Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/572ea6-1436-4f26-af57-5975913f52c5/1/frdjE4Wx38p5EUYNv0lgccc2f1Q.roa
File: frdjE4Wx38p5EUYNv0lgccc2f1Q.roa (raw, json)
Hash identifier: JurRqiiO3KqAIZd8NOglvrx6zYK4Dcv5SLr7KkdNG1w=
Subject key identifier: 7E:B7:63:13:85:B1:DF:CA:79:11:46:0D:BF:49:60:71:C7:36:7F:54
Certificate issuer: /CN=f3b5646b360379924cb6d9c3d99669ce7f3b2ca2
Certificate serial: 019EA807E4BB990CC54074FC541B62488F7F
Authority key identifier: F3:B5:64:6B:36:03:79:92:4C:B6:D9:C3:D9:96:69:CE:7F:3B:2C:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/87VkazYDeZJMttnD2ZZpzn87LKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/572ea6-1436-4f26-af57-5975913f52c5/1/frdjE4Wx38p5EUYNv0lgccc2f1Q.roa
Signing time: Mon 08 Jun 2026 16:19:09 +0000
ROA not before: Mon 08 Jun 2026 16:19:09 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 28968
IP address blocks: 62.181.34.0/23 maxlen: 23
62.181.36.0/22 maxlen: 22
62.181.38.0/24 maxlen: 24
62.181.46.0/23 maxlen: 23
62.181.56.0/21 maxlen: 24
62.181.56.0/22 maxlen: 24
62.181.58.0/23 maxlen: 23
77.232.32.0/23 maxlen: 23
77.232.35.0/24 maxlen: 24
77.232.48.0/23 maxlen: 23
212.59.96.0/20 maxlen: 20
212.59.96.0/21 maxlen: 21
212.59.96.0/24 maxlen: 24
212.59.99.0/24 maxlen: 24
212.59.108.0/23 maxlen: 23
212.59.108.0/24 maxlen: 24
212.59.109.0/24 maxlen: 24
2a00:f460::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ac/572ea6-1436-4f26-af57-5975913f52c5/1/87VkazYDeZJMttnD2ZZpzn87LKI.crl
rsync://rpki.ripe.net/repository/DEFAULT/ac/572ea6-1436-4f26-af57-5975913f52c5/1/87VkazYDeZJMttnD2ZZpzn87LKI.mft
rsync://rpki.ripe.net/repository/DEFAULT/87VkazYDeZJMttnD2ZZpzn87LKI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 16:01:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:a8:07:e4:bb:99:0c:c5:40:74:fc:54:1b:62:48:8f:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f3b5646b360379924cb6d9c3d99669ce7f3b2ca2
Validity
Not Before: Jun 8 16:19:09 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=7eb7631385b1dfca7911460dbf496071c7367f54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:86:3b:3d:63:48:00:e7:62:eb:eb:b2:a2:e2:
af:a7:f8:73:9d:c2:38:a0:ca:d4:9c:cd:0d:d7:af:
0b:3b:f5:4f:2f:9f:0c:6d:2c:74:1b:5a:b7:d3:6d:
06:96:ff:64:69:67:53:2e:68:3b:59:a0:d8:b1:8e:
38:5a:a7:a9:57:96:67:de:b4:69:d9:6c:33:49:6c:
7b:8d:dc:94:03:0c:0c:aa:03:04:de:a3:97:ff:dd:
84:e5:a8:09:47:35:15:5e:e3:0b:7f:b4:c6:b1:36:
c4:af:e8:ef:c1:cb:94:48:72:0d:1a:91:c0:4e:b9:
f3:63:b1:d3:86:88:8a:45:85:53:fa:b7:c8:70:ae:
52:07:7b:a6:25:f7:51:fa:3c:27:81:60:1a:65:e9:
f9:96:98:26:5d:04:8e:a7:d6:84:de:12:57:a6:22:
53:4c:91:bc:83:00:22:5d:5b:98:6f:f7:86:1b:12:
f4:c7:ce:dc:c2:92:72:6e:4e:5e:bb:aa:38:08:77:
34:47:cd:18:17:4b:6a:75:c4:d1:49:ab:13:8e:b0:
e0:ee:b9:bd:4e:57:6c:5f:10:75:ac:b4:78:06:e7:
6e:f5:e4:3f:b5:71:f1:81:dc:ec:b3:de:e2:38:71:
1c:30:82:8e:95:2d:08:7e:ef:66:c3:46:65:07:3f:
6e:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:B7:63:13:85:B1:DF:CA:79:11:46:0D:BF:49:60:71:C7:36:7F:54
X509v3 Authority Key Identifier:
keyid:F3:B5:64:6B:36:03:79:92:4C:B6:D9:C3:D9:96:69:CE:7F:3B:2C:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/87VkazYDeZJMttnD2ZZpzn87LKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/572ea6-1436-4f26-af57-5975913f52c5/1/frdjE4Wx38p5EUYNv0lgccc2f1Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/572ea6-1436-4f26-af57-5975913f52c5/1/87VkazYDeZJMttnD2ZZpzn87LKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.181.34.0-62.181.39.255
62.181.46.0/23
62.181.56.0/21
77.232.32.0/23
77.232.35.0/24
77.232.48.0/23
212.59.96.0/20
IPv6:
2a00:f460::/32
Signature Algorithm: sha256WithRSAEncryption
1f:c3:24:db:20:27:43:4d:83:92:6d:53:18:9f:fa:0b:53:2a:
11:dc:b8:29:a9:75:de:2c:0c:75:a6:fa:8c:84:db:95:7c:d1:
ce:5f:3b:ae:a7:5c:2b:26:ab:80:50:71:ed:02:a0:01:ca:dc:
bb:94:cf:29:ec:59:95:a9:63:1e:55:b4:f7:b1:0c:7d:ad:2e:
65:36:39:37:3a:ea:78:ee:4d:27:fa:f6:f5:d0:52:65:7e:d3:
2b:ac:59:08:51:ba:a8:e0:3b:20:cc:96:21:05:f0:e4:fe:2b:
45:93:21:8f:0d:16:1b:9c:e6:0c:22:a0:89:1a:2a:60:85:29:
ba:73:41:94:42:5e:f8:bc:ba:e1:e1:cd:f1:e1:d2:85:4d:92:
be:33:59:cc:f2:fa:33:41:44:9b:d7:e8:95:d5:0e:85:95:9b:
89:be:0a:ab:c7:c2:ce:2f:e6:7a:b3:15:bd:07:c6:08:d0:2f:
f1:fd:87:a4:ff:fb:ad:df:61:e3:8b:ea:f4:94:4a:f5:68:16:
c5:20:c6:cb:46:a0:29:58:0d:ee:6b:bc:cf:b5:d5:24:12:69:
9f:98:7c:57:ae:26:73:91:58:f6:6f:e2:e6:63:44:81:93:5b:
a1:03:00:9d:e3:95:dc:a2:58:fe:58:ba:c6:74:54:f0:2c:10:
42:ba:32:d2
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgISAZ6oB+S7mQzFQHT8VBtiSI9/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzYjU2NDZiMzYwMzc5OTI0Y2I2ZDljM2Q5OTY2OWNlN2Yz
YjJjYTIwHhcNMjYwNjA4MTYxOTA5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZWI3NjMxMzg1YjFkZmNhNzkxMTQ2MGRiZjQ5NjA3MWM3MzY3ZjU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1YY7PWNIAOdi6+uyouKvp/hzncI4
oMrUnM0N168LO/VPL58MbSx0G1q3020Glv9kaWdTLmg7WaDYsY44WqepV5Zn3rRp
2WwzSWx7jdyUAwwMqgME3qOX/92E5agJRzUVXuMLf7TGsTbEr+jvwcuUSHINGpHA
TrnzY7HThoiKRYVT+rfIcK5SB3umJfdR+jwngWAaZen5lpgmXQSOp9aE3hJXpiJT
TJG8gwAiXVuYb/eGGxL0x87cwpJybk5eu6o4CHc0R80YF0tqdcTRSasTjrDg7rm9
TldsXxB1rLR4Budu9eQ/tXHxgdzss97iOHEcMIKOlS0Ifu9mw0ZlBz9ugwIDAQAB
o4ICRDCCAkAwHQYDVR0OBBYEFH63YxOFsd/KeRFGDb9JYHHHNn9UMB8GA1UdIwQY
MBaAFPO1ZGs2A3mSTLbZw9mWac5/OyyiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvODdWa2F6WURlWkpNdHRuRDJaWnB6bjg3TEtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy81NzJlYTYtMTQzNi00ZjI2LWFmNTct
NTk3NTkxM2Y1MmM1LzEvZnJkakU0V3gzOHA1RVVZTnYwbGdjY2MyZjFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy81NzJlYTYtMTQzNi00ZjI2LWFmNTctNTk3NTkxM2Y1MmM1
LzEvODdWa2F6WURlWkpNdHRuRDJaWnB6bjg3TEtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFoGCCsGAQUFBwEHAQH/BEswSTA4BAIAATAyMAwDBAE+tSID
BAM+tSADBAE+tS4DBAM+tTgDBAFN6CADBABN6CMDBAFN6DADBATUO2AwDQQCAAIw
BwMFACoA9GAwDQYJKoZIhvcNAQELBQADggEBAB/DJNsgJ0NNg5JtUxif+gtTKhHc
uCmpdd4sDHWm+oyE25V80c5fO66nXCsmq4BQce0CoAHK3LuUzynsWZWpYx5VtPex
DH2tLmU2OTc66njuTSf69vXQUmV+0yusWQhRuqjgOyDMliEF8OT+K0WTIY8NFhuc
5gwioIkaKmCFKbpzQZRCXvi8uuHhzfHh0oVNkr4zWczy+jNBRJvX6JXVDoWVm4m+
CqvHws4v5nqzFb0HxgjQL/H9h6T/+63fYeOL6vSUSvVoFsUgxstGoClYDe5rvM+1
1SQSaZ+YfFeuJnORWPZv4uZjRIGTW6EDAJ3jldyiWP5YusZ0VPAsEEK6MtI=
-----END CERTIFICATE-----
Generated at Fri Jun 12 00:25:06 2026 by rpki-client