Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/AaUr_dffnDoKax9ioQFPs0fyF1E.roa
File: AaUr_dffnDoKax9ioQFPs0fyF1E.roa (raw, json)
Hash identifier: xUUyNOjfoVVFcyRYunFBOeObFu44dbGyvv9BKr7nA4Y=
Subject key identifier: 01:A5:2B:FD:D7:DF:9C:3A:0A:6B:1F:62:A1:01:4F:B3:47:F2:17:51
Certificate issuer: /CN=c3c18527e3a206af2842028d95aec41338e8daf8
Certificate serial: 01987D25DA197E85E3F8E269D99ACAE3AAFE
Authority key identifier: C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/AaUr_dffnDoKax9ioQFPs0fyF1E.roa
Signing time: Wed 06 Aug 2025 02:11:29 +0000
ROA not before: Wed 06 Aug 2025 02:11:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211522
IP address blocks: 62.60.152.0/23 maxlen: 24
62.60.172.0/22 maxlen: 24
62.60.216.0/23 maxlen: 24
62.60.244.0/22 maxlen: 24
62.60.248.0/23 maxlen: 24
62.60.251.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.crl
rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.mft
rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 10 Aug 2025 20:00:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:7d:25:da:19:7e:85:e3:f8:e2:69:d9:9a:ca:e3:aa:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3c18527e3a206af2842028d95aec41338e8daf8
Validity
Not Before: Aug 6 02:11:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=01a52bfdd7df9c3a0a6b1f62a1014fb347f21751
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:65:f3:88:39:9e:67:ee:e8:a4:4d:c8:e4:7b:
c1:f3:73:c9:01:6c:bc:a7:23:80:97:74:f6:33:16:
70:0c:d9:be:a9:1b:6a:7c:36:20:e7:ec:05:1d:f8:
0f:e5:25:b3:55:ca:81:dc:55:d1:c7:8b:5f:43:0f:
8d:0d:d6:7d:30:64:47:37:a7:02:68:1c:45:83:d0:
90:40:dd:56:53:f9:da:46:5b:10:3f:34:15:63:64:
fe:14:92:8b:3d:36:1c:97:a6:87:6e:62:b1:f6:6b:
01:4d:7b:bb:e4:47:66:f8:13:bc:13:b3:33:8f:5a:
7a:57:d8:c9:da:d7:85:0c:d1:09:f5:27:d0:0c:78:
06:03:28:5f:d8:a5:a4:01:57:0a:c3:9a:fe:77:bb:
2d:ca:50:62:92:a0:b7:69:e8:d4:f7:f2:7f:e9:4a:
55:7d:ef:cd:13:1b:13:06:ff:40:ac:a6:0b:11:83:
db:cf:cd:01:d3:60:e2:1b:36:bc:3e:a7:6d:e1:ff:
1f:45:11:be:75:34:ea:2a:d4:bf:2d:f5:a3:9f:e6:
1b:6e:59:34:c9:72:8a:c9:91:da:96:94:fa:5a:85:
2e:a2:14:86:ac:66:d5:89:fe:42:0a:0c:50:4a:ba:
c9:b1:58:1b:a3:9b:71:cf:e9:67:3f:89:79:9b:71:
99:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:A5:2B:FD:D7:DF:9C:3A:0A:6B:1F:62:A1:01:4F:B3:47:F2:17:51
X509v3 Authority Key Identifier:
keyid:C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/AaUr_dffnDoKax9ioQFPs0fyF1E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.60.152.0/23
62.60.172.0/22
62.60.216.0/23
62.60.244.0-62.60.249.255
62.60.251.0/24
Signature Algorithm: sha256WithRSAEncryption
ab:2a:fd:e2:e8:cf:7c:52:d0:ed:39:ce:69:68:9d:8b:2f:28:
4a:6b:ac:4e:60:24:9d:47:61:fa:24:5b:00:c8:4c:cc:e5:8a:
1d:25:10:cb:70:f6:43:63:cd:df:a8:04:eb:1d:45:cd:c9:8b:
b0:62:89:87:07:b0:10:ce:f9:11:2e:06:75:23:bc:52:66:e5:
af:80:73:8b:e8:a0:0e:f4:90:75:ed:59:1e:23:d1:f8:80:2a:
73:f6:84:41:c4:a4:d4:49:0c:8f:59:1c:5e:01:35:7a:d3:a3:
f3:a1:30:76:db:f5:57:01:12:91:6e:93:46:36:13:81:35:dc:
31:06:a9:22:60:ca:c6:32:90:71:f4:63:b9:7a:fd:8d:e2:9e:
f9:78:1a:26:61:a7:44:b2:d3:58:86:5c:be:94:f5:ee:96:96:
c7:87:b6:44:b0:d7:b2:46:bf:af:5d:5f:01:c5:cf:ff:02:39:
0d:cc:1b:32:cc:ed:d9:37:d1:13:08:6a:4e:a0:f1:53:f8:7b:
f9:43:3f:c2:77:d5:34:27:4b:6b:3a:55:74:b9:97:2d:a1:ff:
4e:7c:80:8d:3a:5f:45:d1:ed:c0:34:7c:bb:84:51:a0:36:ad:
80:69:43:91:6c:74:1c:2e:c6:6c:a4:16:f6:93:85:05:05:80:
4d:e8:42:8f
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZh9JdoZfoXj+OJp2ZrK46r+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYzE4NTI3ZTNhMjA2YWYyODQyMDI4ZDk1YWVjNDEzMzhl
OGRhZjgwHhcNMjUwODA2MDIxMTI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMWE1MmJmZGQ3ZGY5YzNhMGE2YjFmNjJhMTAxNGZiMzQ3ZjIxNzUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2XziDmeZ+7opE3I5HvB83PJAWy8
pyOAl3T2MxZwDNm+qRtqfDYg5+wFHfgP5SWzVcqB3FXRx4tfQw+NDdZ9MGRHN6cC
aBxFg9CQQN1WU/naRlsQPzQVY2T+FJKLPTYcl6aHbmKx9msBTXu75Edm+BO8E7Mz
j1p6V9jJ2teFDNEJ9SfQDHgGAyhf2KWkAVcKw5r+d7stylBikqC3aejU9/J/6UpV
fe/NExsTBv9ArKYLEYPbz80B02DiGza8Pqdt4f8fRRG+dTTqKtS/LfWjn+Ybblk0
yXKKyZHalpT6WoUuohSGrGbVif5CCgxQSrrJsVgbo5txz+lnP4l5m3GZJQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFAGlK/3X35w6CmsfYqEBT7NH8hdRMB8GA1UdIwQY
MBaAFMPBhSfjogavKEICjZWuxBM46Nr4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMt
MGNiYTMzZWZjNWJiLzEvQWFVcl9kZmZuRG9LYXg5aW9RRlBzMGZ5RjFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMtMGNiYTMzZWZjNWJi
LzEvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQBPjyYAwQC
PjysAwQBPjzYMAwDBAI+PPQDBAE+PPgDBAA+PPswDQYJKoZIhvcNAQELBQADggEB
AKsq/eLoz3xS0O05zmlonYsvKEprrE5gJJ1HYfokWwDITMzlih0lEMtw9kNjzd+o
BOsdRc3Ji7BiiYcHsBDO+REuBnUjvFJm5a+Ac4vooA70kHXtWR4j0fiAKnP2hEHE
pNRJDI9ZHF4BNXrTo/OhMHbb9VcBEpFuk0Y2E4E13DEGqSJgysYykHH0Y7l6/Y3i
nvl4GiZhp0Sy01iGXL6U9e6WlseHtkSw17JGv69dXwHFz/8COQ3MGzLM7dk30RMI
ak6g8VP4e/lDP8J31TQnS2s6VXS5ly2h/058gI06X0XR7cA0fLuEUaA2rYBpQ5Fs
dBwuxmykFvaThQUFgE3oQo8=
-----END CERTIFICATE-----
Generated at Sun Aug 10 05:32:49 2025 by rpki-client