Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/X3EyXsX5eWJCN_LGbjB0sSQ7DpY.roa
File: X3EyXsX5eWJCN_LGbjB0sSQ7DpY.roa (raw, json)
Hash identifier: VaiTRgWFWUZeAezCWjbLu6B9SXe6rWoTZpMMaE0S8f0=
Subject key identifier: 5F:71:32:5E:C5:F9:79:62:42:37:F2:C6:6E:30:74:B1:24:3B:0E:96
Certificate issuer: /CN=00775d9471b85d963fef6d283590e2d942dd5c21
Certificate serial: 0197301559BF0364AA350D5C3D9D35426DAA
Authority key identifier: 00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/X3EyXsX5eWJCN_LGbjB0sSQ7DpY.roa
Signing time: Mon 02 Jun 2025 09:59:54 +0000
ROA not before: Mon 02 Jun 2025 09:59:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51026
IP address blocks: 62.220.126.0/24 maxlen: 24
62.220.127.0/24 maxlen: 24
81.12.24.0/22 maxlen: 24
81.12.24.0/24 maxlen: 24
81.12.25.0/24 maxlen: 24
81.12.26.0/24 maxlen: 24
81.12.27.0/24 maxlen: 24
81.12.30.0/24 maxlen: 24
81.12.31.0/24 maxlen: 24
87.107.108.0/23 maxlen: 24
87.107.110.0/23 maxlen: 24
87.107.110.0/24 maxlen: 24
87.107.111.0/24 maxlen: 24
87.107.144.0/24 maxlen: 24
87.107.152.0/24 maxlen: 24
87.107.153.0/24 maxlen: 24
87.107.166.0/24 maxlen: 24
87.107.167.0/24 maxlen: 24
87.107.174.0/24 maxlen: 24
87.107.175.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/AHddlHG4XZY_720oNZDi2ULdXCE.crl
rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/AHddlHG4XZY_720oNZDi2ULdXCE.mft
rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 09:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:30:15:59:bf:03:64:aa:35:0d:5c:3d:9d:35:42:6d:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00775d9471b85d963fef6d283590e2d942dd5c21
Validity
Not Before: Jun 2 09:59:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5f71325ec5f979624237f2c66e3074b1243b0e96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:d0:b0:c4:b0:62:62:eb:56:1c:3e:3e:69:09:
df:42:70:7e:70:53:b3:57:20:32:ac:0b:76:84:ae:
20:86:8c:3f:fa:95:d6:05:33:b0:d3:c8:32:12:5a:
68:8a:8d:89:5e:6b:92:4e:34:0c:92:af:42:1b:72:
9c:2a:b6:34:0d:b1:d6:ae:21:fb:5a:34:38:e6:40:
09:19:0c:85:6c:69:28:ad:76:ea:92:bc:f6:28:74:
07:26:ba:a9:ec:34:56:78:7a:7e:07:bc:31:9b:a6:
f4:af:c5:0a:01:c1:5c:2c:0f:95:a8:60:f5:ab:4f:
7a:d1:4c:b6:36:d6:4e:a2:fd:ce:13:82:9f:9f:66:
84:fd:d5:a2:3c:96:34:71:44:77:76:89:aa:b3:f5:
2f:a5:52:1e:fe:c7:6b:3f:14:29:af:38:92:b8:77:
d9:af:99:ce:16:27:58:69:dc:ad:81:8b:2b:db:e3:
ea:53:26:97:a1:c4:ab:d7:6d:f0:f5:26:e6:ce:30:
3f:c9:ab:20:51:93:ab:1a:c5:f9:f5:c6:75:ab:13:
71:b5:b0:ef:42:16:ea:c6:86:b5:7b:f2:e5:b8:34:
80:aa:a1:8b:9c:77:2a:7b:9e:9d:49:f7:2c:e2:d8:
48:8e:33:2a:73:6d:6a:31:85:04:98:39:25:c1:38:
6c:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:71:32:5E:C5:F9:79:62:42:37:F2:C6:6E:30:74:B1:24:3B:0E:96
X509v3 Authority Key Identifier:
keyid:00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/X3EyXsX5eWJCN_LGbjB0sSQ7DpY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/AHddlHG4XZY_720oNZDi2ULdXCE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.220.126.0/23
81.12.24.0/22
81.12.30.0/23
87.107.108.0/22
87.107.144.0/24
87.107.152.0/23
87.107.166.0/23
87.107.174.0/23
Signature Algorithm: sha256WithRSAEncryption
1b:fd:c4:df:25:a0:87:9e:68:96:32:36:b5:1f:b9:63:13:dc:
e1:bd:59:41:a1:1d:1a:c3:d2:34:ae:8e:76:40:33:08:60:0b:
b2:7e:dc:cb:58:5a:dd:8f:09:8e:d7:d7:b6:0e:95:2a:49:cb:
19:e7:97:d9:1c:19:c5:ac:d9:7d:1f:0a:0c:fd:5a:c0:40:df:
ed:07:21:ce:f5:36:a9:c9:c3:19:72:23:d7:a9:50:e8:22:d8:
b8:ad:ae:db:47:ca:23:8b:9b:2c:d0:c3:5c:a3:c7:93:4a:80:
a7:ad:db:08:2f:da:26:5a:59:fe:a8:5e:b5:3c:75:5a:be:e8:
96:e6:c1:66:8a:99:75:98:ed:26:54:85:26:22:82:d2:cc:21:
b0:7a:31:67:a8:a5:e4:85:51:2a:da:14:2a:0c:c7:c3:86:fb:
85:51:71:d8:44:55:5b:97:df:01:67:90:46:bb:2e:63:b8:36:
4e:4c:bd:8b:45:dc:d3:3b:b2:c3:dd:c8:03:17:4d:63:8e:94:
b4:38:f4:e0:1c:cd:c8:bd:cb:98:78:3a:a8:ff:ad:4f:0d:b4:
1a:57:64:15:5e:d4:b2:9a:a6:f9:08:cb:6a:b5:7b:f1:7a:49:
58:83:03:3c:5b:a9:4b:66:04:14:90:d5:52:59:80:1c:10:84:
98:a2:61:40
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZcwFVm/A2SqNQ1cPZ01Qm2qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwNzc1ZDk0NzFiODVkOTYzZmVmNmQyODM1OTBlMmQ5NDJk
ZDVjMjEwHhcNMjUwNjAyMDk1OTU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjcxMzI1ZWM1Zjk3OTYyNDIzN2YyYzY2ZTMwNzRiMTI0M2IwZTk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsdCwxLBiYutWHD4+aQnfQnB+cFOz
VyAyrAt2hK4ghow/+pXWBTOw08gyElpoio2JXmuSTjQMkq9CG3KcKrY0DbHWriH7
WjQ45kAJGQyFbGkorXbqkrz2KHQHJrqp7DRWeHp+B7wxm6b0r8UKAcFcLA+VqGD1
q0960Uy2NtZOov3OE4Kfn2aE/dWiPJY0cUR3domqs/UvpVIe/sdrPxQprziSuHfZ
r5nOFidYadytgYsr2+PqUyaXocSr123w9SbmzjA/yasgUZOrGsX59cZ1qxNxtbDv
Qhbqxoa1e/LluDSAqqGLnHcqe56dSfcs4thIjjMqc21qMYUEmDklwThsLQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFF9xMl7F+XliQjfyxm4wdLEkOw6WMB8GA1UdIwQY
MBaAFAB3XZRxuF2WP+9tKDWQ4tlC3VwhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUhkZGxIRzRYWllfNzIwb05aRGkyVUxkWENFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi82Mzc2MGMtZTIxYi00YmFmLWE5YTQt
NzZiMzNlNGNlODIxLzEvWDNFeVhzWDVlV0pDTl9MR2JqQjBzU1E3RHBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi82Mzc2MGMtZTIxYi00YmFmLWE5YTQtNzZiMzNlNGNlODIx
LzEvQUhkZGxIRzRYWllfNzIwb05aRGkyVUxkWENFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQBPtx+AwQC
UQwYAwQBUQweAwQCV2tsAwQAV2uQAwQBV2uYAwQBV2umAwQBV2uuMA0GCSqGSIb3
DQEBCwUAA4IBAQAb/cTfJaCHnmiWMja1H7ljE9zhvVlBoR0aw9I0ro52QDMIYAuy
ftzLWFrdjwmO19e2DpUqScsZ55fZHBnFrNl9HwoM/VrAQN/tByHO9TapycMZciPX
qVDoIti4ra7bR8oji5ss0MNco8eTSoCnrdsIL9omWln+qF61PHVavuiW5sFmipl1
mO0mVIUmIoLSzCGwejFnqKXkhVEq2hQqDMfDhvuFUXHYRFVbl98BZ5BGuy5juDZO
TL2LRdzTO7LD3cgDF01jjpS0OPTgHM3IvcuYeDqo/61PDbQaV2QVXtSymqb5CMtq
tXvxeklYgwM8W6lLZgQUkNVSWYAcEISYomFA
-----END CERTIFICATE-----
Generated at Sat Jun 7 18:44:12 2025 by rpki-client