Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/irVJodDZrvf4mLLivZGmYYu9tkw.roa
File: irVJodDZrvf4mLLivZGmYYu9tkw.roa (raw, json)
Hash identifier: 3bYzas0wGU9M7XA7sTAFVBhfSfnZyldojSUq+qz3H0g=
Subject key identifier: 8A:B5:49:A1:D0:D9:AE:F7:F8:98:B2:E2:BD:91:A6:61:8B:BD:B6:4C
Certificate issuer: /CN=15f19074548d2a294e4385d95cd6752490ee46d7
Certificate serial: 019CD1874C5385E587BE72589C7B26DCD07E
Authority key identifier: 15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/irVJodDZrvf4mLLivZGmYYu9tkw.roa
Signing time: Mon 09 Mar 2026 07:37:10 +0000
ROA not before: Mon 09 Mar 2026 07:37:10 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 50670
IP address blocks: 62.72.161.0/24 maxlen: 24
62.72.162.0/24 maxlen: 24
62.72.170.0/24 maxlen: 24
62.72.171.0/24 maxlen: 24
62.72.174.0/24 maxlen: 24
62.72.187.0/24 maxlen: 24
62.72.191.0/24 maxlen: 24
81.21.8.0/22 maxlen: 22
81.21.8.0/24 maxlen: 24
81.21.9.0/24 maxlen: 24
81.21.10.0/24 maxlen: 24
81.21.11.0/24 maxlen: 24
81.21.12.0/24 maxlen: 24
81.21.13.0/24 maxlen: 24
81.21.14.0/24 maxlen: 24
81.21.15.0/24 maxlen: 24
109.237.192.0/20 maxlen: 24
109.237.192.0/24 maxlen: 24
109.237.193.0/24 maxlen: 24
109.237.194.0/24 maxlen: 24
109.237.195.0/24 maxlen: 24
109.237.196.0/24 maxlen: 24
109.237.197.0/24 maxlen: 24
109.237.198.0/24 maxlen: 24
109.237.199.0/24 maxlen: 24
109.237.200.0/24 maxlen: 24
109.237.201.0/24 maxlen: 24
109.237.202.0/24 maxlen: 24
109.237.203.0/24 maxlen: 24
109.237.204.0/24 maxlen: 24
109.237.205.0/24 maxlen: 24
109.237.206.0/24 maxlen: 24
109.237.207.0/24 maxlen: 24
176.241.64.0/21 maxlen: 24
176.241.64.0/24 maxlen: 24
176.241.65.0/24 maxlen: 24
176.241.66.0/24 maxlen: 24
176.241.67.0/24 maxlen: 24
176.241.68.0/24 maxlen: 24
176.241.69.0/24 maxlen: 24
176.241.70.0/24 maxlen: 24
176.241.71.0/24 maxlen: 24
178.20.184.0/21 maxlen: 24
178.20.184.0/24 maxlen: 24
178.20.185.0/24 maxlen: 24
178.20.186.0/24 maxlen: 24
178.20.187.0/24 maxlen: 24
178.20.188.0/24 maxlen: 24
178.20.189.0/24 maxlen: 24
178.20.190.0/24 maxlen: 24
178.20.191.0/24 maxlen: 24
185.51.212.0/22 maxlen: 22
185.51.212.0/24 maxlen: 24
185.51.213.0/24 maxlen: 24
185.51.214.0/24 maxlen: 24
185.51.215.0/24 maxlen: 24
185.193.176.0/22 maxlen: 22
185.193.176.0/24 maxlen: 24
185.193.177.0/24 maxlen: 24
185.193.178.0/24 maxlen: 24
185.193.179.0/24 maxlen: 24
2a01:1d0::/29 maxlen: 29
2a01:1d0::/32 maxlen: 32
2a0a:2740::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.mft
rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 16 Mar 2026 15:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:d1:87:4c:53:85:e5:87:be:72:58:9c:7b:26:dc:d0:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=15f19074548d2a294e4385d95cd6752490ee46d7
Validity
Not Before: Mar 9 07:37:10 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=8ab549a1d0d9aef7f898b2e2bd91a6618bbdb64c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:3b:86:e9:52:83:6b:dd:9a:b8:f3:cb:a6:54:
4a:28:88:27:3b:aa:38:a0:84:8d:7d:7b:c4:70:99:
00:8d:45:7e:7d:28:e5:04:63:ca:27:a2:4c:ff:eb:
cf:90:57:38:3d:86:e1:4b:08:12:11:89:68:95:55:
fa:47:2b:78:43:82:2f:32:4c:70:d3:2d:31:e3:67:
a3:fe:c1:a5:52:a3:36:e5:52:fa:ac:62:99:49:5a:
d7:46:f6:8c:9c:68:a0:e4:b7:fd:f0:d4:9b:a0:7b:
15:fc:56:40:ba:e6:76:ef:69:71:5c:6f:7a:56:39:
4d:c6:36:d2:c2:5f:ae:11:1f:4f:0d:76:fe:7e:a8:
57:61:67:3f:33:7b:47:11:f1:90:7f:cc:c2:fd:d9:
bc:37:a8:fc:27:cc:99:b1:bb:39:1d:6a:5e:e1:9e:
07:98:04:81:5a:52:c8:e6:0b:ae:6d:56:09:62:b9:
47:5c:98:92:c6:41:c2:72:69:33:cb:16:5b:6c:4e:
26:f6:ae:0d:e9:ad:68:05:71:55:b5:21:09:87:fe:
d5:05:54:c1:3e:7d:f1:4f:0d:a2:a0:3e:95:36:49:
bb:4b:5a:fb:19:39:61:15:26:fe:d7:43:4e:f0:db:
78:cd:02:4d:7f:de:9a:52:44:e9:f1:9e:64:82:b0:
d2:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:B5:49:A1:D0:D9:AE:F7:F8:98:B2:E2:BD:91:A6:61:8B:BD:B6:4C
X509v3 Authority Key Identifier:
keyid:15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/irVJodDZrvf4mLLivZGmYYu9tkw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.72.161.0-62.72.162.255
62.72.170.0/23
62.72.174.0/24
62.72.187.0/24
62.72.191.0/24
81.21.8.0/21
109.237.192.0/20
176.241.64.0/21
178.20.184.0/21
185.51.212.0/22
185.193.176.0/22
IPv6:
2a01:1d0::/29
2a0a:2740::/29
Signature Algorithm: sha256WithRSAEncryption
04:7b:4e:6c:aa:3f:38:7e:23:8d:73:10:5f:9e:d2:92:80:c6:
a4:83:23:f4:48:10:15:fb:73:e9:c4:97:27:3f:48:3b:85:8a:
f9:34:c8:94:db:1e:34:de:1f:fe:13:c9:8a:26:4e:9a:33:12:
62:09:9f:6d:04:35:21:76:e4:5e:37:b6:92:52:af:72:01:a9:
b1:50:4b:e1:e9:43:16:be:94:8b:58:5a:06:30:a0:89:7e:ad:
21:c5:80:4e:af:3c:3d:ce:28:f9:2d:72:bf:32:09:55:15:69:
9f:12:1f:7b:bb:8b:78:bf:6c:12:62:fc:77:ac:5d:88:9d:37:
e3:70:ac:f7:20:61:3d:28:60:9b:2b:95:32:c0:21:3a:f2:0c:
35:ac:79:18:c2:b2:60:ed:dc:64:51:79:7c:29:48:3c:f3:1a:
c3:13:ca:7d:cb:e8:c3:0e:e1:5d:3d:fb:25:8d:b7:5b:39:6a:
20:20:60:6d:90:d0:75:f3:9b:ff:94:a6:11:9a:ef:16:98:8e:
0a:39:12:9a:98:77:00:bc:59:08:1c:85:63:70:b9:13:ae:ed:
e0:8f:f2:5a:4e:01:0a:2b:1e:42:1a:a8:b7:71:a6:9b:3a:89:
5a:60:c3:26:73:c7:46:9d:5d:5b:28:53:21:cd:20:a3:43:bb:
e8:6c:01:e2
-----BEGIN CERTIFICATE-----
MIIFVzCCBD+gAwIBAgISAZzRh0xTheWHvnJYnHsm3NB+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1ZjE5MDc0NTQ4ZDJhMjk0ZTQzODVkOTVjZDY3NTI0OTBl
ZTQ2ZDcwHhcNMjYwMzA5MDczNzEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YWI1NDlhMWQwZDlhZWY3Zjg5OGIyZTJiZDkxYTY2MThiYmRiNjRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxDuG6VKDa92auPPLplRKKIgnO6o4
oISNfXvEcJkAjUV+fSjlBGPKJ6JM/+vPkFc4PYbhSwgSEYlolVX6Ryt4Q4IvMkxw
0y0x42ej/sGlUqM25VL6rGKZSVrXRvaMnGig5Lf98NSboHsV/FZAuuZ272lxXG96
VjlNxjbSwl+uER9PDXb+fqhXYWc/M3tHEfGQf8zC/dm8N6j8J8yZsbs5HWpe4Z4H
mASBWlLI5guubVYJYrlHXJiSxkHCcmkzyxZbbE4m9q4N6a1oBXFVtSEJh/7VBVTB
Pn3xTw2ioD6VNkm7S1r7GTlhFSb+10NO8Nt4zQJNf96aUkTp8Z5kgrDSfQIDAQAB
o4ICYzCCAl8wHQYDVR0OBBYEFIq1SaHQ2a73+Jiy4r2RpmGLvbZMMB8GA1UdIwQY
MBaAFBXxkHRUjSopTkOF2VzWdSSQ7kbXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2Qt
NTYyNDRmNDMwZGNjLzEvaXJWSm9kRFpydmY0bUxMaXZaR21ZWXU5dGt3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2QtNTYyNDRmNDMwZGNj
LzEvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHkGCCsGAQUFBwEHAQH/BGowaDBQBAIAATBKMAwDBAA+SKED
BAA+SKIDBAE+SKoDBAA+SK4DBAA+SLsDBAA+SL8DBANRFQgDBARt7cADBAOw8UAD
BAOyFLgDBAK5M9QDBAK5wbAwFAQCAAIwDgMFAyoBAdADBQMqCidAMA0GCSqGSIb3
DQEBCwUAA4IBAQAEe05sqj84fiONcxBfntKSgMakgyP0SBAV+3PpxJcnP0g7hYr5
NMiU2x403h/+E8mKJk6aMxJiCZ9tBDUhduReN7aSUq9yAamxUEvh6UMWvpSLWFoG
MKCJfq0hxYBOrzw9zij5LXK/MglVFWmfEh97u4t4v2wSYvx3rF2InTfjcKz3IGE9
KGCbK5UywCE68gw1rHkYwrJg7dxkUXl8KUg88xrDE8p9y+jDDuFdPfsljbdbOWog
IGBtkNB185v/lKYRmu8WmI4KORKamHcAvFkIHIVjcLkTru3gj/JaTgEKKx5CGqi3
caabOolaYMMmc8dGnV1bKFMhzSCjQ7vobAHi
-----END CERTIFICATE-----
Generated at Sun Mar 15 20:48:42 2026 by rpki-client