Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/v9aN8eUHGc2cFY92JIet8EBdxvQ.roa
File: v9aN8eUHGc2cFY92JIet8EBdxvQ.roa (raw, json)
Hash identifier: ASnHZNq0YfQo/Dbs5rOcZaP8TTutwFdbeAepCV67R0g=
Subject key identifier: BF:D6:8D:F1:E5:07:19:CD:9C:15:8F:76:24:87:AD:F0:40:5D:C6:F4
Certificate issuer: /CN=c3c18527e3a206af2842028d95aec41338e8daf8
Certificate serial: 01987D30D6A3A0E5887F8378C2C8BA1F52FC
Authority key identifier: C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/v9aN8eUHGc2cFY92JIet8EBdxvQ.roa
Signing time: Wed 06 Aug 2025 02:23:29 +0000
ROA not before: Wed 06 Aug 2025 02:23:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210644
IP address blocks: 62.60.148.0/22 maxlen: 24
62.60.152.0/23 maxlen: 24
62.60.154.0/23 maxlen: 24
62.60.156.0/22 maxlen: 24
62.60.172.0/22 maxlen: 24
62.60.176.0/22 maxlen: 24
62.60.186.0/24 maxlen: 24
62.60.216.0/23 maxlen: 24
62.60.228.0/22 maxlen: 24
62.60.235.0/24 maxlen: 24
62.60.236.0/22 maxlen: 24
62.60.240.0/22 maxlen: 24
62.60.244.0/22 maxlen: 24
62.60.248.0/24 maxlen: 24
62.60.249.0/24 maxlen: 24
62.60.250.0/24 maxlen: 24
62.60.251.0/24 maxlen: 24
62.60.252.0/22 maxlen: 24
213.176.64.0/22 maxlen: 24
213.176.74.0/23 maxlen: 24
213.176.92.0/22 maxlen: 24
213.176.112.0/22 maxlen: 24
213.176.116.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.crl
rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.mft
rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 10 Aug 2025 11:00:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:7d:30:d6:a3:a0:e5:88:7f:83:78:c2:c8:ba:1f:52:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3c18527e3a206af2842028d95aec41338e8daf8
Validity
Not Before: Aug 6 02:23:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bfd68df1e50719cd9c158f762487adf0405dc6f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:eb:09:32:dc:72:d1:13:7e:83:f7:bb:18:b6:
25:45:00:9e:a7:e7:84:e6:16:7d:25:f6:50:7e:77:
7e:e1:53:f2:3f:8c:fc:b2:95:7a:45:07:4a:20:90:
f7:a7:b8:41:49:b1:ef:86:4f:12:f8:99:0d:37:48:
a8:4b:d2:e4:d5:a6:30:ba:18:49:e7:d1:e3:f8:36:
d9:64:4d:81:d0:11:c0:c6:a2:40:38:2a:27:26:fd:
13:6d:48:33:75:65:17:58:90:0e:08:28:03:3f:9a:
6d:7c:62:8d:9d:17:c7:55:65:8f:6e:7b:de:d3:74:
93:3a:6d:26:d3:2e:76:55:96:58:e4:1e:d8:65:9e:
db:7e:32:b0:ff:4d:71:64:4d:39:61:a2:98:3a:e1:
e6:ad:73:d1:5d:fc:aa:cd:66:57:02:23:1a:bd:b2:
c2:b7:e7:bb:48:cf:34:28:4b:8e:a8:77:6c:cb:02:
6a:a2:1a:63:eb:ba:ec:00:9a:a7:07:23:b2:7c:7a:
23:9b:55:a9:cf:04:69:f6:09:06:fc:09:b8:10:e7:
36:38:81:2c:3a:b9:76:f8:dc:25:79:c5:5c:16:5f:
4c:e2:17:4d:fc:1d:0a:b0:9e:13:ce:7d:a6:88:ef:
ff:40:be:34:80:f7:aa:f6:0e:ca:82:b3:29:0f:a9:
0a:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:D6:8D:F1:E5:07:19:CD:9C:15:8F:76:24:87:AD:F0:40:5D:C6:F4
X509v3 Authority Key Identifier:
keyid:C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/v9aN8eUHGc2cFY92JIet8EBdxvQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.60.148.0-62.60.159.255
62.60.172.0-62.60.179.255
62.60.186.0/24
62.60.216.0/23
62.60.228.0/22
62.60.235.0-62.60.255.255
213.176.64.0/22
213.176.74.0/23
213.176.92.0/22
213.176.112.0/21
Signature Algorithm: sha256WithRSAEncryption
2c:ff:af:33:ba:94:b3:eb:aa:f7:21:91:24:0e:ad:11:a9:b6:
cd:6a:33:93:92:db:be:99:15:85:c2:88:f5:c5:76:7a:49:a6:
55:f5:f9:5c:de:31:f3:e7:47:94:4d:5e:8c:bc:29:d9:7e:7d:
cb:01:8d:93:b6:16:67:a8:cc:c5:d3:30:8e:76:1f:2d:1c:5d:
b2:ba:1a:f2:c9:88:d4:42:09:8a:c3:d0:79:ae:2d:a2:cc:54:
05:3a:86:c1:ec:4f:0a:2e:9e:49:dc:60:74:5c:07:8a:d7:6c:
9b:fa:65:6f:b1:5d:8d:7e:29:ce:ac:f2:40:14:65:be:8c:b6:
e5:1d:24:01:b8:5b:4e:59:f5:04:24:b1:ea:c4:86:10:80:9d:
17:5e:c3:76:13:4d:82:d7:e9:6e:68:5f:a5:1c:63:7b:55:02:
63:bb:ab:ce:dc:cf:ce:0d:22:f6:8b:71:d9:fd:41:1f:77:21:
17:b6:c1:d1:dd:f3:7b:1c:8d:d6:f2:76:63:77:55:b6:25:63:
76:58:2c:02:8a:f1:a4:dc:a9:d1:38:7a:c4:29:53:24:25:92:
0f:71:09:8b:d9:05:af:ff:70:ed:f2:27:0e:b0:9e:47:d7:a9:
57:02:49:48:a6:e9:9d:3a:a3:e9:df:e0:39:a7:ae:79:ef:74:
c8:45:ea:1e
-----BEGIN CERTIFICATE-----
MIIFSjCCBDKgAwIBAgISAZh9MNajoOWIf4N4wsi6H1L8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYzE4NTI3ZTNhMjA2YWYyODQyMDI4ZDk1YWVjNDEzMzhl
OGRhZjgwHhcNMjUwODA2MDIyMzI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZmQ2OGRmMWU1MDcxOWNkOWMxNThmNzYyNDg3YWRmMDQwNWRjNmY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo+sJMtxy0RN+g/e7GLYlRQCep+eE
5hZ9JfZQfnd+4VPyP4z8spV6RQdKIJD3p7hBSbHvhk8S+JkNN0ioS9Lk1aYwuhhJ
59Hj+DbZZE2B0BHAxqJAOConJv0TbUgzdWUXWJAOCCgDP5ptfGKNnRfHVWWPbnve
03STOm0m0y52VZZY5B7YZZ7bfjKw/01xZE05YaKYOuHmrXPRXfyqzWZXAiMavbLC
t+e7SM80KEuOqHdsywJqohpj67rsAJqnByOyfHojm1WpzwRp9gkG/Am4EOc2OIEs
Orl2+NwlecVcFl9M4hdN/B0KsJ4Tzn2miO//QL40gPeq9g7KgrMpD6kKbQIDAQAB
o4ICVjCCAlIwHQYDVR0OBBYEFL/WjfHlBxnNnBWPdiSHrfBAXcb0MB8GA1UdIwQY
MBaAFMPBhSfjogavKEICjZWuxBM46Nr4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMt
MGNiYTMzZWZjNWJiLzEvdjlhTjhlVUhHYzJjRlk5MkpJZXQ4RUJkeHZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMtMGNiYTMzZWZjNWJi
LzEvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGwGCCsGAQUFBwEHAQH/BF0wWzBZBAIAATBTMAwDBAI+PJQD
BAU+PIAwDAMEAj48rAMEAj48sAMEAD48ugMEAT482AMEAj485DALAwQAPjzrAwMA
PjwDBALVsEADBAHVsEoDBALVsFwDBAPVsHAwDQYJKoZIhvcNAQELBQADggEBACz/
rzO6lLPrqvchkSQOrRGpts1qM5OS276ZFYXCiPXFdnpJplX1+VzeMfPnR5RNXoy8
Kdl+fcsBjZO2FmeozMXTMI52Hy0cXbK6GvLJiNRCCYrD0HmuLaLMVAU6hsHsTwou
nkncYHRcB4rXbJv6ZW+xXY1+Kc6s8kAUZb6MtuUdJAG4W05Z9QQkserEhhCAnRde
w3YTTYLX6W5oX6UcY3tVAmO7q87cz84NIvaLcdn9QR93IRe2wdHd83scjdbydmN3
VbYlY3ZYLAKK8aTcqdE4esQpUyQlkg9xCYvZBa//cO3yJw6wnkfXqVcCSUim6Z06
o+nf4DmnrnnvdMhF6h4=
-----END CERTIFICATE-----
Generated at Sat Aug 9 20:51:24 2025 by rpki-client