Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/GiP717h-6oXvNwUvvaLZRFsq5fE.roa
File: GiP717h-6oXvNwUvvaLZRFsq5fE.roa (raw, json)
Hash identifier: hGry6ljuREoWP8OEFTa3SLo3VXgm8qL08bnGW0pc/1U=
Subject key identifier: 1A:23:FB:D7:B8:7E:EA:85:EF:37:05:2F:BD:A2:D9:44:5B:2A:E5:F1
Certificate issuer: /CN=00775d9471b85d963fef6d283590e2d942dd5c21
Certificate serial: 019EB26432DE973C9855AF6622190290D62E
Authority key identifier: 00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/GiP717h-6oXvNwUvvaLZRFsq5fE.roa
Signing time: Wed 10 Jun 2026 16:36:11 +0000
ROA not before: Wed 10 Jun 2026 16:36:11 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 204104
IP address blocks: 62.220.120.0/24 maxlen: 24
87.107.192.0/24 maxlen: 24
87.107.193.0/24 maxlen: 24
87.107.194.0/24 maxlen: 24
87.107.195.0/24 maxlen: 24
87.107.196.0/24 maxlen: 24
87.107.197.0/24 maxlen: 24
87.107.198.0/24 maxlen: 24
87.107.199.0/24 maxlen: 24
87.107.200.0/24 maxlen: 24
87.107.201.0/24 maxlen: 24
87.107.202.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/AHddlHG4XZY_720oNZDi2ULdXCE.crl
rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/AHddlHG4XZY_720oNZDi2ULdXCE.mft
rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 19:01:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:b2:64:32:de:97:3c:98:55:af:66:22:19:02:90:d6:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00775d9471b85d963fef6d283590e2d942dd5c21
Validity
Not Before: Jun 10 16:36:11 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=1a23fbd7b87eea85ef37052fbda2d9445b2ae5f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:0d:8f:72:44:bf:57:03:08:82:b2:9b:8f:ed:
e3:ef:66:36:74:54:23:4a:cb:47:1c:8b:01:e8:d3:
40:c1:6f:ae:6e:2a:e4:97:b9:0d:2f:17:f3:7e:28:
e4:1d:56:8a:27:50:f4:76:89:4b:0a:c9:e6:cc:15:
52:dc:2f:26:23:ee:aa:73:85:85:19:0d:9e:07:f0:
c6:f2:ce:59:fa:6a:12:b2:f2:bf:6b:34:4d:ff:2a:
bf:5a:90:91:4f:62:12:8a:39:85:3a:52:7b:bb:04:
5a:57:55:02:2b:92:0c:00:75:d7:d2:d1:c4:67:23:
6b:a6:34:53:43:5d:75:47:44:6f:cc:87:a1:7a:40:
58:e0:46:7d:f6:d1:c3:71:d2:1a:0f:d8:b7:92:fe:
63:6b:67:56:a0:4f:7a:56:cb:95:06:24:a8:9f:70:
95:05:90:0a:94:a4:80:3b:02:2a:7d:83:82:97:93:
37:71:eb:ee:e2:c5:b5:28:ea:f3:a7:5c:34:68:4b:
33:d5:a1:90:e9:02:8e:51:5f:ed:5d:cb:b0:96:43:
e1:4b:99:d6:a5:59:98:39:c0:ba:41:97:fe:08:99:
ed:bc:07:65:26:75:e0:a8:0d:3a:00:82:23:9f:bf:
d2:a8:92:a8:8f:9e:fd:49:87:95:62:64:1b:fd:8b:
52:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:23:FB:D7:B8:7E:EA:85:EF:37:05:2F:BD:A2:D9:44:5B:2A:E5:F1
X509v3 Authority Key Identifier:
keyid:00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/GiP717h-6oXvNwUvvaLZRFsq5fE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/AHddlHG4XZY_720oNZDi2ULdXCE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.220.120.0/24
87.107.192.0-87.107.202.255
Signature Algorithm: sha256WithRSAEncryption
6f:66:15:c2:e8:b4:b0:54:e5:14:b5:fe:18:f5:27:5e:8b:a1:
3e:96:c2:b0:75:4e:8c:83:fd:f0:1d:e4:12:94:bb:2e:41:13:
19:6d:f2:84:59:d0:8d:47:6f:fc:64:f3:45:ca:97:eb:83:f9:
b5:f4:af:cd:3b:91:4d:c1:c4:3d:84:ed:9b:f5:54:ee:4a:ed:
b5:15:9e:11:cd:d3:79:45:fe:30:b8:fe:e8:3e:e1:e6:2f:d2:
da:14:13:d2:78:da:77:bd:79:da:d2:c0:fa:7a:17:92:4a:15:
c0:44:78:b7:fb:38:4f:36:75:92:6d:2a:d7:11:ed:4d:c0:c5:
e3:7c:bf:a2:14:fc:6d:8a:18:a0:5f:d6:07:89:3b:a4:7a:8e:
76:c3:cf:dd:20:25:20:a7:3f:7b:0a:35:87:05:e6:ac:9d:fe:
68:a1:96:d3:80:ab:96:ac:0a:b8:31:80:16:21:03:58:6f:3a:
b2:32:41:5e:7f:d6:ca:41:e4:81:e6:e1:76:ad:53:08:69:b9:
e2:8f:17:10:90:c0:8f:0f:e8:20:a3:c9:7d:0c:91:f5:b1:66:
e4:9b:ed:44:50:b8:29:14:a1:b7:98:83:f5:94:61:19:e3:8b:
a0:82:2d:19:18:f6:55:b1:c8:13:64:c5:f5:31:4a:51:9d:b0:
da:9d:bb:a7
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZ6yZDLelzyYVa9mIhkCkNYuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwNzc1ZDk0NzFiODVkOTYzZmVmNmQyODM1OTBlMmQ5NDJk
ZDVjMjEwHhcNMjYwNjEwMTYzNjExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTIzZmJkN2I4N2VlYTg1ZWYzNzA1MmZiZGEyZDk0NDViMmFlNWYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuA2PckS/VwMIgrKbj+3j72Y2dFQj
SstHHIsB6NNAwW+ubirkl7kNLxfzfijkHVaKJ1D0dolLCsnmzBVS3C8mI+6qc4WF
GQ2eB/DG8s5Z+moSsvK/azRN/yq/WpCRT2ISijmFOlJ7uwRaV1UCK5IMAHXX0tHE
ZyNrpjRTQ111R0RvzIehekBY4EZ99tHDcdIaD9i3kv5ja2dWoE96VsuVBiSon3CV
BZAKlKSAOwIqfYOCl5M3cevu4sW1KOrzp1w0aEsz1aGQ6QKOUV/tXcuwlkPhS5nW
pVmYOcC6QZf+CJntvAdlJnXgqA06AIIjn7/SqJKoj579SYeVYmQb/YtSjQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFBoj+9e4fuqF7zcFL72i2URbKuXxMB8GA1UdIwQY
MBaAFAB3XZRxuF2WP+9tKDWQ4tlC3VwhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUhkZGxIRzRYWllfNzIwb05aRGkyVUxkWENFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi82Mzc2MGMtZTIxYi00YmFmLWE5YTQt
NzZiMzNlNGNlODIxLzEvR2lQNzE3aC02b1h2TndVdnZhTFpSRnNxNWZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi82Mzc2MGMtZTIxYi00YmFmLWE5YTQtNzZiMzNlNGNlODIx
LzEvQUhkZGxIRzRYWllfNzIwb05aRGkyVUxkWENFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQAPtx4MAwD
BAZXa8ADBABXa8owDQYJKoZIhvcNAQELBQADggEBAG9mFcLotLBU5RS1/hj1J16L
oT6WwrB1ToyD/fAd5BKUuy5BExlt8oRZ0I1Hb/xk80XKl+uD+bX0r807kU3BxD2E
7Zv1VO5K7bUVnhHN03lF/jC4/ug+4eYv0toUE9J42ne9edrSwPp6F5JKFcBEeLf7
OE82dZJtKtcR7U3AxeN8v6IU/G2KGKBf1geJO6R6jnbDz90gJSCnP3sKNYcF5qyd
/mihltOAq5asCrgxgBYhA1hvOrIyQV5/1spB5IHm4XatUwhpueKPFxCQwI8P6CCj
yX0MkfWxZuSb7URQuCkUobeYg/WUYRnji6CCLRkY9lWxyBNkxfUxSlGdsNqdu6c=
-----END CERTIFICATE-----
Generated at Fri Jun 12 03:09:16 2026 by rpki-client