Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/b5d5bb-23c6-4b3d-94c8-42bbf1a6a65b/1/4xL37WdyKuckc1NcWIr3ibRq75U.roa
File: 4xL37WdyKuckc1NcWIr3ibRq75U.roa (raw, json)
Hash identifier: xWEsHO/c9sArzZBLYCNPmJHsetlDx8lTMIghlof+wtk=
Subject key identifier: E3:12:F7:ED:67:72:2A:E7:24:73:53:5C:58:8A:F7:89:B4:6A:EF:95
Certificate issuer: /CN=bd60edf96266b7c0d43836c854ab472cb74db034
Certificate serial: 019D2A82A2A50A138F2FA726C1CCDEB2B74E
Authority key identifier: BD:60:ED:F9:62:66:B7:C0:D4:38:36:C8:54:AB:47:2C:B7:4D:B0:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vWDt-WJmt8DUODbIVKtHLLdNsDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/b5d5bb-23c6-4b3d-94c8-42bbf1a6a65b/1/4xL37WdyKuckc1NcWIr3ibRq75U.roa
Signing time: Thu 26 Mar 2026 14:18:17 +0000
ROA not before: Thu 26 Mar 2026 14:18:17 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 29632
IP address blocks: 62.205.128.0/19 maxlen: 19
62.205.128.0/20 maxlen: 20
62.205.132.0/24 maxlen: 24
62.205.134.0/24 maxlen: 24
62.205.144.0/20 maxlen: 20
62.205.159.0/24 maxlen: 24
195.214.215.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7f/b5d5bb-23c6-4b3d-94c8-42bbf1a6a65b/1/vWDt-WJmt8DUODbIVKtHLLdNsDQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/7f/b5d5bb-23c6-4b3d-94c8-42bbf1a6a65b/1/vWDt-WJmt8DUODbIVKtHLLdNsDQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/vWDt-WJmt8DUODbIVKtHLLdNsDQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 16:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:2a:82:a2:a5:0a:13:8f:2f:a7:26:c1:cc:de:b2:b7:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bd60edf96266b7c0d43836c854ab472cb74db034
Validity
Not Before: Mar 26 14:18:17 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=e312f7ed67722ae72473535c588af789b46aef95
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:5d:2f:18:c4:99:11:6f:77:30:eb:dc:26:4a:
0d:6b:72:9f:c0:89:06:80:27:c2:b1:62:50:7f:d0:
d5:e9:f9:4e:4a:5d:16:93:28:03:30:8a:9d:36:83:
4e:b3:cd:6d:57:4f:55:8f:27:81:f1:db:7d:99:13:
dd:6b:8f:c1:59:c8:68:d2:35:0d:f6:36:38:75:96:
d9:d5:3a:34:b0:e4:c0:f3:49:fc:9d:9d:7c:7a:47:
cb:2f:95:a3:6d:b3:fe:cf:ed:38:26:91:a8:e3:08:
86:85:77:00:bb:73:70:df:c9:cb:df:84:40:7d:0c:
71:60:02:6b:6c:a5:73:76:70:40:d3:3e:ea:1b:1b:
8f:48:3b:26:0b:eb:eb:a4:dc:05:ed:4a:1d:ea:36:
61:80:88:5f:d7:35:15:98:d9:89:aa:c9:78:97:0e:
d8:f0:1f:22:a2:e0:65:bc:8e:48:42:25:cc:4d:b4:
9e:47:3c:d1:55:af:fa:94:d7:ed:9f:ed:16:d9:04:
cc:c5:dc:4f:84:4f:48:5c:dd:55:82:08:d9:11:2e:
0f:4b:c0:81:51:49:2a:71:bf:e0:8c:26:26:a7:3f:
09:4b:ec:20:f9:7d:4f:76:85:23:f4:7f:e9:c1:1c:
cd:08:f9:78:49:07:be:be:a1:04:99:9d:4b:9d:19:
14:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:12:F7:ED:67:72:2A:E7:24:73:53:5C:58:8A:F7:89:B4:6A:EF:95
X509v3 Authority Key Identifier:
keyid:BD:60:ED:F9:62:66:B7:C0:D4:38:36:C8:54:AB:47:2C:B7:4D:B0:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vWDt-WJmt8DUODbIVKtHLLdNsDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/b5d5bb-23c6-4b3d-94c8-42bbf1a6a65b/1/4xL37WdyKuckc1NcWIr3ibRq75U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/b5d5bb-23c6-4b3d-94c8-42bbf1a6a65b/1/vWDt-WJmt8DUODbIVKtHLLdNsDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.205.128.0/19
195.214.215.0/24
Signature Algorithm: sha256WithRSAEncryption
ba:1c:91:8b:94:3e:fe:9d:cc:b1:ef:ef:7d:77:96:ae:61:ca:
70:f0:9f:52:7f:c4:d1:85:e5:8a:84:dc:b1:96:ad:3e:0e:71:
8e:3d:21:3f:76:67:77:eb:31:35:70:2e:2a:7b:1d:65:29:2e:
f5:6e:db:93:61:d0:7f:1d:d4:f3:86:97:55:50:fd:48:e9:3b:
a5:f8:06:e2:60:b4:da:3b:f3:44:f0:a8:a6:86:cb:57:c4:e5:
d7:6e:ea:bd:04:7f:da:1e:68:64:7c:2f:cc:d1:ba:ff:ea:9b:
e4:f4:f4:30:2c:5b:39:de:6a:b3:5f:2a:75:77:07:23:34:5f:
fb:9b:1e:da:3b:0a:51:26:92:fd:40:b2:eb:04:12:da:23:ef:
3f:39:80:f2:b5:d9:28:5a:25:af:0e:66:12:c5:50:26:3e:79:
ab:f1:b3:ea:c3:22:cb:8b:62:10:6e:e3:5e:21:e3:cb:b6:7f:
af:74:38:42:ad:8c:7a:7b:8d:90:a4:14:62:2a:ec:0e:0b:ad:
70:d6:02:95:d9:4c:df:8c:e5:0d:05:ce:89:5c:53:31:13:d9:
42:92:0f:c7:17:69:f5:8e:d0:1c:c8:ff:e3:e2:f4:35:a1:ad:
4f:b2:4f:7b:87:4c:2b:fd:1d:ba:28:77:10:20:b8:8a:b6:cf:
ce:f7:37:3b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZ0qgqKlChOPL6cmwczesrdOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkNjBlZGY5NjI2NmI3YzBkNDM4MzZjODU0YWI0NzJjYjc0
ZGIwMzQwHhcNMjYwMzI2MTQxODE3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzEyZjdlZDY3NzIyYWU3MjQ3MzUzNWM1ODhhZjc4OWI0NmFlZjk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr10vGMSZEW93MOvcJkoNa3KfwIkG
gCfCsWJQf9DV6flOSl0WkygDMIqdNoNOs81tV09VjyeB8dt9mRPda4/BWcho0jUN
9jY4dZbZ1To0sOTA80n8nZ18ekfLL5WjbbP+z+04JpGo4wiGhXcAu3Nw38nL34RA
fQxxYAJrbKVzdnBA0z7qGxuPSDsmC+vrpNwF7Uod6jZhgIhf1zUVmNmJqsl4lw7Y
8B8iouBlvI5IQiXMTbSeRzzRVa/6lNftn+0W2QTMxdxPhE9IXN1VggjZES4PS8CB
UUkqcb/gjCYmpz8JS+wg+X1PdoUj9H/pwRzNCPl4SQe+vqEEmZ1LnRkUSwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOMS9+1ncirnJHNTXFiK94m0au+VMB8GA1UdIwQY
MBaAFL1g7fliZrfA1Dg2yFSrRyy3TbA0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdldEdC1XSm10OERVT0RiSVZLdEhMTGROc0RRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi9iNWQ1YmItMjNjNi00YjNkLTk0Yzgt
NDJiYmYxYTZhNjViLzEvNHhMMzdXZHlLdWNrYzFOY1dJcjNpYlJxNzVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi9iNWQ1YmItMjNjNi00YjNkLTk0YzgtNDJiYmYxYTZhNjVi
LzEvdldEdC1XSm10OERVT0RiSVZLdEhMTGROc0RRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQFPs2AAwQA
w9bXMA0GCSqGSIb3DQEBCwUAA4IBAQC6HJGLlD7+ncyx7+99d5auYcpw8J9Sf8TR
heWKhNyxlq0+DnGOPSE/dmd36zE1cC4qex1lKS71btuTYdB/HdTzhpdVUP1I6Tul
+AbiYLTaO/NE8KimhstXxOXXbuq9BH/aHmhkfC/M0br/6pvk9PQwLFs53mqzXyp1
dwcjNF/7mx7aOwpRJpL9QLLrBBLaI+8/OYDytdkoWiWvDmYSxVAmPnmr8bPqwyLL
i2IQbuNeIePLtn+vdDhCrYx6e42QpBRiKuwOC61w1gKV2UzfjOUNBc6JXFMxE9lC
kg/HF2n1jtAcyP/j4vQ1oa1Psk97h0wr/R26KHcQILiKts/O9zc7
-----END CERTIFICATE-----
Generated at Fri Apr 17 23:23:16 2026 by rpki-client