Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/dWsPVq2oLA3QWz5H8KZ9DdneFrg.roa
File: dWsPVq2oLA3QWz5H8KZ9DdneFrg.roa (raw, json)
Hash identifier: kSpqzESLHrqUoAJtA16jnUPXIEdIDVl5w/oBqNYYmsw=
Subject key identifier: 75:6B:0F:56:AD:A8:2C:0D:D0:5B:3E:47:F0:A6:7D:0D:D9:DE:16:B8
Certificate issuer: /CN=15f19074548d2a294e4385d95cd6752490ee46d7
Certificate serial: 019D5D0FBDE3F3088507B6339292EB415F00
Authority key identifier: 15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/dWsPVq2oLA3QWz5H8KZ9DdneFrg.roa
Signing time: Sun 05 Apr 2026 09:53:25 +0000
ROA not before: Sun 05 Apr 2026 09:53:25 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 834
IP address blocks: 62.72.162.0/23 maxlen: 23
62.72.164.0/22 maxlen: 22
62.72.164.0/23 maxlen: 23
62.72.174.0/24 maxlen: 24
62.72.176.0/24 maxlen: 24
81.21.1.0/24 maxlen: 24
81.21.2.0/23 maxlen: 23
81.21.3.0/24 maxlen: 24
81.21.4.0/22 maxlen: 24
81.21.4.0/24 maxlen: 24
81.21.7.0/24 maxlen: 24
176.57.50.0/24 maxlen: 24
176.57.63.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.mft
rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 07 Apr 2026 10:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:5d:0f:bd:e3:f3:08:85:07:b6:33:92:92:eb:41:5f:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=15f19074548d2a294e4385d95cd6752490ee46d7
Validity
Not Before: Apr 5 09:53:25 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=756b0f56ada82c0dd05b3e47f0a67d0dd9de16b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:cb:b1:a7:e0:06:0a:0d:b0:3e:22:cc:1e:f8:
c4:74:2f:a3:77:cb:23:08:93:1a:3b:ea:41:3b:d4:
3a:97:0a:55:c4:3a:da:7d:d1:0a:cb:88:a6:ad:f0:
eb:21:e2:4e:35:0a:44:20:16:8d:2e:91:d8:0a:17:
6e:7c:3c:c5:ff:fe:73:91:8a:2e:33:df:17:05:34:
4f:b5:4e:4e:96:4f:51:64:f7:c8:ce:94:ef:7d:38:
2a:a2:cb:f7:d2:23:8e:11:83:91:9a:97:21:b0:d7:
0a:17:1d:f7:fb:07:f7:29:ad:89:ba:e1:ba:3d:de:
e9:2c:34:c0:47:32:8f:12:c9:9f:8d:34:69:40:69:
f7:8a:dd:59:0a:87:b0:d1:9e:bd:2f:02:6e:2b:d8:
dc:39:c6:e5:ce:d5:f4:35:b0:72:f8:b4:a9:f2:24:
4e:68:c2:03:0d:bf:3d:4c:1f:cc:c4:84:1e:77:25:
97:87:88:e6:05:05:3d:eb:e2:4d:0b:3c:72:4e:9b:
0a:48:9b:da:9e:8b:22:40:f7:88:97:78:d2:84:28:
f8:4a:8b:c0:eb:87:17:e3:db:a2:76:62:d7:ee:38:
d5:1b:56:23:a3:da:b4:8c:74:07:e1:1b:9b:5b:2f:
bd:b0:3d:de:2d:25:92:95:4b:5e:20:3a:71:a0:12:
dd:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:6B:0F:56:AD:A8:2C:0D:D0:5B:3E:47:F0:A6:7D:0D:D9:DE:16:B8
X509v3 Authority Key Identifier:
keyid:15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/dWsPVq2oLA3QWz5H8KZ9DdneFrg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.72.162.0-62.72.167.255
62.72.174.0/24
62.72.176.0/24
81.21.1.0-81.21.7.255
176.57.50.0/24
176.57.63.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:97:62:77:1f:b7:6f:f8:41:e0:f3:1c:d9:43:13:c7:f5:11:
11:ad:ae:4f:83:c4:5e:ef:ac:56:8a:08:ce:3d:bb:9d:75:9b:
04:7d:dd:e3:1d:0e:49:e4:74:a4:94:27:e9:46:0c:d1:71:a6:
f8:77:cd:c8:62:c5:db:06:fb:a4:22:13:0d:f7:a1:85:3c:09:
f3:30:9f:bd:83:fa:c1:f7:11:ee:7e:aa:3c:68:5a:b8:8c:43:
51:20:10:18:13:6f:25:5f:33:16:a6:68:ef:15:29:09:82:72:
48:ae:d9:a6:a0:3c:95:dd:77:72:d4:6b:be:4a:4b:83:47:0f:
42:10:3c:75:fa:6c:a6:23:0e:c8:fd:bd:d3:3f:98:ef:43:6c:
f4:4f:2b:f5:fc:27:44:33:48:ad:78:67:8d:b2:08:2f:75:92:
09:31:ff:16:e1:12:cb:f1:5a:3b:77:b8:33:1f:43:46:00:d5:
ce:45:8c:e6:46:8e:a8:8c:13:13:e9:b7:2d:46:ad:44:22:d0:
a2:d0:de:04:c0:24:ea:ca:ce:f2:d0:88:9d:14:eb:ca:fb:e6:
69:68:a3:07:45:81:39:e2:ff:fe:25:fb:60:21:e9:dd:31:67:
72:67:56:ca:47:27:2e:8a:36:4a:b5:c6:d5:8c:17:ed:e2:b2:
68:3b:c7:99
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAZ1dD73j8wiFB7YzkpLrQV8AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1ZjE5MDc0NTQ4ZDJhMjk0ZTQzODVkOTVjZDY3NTI0OTBl
ZTQ2ZDcwHhcNMjYwNDA1MDk1MzI1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTZiMGY1NmFkYTgyYzBkZDA1YjNlNDdmMGE2N2QwZGQ5ZGUxNmI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA18uxp+AGCg2wPiLMHvjEdC+jd8sj
CJMaO+pBO9Q6lwpVxDrafdEKy4imrfDrIeJONQpEIBaNLpHYChdufDzF//5zkYou
M98XBTRPtU5Olk9RZPfIzpTvfTgqosv30iOOEYORmpchsNcKFx33+wf3Ka2JuuG6
Pd7pLDTARzKPEsmfjTRpQGn3it1ZCoew0Z69LwJuK9jcOcblztX0NbBy+LSp8iRO
aMIDDb89TB/MxIQedyWXh4jmBQU96+JNCzxyTpsKSJvanosiQPeIl3jShCj4SovA
64cX49uidmLX7jjVG1Yjo9q0jHQH4RubWy+9sD3eLSWSlUteIDpxoBLdLQIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFHVrD1atqCwN0Fs+R/CmfQ3Z3ha4MB8GA1UdIwQY
MBaAFBXxkHRUjSopTkOF2VzWdSSQ7kbXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2Qt
NTYyNDRmNDMwZGNjLzEvZFdzUFZxMm9MQTNRV3o1SDhLWjlEZG5lRnJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2QtNTYyNDRmNDMwZGNj
LzEvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDA6BAIAATA0MAwDBAE+SKID
BAM+SKADBAA+SK4DBAA+SLAwDAMEAFEVAQMEA1EVAAMEALA5MgMEALA5PzANBgkq
hkiG9w0BAQsFAAOCAQEAP5didx+3b/hB4PMc2UMTx/UREa2uT4PEXu+sVooIzj27
nXWbBH3d4x0OSeR0pJQn6UYM0XGm+HfNyGLF2wb7pCITDfehhTwJ8zCfvYP6wfcR
7n6qPGhauIxDUSAQGBNvJV8zFqZo7xUpCYJySK7ZpqA8ld13ctRrvkpLg0cPQhA8
dfpspiMOyP290z+Y70Ns9E8r9fwnRDNIrXhnjbIIL3WSCTH/FuESy/FaO3e4Mx9D
RgDVzkWM5kaOqIwTE+m3LUatRCLQotDeBMAk6srO8tCInRTryvvmaWijB0WBOeL/
/iX7YCHp3TFncmdWykcnLoo2SrXG1YwX7eKyaDvHmQ==
-----END CERTIFICATE-----
Generated at Mon Apr 6 16:55:02 2026 by rpki-client