CF:52:D3:B7:E3
X509v3 Authority Key Identifier:
keyid:15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/R5tvCe0yrnM86VrHIuRfz1LTt-M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.72.162.0-62.72.167.255
62.72.174.0/24
81.21.1.0-81.21.7.255
176.57.63.0/24
Signature Algorithm: sha256WithRSAEncryption
08:6f:21:e3:3b:f4:b1:d0:e0:27:06:30:cc:8d:8f:c5:93:eb:
39:af:19:aa:b3:94:92:2d:8d:82:52:b4:fb:10:f9:c2:12:20:
08:1f:ca:d3:b0:8c:6b:41:08:5c:dc:60:c1:aa:d5:6e:c9:a6:
76:b0:30:79:2e:11:d8:a0:5a:fb:b2:4c:c0:a6:21:e4:58:24:
13:46:3c:2e:e5:c6:c6:16:5e:08:35:a3:51:17:db:8a:60:4f:
ed:d8:f3:0e:3b:82:28:15:f7:30:23:9f:11:de:37:8c:be:3c:
a4:7f:0f:31:3d:ca:d5:4b:d1:1a:16:f0:ae:03:cb:47:a1:97:
81:ce:6e:95:3f:a9:33:78:7a:9e:cf:59:75:51:4c:f1:22:cb:
0b:47:96:27:ce:da:25:8f:a0:ea:54:42:b3:dd:c7:59:07:3b:
0e:d7:62:e1:d1:3d:ad:3f:9e:15:8a:e2:02:10:06:d7:15:63:
a8:2e:b0:92:c3:7c:e9:64:ff:75:2f:1f:b5:9a:3e:77:0a:69:
13:70:de:a4:d8:68:76:a2:c1:1a:ba:ec:6e:1a:94:16:2f:37:
4a:9a:8b:f5:76:10:7d:3f:78:5c:df:aa:44:58:ca:41:30:0b:
c0:0e:4e:85:44:bc:9f:c8:cb:d7:6c:55:3f:19:fc:77:d4:5a:
73:af:c2:74
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZ0CqRnKDJfCkpsFqXskob7EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1ZjE5MDc0NTQ4ZDJhMjk0ZTQzODVkOTVjZDY3NTI0OTBl
ZTQ2ZDcwHhcNMjYwMzE4MjAzNTI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzliNmYwOWVkMzJhZTczM2NlOTVhYzcyMmU0NWZjZjUyZDNiN2UzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkAEgQsmNuFsuPku1NW9A6tezp6cv
gUsJ75Ly/b1sk3v0+bg5ED6ZWJcZj6P8XMRuJv92ht0FMcjVr8Tp7rBKJR3BS2Sf
LdNWB3c1igxZNQZ6hvIi7dntQarzbIDVG0EO7fIEi8jEfVP3KpSdTeNACSXpC7Ui
s5vHdFfjrC8M5brd8yC8bz6GPTUljwnLsbEfpslNY/US1/6PUvzj35MRBcA7Nxk9
yAAy+248VAenkGJ5XZdk6ni0mPJOCuD3EKpThBqWFspro6t8BbFOZp6I1YHQ9qqX
9l2miEaE2aCRYpOzkVaWkENcTmW6Hcgviqyg92CmLUBk5CLFkeMIBQdyHwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFEebbwntMq5zPOlaxyLkX89S07fjMB8GA1UdIwQY
MBaAFBXxkHRUjSopTkOF2VzWdSSQ7kbXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2Qt
NTYyNDRmNDMwZGNjLzEvUjV0dkNlMHlybk04NlZySEl1UmZ6MUxUdC1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2QtNTYyNDRmNDMwZGNj
LzEvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoMAwDBAE+SKID
BAM+SKADBAA+SK4wDAMEAFEVAQMEA1EVAAMEALA5PzANBgkqhkiG9w0BAQsFAAOC
AQEACG8h4zv0sdDgJwYwzI2PxZPrOa8ZqrOUki2NglK0+xD5whIgCB/K07CMa0EI
XNxgwarVbsmmdrAweS4R2KBa+7JMwKYh5FgkE0Y8LuXGxhZeCDWjURfbimBP7djz
DjuCKBX3MCOfEd43jL48pH8PMT3K1UvRGhbwrgPLR6GXgc5ulT+pM3h6ns9ZdVFM
8SLLC0eWJ87aJY+g6lRCs93HWQc7Dtdi4dE9rT+eFYriAhAG1xVjqC6wksN86WT/
dS8ftZo+dwppE3DepNhodqLBGrrsbhqUFi83SpqL9XYQfT94XN+qRFjKQTALwA5O
hUS8n8jL12xVPxn8d9Rac6/CdA==
-----END CERTIFICATE-----
Generated at Sun Mar 22 21:54:19 2026 by rpki-client