Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/2v5KfbbqXypEdvnneh-IvevrJYk.roa
File: 2v5KfbbqXypEdvnneh-IvevrJYk.roa (raw, json)
Hash identifier: yAxI+DeCo7N6vLDv1UWF5TQ29JSR4v2FexiT7L1EZvg=
Subject key identifier: DA:FE:4A:7D:B6:EA:5F:2A:44:76:F9:E7:7A:1F:88:BD:EB:EB:25:89
Certificate issuer: /CN=c3c18527e3a206af2842028d95aec41338e8daf8
Certificate serial: 019EBFBB21B6873ED82B90CE0C9EF3BAA0D5
Authority key identifier: C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/2v5KfbbqXypEdvnneh-IvevrJYk.roa
Signing time: Sat 13 Jun 2026 06:46:12 +0000
ROA not before: Sat 13 Jun 2026 06:46:12 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 35372
IP address blocks: 62.60.138.0/24 maxlen: 24
62.60.147.0/24 maxlen: 24
62.60.160.0/24 maxlen: 24
62.60.219.0/24 maxlen: 24
213.176.0.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.crl
rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.mft
rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:bf:bb:21:b6:87:3e:d8:2b:90:ce:0c:9e:f3:ba:a0:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3c18527e3a206af2842028d95aec41338e8daf8
Validity
Not Before: Jun 13 06:46:12 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=dafe4a7db6ea5f2a4476f9e77a1f88bdebeb2589
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:85:35:bb:05:5b:d8:aa:94:ae:88:24:48:fe:
ff:eb:77:3b:be:25:69:e5:32:9c:06:aa:6f:bd:3b:
0d:73:d7:82:9c:16:fa:33:eb:87:4f:2a:45:4a:7a:
69:ce:c0:22:74:a8:f8:78:fe:f5:09:17:6d:26:5b:
5e:21:c1:d5:cf:6e:02:99:44:d0:1d:63:f9:87:75:
0c:67:21:b9:aa:9a:8d:2c:56:87:b0:7f:c9:65:23:
55:ac:06:22:89:4d:40:e7:18:14:36:ea:eb:45:13:
bf:fe:29:2a:bb:60:3e:62:04:c8:a8:75:e9:29:01:
36:2b:bd:12:77:8e:8f:50:a0:8f:e5:b9:1f:99:a4:
6c:f1:cc:a4:a1:a4:94:1c:ca:dc:fc:83:36:10:5f:
91:08:10:25:09:1d:70:1c:5e:89:8a:bc:01:5b:e9:
74:13:60:8f:b1:1a:2d:9b:bd:83:b2:35:bf:fb:23:
56:4f:7d:e0:93:0f:3c:d5:1d:0d:a3:68:c7:ca:85:
4a:0f:e7:20:f7:ba:09:67:45:8a:22:04:d8:97:a6:
ab:9c:9b:ea:d0:00:c6:c4:8c:e2:f7:a2:35:3a:ba:
2e:37:2f:f2:17:2f:cd:5e:35:b4:b8:1b:64:6d:eb:
5e:b2:5e:ed:f1:93:71:7f:78:2d:65:12:b8:60:6d:
4f:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:FE:4A:7D:B6:EA:5F:2A:44:76:F9:E7:7A:1F:88:BD:EB:EB:25:89
X509v3 Authority Key Identifier:
keyid:C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/2v5KfbbqXypEdvnneh-IvevrJYk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.60.138.0/24
62.60.147.0/24
62.60.160.0/24
62.60.219.0/24
213.176.0.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:c9:7e:e5:9a:1d:34:e2:c6:3a:ae:2a:95:89:e9:7c:b3:fb:
de:eb:92:d5:1f:2f:a0:af:d2:e4:7b:12:46:85:57:37:6c:8b:
11:9c:d0:8a:c9:f3:18:d3:71:06:33:42:23:c2:21:ce:5f:da:
8f:c9:e3:30:82:48:d1:bd:5c:b0:15:e9:34:96:3f:25:fd:a9:
e1:bb:69:9d:6d:2c:4a:73:7e:f3:c6:31:4d:5e:fc:85:83:8d:
74:7b:9a:f3:4a:02:f7:96:45:88:66:c2:28:b9:9c:cf:e8:8c:
46:c7:bc:b5:1e:e0:a9:98:10:2f:5a:8d:6e:dc:ab:50:b7:62:
ac:16:f4:cb:97:bc:1f:81:18:c0:75:f9:9b:f4:95:ed:33:e5:
52:64:ea:9e:b8:6d:d7:98:3f:96:ba:be:fa:6e:dc:6a:56:e8:
0e:a8:bf:fe:e9:86:48:c5:7d:5f:5c:9a:36:36:fc:01:fc:f8:
de:a0:0c:5d:ce:d4:cd:41:f2:7c:5a:6d:a4:8d:3d:07:06:c8:
29:4a:60:d2:70:e1:0e:0d:38:d8:b0:11:85:1d:d2:85:22:81:
91:27:88:38:52:ca:d9:ba:1f:ed:52:78:e2:84:a6:a7:25:9f:
0d:49:4c:20:b1:42:2b:bd:d6:6e:6a:26:82:3b:56:de:4e:a7:
66:af:e9:d3
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZ6/uyG2hz7YK5DODJ7zuqDVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYzE4NTI3ZTNhMjA2YWYyODQyMDI4ZDk1YWVjNDEzMzhl
OGRhZjgwHhcNMjYwNjEzMDY0NjEyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYWZlNGE3ZGI2ZWE1ZjJhNDQ3NmY5ZTc3YTFmODhiZGViZWIyNTg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtIU1uwVb2KqUrogkSP7/63c7viVp
5TKcBqpvvTsNc9eCnBb6M+uHTypFSnppzsAidKj4eP71CRdtJlteIcHVz24CmUTQ
HWP5h3UMZyG5qpqNLFaHsH/JZSNVrAYiiU1A5xgUNurrRRO//ikqu2A+YgTIqHXp
KQE2K70Sd46PUKCP5bkfmaRs8cykoaSUHMrc/IM2EF+RCBAlCR1wHF6JirwBW+l0
E2CPsRotm72DsjW/+yNWT33gkw881R0No2jHyoVKD+cg97oJZ0WKIgTYl6arnJvq
0ADGxIzi96I1OrouNy/yFy/NXjW0uBtkbetesl7t8ZNxf3gtZRK4YG1PlQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFNr+Sn226l8qRHb553ofiL3r6yWJMB8GA1UdIwQY
MBaAFMPBhSfjogavKEICjZWuxBM46Nr4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMt
MGNiYTMzZWZjNWJiLzEvMnY1S2ZiYnFYeXBFZHZubmVoLUl2ZXZySllrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMtMGNiYTMzZWZjNWJi
LzEvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAPjyKAwQA
PjyTAwQAPjygAwQAPjzbAwQA1bAAMA0GCSqGSIb3DQEBCwUAA4IBAQA+yX7lmh00
4sY6riqViel8s/ve65LVHy+gr9LkexJGhVc3bIsRnNCKyfMY03EGM0IjwiHOX9qP
yeMwgkjRvVywFek0lj8l/anhu2mdbSxKc37zxjFNXvyFg410e5rzSgL3lkWIZsIo
uZzP6IxGx7y1HuCpmBAvWo1u3KtQt2KsFvTLl7wfgRjAdfmb9JXtM+VSZOqeuG3X
mD+Wur76btxqVugOqL/+6YZIxX1fXJo2NvwB/PjeoAxdztTNQfJ8Wm2kjT0HBsgp
SmDScOEODTjYsBGFHdKFIoGRJ4g4UsrZuh/tUnjihKanJZ8NSUwgsUIrvdZuaiaC
O1beTqdmr+nT
-----END CERTIFICATE-----
Generated at Sat Jun 13 10:07:32 2026 by rpki-client