Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/feDTL9Rz8deEhu6DJ300IQPeawQ.roa
File: feDTL9Rz8deEhu6DJ300IQPeawQ.roa (raw, json)
Hash identifier: cTo8/ey5Hnq+vJG5i7RIZlUTavcPH0vRNtIR93h3u/c=
Subject key identifier: 7D:E0:D3:2F:D4:73:F1:D7:84:86:EE:83:27:7D:34:21:03:DE:6B:04
Certificate issuer: /CN=15f19074548d2a294e4385d95cd6752490ee46d7
Certificate serial: 019A2EB59451D55A517A7F8370B54B7930A3
Authority key identifier: 15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/feDTL9Rz8deEhu6DJ300IQPeawQ.roa
Signing time: Wed 29 Oct 2025 06:44:03 +0000
ROA not before: Wed 29 Oct 2025 06:44:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 62.72.162.0/23 maxlen: 23
62.72.164.0/22 maxlen: 22
62.72.164.0/23 maxlen: 23
62.72.171.0/24 maxlen: 24
81.21.2.0/23 maxlen: 23
81.21.4.0/22 maxlen: 24
176.57.56.0/24 maxlen: 24
176.57.63.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.mft
rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 01 Nov 2025 00:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:2e:b5:94:51:d5:5a:51:7a:7f:83:70:b5:4b:79:30:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=15f19074548d2a294e4385d95cd6752490ee46d7
Validity
Not Before: Oct 29 06:44:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7de0d32fd473f1d78486ee83277d342103de6b04
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:02:79:25:3b:51:98:2b:61:54:2c:5f:30:5e:
d7:03:4f:fc:f1:13:5b:67:84:a1:0e:c8:57:ca:a0:
5a:f6:47:f8:00:96:d2:54:90:4b:47:63:a3:ad:cf:
08:73:d5:64:d0:5a:13:ae:5e:4b:eb:90:00:b8:ff:
bb:e6:25:c9:04:05:27:14:cb:3e:e2:09:f2:e7:be:
6f:f3:37:fc:40:24:0f:0b:5f:97:27:b0:e7:02:9f:
0a:1d:cd:de:1f:6e:04:0d:c9:d2:4d:e4:3a:1e:25:
f1:59:75:84:65:bf:0d:cd:e6:5d:e0:b7:e6:9b:d9:
21:a4:a1:a0:64:64:bd:7e:49:42:47:e3:ea:71:b2:
23:89:12:60:44:20:ba:a8:77:dc:1e:ec:5f:5f:27:
d8:e2:45:80:db:bf:91:00:3e:3e:eb:e2:67:5b:ab:
4d:eb:9d:9e:8b:01:b3:2d:0d:08:71:0d:a2:31:8b:
05:ca:c4:3d:2c:01:2c:a1:ee:7c:e9:4a:62:38:b7:
a2:e8:d9:64:a8:cb:04:e6:2a:45:c3:f6:a9:15:33:
00:8c:fe:ed:28:b3:0c:9c:b8:d7:ef:bb:91:35:cf:
14:32:bd:af:c8:e1:25:ca:82:e5:24:d0:9d:dd:9d:
7b:ef:22:f4:fe:87:86:d1:0f:95:ba:4e:80:8c:0b:
8c:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:E0:D3:2F:D4:73:F1:D7:84:86:EE:83:27:7D:34:21:03:DE:6B:04
X509v3 Authority Key Identifier:
keyid:15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/feDTL9Rz8deEhu6DJ300IQPeawQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.72.162.0-62.72.167.255
62.72.171.0/24
81.21.2.0-81.21.7.255
176.57.56.0/24
176.57.63.0/24
Signature Algorithm: sha256WithRSAEncryption
bc:e0:64:6b:99:0f:ee:fc:a5:3e:48:7e:52:6b:6c:36:9b:1b:
9e:56:95:84:d6:d2:95:e3:d0:9d:51:c2:32:f7:53:5a:6d:cd:
ba:df:45:59:7b:7f:4a:e9:43:42:90:48:cf:44:5a:08:93:25:
cc:cf:6b:1d:df:e7:bc:40:14:31:82:c2:bc:12:7c:47:dd:36:
43:81:3b:03:1d:1c:e1:90:b6:66:7e:11:6e:69:66:78:0a:a0:
86:47:2f:b7:f8:ff:ad:5e:17:f3:77:de:87:c8:4a:8f:f6:1f:
ae:aa:a2:6f:1a:36:40:17:54:71:08:fa:13:97:8f:6c:0e:2a:
e6:8b:45:94:d5:71:a4:fa:10:21:75:94:a3:af:f4:2e:ec:27:
1f:c8:1f:59:02:e1:7c:85:71:f2:ed:9a:20:e6:24:77:f0:e4:
1f:8f:fa:94:66:31:ec:70:71:6d:ab:ad:b9:ee:68:22:16:60:
b0:38:a4:03:31:67:ca:37:63:73:cf:46:22:d9:a7:50:89:f4:
6d:5e:f0:d2:08:a8:1e:fc:18:3e:29:a1:c6:a8:61:fb:80:46:
3a:3f:23:df:18:87:57:f6:74:63:76:ab:c3:9c:6c:4e:61:4a:
78:e2:e1:60:15:78:a4:e9:1b:09:7f:57:c7:63:0f:f6:4d:a7:
aa:0c:bb:98
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAZoutZRR1VpRen+DcLVLeTCjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1ZjE5MDc0NTQ4ZDJhMjk0ZTQzODVkOTVjZDY3NTI0OTBl
ZTQ2ZDcwHhcNMjUxMDI5MDY0NDAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZGUwZDMyZmQ0NzNmMWQ3ODQ4NmVlODMyNzdkMzQyMTAzZGU2YjA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2QJ5JTtRmCthVCxfMF7XA0/88RNb
Z4ShDshXyqBa9kf4AJbSVJBLR2Ojrc8Ic9Vk0FoTrl5L65AAuP+75iXJBAUnFMs+
4gny575v8zf8QCQPC1+XJ7DnAp8KHc3eH24EDcnSTeQ6HiXxWXWEZb8NzeZd4Lfm
m9khpKGgZGS9fklCR+PqcbIjiRJgRCC6qHfcHuxfXyfY4kWA27+RAD4+6+JnW6tN
652eiwGzLQ0IcQ2iMYsFysQ9LAEsoe586UpiOLei6NlkqMsE5ipFw/apFTMAjP7t
KLMMnLjX77uRNc8UMr2vyOElyoLlJNCd3Z177yL0/oeG0Q+Vuk6AjAuMWwIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFH3g0y/Uc/HXhIbugyd9NCED3msEMB8GA1UdIwQY
MBaAFBXxkHRUjSopTkOF2VzWdSSQ7kbXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2Qt
NTYyNDRmNDMwZGNjLzEvZmVEVEw5Uno4ZGVFaHU2REozMDBJUVBlYXdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2QtNTYyNDRmNDMwZGNj
LzEvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjA0BAIAATAuMAwDBAE+SKID
BAM+SKADBAA+SKswDAMEAVEVAgMEA1EVAAMEALA5OAMEALA5PzANBgkqhkiG9w0B
AQsFAAOCAQEAvOBka5kP7vylPkh+UmtsNpsbnlaVhNbSlePQnVHCMvdTWm3Nut9F
WXt/SulDQpBIz0RaCJMlzM9rHd/nvEAUMYLCvBJ8R902Q4E7Ax0c4ZC2Zn4Rbmlm
eAqghkcvt/j/rV4X83feh8hKj/Yfrqqibxo2QBdUcQj6E5ePbA4q5otFlNVxpPoQ
IXWUo6/0LuwnH8gfWQLhfIVx8u2aIOYkd/DkH4/6lGYx7HBxbautue5oIhZgsDik
AzFnyjdjc89GItmnUIn0bV7w0gioHvwYPimhxqhh+4BGOj8j3xiHV/Z0Y3arw5xs
TmFKeOLhYBV4pOkbCX9Xx2MP9k2nqgy7mA==
-----END CERTIFICATE-----
Generated at Fri Oct 31 05:44:55 2025 by rpki-client