Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/c455bd-b825-4901-8381-04d1247e5d0a/1/62PT7sxdgGjHV3OVRPh7QUfGyJE.roa
File: 62PT7sxdgGjHV3OVRPh7QUfGyJE.roa (raw, json)
Hash identifier: byTcXWsJhZ5Kbxnpg94vw37iP5ONtgL7nIpG2rEwMlc=
Subject key identifier: EB:63:D3:EE:CC:5D:80:68:C7:57:73:95:44:F8:7B:41:47:C6:C8:91
Certificate issuer: /CN=ff0ddf3fe5772201aff78c24e97f944c3805ff6b
Certificate serial: 019C13C958014A62ED18AFD366EE55803E86
Authority key identifier: FF:0D:DF:3F:E5:77:22:01:AF:F7:8C:24:E9:7F:94:4C:38:05:FF:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_w3fP-V3IgGv94wk6X-UTDgF_2s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/c455bd-b825-4901-8381-04d1247e5d0a/1/62PT7sxdgGjHV3OVRPh7QUfGyJE.roa
Signing time: Sat 31 Jan 2026 11:21:28 +0000
ROA not before: Sat 31 Jan 2026 11:21:28 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 15433
IP address blocks: 31.193.32.0/21 maxlen: 24
77.242.208.0/20 maxlen: 24
85.155.144.0/22 maxlen: 24
109.235.104.0/21 maxlen: 24
185.45.40.0/22 maxlen: 24
185.45.68.0/22 maxlen: 24
185.86.61.0/24 maxlen: 24
185.86.62.0/24 maxlen: 24
185.86.63.0/24 maxlen: 24
194.183.64.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/12/c455bd-b825-4901-8381-04d1247e5d0a/1/_w3fP-V3IgGv94wk6X-UTDgF_2s.crl
rsync://rpki.ripe.net/repository/DEFAULT/12/c455bd-b825-4901-8381-04d1247e5d0a/1/_w3fP-V3IgGv94wk6X-UTDgF_2s.mft
rsync://rpki.ripe.net/repository/DEFAULT/_w3fP-V3IgGv94wk6X-UTDgF_2s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 00:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:13:c9:58:01:4a:62:ed:18:af:d3:66:ee:55:80:3e:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff0ddf3fe5772201aff78c24e97f944c3805ff6b
Validity
Not Before: Jan 31 11:21:28 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=eb63d3eecc5d8068c757739544f87b4147c6c891
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:64:e2:86:eb:f4:53:7d:38:0f:24:c0:f8:30:
74:57:d0:b8:b9:01:bf:83:e2:52:9e:0a:d8:1f:9f:
96:4a:ea:98:39:b3:8a:60:4b:35:df:05:3f:86:2e:
ec:37:7c:39:8d:6d:ff:79:cb:63:0b:9f:4e:c1:35:
5e:e9:b5:f5:c2:8c:ce:cb:24:80:c1:6b:56:27:f8:
34:a8:04:a5:91:c9:d9:f7:b6:30:2d:04:f1:0a:43:
b3:23:25:12:34:be:7c:c3:69:dc:15:d5:7e:60:2d:
03:1f:9c:af:0f:bf:e2:81:50:28:fc:28:be:d7:b1:
f1:df:18:8c:99:dd:90:22:4a:89:f4:61:c4:de:78:
f6:e0:5c:ec:27:85:d8:db:6a:26:a7:39:55:92:0f:
13:fb:31:14:e6:9e:e4:95:b4:86:90:ef:59:00:90:
2a:b8:d9:95:b3:35:e4:fa:2b:16:b2:3e:77:65:60:
20:05:86:40:17:42:07:3d:29:7c:06:76:d4:68:26:
55:ab:85:a9:be:78:68:a0:94:6c:63:d5:72:07:f3:
5a:ea:29:a1:b6:ea:05:dd:6d:02:da:6b:21:01:b4:
a3:61:67:27:ed:ef:3f:0a:8c:78:9d:4e:02:87:bd:
ab:34:89:a8:7c:25:b0:02:2b:76:b5:5c:96:f6:f4:
63:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:63:D3:EE:CC:5D:80:68:C7:57:73:95:44:F8:7B:41:47:C6:C8:91
X509v3 Authority Key Identifier:
keyid:FF:0D:DF:3F:E5:77:22:01:AF:F7:8C:24:E9:7F:94:4C:38:05:FF:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_w3fP-V3IgGv94wk6X-UTDgF_2s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/c455bd-b825-4901-8381-04d1247e5d0a/1/62PT7sxdgGjHV3OVRPh7QUfGyJE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/c455bd-b825-4901-8381-04d1247e5d0a/1/_w3fP-V3IgGv94wk6X-UTDgF_2s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.193.32.0/21
77.242.208.0/20
85.155.144.0/22
109.235.104.0/21
185.45.40.0/22
185.45.68.0/22
185.86.61.0-185.86.63.255
194.183.64.0/19
Signature Algorithm: sha256WithRSAEncryption
15:eb:e6:d7:fc:9b:eb:56:6e:3d:01:2c:3d:a7:00:bc:89:38:
9a:6c:0a:5e:e4:5c:82:78:6b:a9:d9:d9:f1:62:0a:5d:1a:57:
8c:85:5f:99:30:f5:23:48:91:2e:5f:1e:c6:0b:e2:8c:33:0c:
bd:b7:6f:54:62:44:7a:52:84:22:99:c0:7d:de:c7:4a:e2:d1:
42:52:26:ba:21:30:ba:1b:9b:0f:04:1e:15:e0:45:f0:2b:9a:
95:bb:6f:4c:ee:d9:ba:64:16:60:35:f8:e8:85:e1:67:39:e1:
e3:ea:ed:6a:6f:0c:60:cc:12:91:a4:0c:37:b3:fb:38:b1:3b:
fe:0e:9b:26:bd:ac:a8:3c:be:02:8c:08:dd:d6:a1:1b:9e:07:
de:fb:3e:dd:11:05:95:35:96:09:c3:89:dd:74:82:79:86:f2:
ab:69:f5:de:06:9c:51:95:09:b0:74:d4:46:97:57:c4:91:69:
70:15:b9:0c:ed:e8:40:f4:67:e1:92:cf:ba:a6:bd:76:01:a1:
26:2b:23:85:57:79:83:54:65:5e:f8:97:80:4e:87:f8:ab:6e:
85:dc:73:86:70:b9:39:b6:8f:50:76:d7:29:78:cb:88:aa:38:
5b:79:ca:75:73:bb:41:d2:1e:39:43:ab:e0:fb:f3:ac:54:2b:
36:e1:c3:58
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAZwTyVgBSmLtGK/TZu5VgD6GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmMGRkZjNmZTU3NzIyMDFhZmY3OGMyNGU5N2Y5NDRjMzgw
NWZmNmIwHhcNMjYwMTMxMTEyMTI4WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjYzZDNlZWNjNWQ4MDY4Yzc1NzczOTU0NGY4N2I0MTQ3YzZjODkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjGTihuv0U304DyTA+DB0V9C4uQG/
g+JSngrYH5+WSuqYObOKYEs13wU/hi7sN3w5jW3/ectjC59OwTVe6bX1wozOyySA
wWtWJ/g0qASlkcnZ97YwLQTxCkOzIyUSNL58w2ncFdV+YC0DH5yvD7/igVAo/Ci+
17Hx3xiMmd2QIkqJ9GHE3nj24FzsJ4XY22ompzlVkg8T+zEU5p7klbSGkO9ZAJAq
uNmVszXk+isWsj53ZWAgBYZAF0IHPSl8BnbUaCZVq4WpvnhooJRsY9VyB/Na6imh
tuoF3W0C2mshAbSjYWcn7e8/Cox4nU4Ch72rNImofCWwAit2tVyW9vRjVwIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFOtj0+7MXYBox1dzlUT4e0FHxsiRMB8GA1UdIwQY
MBaAFP8N3z/ldyIBr/eMJOl/lEw4Bf9rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX3czZlAtVjNJZ0d2OTR3azZYLVVURGdGXzJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9jNDU1YmQtYjgyNS00OTAxLTgzODEt
MDRkMTI0N2U1ZDBhLzEvNjJQVDdzeGRnR2pIVjNPVlJQaDdRVWZHeUpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi9jNDU1YmQtYjgyNS00OTAxLTgzODEtMDRkMTI0N2U1ZDBh
LzEvX3czZlAtVjNJZ0d2OTR3azZYLVVURGdGXzJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQDH8EgAwQE
TfLQAwQCVZuQAwQDbetoAwQCuS0oAwQCuS1EMAwDBAC5Vj0DBAa5VgADBAXCt0Aw
DQYJKoZIhvcNAQELBQADggEBABXr5tf8m+tWbj0BLD2nALyJOJpsCl7kXIJ4a6nZ
2fFiCl0aV4yFX5kw9SNIkS5fHsYL4owzDL23b1RiRHpShCKZwH3ex0ri0UJSJroh
MLobmw8EHhXgRfArmpW7b0zu2bpkFmA1+OiF4Wc54ePq7WpvDGDMEpGkDDez+zix
O/4Omya9rKg8vgKMCN3WoRueB977Pt0RBZU1lgnDid10gnmG8qtp9d4GnFGVCbB0
1EaXV8SRaXAVuQzt6ED0Z+GSz7qmvXYBoSYrI4VXeYNUZV74l4BOh/irboXcc4Zw
uTm2j1B21yl4y4iqOFt5ynVzu0HSHjlDq+D786xUKzbhw1g=
-----END CERTIFICATE-----
Generated at Mon Mar 2 10:59:11 2026 by rpki-client