Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/d765a4-54eb-410d-8f3d-689ba4d33c4b/1/K4xCdnhBZ_LTp1EUPDVlQMfBXVU.roa
File: K4xCdnhBZ_LTp1EUPDVlQMfBXVU.roa (raw, json)
Hash identifier: 0SSaEOqC5lcPOFsmccHT1RA1HgUBIU0mV5Hq5IzISvU=
Subject key identifier: 2B:8C:42:76:78:41:67:F2:D3:A7:51:14:3C:35:65:40:C7:C1:5D:55
Certificate issuer: /CN=493a2d48376330a582faf3e3032ef7b0bcca33e8
Certificate serial: 019A16538295CB4EC98FC6274D7BE2907D23
Authority key identifier: 49:3A:2D:48:37:63:30:A5:82:FA:F3:E3:03:2E:F7:B0:BC:CA:33:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/STotSDdjMKWC-vPjAy73sLzKM-g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/d765a4-54eb-410d-8f3d-689ba4d33c4b/1/K4xCdnhBZ_LTp1EUPDVlQMfBXVU.roa
Signing time: Fri 24 Oct 2025 13:06:02 +0000
ROA not before: Fri 24 Oct 2025 13:06:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8565
IP address blocks: 62.244.64.0/22 maxlen: 22
62.244.68.0/23 maxlen: 23
62.244.82.0/23 maxlen: 23
62.244.100.0/22 maxlen: 24
62.244.104.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/24/d765a4-54eb-410d-8f3d-689ba4d33c4b/1/STotSDdjMKWC-vPjAy73sLzKM-g.crl
rsync://rpki.ripe.net/repository/DEFAULT/24/d765a4-54eb-410d-8f3d-689ba4d33c4b/1/STotSDdjMKWC-vPjAy73sLzKM-g.mft
rsync://rpki.ripe.net/repository/DEFAULT/STotSDdjMKWC-vPjAy73sLzKM-g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 03:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:16:53:82:95:cb:4e:c9:8f:c6:27:4d:7b:e2:90:7d:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=493a2d48376330a582faf3e3032ef7b0bcca33e8
Validity
Not Before: Oct 24 13:06:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2b8c4276784167f2d3a751143c356540c7c15d55
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:a7:64:91:41:db:b9:ad:d1:b1:a3:89:f4:35:
70:75:f4:a8:af:3d:30:70:a4:d7:57:74:e5:f8:3d:
cd:63:2b:f6:b2:cd:b1:7e:02:ae:7f:c5:a6:d1:8a:
9f:8a:04:c0:89:c2:85:ab:d7:bb:1b:3e:d8:a4:cd:
1e:04:48:d0:9c:98:5c:58:06:0c:db:40:52:8c:a7:
a5:91:6d:2b:ab:69:ac:a1:b1:35:01:8d:f8:0f:9b:
68:47:c6:34:a5:2f:59:06:82:de:c4:85:d5:6e:dc:
7e:e3:55:9b:68:80:24:50:b9:5e:3e:0b:43:19:75:
a3:51:3c:9d:b4:82:27:13:5e:63:ba:a1:87:ff:c1:
ee:ad:7f:1f:54:7e:02:a1:39:be:4a:00:e0:f0:9f:
8a:3f:e7:f3:0b:0d:70:08:95:58:ba:b8:02:21:39:
6b:ab:2a:10:25:a8:e7:97:6a:eb:9a:1c:c1:e8:27:
86:97:8a:0b:57:e5:13:e7:70:e4:65:bf:0a:2c:2e:
b8:6c:6f:c1:b6:8c:d3:61:da:54:32:14:04:ca:98:
39:9a:b0:45:e4:66:7e:e8:73:09:dd:b6:7f:d4:5c:
14:26:d6:11:0c:5e:0b:f8:d7:91:32:da:9f:1a:e7:
93:52:e4:56:65:83:0e:89:6a:88:08:cd:72:0d:4a:
76:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:8C:42:76:78:41:67:F2:D3:A7:51:14:3C:35:65:40:C7:C1:5D:55
X509v3 Authority Key Identifier:
keyid:49:3A:2D:48:37:63:30:A5:82:FA:F3:E3:03:2E:F7:B0:BC:CA:33:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/STotSDdjMKWC-vPjAy73sLzKM-g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/d765a4-54eb-410d-8f3d-689ba4d33c4b/1/K4xCdnhBZ_LTp1EUPDVlQMfBXVU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/d765a4-54eb-410d-8f3d-689ba4d33c4b/1/STotSDdjMKWC-vPjAy73sLzKM-g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.244.64.0-62.244.69.255
62.244.82.0/23
62.244.100.0-62.244.107.255
Signature Algorithm: sha256WithRSAEncryption
4b:e6:a3:e9:1f:b6:7a:f1:a5:8f:13:6c:15:4b:1c:aa:e2:21:
8f:53:ba:88:9a:55:a9:9b:ef:b3:b2:d1:e3:d7:82:43:20:07:
be:c8:63:8e:f4:ea:eb:51:09:fc:9e:a7:b6:cf:ee:a3:c6:b8:
2c:60:5a:88:ea:c9:be:f7:1b:86:8d:6f:c7:a6:5c:fb:40:37:
88:d9:f0:71:41:a5:8f:54:f2:4a:a9:84:89:5b:b9:33:f2:af:
8b:e3:84:8f:50:28:a1:f3:2b:4e:c4:d8:e5:d7:d9:8c:64:54:
4c:b7:68:7c:33:49:9e:ed:64:8f:3b:ce:11:11:b1:4c:7a:35:
d1:ad:22:84:0e:dd:e0:ab:98:63:99:88:9c:2d:4c:be:ba:c0:
21:74:ba:ea:eb:32:21:f7:46:80:e3:ae:4c:9d:e0:25:d2:37:
a2:c4:f1:e0:a5:66:18:de:80:76:9c:6c:fb:24:3d:3b:9f:c8:
d0:0d:c7:cf:83:a5:41:d4:00:48:a4:97:9f:fe:ea:b5:7c:c4:
78:64:b0:f5:49:22:39:d7:33:22:59:0c:f2:6a:e5:d1:be:54:
91:69:dc:58:e3:74:35:fe:16:36:cb:c2:81:87:4f:fc:25:fd:
cb:a6:c8:38:98:29:b7:36:c9:d7:d6:f8:98:e2:5c:cb:c1:5d:
cf:38:e5:16
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZoWU4KVy07Jj8YnTXvikH0jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5M2EyZDQ4Mzc2MzMwYTU4MmZhZjNlMzAzMmVmN2IwYmNj
YTMzZTgwHhcNMjUxMDI0MTMwNjAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjhjNDI3Njc4NDE2N2YyZDNhNzUxMTQzYzM1NjU0MGM3YzE1ZDU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqadkkUHbua3RsaOJ9DVwdfSorz0w
cKTXV3Tl+D3NYyv2ss2xfgKuf8Wm0YqfigTAicKFq9e7Gz7YpM0eBEjQnJhcWAYM
20BSjKelkW0rq2msobE1AY34D5toR8Y0pS9ZBoLexIXVbtx+41WbaIAkULlePgtD
GXWjUTydtIInE15juqGH/8HurX8fVH4CoTm+SgDg8J+KP+fzCw1wCJVYurgCITlr
qyoQJajnl2rrmhzB6CeGl4oLV+UT53DkZb8KLC64bG/BtozTYdpUMhQEypg5mrBF
5GZ+6HMJ3bZ/1FwUJtYRDF4L+NeRMtqfGueTUuRWZYMOiWqICM1yDUp2UwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFCuMQnZ4QWfy06dRFDw1ZUDHwV1VMB8GA1UdIwQY
MBaAFEk6LUg3YzClgvrz4wMu97C8yjPoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1RvdFNEZGpNS1dDLXZQakF5NzNzTHpLTS1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC9kNzY1YTQtNTRlYi00MTBkLThmM2Qt
Njg5YmE0ZDMzYzRiLzEvSzR4Q2RuaEJaX0xUcDFFVVBEVmxRTWZCWFZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC9kNzY1YTQtNTRlYi00MTBkLThmM2QtNjg5YmE0ZDMzYzRi
LzEvU1RvdFNEZGpNS1dDLXZQakF5NzNzTHpLTS1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiMAwDBAY+9EAD
BAE+9EQDBAE+9FIwDAMEAj70ZAMEAj70aDANBgkqhkiG9w0BAQsFAAOCAQEAS+aj
6R+2evGljxNsFUscquIhj1O6iJpVqZvvs7LR49eCQyAHvshjjvTq61EJ/J6nts/u
o8a4LGBaiOrJvvcbho1vx6Zc+0A3iNnwcUGlj1TySqmEiVu5M/Kvi+OEj1AoofMr
TsTY5dfZjGRUTLdofDNJnu1kjzvOERGxTHo10a0ihA7d4KuYY5mInC1MvrrAIXS6
6usyIfdGgOOuTJ3gJdI3osTx4KVmGN6Adpxs+yQ9O5/I0A3Hz4OlQdQASKSXn/7q
tXzEeGSw9UkiOdczIlkM8mrl0b5UkWncWON0Nf4WNsvCgYdP/CX9y6bIOJgptzbJ
19b4mOJcy8FdzzjlFg==
-----END CERTIFICATE-----
Generated at Wed Nov 5 09:05:36 2025 by rpki-client