Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/OKtlxGAyoP7E5Risf1XUvTHJVQE.roa
File: OKtlxGAyoP7E5Risf1XUvTHJVQE.roa (raw, json)
Hash identifier: h2uwl73aCn//vnzVT2IpYcWKQJIWBVjohpwz/fiKIFs=
Subject key identifier: 38:AB:65:C4:60:32:A0:FE:C4:E5:18:AC:7F:55:D4:BD:31:C9:55:01
Certificate issuer: /CN=00775d9471b85d963fef6d283590e2d942dd5c21
Certificate serial: 019E9C477A8F1398018A3BC3FCE7A15C52DA
Authority key identifier: 00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/OKtlxGAyoP7E5Risf1XUvTHJVQE.roa
Signing time: Sat 06 Jun 2026 09:33:10 +0000
ROA not before: Sat 06 Jun 2026 09:33:10 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 204544
IP address blocks: 62.220.124.0/23 maxlen: 24
62.220.126.0/23 maxlen: 24
81.12.24.0/22 maxlen: 24
81.12.30.0/23 maxlen: 24
87.107.2.0/23 maxlen: 24
87.107.4.0/23 maxlen: 24
87.107.6.0/23 maxlen: 24
87.107.8.0/23 maxlen: 24
87.107.144.0/24 maxlen: 24
87.107.152.0/23 maxlen: 24
87.107.166.0/23 maxlen: 24
87.107.174.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/AHddlHG4XZY_720oNZDi2ULdXCE.crl
rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/AHddlHG4XZY_720oNZDi2ULdXCE.mft
rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 19:01:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:9c:47:7a:8f:13:98:01:8a:3b:c3:fc:e7:a1:5c:52:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00775d9471b85d963fef6d283590e2d942dd5c21
Validity
Not Before: Jun 6 09:33:10 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=38ab65c46032a0fec4e518ac7f55d4bd31c95501
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:ee:64:24:54:16:50:92:0f:a6:56:49:b5:41:
01:5a:a5:6a:54:ff:09:6a:30:94:19:b9:8c:d4:74:
ec:63:26:16:27:d3:1b:81:78:71:39:af:18:aa:ee:
48:5e:8f:40:f0:67:ab:a1:0f:6f:88:fc:d6:b1:d6:
eb:6d:92:ce:7a:02:c7:69:be:b6:a5:0f:3a:08:a3:
fd:39:4a:b2:90:c0:92:0c:fd:b7:3f:82:d6:49:b4:
45:5f:72:b2:16:ce:83:9a:21:93:26:24:d5:2b:a0:
4e:46:52:94:cc:d6:fd:5d:22:b2:50:05:67:53:02:
e7:0b:2b:01:7b:e0:b5:19:db:21:d3:31:d0:56:93:
4e:84:34:6e:1e:e8:97:66:b9:2e:91:b2:a2:06:55:
5e:57:5c:f0:36:39:bf:d6:34:c6:79:31:2b:b7:30:
3a:3b:a6:f6:e0:7c:f5:c8:d3:df:9a:49:fb:64:61:
d4:75:ef:14:5c:06:39:4a:c1:63:8d:99:08:2b:33:
a0:b9:64:06:bd:93:6e:ec:23:a6:e9:46:6a:41:29:
10:f2:83:51:58:68:70:6d:fb:03:b8:f4:ac:4e:ae:
f2:57:4c:f6:53:c3:2c:fa:98:2a:3a:9c:e0:0f:94:
aa:4b:df:4b:4d:41:a4:e7:9c:54:e2:03:53:2a:6e:
07:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:AB:65:C4:60:32:A0:FE:C4:E5:18:AC:7F:55:D4:BD:31:C9:55:01
X509v3 Authority Key Identifier:
keyid:00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/OKtlxGAyoP7E5Risf1XUvTHJVQE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/AHddlHG4XZY_720oNZDi2ULdXCE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.220.124.0/22
81.12.24.0/22
81.12.30.0/23
87.107.2.0-87.107.9.255
87.107.144.0/24
87.107.152.0/23
87.107.166.0/23
87.107.174.0/23
Signature Algorithm: sha256WithRSAEncryption
04:73:73:19:cb:6a:b4:20:46:5b:09:08:42:8b:cd:c3:e1:b8:
79:83:7d:7b:05:09:a8:38:88:1d:b1:97:a2:5d:bc:53:63:4c:
c3:99:d6:5d:7d:67:d2:c6:f5:86:ed:77:25:c9:88:b5:79:25:
41:6f:42:4c:9f:c3:a7:d1:41:e2:fe:05:1f:ad:6d:f9:66:f6:
ec:7c:81:9e:a9:ed:bf:a6:5c:c5:95:bf:db:39:1c:fd:d9:f1:
41:37:47:c8:c4:53:a2:d1:16:2d:1e:c9:60:27:8e:b2:09:af:
17:1c:c0:ca:bd:54:f7:c8:50:a0:f8:fa:9d:91:f4:68:02:05:
a0:54:ae:96:4c:e4:72:28:fb:89:10:6a:f1:80:58:10:71:e6:
d6:a9:ec:ef:aa:2d:f7:71:c2:0b:69:77:c6:cd:28:f2:7f:5c:
79:c3:7e:81:d0:0a:c9:55:3a:e4:9c:28:1e:82:91:4b:6f:b9:
e4:ca:65:91:d9:57:d3:55:fb:8f:17:25:d6:77:26:8f:82:f7:
97:4a:72:ce:86:8d:55:76:6d:f7:00:5c:dc:c9:7e:25:4a:cb:
80:69:76:71:c0:fd:5e:96:2c:ae:c4:8c:5e:76:bc:fd:de:2f:
94:f7:87:91:2f:a9:ca:30:e4:40:a0:f8:df:b9:bd:08:f8:2e:
9d:e1:16:e2
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAZ6cR3qPE5gBijvD/OehXFLaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwNzc1ZDk0NzFiODVkOTYzZmVmNmQyODM1OTBlMmQ5NDJk
ZDVjMjEwHhcNMjYwNjA2MDkzMzEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOGFiNjVjNDYwMzJhMGZlYzRlNTE4YWM3ZjU1ZDRiZDMxYzk1NTAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvu5kJFQWUJIPplZJtUEBWqVqVP8J
ajCUGbmM1HTsYyYWJ9MbgXhxOa8Yqu5IXo9A8GeroQ9viPzWsdbrbZLOegLHab62
pQ86CKP9OUqykMCSDP23P4LWSbRFX3KyFs6DmiGTJiTVK6BORlKUzNb9XSKyUAVn
UwLnCysBe+C1Gdsh0zHQVpNOhDRuHuiXZrkukbKiBlVeV1zwNjm/1jTGeTErtzA6
O6b24Hz1yNPfmkn7ZGHUde8UXAY5SsFjjZkIKzOguWQGvZNu7COm6UZqQSkQ8oNR
WGhwbfsDuPSsTq7yV0z2U8Ms+pgqOpzgD5SqS99LTUGk55xU4gNTKm4HeQIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFDirZcRgMqD+xOUYrH9V1L0xyVUBMB8GA1UdIwQY
MBaAFAB3XZRxuF2WP+9tKDWQ4tlC3VwhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUhkZGxIRzRYWllfNzIwb05aRGkyVUxkWENFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi82Mzc2MGMtZTIxYi00YmFmLWE5YTQt
NzZiMzNlNGNlODIxLzEvT0t0bHhHQXlvUDdFNVJpc2YxWFV2VEhKVlFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi82Mzc2MGMtZTIxYi00YmFmLWE5YTQtNzZiMzNlNGNlODIx
LzEvQUhkZGxIRzRYWllfNzIwb05aRGkyVUxkWENFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQCPtx8AwQC
UQwYAwQBUQweMAwDBAFXawIDBAFXawgDBABXa5ADBAFXa5gDBAFXa6YDBAFXa64w
DQYJKoZIhvcNAQELBQADggEBAARzcxnLarQgRlsJCEKLzcPhuHmDfXsFCag4iB2x
l6JdvFNjTMOZ1l19Z9LG9YbtdyXJiLV5JUFvQkyfw6fRQeL+BR+tbflm9ux8gZ6p
7b+mXMWVv9s5HP3Z8UE3R8jEU6LRFi0eyWAnjrIJrxccwMq9VPfIUKD4+p2R9GgC
BaBUrpZM5HIo+4kQavGAWBBx5tap7O+qLfdxwgtpd8bNKPJ/XHnDfoHQCslVOuSc
KB6CkUtvueTKZZHZV9NV+48XJdZ3Jo+C95dKcs6GjVV2bfcAXNzJfiVKy4BpdnHA
/V6WLK7EjF52vP3eL5T3h5Evqcow5ECg+N+5vQj4Lp3hFuI=
-----END CERTIFICATE-----
Generated at Fri Jun 12 03:09:15 2026 by rpki-client