Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/FYUqU8QWOLIjFef4sxjXi2SRgiE.roa
File: FYUqU8QWOLIjFef4sxjXi2SRgiE.roa (raw, json)
Hash identifier: YKJ2KcRNhHoxqeVVhOtsB2AOrHfzUODw+6sEzqJPF4k=
Subject key identifier: 15:85:2A:53:C4:16:38:B2:23:15:E7:F8:B3:18:D7:8B:64:91:82:21
Certificate issuer: /CN=c3c18527e3a206af2842028d95aec41338e8daf8
Certificate serial: 019C93B1295D936D5C0642E0B9945EC01459
Authority key identifier: C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/FYUqU8QWOLIjFef4sxjXi2SRgiE.roa
Signing time: Wed 25 Feb 2026 07:26:26 +0000
ROA not before: Wed 25 Feb 2026 07:26:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 15611
IP address blocks: 62.60.136.0/24 maxlen: 24
62.60.137.0/24 maxlen: 24
62.60.139.0/24 maxlen: 24
62.60.140.0/24 maxlen: 24
62.60.142.0/24 maxlen: 24
62.60.145.0/24 maxlen: 24
62.60.152.0/23 maxlen: 24
62.60.154.0/23 maxlen: 24
62.60.168.0/22 maxlen: 24
62.60.224.0/24 maxlen: 24
62.60.225.0/24 maxlen: 24
213.176.3.0/24 maxlen: 24
213.176.4.0/24 maxlen: 24
213.176.5.0/24 maxlen: 24
213.176.96.0/24 maxlen: 24
213.176.122.0/24 maxlen: 24
213.176.123.0/24 maxlen: 24
213.176.124.0/24 maxlen: 24
213.176.125.0/24 maxlen: 24
2001:790::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.crl
rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.mft
rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 07:00:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:93:b1:29:5d:93:6d:5c:06:42:e0:b9:94:5e:c0:14:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3c18527e3a206af2842028d95aec41338e8daf8
Validity
Not Before: Feb 25 07:26:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=15852a53c41638b22315e7f8b318d78b64918221
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:a7:d5:fe:82:76:b4:94:5d:20:cf:6a:e1:03:
f9:e7:9b:9a:90:9b:79:cb:e4:08:85:4a:78:98:2e:
5b:11:b7:0d:6e:e9:2e:9f:c0:d9:15:0b:16:62:c4:
ca:c5:3f:0a:f5:2e:ef:0f:27:76:d1:3f:38:8a:e8:
e8:33:45:a2:f1:bd:eb:30:25:f6:a8:d8:46:d1:d9:
77:9c:c6:ff:31:3e:a1:68:66:62:e5:a3:46:4e:23:
ab:68:23:d9:a6:5d:0b:4b:d4:e9:14:96:a0:e3:9f:
49:fa:4a:5a:ea:74:71:7d:51:e0:c0:0e:e7:f9:22:
af:d9:b7:20:7f:34:44:d5:b4:07:73:57:a3:ea:5f:
fc:4b:7e:e7:46:72:de:73:11:00:2c:c8:0e:f9:c0:
3c:cf:6a:ae:4e:cf:35:7e:3b:96:bf:b9:cc:42:af:
5a:35:95:b4:64:81:9b:0b:e4:52:e5:72:69:a0:a9:
14:52:fc:a9:0f:d8:df:31:b9:51:21:92:33:82:fd:
b4:24:6b:04:ca:54:45:bb:52:4f:62:16:e9:f7:a6:
f3:2d:56:3d:7b:0a:fd:31:a2:27:5f:1a:75:c1:de:
60:1a:38:36:35:8b:2d:a6:9e:14:44:9f:17:c3:1b:
e7:92:72:47:5d:50:d4:6a:16:28:2a:c6:a6:90:e6:
e3:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:85:2A:53:C4:16:38:B2:23:15:E7:F8:B3:18:D7:8B:64:91:82:21
X509v3 Authority Key Identifier:
keyid:C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/FYUqU8QWOLIjFef4sxjXi2SRgiE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.60.136.0/23
62.60.139.0-62.60.140.255
62.60.142.0/24
62.60.145.0/24
62.60.152.0/22
62.60.168.0/22
62.60.224.0/23
213.176.3.0-213.176.5.255
213.176.96.0/24
213.176.122.0-213.176.125.255
IPv6:
2001:790::/32
Signature Algorithm: sha256WithRSAEncryption
10:94:7d:17:6b:44:6f:45:74:7c:ff:05:9e:0f:f5:d7:36:f0:
53:0a:50:a9:3c:d9:34:02:19:45:8b:b6:5a:16:cd:bf:56:4e:
28:b4:c2:b5:f4:54:c2:45:28:c3:de:59:79:7e:0b:11:bd:83:
83:b6:bb:bd:33:6c:5e:fe:9f:9b:a7:2e:d1:4f:12:1c:9f:71:
8b:69:c9:79:d2:d8:56:ea:25:5d:65:67:f5:5d:ce:ec:f2:ef:
22:1d:30:20:4e:28:31:8d:5a:01:99:86:c3:35:7d:6a:2f:f4:
11:af:93:87:74:ac:04:55:7d:e4:6d:4f:df:66:c2:ba:73:55:
33:c9:09:29:ae:55:b3:80:9b:86:bd:9a:25:b9:bb:90:d8:99:
76:9b:a1:22:75:16:fc:f8:ff:82:e1:70:40:71:9b:21:8f:6b:
d5:28:fb:7f:f2:52:3a:e1:75:f8:df:a9:c7:a3:86:93:b2:46:
4f:a2:85:d0:b1:e6:ba:f5:61:91:9c:7b:eb:0f:8c:34:9f:47:
1e:5b:56:5d:6c:f0:2b:81:86:65:97:29:9c:b2:74:85:14:0a:
2b:33:e5:56:5a:85:72:e1:08:3e:36:aa:f0:9d:be:a3:50:63:
fa:d5:5a:ca:88:33:b2:22:7b:3b:dc:9d:ea:76:31:fe:6a:4e:
a9:24:a0:01
-----BEGIN CERTIFICATE-----
MIIFWjCCBEKgAwIBAgISAZyTsSldk21cBkLguZRewBRZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYzE4NTI3ZTNhMjA2YWYyODQyMDI4ZDk1YWVjNDEzMzhl
OGRhZjgwHhcNMjYwMjI1MDcyNjI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNTg1MmE1M2M0MTYzOGIyMjMxNWU3ZjhiMzE4ZDc4YjY0OTE4MjIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmafV/oJ2tJRdIM9q4QP555uakJt5
y+QIhUp4mC5bEbcNbukun8DZFQsWYsTKxT8K9S7vDyd20T84iujoM0Wi8b3rMCX2
qNhG0dl3nMb/MT6haGZi5aNGTiOraCPZpl0LS9TpFJag459J+kpa6nRxfVHgwA7n
+SKv2bcgfzRE1bQHc1ej6l/8S37nRnLecxEALMgO+cA8z2quTs81fjuWv7nMQq9a
NZW0ZIGbC+RS5XJpoKkUUvypD9jfMblRIZIzgv20JGsEylRFu1JPYhbp96bzLVY9
ewr9MaInXxp1wd5gGjg2NYstpp4URJ8XwxvnknJHXVDUahYoKsamkObjowIDAQAB
o4ICZjCCAmIwHQYDVR0OBBYEFBWFKlPEFjiyIxXn+LMY14tkkYIhMB8GA1UdIwQY
MBaAFMPBhSfjogavKEICjZWuxBM46Nr4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMt
MGNiYTMzZWZjNWJiLzEvRllVcVU4UVdPTElqRmVmNHN4alhpMlNSZ2lFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMtMGNiYTMzZWZjNWJi
LzEvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHwGCCsGAQUFBwEHAQH/BG0wazBaBAIAATBUAwQBPjyIMAwD
BAA+PIsDBAA+PIwDBAA+PI4DBAA+PJEDBAI+PJgDBAI+PKgDBAE+POAwDAMEANWw
AwMEAdWwBAMEANWwYDAMAwQB1bB6AwQB1bB8MA0EAgACMAcDBQAgAQeQMA0GCSqG
SIb3DQEBCwUAA4IBAQAQlH0Xa0RvRXR8/wWeD/XXNvBTClCpPNk0AhlFi7ZaFs2/
Vk4otMK19FTCRSjD3ll5fgsRvYODtru9M2xe/p+bpy7RTxIcn3GLacl50thW6iVd
ZWf1Xc7s8u8iHTAgTigxjVoBmYbDNX1qL/QRr5OHdKwEVX3kbU/fZsK6c1UzyQkp
rlWzgJuGvZolubuQ2Jl2m6EidRb8+P+C4XBAcZshj2vVKPt/8lI64XX436nHo4aT
skZPooXQsea69WGRnHvrD4w0n0ceW1ZdbPArgYZllymcsnSFFAorM+VWWoVy4Qg+
Nqrwnb6jUGP61VrKiDOyIns73J3qdjH+ak6pJKAB
-----END CERTIFICATE-----
Generated at Mon Mar 2 12:53:24 2026 by rpki-client