Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/b5d5bb-23c6-4b3d-94c8-42bbf1a6a65b/1/siIZExuS_GeAC_7yAg0fTn4ysPQ.roa
File: siIZExuS_GeAC_7yAg0fTn4ysPQ.roa (raw, json)
Hash identifier: YHIFiD7L5rHkCWAOSvuE1uPY3FwCVAc7u7VpZj5jlLg=
Subject key identifier: B2:22:19:13:1B:92:FC:67:80:0B:FE:F2:02:0D:1F:4E:7E:32:B0:F4
Certificate issuer: /CN=bd60edf96266b7c0d43836c854ab472cb74db034
Certificate serial: 01985078B7551F7A27FE5AB0F595CC87E870
Authority key identifier: BD:60:ED:F9:62:66:B7:C0:D4:38:36:C8:54:AB:47:2C:B7:4D:B0:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vWDt-WJmt8DUODbIVKtHLLdNsDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/b5d5bb-23c6-4b3d-94c8-42bbf1a6a65b/1/siIZExuS_GeAC_7yAg0fTn4ysPQ.roa
Signing time: Mon 28 Jul 2025 09:59:05 +0000
ROA not before: Mon 28 Jul 2025 09:59:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29632
IP address blocks: 62.205.128.0/19 maxlen: 19
62.205.128.0/20 maxlen: 20
62.205.132.0/24 maxlen: 24
62.205.134.0/24 maxlen: 24
62.205.144.0/20 maxlen: 20
62.205.159.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7f/b5d5bb-23c6-4b3d-94c8-42bbf1a6a65b/1/vWDt-WJmt8DUODbIVKtHLLdNsDQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/7f/b5d5bb-23c6-4b3d-94c8-42bbf1a6a65b/1/vWDt-WJmt8DUODbIVKtHLLdNsDQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/vWDt-WJmt8DUODbIVKtHLLdNsDQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 08 Aug 2025 16:13:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:50:78:b7:55:1f:7a:27:fe:5a:b0:f5:95:cc:87:e8:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bd60edf96266b7c0d43836c854ab472cb74db034
Validity
Not Before: Jul 28 09:59:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b22219131b92fc67800bfef2020d1f4e7e32b0f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:90:2a:ea:33:b7:e9:2d:fc:de:a6:44:40:d0:
d4:68:c9:22:51:05:76:46:82:01:0e:2f:b6:d0:02:
29:69:bc:72:bc:79:0d:48:24:c5:c2:8b:f9:45:9b:
4a:a7:07:86:ee:6c:63:b0:d6:a3:2e:b7:1a:24:11:
29:1c:d1:8e:50:ea:c9:fa:87:7e:ff:8f:a4:f1:17:
4b:b9:e7:12:2a:9c:c0:57:4a:82:03:ac:4f:f9:10:
85:ad:72:65:a4:5c:9c:01:5c:9b:07:56:94:9f:95:
1a:a2:ba:f1:38:6a:2c:98:5e:98:6e:c7:e5:91:39:
ae:7b:94:80:67:c8:dc:35:14:47:56:5f:22:09:bc:
7f:1b:f3:85:08:3a:7c:04:58:0a:44:7c:3b:7f:9f:
cf:69:14:22:37:d4:c9:d9:e6:ac:1d:10:fb:61:e1:
cf:59:09:44:47:ce:5a:ad:94:61:aa:ea:ad:ed:eb:
f9:4f:75:8a:a5:e0:58:e9:78:a6:2d:6a:5b:32:ce:
de:02:80:77:e6:f2:45:8c:70:a3:03:42:7c:b2:51:
c9:ef:53:d0:13:af:7f:e4:30:21:37:2f:a3:98:34:
85:2a:c1:9e:c3:cf:0d:7d:e9:a2:94:c5:bc:55:c3:
7b:35:82:c6:2c:e5:fd:e7:26:6d:8d:ad:76:44:c7:
37:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:22:19:13:1B:92:FC:67:80:0B:FE:F2:02:0D:1F:4E:7E:32:B0:F4
X509v3 Authority Key Identifier:
keyid:BD:60:ED:F9:62:66:B7:C0:D4:38:36:C8:54:AB:47:2C:B7:4D:B0:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vWDt-WJmt8DUODbIVKtHLLdNsDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/b5d5bb-23c6-4b3d-94c8-42bbf1a6a65b/1/siIZExuS_GeAC_7yAg0fTn4ysPQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/b5d5bb-23c6-4b3d-94c8-42bbf1a6a65b/1/vWDt-WJmt8DUODbIVKtHLLdNsDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.205.128.0/19
Signature Algorithm: sha256WithRSAEncryption
58:e8:82:5d:08:6c:63:a4:da:56:fd:71:b6:56:bf:3a:f9:f9:
4d:f7:44:6f:0e:60:6a:8b:f2:1b:7d:ec:c5:d9:ac:09:14:b3:
f0:cb:95:39:48:27:08:32:77:9d:69:de:fa:bf:ad:6b:9d:b0:
66:24:48:4b:ea:cf:d3:98:f4:77:1b:ba:80:74:9e:7e:c0:a9:
3f:9e:b6:8a:ae:4a:b0:9a:de:ad:0b:c3:26:58:d3:a4:62:2b:
7a:fb:b9:e3:d6:5e:c5:67:88:dc:e9:34:ce:a4:0a:a7:90:1c:
ce:a4:84:65:a8:55:97:52:96:46:18:58:d4:e5:78:e1:6c:5a:
30:6f:d3:b2:cd:0d:96:05:29:40:9e:da:6c:19:52:7c:2d:11:
0e:89:12:94:8e:c8:8e:b8:23:05:cb:57:ef:ee:8e:e5:48:0c:
6b:fb:ae:66:aa:68:41:5b:9c:5d:dc:a4:81:73:0b:d0:dd:d9:
df:ef:5a:28:22:b0:d6:35:52:ab:36:0f:08:1a:6e:5e:70:53:
0f:d4:4b:65:5e:99:c0:8a:38:2c:97:b1:ed:d8:64:c2:46:62:
3c:3c:dc:b3:d7:13:d3:27:34:91:3b:1c:6b:c0:c4:08:54:75:
10:51:cf:bf:eb:a1:10:90:4c:34:ca:f2:30:d4:2b:b3:5f:9b:
8a:4b:0e:61
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZhQeLdVH3on/lqw9ZXMh+hwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkNjBlZGY5NjI2NmI3YzBkNDM4MzZjODU0YWI0NzJjYjc0
ZGIwMzQwHhcNMjUwNzI4MDk1OTA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjIyMTkxMzFiOTJmYzY3ODAwYmZlZjIwMjBkMWY0ZTdlMzJiMGY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyJAq6jO36S383qZEQNDUaMkiUQV2
RoIBDi+20AIpabxyvHkNSCTFwov5RZtKpweG7mxjsNajLrcaJBEpHNGOUOrJ+od+
/4+k8RdLuecSKpzAV0qCA6xP+RCFrXJlpFycAVybB1aUn5UaorrxOGosmF6Ybsfl
kTmue5SAZ8jcNRRHVl8iCbx/G/OFCDp8BFgKRHw7f5/PaRQiN9TJ2easHRD7YeHP
WQlER85arZRhquqt7ev5T3WKpeBY6XimLWpbMs7eAoB35vJFjHCjA0J8slHJ71PQ
E69/5DAhNy+jmDSFKsGew88NfemilMW8VcN7NYLGLOX95yZtja12RMc3/QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLIiGRMbkvxngAv+8gINH05+MrD0MB8GA1UdIwQY
MBaAFL1g7fliZrfA1Dg2yFSrRyy3TbA0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdldEdC1XSm10OERVT0RiSVZLdEhMTGROc0RRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi9iNWQ1YmItMjNjNi00YjNkLTk0Yzgt
NDJiYmYxYTZhNjViLzEvc2lJWkV4dVNfR2VBQ183eUFnMGZUbjR5c1BRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi9iNWQ1YmItMjNjNi00YjNkLTk0YzgtNDJiYmYxYTZhNjVi
LzEvdldEdC1XSm10OERVT0RiSVZLdEhMTGROc0RRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFPs2AMA0G
CSqGSIb3DQEBCwUAA4IBAQBY6IJdCGxjpNpW/XG2Vr86+flN90RvDmBqi/IbfezF
2awJFLPwy5U5SCcIMnedad76v61rnbBmJEhL6s/TmPR3G7qAdJ5+wKk/nraKrkqw
mt6tC8MmWNOkYit6+7nj1l7FZ4jc6TTOpAqnkBzOpIRlqFWXUpZGGFjU5XjhbFow
b9OyzQ2WBSlAntpsGVJ8LREOiRKUjsiOuCMFy1fv7o7lSAxr+65mqmhBW5xd3KSB
cwvQ3dnf71ooIrDWNVKrNg8IGm5ecFMP1EtlXpnAijgsl7Ht2GTCRmI8PNyz1xPT
JzSROxxrwMQIVHUQUc+/66EQkEw0yvIw1CuzX5uKSw5h
-----END CERTIFICATE-----
Generated at Thu Aug 7 20:24:03 2025 by rpki-client