Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/XuvA3cwrvAjarJQJvRMPiEa9bjc.roa
File: XuvA3cwrvAjarJQJvRMPiEa9bjc.roa (raw, json)
Hash identifier: qC1kOdTNGP6qmw/uaXS9/8bo51iifl3jkmmw78vmsX0=
Subject key identifier: 5E:EB:C0:DD:CC:2B:BC:08:DA:AC:94:09:BD:13:0F:88:46:BD:6E:37
Certificate issuer: /CN=15f19074548d2a294e4385d95cd6752490ee46d7
Certificate serial: 019CD1866293081D6822D0903D537A3CFE95
Authority key identifier: 15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/XuvA3cwrvAjarJQJvRMPiEa9bjc.roa
Signing time: Mon 09 Mar 2026 07:36:11 +0000
ROA not before: Mon 09 Mar 2026 07:36:11 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 834
IP address blocks: 62.72.162.0/23 maxlen: 23
62.72.164.0/22 maxlen: 22
62.72.164.0/23 maxlen: 23
62.72.174.0/24 maxlen: 24
81.21.1.0/24 maxlen: 24
81.21.2.0/23 maxlen: 23
81.21.3.0/24 maxlen: 24
81.21.4.0/22 maxlen: 24
81.21.4.0/24 maxlen: 24
81.21.7.0/24 maxlen: 24
176.57.56.0/24 maxlen: 24
176.57.57.0/24 maxlen: 24
176.57.63.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.mft
rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 16 Mar 2026 15:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:d1:86:62:93:08:1d:68:22:d0:90:3d:53:7a:3c:fe:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=15f19074548d2a294e4385d95cd6752490ee46d7
Validity
Not Before: Mar 9 07:36:11 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=5eebc0ddcc2bbc08daac9409bd130f8846bd6e37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:85:32:64:14:f1:55:ec:a0:1f:19:75:a0:7e:
ef:e2:e2:a9:c0:f5:81:b9:36:9e:22:93:e5:9d:ad:
85:fa:8f:7c:50:dc:9b:35:77:ea:4a:64:4a:cb:d8:
84:57:5a:f5:9d:92:78:3b:91:e4:40:e3:88:ad:00:
f5:84:01:99:03:14:d2:68:13:1b:b7:e4:a5:c8:5a:
1f:0d:1e:ea:81:bd:34:30:56:e7:9d:77:05:6c:f9:
78:25:f8:72:25:57:e4:90:e2:52:3c:1d:3c:8e:4c:
c7:db:97:f8:2b:51:c2:21:00:07:e5:ec:a7:4c:6b:
fb:e5:fd:65:e3:8f:0b:23:c3:c2:a4:b0:6c:f5:83:
79:01:b5:2c:76:ba:47:82:20:76:2b:b6:3f:ac:9e:
c3:cd:8e:21:7c:72:5f:bb:1d:94:a8:aa:a0:a3:46:
b2:52:e4:20:60:eb:1f:66:5b:71:85:8a:2a:c8:44:
48:78:d3:3f:27:b8:a6:0b:5d:82:50:3d:11:37:fb:
c8:e1:d7:69:84:9a:28:6f:0f:43:75:1c:f9:59:a8:
3c:0e:51:18:47:18:57:a6:33:54:ea:1b:f5:1c:f6:
5a:41:17:77:3e:13:8b:de:dd:38:89:c1:23:56:ed:
9f:5e:2d:1c:41:ea:eb:1a:fb:70:03:9d:56:2f:8e:
42:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:EB:C0:DD:CC:2B:BC:08:DA:AC:94:09:BD:13:0F:88:46:BD:6E:37
X509v3 Authority Key Identifier:
keyid:15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/XuvA3cwrvAjarJQJvRMPiEa9bjc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.72.162.0-62.72.167.255
62.72.174.0/24
81.21.1.0-81.21.7.255
176.57.56.0/23
176.57.63.0/24
Signature Algorithm: sha256WithRSAEncryption
40:0f:61:c5:b1:41:c5:05:45:6a:fc:66:0f:ea:b9:37:23:90:
0b:0c:8e:d5:88:3b:ed:24:da:13:8c:7a:19:a8:ce:09:e8:f6:
2c:c3:83:67:91:97:27:a0:a9:b5:e1:b6:3c:2d:94:41:4f:46:
d7:df:4b:54:ff:83:bd:ea:00:08:f6:ed:5f:93:0a:35:4d:a5:
50:eb:db:b7:06:31:43:26:f5:e9:ba:48:27:c8:40:5b:23:4a:
f4:96:a3:6f:5f:02:eb:74:83:16:6e:1c:cf:01:97:d9:e1:6b:
aa:8f:cf:66:1c:8d:0b:61:0d:eb:ef:53:90:4d:cb:bc:9b:48:
dd:91:69:1d:0b:f0:9e:64:77:4d:5f:4c:b0:e7:80:1c:5a:30:
1e:3d:72:c7:e7:c5:79:26:29:6b:b3:3e:a3:b4:1e:9f:03:c1:
1e:85:2f:56:3d:14:44:9a:9e:1a:f1:f5:d1:28:74:f3:f5:7a:
03:db:37:a6:a7:71:20:a7:b8:bd:16:cd:cc:e2:6a:79:c2:ff:
20:88:f5:9e:12:de:87:b5:f1:81:29:b0:a8:6f:ed:9a:4d:21:
f8:22:09:28:3b:31:ce:73:a0:76:15:a4:68:a0:eb:a5:e9:2b:
c5:c5:78:ad:f9:d1:7c:e8:30:35:4e:58:3d:96:1e:d4:09:93:
67:d6:6c:d1
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAZzRhmKTCB1oItCQPVN6PP6VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1ZjE5MDc0NTQ4ZDJhMjk0ZTQzODVkOTVjZDY3NTI0OTBl
ZTQ2ZDcwHhcNMjYwMzA5MDczNjExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZWViYzBkZGNjMmJiYzA4ZGFhYzk0MDliZDEzMGY4ODQ2YmQ2ZTM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0YUyZBTxVeygHxl1oH7v4uKpwPWB
uTaeIpPlna2F+o98UNybNXfqSmRKy9iEV1r1nZJ4O5HkQOOIrQD1hAGZAxTSaBMb
t+SlyFofDR7qgb00MFbnnXcFbPl4JfhyJVfkkOJSPB08jkzH25f4K1HCIQAH5eyn
TGv75f1l448LI8PCpLBs9YN5AbUsdrpHgiB2K7Y/rJ7DzY4hfHJfux2UqKqgo0ay
UuQgYOsfZltxhYoqyERIeNM/J7imC12CUD0RN/vI4ddphJoobw9DdRz5Wag8DlEY
RxhXpjNU6hv1HPZaQRd3PhOL3t04icEjVu2fXi0cQerrGvtwA51WL45CPQIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFF7rwN3MK7wI2qyUCb0TD4hGvW43MB8GA1UdIwQY
MBaAFBXxkHRUjSopTkOF2VzWdSSQ7kbXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2Qt
NTYyNDRmNDMwZGNjLzEvWHV2QTNjd3J2QWphckpRSnZSTVBpRWE5YmpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2QtNTYyNDRmNDMwZGNj
LzEvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjA0BAIAATAuMAwDBAE+SKID
BAM+SKADBAA+SK4wDAMEAFEVAQMEA1EVAAMEAbA5OAMEALA5PzANBgkqhkiG9w0B
AQsFAAOCAQEAQA9hxbFBxQVFavxmD+q5NyOQCwyO1Yg77STaE4x6GajOCej2LMOD
Z5GXJ6CpteG2PC2UQU9G199LVP+DveoACPbtX5MKNU2lUOvbtwYxQyb16bpIJ8hA
WyNK9Jajb18C63SDFm4czwGX2eFrqo/PZhyNC2EN6+9TkE3LvJtI3ZFpHQvwnmR3
TV9MsOeAHFowHj1yx+fFeSYpa7M+o7QenwPBHoUvVj0URJqeGvH10Sh08/V6A9s3
pqdxIKe4vRbNzOJqecL/IIj1nhLeh7XxgSmwqG/tmk0h+CIJKDsxznOgdhWkaKDr
pekrxcV4rfnRfOgwNU5YPZYe1AmTZ9Zs0Q==
-----END CERTIFICATE-----
Generated at Sun Mar 15 20:48:41 2026 by rpki-client