Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/W-kvxYxosjL_xXxE3nn_nzAZdvw.roa
File: W-kvxYxosjL_xXxE3nn_nzAZdvw.roa (raw, json)
Hash identifier: 0mobFer4IHy4dXZ/kWgfxXVsoxztol8ep6ExJ1ImgTk=
Subject key identifier: 5B:E9:2F:C5:8C:68:B2:32:FF:C5:7C:44:DE:79:FF:9F:30:19:76:FC
Certificate issuer: /CN=15f19074548d2a294e4385d95cd6752490ee46d7
Certificate serial: 01992E17A700314C3C95A389A46974D2D1A4
Authority key identifier: 15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/W-kvxYxosjL_xXxE3nn_nzAZdvw.roa
Signing time: Tue 09 Sep 2025 10:48:45 +0000
ROA not before: Tue 09 Sep 2025 10:48:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 62.72.162.0/23 maxlen: 23
62.72.164.0/22 maxlen: 22
62.72.164.0/23 maxlen: 23
81.21.2.0/23 maxlen: 23
81.21.4.0/22 maxlen: 24
176.57.63.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.mft
rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 16 Sep 2025 08:01:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:2e:17:a7:00:31:4c:3c:95:a3:89:a4:69:74:d2:d1:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=15f19074548d2a294e4385d95cd6752490ee46d7
Validity
Not Before: Sep 9 10:48:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5be92fc58c68b232ffc57c44de79ff9f301976fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:46:15:f8:fc:6b:19:3a:40:37:98:29:14:77:
65:17:39:e0:e6:6c:78:ec:c3:d0:2b:2b:13:17:82:
21:85:f9:e3:8c:56:ee:1d:73:93:42:db:91:57:bd:
f9:79:cd:4f:ad:cd:0e:d3:bc:b2:7a:a5:78:26:0c:
41:48:4e:0e:04:b5:24:15:9f:63:90:8e:47:33:7c:
d8:7d:9b:b1:31:f1:6c:d6:50:3e:c7:08:5d:3c:d6:
ea:48:c2:1e:f6:cc:60:b9:e0:37:33:af:aa:46:76:
1a:a9:b5:91:3e:ae:82:e3:ee:6b:d7:99:85:74:fb:
ce:16:b2:df:9c:bb:73:e8:78:f4:48:94:55:4e:00:
c2:56:b0:37:fe:6d:c0:ce:f6:be:92:65:4a:53:7d:
a6:c7:8b:b5:80:24:29:8a:64:92:8e:13:34:03:3b:
44:db:d7:a4:b7:9c:f9:06:d2:d5:b0:83:28:a7:45:
f6:96:f2:29:d6:06:e9:72:f3:f9:ba:e2:00:d0:af:
b7:fe:1e:b5:9f:2b:b7:5e:fe:50:51:12:9b:7f:d3:
59:df:34:2b:1c:90:38:24:74:75:a4:fc:34:fc:6a:
32:02:98:92:d3:dc:8e:27:0a:b6:2f:b7:45:36:b7:
85:71:21:d2:7e:5f:e3:6d:1b:38:e8:7c:f9:25:82:
9e:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:E9:2F:C5:8C:68:B2:32:FF:C5:7C:44:DE:79:FF:9F:30:19:76:FC
X509v3 Authority Key Identifier:
keyid:15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/W-kvxYxosjL_xXxE3nn_nzAZdvw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.72.162.0-62.72.167.255
81.21.2.0-81.21.7.255
176.57.63.0/24
Signature Algorithm: sha256WithRSAEncryption
bf:5e:f1:37:4f:ec:bb:0a:2f:23:a2:5e:61:1c:04:ef:b5:9c:
fe:e5:e3:2b:ab:cd:e7:7e:e1:5c:6b:53:d6:fd:02:17:5d:f4:
3a:ba:74:2d:9c:ab:7a:23:43:83:76:88:17:1c:75:10:b3:19:
e0:76:a3:24:89:37:56:20:1d:49:9e:0a:90:7f:8c:34:47:87:
0b:a1:60:0f:46:c5:df:57:8c:98:05:96:c8:04:1d:c3:b4:41:
49:43:e2:81:fc:12:e9:b5:33:fd:3a:96:59:29:d8:90:e1:99:
e6:15:45:11:26:e6:35:7d:dd:07:6f:74:20:8c:7a:69:cc:57:
27:b5:d1:6a:b0:ce:30:38:fe:91:2b:3f:de:2f:9b:2e:ae:e0:
07:c0:b2:33:5d:e5:fc:2f:27:f5:7c:1c:e8:ef:7c:e1:11:4c:
32:61:76:b4:cd:88:c2:c5:94:7b:c4:87:55:9f:2c:ce:71:33:
5e:b0:f1:17:f9:63:b5:f9:3d:c9:b4:2a:d1:c0:13:46:00:e2:
81:e4:8f:12:fc:5f:f6:b6:cc:92:16:8c:a0:ce:cc:c3:67:ee:
47:c2:11:71:dc:81:cc:25:96:22:6c:a0:44:64:74:36:85:d8:
46:03:39:85:8f:79:1a:6b:ac:30:8d:27:97:16:d7:9b:2a:28:
b8:e7:86:a2
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZkuF6cAMUw8laOJpGl00tGkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1ZjE5MDc0NTQ4ZDJhMjk0ZTQzODVkOTVjZDY3NTI0OTBl
ZTQ2ZDcwHhcNMjUwOTA5MTA0ODQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YmU5MmZjNThjNjhiMjMyZmZjNTdjNDRkZTc5ZmY5ZjMwMTk3NmZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAykYV+PxrGTpAN5gpFHdlFzng5mx4
7MPQKysTF4IhhfnjjFbuHXOTQtuRV735ec1Prc0O07yyeqV4JgxBSE4OBLUkFZ9j
kI5HM3zYfZuxMfFs1lA+xwhdPNbqSMIe9sxgueA3M6+qRnYaqbWRPq6C4+5r15mF
dPvOFrLfnLtz6Hj0SJRVTgDCVrA3/m3Azva+kmVKU32mx4u1gCQpimSSjhM0AztE
29ekt5z5BtLVsIMop0X2lvIp1gbpcvP5uuIA0K+3/h61nyu3Xv5QURKbf9NZ3zQr
HJA4JHR1pPw0/GoyApiS09yOJwq2L7dFNreFcSHSfl/jbRs46Hz5JYKeFwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFFvpL8WMaLIy/8V8RN55/58wGXb8MB8GA1UdIwQY
MBaAFBXxkHRUjSopTkOF2VzWdSSQ7kbXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2Qt
NTYyNDRmNDMwZGNjLzEvVy1rdnhZeG9zakxfeFh4RTNubl9uekFaZHZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2QtNTYyNDRmNDMwZGNj
LzEvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiMAwDBAE+SKID
BAM+SKAwDAMEAVEVAgMEA1EVAAMEALA5PzANBgkqhkiG9w0BAQsFAAOCAQEAv17x
N0/suwovI6JeYRwE77Wc/uXjK6vN537hXGtT1v0CF130Orp0LZyreiNDg3aIFxx1
ELMZ4HajJIk3ViAdSZ4KkH+MNEeHC6FgD0bF31eMmAWWyAQdw7RBSUPigfwS6bUz
/TqWWSnYkOGZ5hVFESbmNX3dB290IIx6acxXJ7XRarDOMDj+kSs/3i+bLq7gB8Cy
M13l/C8n9Xwc6O984RFMMmF2tM2IwsWUe8SHVZ8sznEzXrDxF/ljtfk9ybQq0cAT
RgDigeSPEvxf9rbMkhaMoM7Mw2fuR8IRcdyBzCWWImygRGR0NoXYRgM5hY95Gmus
MI0nlxbXmyoouOeGog==
-----END CERTIFICATE-----
Generated at Mon Sep 15 14:38:29 2025 by rpki-client