Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/b5d5bb-23c6-4b3d-94c8-42bbf1a6a65b/1/IivqEYycEJ9ENYkDV_x_rR4eFr0.roa
File: IivqEYycEJ9ENYkDV_x_rR4eFr0.roa (raw, json)
Hash identifier: IQVchAwFZI4RDu0XF+MD2n3sIbpJvcGSbjEZGTu8Mwc=
Subject key identifier: 22:2B:EA:11:8C:9C:10:9F:44:35:89:03:57:FC:7F:AD:1E:1E:16:BD
Certificate issuer: /CN=bd60edf96266b7c0d43836c854ab472cb74db034
Certificate serial: 019D77935FF2CFF80034CC5C9ADC11F0480C
Authority key identifier: BD:60:ED:F9:62:66:B7:C0:D4:38:36:C8:54:AB:47:2C:B7:4D:B0:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vWDt-WJmt8DUODbIVKtHLLdNsDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/b5d5bb-23c6-4b3d-94c8-42bbf1a6a65b/1/IivqEYycEJ9ENYkDV_x_rR4eFr0.roa
Signing time: Fri 10 Apr 2026 13:27:20 +0000
ROA not before: Fri 10 Apr 2026 13:27:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 397477
IP address blocks: 62.205.138.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7f/b5d5bb-23c6-4b3d-94c8-42bbf1a6a65b/1/vWDt-WJmt8DUODbIVKtHLLdNsDQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/7f/b5d5bb-23c6-4b3d-94c8-42bbf1a6a65b/1/vWDt-WJmt8DUODbIVKtHLLdNsDQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/vWDt-WJmt8DUODbIVKtHLLdNsDQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 11 Apr 2026 22:01:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:77:93:5f:f2:cf:f8:00:34:cc:5c:9a:dc:11:f0:48:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bd60edf96266b7c0d43836c854ab472cb74db034
Validity
Not Before: Apr 10 13:27:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=222bea118c9c109f4435890357fc7fad1e1e16bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:b5:7d:e1:6e:54:62:36:6c:95:04:b0:fd:23:
9f:cd:53:2c:61:2f:4f:1f:5a:f3:03:f6:06:e0:1d:
99:01:14:1a:f7:da:4b:c6:cf:a8:4d:ff:3b:3c:f3:
4e:f8:e2:80:2a:b1:6c:29:21:77:6b:bc:d5:0a:c0:
cb:d9:77:f9:e2:5a:ae:54:c3:70:41:d8:37:bb:0a:
bc:e7:0c:f3:a5:21:dc:88:a5:32:15:bf:28:d3:0a:
e7:38:ff:89:c6:05:79:3b:37:98:97:ea:ab:04:e0:
7f:b5:9d:b8:0c:7f:cd:fd:be:93:04:56:e3:d6:55:
9b:88:4e:e9:86:bd:b7:b9:dd:ac:30:0a:da:23:25:
56:69:5d:1d:4c:58:a2:79:f8:f2:da:84:66:4f:41:
6d:88:79:a0:cf:bc:62:96:f4:4a:af:03:c9:56:49:
59:f8:f0:80:33:6e:6e:b3:c7:6a:b5:13:13:af:13:
07:f6:a3:3a:5c:4e:3e:32:04:77:b9:e8:34:6c:80:
fa:3c:58:89:aa:92:ac:75:15:73:e8:4b:c1:f6:a2:
5c:70:7f:7e:9a:1d:69:28:b2:41:ff:b2:2a:d4:f2:
0c:8b:00:e0:fc:d0:79:0b:ca:af:71:bc:a6:9d:39:
92:b0:84:76:0f:ec:62:d2:5e:04:53:02:b2:fb:70:
db:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:2B:EA:11:8C:9C:10:9F:44:35:89:03:57:FC:7F:AD:1E:1E:16:BD
X509v3 Authority Key Identifier:
keyid:BD:60:ED:F9:62:66:B7:C0:D4:38:36:C8:54:AB:47:2C:B7:4D:B0:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vWDt-WJmt8DUODbIVKtHLLdNsDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/b5d5bb-23c6-4b3d-94c8-42bbf1a6a65b/1/IivqEYycEJ9ENYkDV_x_rR4eFr0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/b5d5bb-23c6-4b3d-94c8-42bbf1a6a65b/1/vWDt-WJmt8DUODbIVKtHLLdNsDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.205.138.0/24
Signature Algorithm: sha256WithRSAEncryption
b7:93:5a:f1:34:c2:22:18:90:5e:d6:95:52:46:ee:7a:e1:a6:
b7:80:37:bf:64:77:91:ba:50:86:21:b9:8d:4c:29:41:09:2d:
19:5c:7a:c5:89:f2:91:13:22:f8:61:65:68:cf:64:93:1f:1d:
3f:b7:9a:43:06:d2:dc:21:65:c5:2f:8b:7f:b4:7b:88:b2:b9:
6f:24:77:90:a6:3a:ee:4e:2f:db:c7:b7:17:a6:22:fb:57:72:
c4:a7:c8:fa:c9:32:3d:37:53:4b:e9:70:42:b8:e2:4e:06:95:
da:9f:95:e6:08:9c:08:de:44:36:17:f0:70:85:a4:f6:15:fe:
74:38:e0:86:72:b8:8e:cf:16:c9:82:7b:57:13:a5:de:e9:90:
8e:76:d4:2f:10:38:9b:bf:d0:96:da:f9:0e:7f:12:f1:a7:9e:
53:da:f1:ca:da:b7:7e:b7:29:34:cc:74:2a:c0:0d:7e:4a:fe:
e9:05:19:07:01:d0:42:fe:9a:fa:7f:10:59:08:28:85:d0:7a:
5e:24:55:ef:7f:02:f3:c2:39:b9:b0:09:a5:e2:ad:7b:1a:96:
3c:f3:4c:e6:b7:03:68:18:83:93:66:00:7a:39:44:d7:b3:12:
e5:0d:5a:a8:82:ab:c4:fb:6c:23:09:5f:e3:0a:04:bb:c0:7a:
d9:a6:e0:18
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZ13k1/yz/gANMxcmtwR8EgMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkNjBlZGY5NjI2NmI3YzBkNDM4MzZjODU0YWI0NzJjYjc0
ZGIwMzQwHhcNMjYwNDEwMTMyNzIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjJiZWExMThjOWMxMDlmNDQzNTg5MDM1N2ZjN2ZhZDFlMWUxNmJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA47V94W5UYjZslQSw/SOfzVMsYS9P
H1rzA/YG4B2ZARQa99pLxs+oTf87PPNO+OKAKrFsKSF3a7zVCsDL2Xf54lquVMNw
Qdg3uwq85wzzpSHciKUyFb8o0wrnOP+JxgV5OzeYl+qrBOB/tZ24DH/N/b6TBFbj
1lWbiE7phr23ud2sMAraIyVWaV0dTFiiefjy2oRmT0FtiHmgz7xilvRKrwPJVklZ
+PCAM25us8dqtRMTrxMH9qM6XE4+MgR3ueg0bID6PFiJqpKsdRVz6EvB9qJccH9+
mh1pKLJB/7Iq1PIMiwDg/NB5C8qvcbymnTmSsIR2D+xi0l4EUwKy+3DbJwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCIr6hGMnBCfRDWJA1f8f60eHha9MB8GA1UdIwQY
MBaAFL1g7fliZrfA1Dg2yFSrRyy3TbA0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdldEdC1XSm10OERVT0RiSVZLdEhMTGROc0RRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi9iNWQ1YmItMjNjNi00YjNkLTk0Yzgt
NDJiYmYxYTZhNjViLzEvSWl2cUVZeWNFSjlFTllrRFZfeF9yUjRlRnIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi9iNWQ1YmItMjNjNi00YjNkLTk0YzgtNDJiYmYxYTZhNjVi
LzEvdldEdC1XSm10OERVT0RiSVZLdEhMTGROc0RRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAPs2KMA0G
CSqGSIb3DQEBCwUAA4IBAQC3k1rxNMIiGJBe1pVSRu564aa3gDe/ZHeRulCGIbmN
TClBCS0ZXHrFifKREyL4YWVoz2STHx0/t5pDBtLcIWXFL4t/tHuIsrlvJHeQpjru
Ti/bx7cXpiL7V3LEp8j6yTI9N1NL6XBCuOJOBpXan5XmCJwI3kQ2F/BwhaT2Ff50
OOCGcriOzxbJgntXE6Xe6ZCOdtQvEDibv9CW2vkOfxLxp55T2vHK2rd+tyk0zHQq
wA1+Sv7pBRkHAdBC/pr6fxBZCCiF0HpeJFXvfwLzwjm5sAml4q17GpY880zmtwNo
GIOTZgB6OUTXsxLlDVqogqvE+2wjCV/jCgS7wHrZpuAY
-----END CERTIFICATE-----
Generated at Sat Apr 11 05:47:59 2026 by rpki-client