Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/b5d5bb-23c6-4b3d-94c8-42bbf1a6a65b/1/dH1EdCv4F3zFBiGZJ_XAaJoKuB8.roa
File: dH1EdCv4F3zFBiGZJ_XAaJoKuB8.roa (raw, json)
Hash identifier: uO4JYjbK0aD9KVhI/8JLgIx8rPTIvs6HrJy/vrwJ/Vc=
Subject key identifier: 74:7D:44:74:2B:F8:17:7C:C5:06:21:99:27:F5:C0:68:9A:0A:B8:1F
Certificate issuer: /CN=bd60edf96266b7c0d43836c854ab472cb74db034
Certificate serial: 0198558485F4499B130A6BE781E44A715757
Authority key identifier: BD:60:ED:F9:62:66:B7:C0:D4:38:36:C8:54:AB:47:2C:B7:4D:B0:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vWDt-WJmt8DUODbIVKtHLLdNsDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/b5d5bb-23c6-4b3d-94c8-42bbf1a6a65b/1/dH1EdCv4F3zFBiGZJ_XAaJoKuB8.roa
Signing time: Tue 29 Jul 2025 09:30:05 +0000
ROA not before: Tue 29 Jul 2025 09:30:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8772
IP address blocks: 62.205.128.0/19 maxlen: 19
62.205.128.0/20 maxlen: 20
62.205.132.0/24 maxlen: 24
62.205.134.0/24 maxlen: 24
62.205.144.0/20 maxlen: 20
62.205.159.0/24 maxlen: 24
195.214.212.0/24 maxlen: 24
195.214.215.0/24 maxlen: 24
2a01:d0::/29 maxlen: 48
2a01:d0:4::/48 maxlen: 48
2a01:d0:a::/48 maxlen: 48
2a01:d0:28::/48 maxlen: 48
2a01:d0:3a::/48 maxlen: 48
2a01:d0:3b::/48 maxlen: 48
2a01:d0:43::/48 maxlen: 48
2a01:d0:105::/48 maxlen: 48
2a01:d0:303::/48 maxlen: 48
2a01:d0:305::/48 maxlen: 48
2a01:d0:308::/48 maxlen: 48
2a01:d0:31d::/48 maxlen: 48
2a01:d0:333::/48 maxlen: 48
2a01:d0:962::/48 maxlen: 48
2a01:d0:1657::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7f/b5d5bb-23c6-4b3d-94c8-42bbf1a6a65b/1/vWDt-WJmt8DUODbIVKtHLLdNsDQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/7f/b5d5bb-23c6-4b3d-94c8-42bbf1a6a65b/1/vWDt-WJmt8DUODbIVKtHLLdNsDQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/vWDt-WJmt8DUODbIVKtHLLdNsDQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 06 Aug 2025 21:01:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:55:84:85:f4:49:9b:13:0a:6b:e7:81:e4:4a:71:57:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bd60edf96266b7c0d43836c854ab472cb74db034
Validity
Not Before: Jul 29 09:30:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=747d44742bf8177cc506219927f5c0689a0ab81f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:cc:79:81:be:fe:a0:a4:c6:87:fc:23:94:78:
19:b3:1f:56:28:d9:1a:bb:c3:ef:bb:50:5a:f4:c3:
39:47:93:cc:99:be:4f:a4:c7:69:fd:b8:cc:88:db:
81:0d:6c:b6:aa:c4:ee:d6:b3:69:fc:29:35:d2:0a:
de:5d:75:95:f8:3f:ea:a3:85:65:52:ef:f2:75:df:
62:d3:7e:3a:bb:31:6a:50:0c:8d:12:92:6e:94:6a:
ef:06:fe:89:bb:7a:1c:20:81:34:db:5f:72:ac:ff:
fc:38:49:a1:cf:1b:67:fe:7f:27:8d:29:ca:74:9e:
90:f0:cb:fb:fc:72:1e:6b:e1:22:37:cb:a8:9c:ea:
4f:c5:0b:3c:c0:e6:46:e1:82:8e:8c:1b:5f:bb:7d:
7a:ef:1a:c2:a6:a2:4e:9c:7d:a1:1b:ab:20:c2:6f:
2e:e3:18:d0:8e:76:51:a6:0d:e9:04:c6:7b:7a:b0:
7f:cf:4a:3c:2b:b7:4d:4f:fd:cc:a9:0b:c4:c4:b1:
b8:ba:8c:a1:cf:d6:6f:84:94:ba:28:47:1f:db:25:
2a:85:5a:3b:c2:38:a8:a4:47:c5:bd:ac:74:05:30:
50:d9:12:01:d7:ec:6b:4b:7e:96:a1:2a:48:b9:72:
a4:98:4c:7d:b3:bd:9d:c4:a9:f1:07:0b:bb:2c:db:
c0:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:7D:44:74:2B:F8:17:7C:C5:06:21:99:27:F5:C0:68:9A:0A:B8:1F
X509v3 Authority Key Identifier:
keyid:BD:60:ED:F9:62:66:B7:C0:D4:38:36:C8:54:AB:47:2C:B7:4D:B0:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vWDt-WJmt8DUODbIVKtHLLdNsDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/b5d5bb-23c6-4b3d-94c8-42bbf1a6a65b/1/dH1EdCv4F3zFBiGZJ_XAaJoKuB8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/b5d5bb-23c6-4b3d-94c8-42bbf1a6a65b/1/vWDt-WJmt8DUODbIVKtHLLdNsDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.205.128.0/19
195.214.212.0/24
195.214.215.0/24
IPv6:
2a01:d0::/29
Signature Algorithm: sha256WithRSAEncryption
57:29:7a:52:e9:65:37:59:6a:cc:55:db:f5:8e:c2:a3:98:69:
61:f6:b7:21:8c:39:d2:0a:20:7e:4b:c6:ec:5e:32:f2:2e:67:
67:a5:6a:26:a1:51:62:cc:d7:a7:ce:66:9a:22:40:49:a2:ba:
fe:fa:c7:c6:cd:61:9c:93:79:3e:d8:6b:aa:89:ac:82:7f:83:
6d:05:43:1c:c0:cc:a3:ac:09:2b:7a:13:a7:07:9a:69:cf:71:
4e:ca:cb:ce:6d:ed:77:98:df:3e:5b:69:2c:0b:c0:6a:6e:a2:
03:c1:00:da:8f:46:78:29:b3:97:f1:65:56:f0:7d:21:91:91:
04:1a:ed:3a:35:52:16:e6:b5:24:4d:6c:ef:ab:a3:d9:aa:7f:
ba:fc:cd:f1:01:7d:1b:84:4b:e0:4c:2b:fa:0a:b7:c7:aa:2a:
1f:9e:ab:da:4f:e9:b4:d4:33:0f:11:7b:36:1d:87:2c:4e:89:
84:d9:d1:1d:4b:c3:e2:b5:ad:b0:7b:25:90:03:65:6f:74:e7:
e1:7f:92:26:07:d8:eb:57:b6:f9:02:81:a2:34:7c:85:44:dd:
c0:3e:ab:1d:7c:92:1b:11:dc:92:8f:a0:f5:c7:6b:07:16:6a:
16:bb:58:1b:41:67:a2:e8:fe:ea:65:fe:71:99:28:ac:7c:5a:
a3:c5:d9:20
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZhVhIX0SZsTCmvngeRKcVdXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkNjBlZGY5NjI2NmI3YzBkNDM4MzZjODU0YWI0NzJjYjc0
ZGIwMzQwHhcNMjUwNzI5MDkzMDA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDdkNDQ3NDJiZjgxNzdjYzUwNjIxOTkyN2Y1YzA2ODlhMGFiODFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArMx5gb7+oKTGh/wjlHgZsx9WKNka
u8Pvu1Ba9MM5R5PMmb5PpMdp/bjMiNuBDWy2qsTu1rNp/Ck10greXXWV+D/qo4Vl
Uu/ydd9i0346uzFqUAyNEpJulGrvBv6Ju3ocIIE0219yrP/8OEmhzxtn/n8njSnK
dJ6Q8Mv7/HIea+EiN8uonOpPxQs8wOZG4YKOjBtfu3167xrCpqJOnH2hG6sgwm8u
4xjQjnZRpg3pBMZ7erB/z0o8K7dNT/3MqQvExLG4uoyhz9ZvhJS6KEcf2yUqhVo7
wjiopEfFvax0BTBQ2RIB1+xrS36WoSpIuXKkmEx9s72dxKnxBwu7LNvAbQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFHR9RHQr+Bd8xQYhmSf1wGiaCrgfMB8GA1UdIwQY
MBaAFL1g7fliZrfA1Dg2yFSrRyy3TbA0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdldEdC1XSm10OERVT0RiSVZLdEhMTGROc0RRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi9iNWQ1YmItMjNjNi00YjNkLTk0Yzgt
NDJiYmYxYTZhNjViLzEvZEgxRWRDdjRGM3pGQmlHWkpfWEFhSm9LdUI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi9iNWQ1YmItMjNjNi00YjNkLTk0YzgtNDJiYmYxYTZhNjVi
LzEvdldEdC1XSm10OERVT0RiSVZLdEhMTGROc0RRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQFPs2AAwQA
w9bUAwQAw9bXMA0EAgACMAcDBQMqAQDQMA0GCSqGSIb3DQEBCwUAA4IBAQBXKXpS
6WU3WWrMVdv1jsKjmGlh9rchjDnSCiB+S8bsXjLyLmdnpWomoVFizNenzmaaIkBJ
orr++sfGzWGck3k+2GuqiayCf4NtBUMcwMyjrAkrehOnB5ppz3FOysvObe13mN8+
W2ksC8BqbqIDwQDaj0Z4KbOX8WVW8H0hkZEEGu06NVIW5rUkTWzvq6PZqn+6/M3x
AX0bhEvgTCv6CrfHqiofnqvaT+m01DMPEXs2HYcsTomE2dEdS8Pita2weyWQA2Vv
dOfhf5ImB9jrV7b5AoGiNHyFRN3APqsdfJIbEdySj6D1x2sHFmoWu1gbQWei6P7q
Zf5xmSisfFqjxdkg
-----END CERTIFICATE-----
Generated at Wed Aug 6 04:11:08 2025 by rpki-client