Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/xtowxRamwFXLEsXOBC5y8raNQsg.roa
File: xtowxRamwFXLEsXOBC5y8raNQsg.roa (raw, json)
Hash identifier: t/xR47ZdzknVJS1VuGL8SGn/NCyw9q5prCwcInTElro=
Subject key identifier: C6:DA:30:C5:16:A6:C0:55:CB:12:C5:CE:04:2E:72:F2:B6:8D:42:C8
Certificate issuer: /CN=15f19074548d2a294e4385d95cd6752490ee46d7
Certificate serial: 0198EB7893D0463061CB917C8817F3233BE7
Authority key identifier: 15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/xtowxRamwFXLEsXOBC5y8raNQsg.roa
Signing time: Wed 27 Aug 2025 12:20:04 +0000
ROA not before: Wed 27 Aug 2025 12:20:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60849
IP address blocks: 62.72.165.0/24 maxlen: 24
62.72.167.0/24 maxlen: 24
62.72.169.0/24 maxlen: 24
62.72.179.0/24 maxlen: 24
62.72.186.0/24 maxlen: 24
176.57.51.0/24 maxlen: 24
176.57.52.0/24 maxlen: 24
176.57.53.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.mft
rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 16 Sep 2025 08:01:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:eb:78:93:d0:46:30:61:cb:91:7c:88:17:f3:23:3b:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=15f19074548d2a294e4385d95cd6752490ee46d7
Validity
Not Before: Aug 27 12:20:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c6da30c516a6c055cb12c5ce042e72f2b68d42c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:7f:91:29:17:cc:d6:eb:0b:34:1d:4b:81:da:
c0:5a:1a:52:7f:53:92:2d:3e:09:82:66:61:17:cd:
75:fd:ca:b3:8e:0a:83:1e:50:53:7f:4a:9e:6d:94:
60:97:42:c6:71:3e:e4:7a:92:9f:4f:d9:f9:2d:8d:
d5:72:a6:6e:bb:7a:5c:b4:80:0f:2e:72:c2:c5:c8:
ab:30:c9:28:ad:18:71:db:09:28:55:fe:96:21:c8:
e5:4b:2b:78:2d:f7:5b:c9:04:89:c0:f1:09:f2:00:
76:02:f5:f2:24:d5:ac:d7:d2:f3:30:c2:12:6f:c3:
18:8e:33:b4:61:31:78:83:4f:8a:ab:02:67:e9:b0:
51:72:0c:be:53:27:63:5a:23:e4:01:fc:18:76:00:
de:ee:b9:83:da:60:cc:6d:fd:71:78:3a:06:37:bc:
3a:42:cc:5b:53:02:9a:c9:d5:24:df:02:d9:08:e1:
9f:e0:00:ca:80:fd:9a:63:97:98:bd:c6:b2:b0:c9:
52:5b:1b:51:b1:13:13:65:30:53:2c:b1:d5:a2:e1:
8a:f7:79:6e:d7:0c:c5:f7:d0:c4:aa:61:c7:ad:e0:
02:ba:df:e0:f8:58:4f:87:1d:61:a0:ec:9b:9e:62:
79:78:83:12:aa:60:86:2c:4a:a0:0a:71:62:e5:ff:
e1:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:DA:30:C5:16:A6:C0:55:CB:12:C5:CE:04:2E:72:F2:B6:8D:42:C8
X509v3 Authority Key Identifier:
keyid:15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/xtowxRamwFXLEsXOBC5y8raNQsg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.72.165.0/24
62.72.167.0/24
62.72.169.0/24
62.72.179.0/24
62.72.186.0/24
176.57.51.0-176.57.53.255
Signature Algorithm: sha256WithRSAEncryption
15:6b:cc:3f:c0:4a:34:a6:fc:8e:dd:32:cc:fa:79:09:a2:54:
d1:20:99:a0:0b:27:f4:3a:d5:80:79:5e:ae:e1:66:0f:12:b2:
54:f4:08:3a:ee:36:56:d4:1e:a1:6c:a8:d6:87:ee:07:9a:a5:
13:c5:d5:a0:21:cd:67:da:36:c6:27:2d:67:b7:4a:45:2a:9e:
3b:12:cc:05:d1:1d:8e:0a:c7:7e:91:1c:a7:03:8e:70:d9:ff:
0f:f3:5b:b3:95:0d:86:99:8e:8f:bd:06:11:8a:74:d5:3c:29:
1e:d7:14:d4:c4:0c:44:62:8c:42:70:9c:53:03:9e:ef:27:96:
3f:b9:43:37:3d:15:01:50:1c:b8:d7:a9:47:6f:22:2f:c2:ff:
fb:13:92:4c:24:bd:6d:d4:47:1f:ec:6a:07:f9:f3:4f:c3:ec:
db:b4:0d:e5:d6:96:8f:4c:16:4f:2a:58:bf:99:6d:99:f1:d6:
98:b0:4d:2e:af:c4:2a:03:f4:49:fe:1f:2a:f3:97:61:0f:63:
96:84:45:e6:45:00:6d:a1:c1:35:8e:8e:2a:3b:d7:20:3f:cf:
01:96:a6:af:91:82:81:c6:41:4e:6b:47:b1:4f:d7:23:a5:c5:
d2:44:5f:1f:b2:63:46:98:4d:f7:a0:f4:13:13:98:6a:ff:da:
90:bf:bb:03
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZjreJPQRjBhy5F8iBfzIzvnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1ZjE5MDc0NTQ4ZDJhMjk0ZTQzODVkOTVjZDY3NTI0OTBl
ZTQ2ZDcwHhcNMjUwODI3MTIyMDA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNmRhMzBjNTE2YTZjMDU1Y2IxMmM1Y2UwNDJlNzJmMmI2OGQ0MmM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvX+RKRfM1usLNB1LgdrAWhpSf1OS
LT4JgmZhF811/cqzjgqDHlBTf0qebZRgl0LGcT7kepKfT9n5LY3VcqZuu3pctIAP
LnLCxcirMMkorRhx2wkoVf6WIcjlSyt4LfdbyQSJwPEJ8gB2AvXyJNWs19LzMMIS
b8MYjjO0YTF4g0+KqwJn6bBRcgy+UydjWiPkAfwYdgDe7rmD2mDMbf1xeDoGN7w6
QsxbUwKaydUk3wLZCOGf4ADKgP2aY5eYvcaysMlSWxtRsRMTZTBTLLHVouGK93lu
1wzF99DEqmHHreACut/g+FhPhx1hoOybnmJ5eIMSqmCGLEqgCnFi5f/h6QIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFMbaMMUWpsBVyxLFzgQucvK2jULIMB8GA1UdIwQY
MBaAFBXxkHRUjSopTkOF2VzWdSSQ7kbXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2Qt
NTYyNDRmNDMwZGNjLzEveHRvd3hSYW13RlhMRXNYT0JDNXk4cmFOUXNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2QtNTYyNDRmNDMwZGNj
LzEvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQAPkilAwQA
PkinAwQAPkipAwQAPkizAwQAPki6MAwDBACwOTMDBAGwOTQwDQYJKoZIhvcNAQEL
BQADggEBABVrzD/ASjSm/I7dMsz6eQmiVNEgmaALJ/Q61YB5Xq7hZg8SslT0CDru
NlbUHqFsqNaH7geapRPF1aAhzWfaNsYnLWe3SkUqnjsSzAXRHY4Kx36RHKcDjnDZ
/w/zW7OVDYaZjo+9BhGKdNU8KR7XFNTEDERijEJwnFMDnu8nlj+5Qzc9FQFQHLjX
qUdvIi/C//sTkkwkvW3URx/sagf580/D7Nu0DeXWlo9MFk8qWL+ZbZnx1piwTS6v
xCoD9En+Hyrzl2EPY5aEReZFAG2hwTWOjio71yA/zwGWpq+RgoHGQU5rR7FP1yOl
xdJEXx+yY0aYTfeg9BMTmGr/2pC/uwM=
-----END CERTIFICATE-----
Generated at Mon Sep 15 14:38:26 2025 by rpki-client