Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/572ea6-1436-4f26-af57-5975913f52c5/1/pdyHb8mFNixwJ_XvAUyJS_Ow2g4.roa
File: pdyHb8mFNixwJ_XvAUyJS_Ow2g4.roa (raw, json)
Hash identifier: OBr/r8tvBWJlq/QSHh/DOJUhlx6WHps7Ga/Udvbou0U=
Subject key identifier: A5:DC:87:6F:C9:85:36:2C:70:27:F5:EF:01:4C:89:4B:F3:B0:DA:0E
Certificate issuer: /CN=f3b5646b360379924cb6d9c3d99669ce7f3b2ca2
Certificate serial: 019C951463A4FCA180B6101544EAC4287EBB
Authority key identifier: F3:B5:64:6B:36:03:79:92:4C:B6:D9:C3:D9:96:69:CE:7F:3B:2C:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/87VkazYDeZJMttnD2ZZpzn87LKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/572ea6-1436-4f26-af57-5975913f52c5/1/pdyHb8mFNixwJ_XvAUyJS_Ow2g4.roa
Signing time: Wed 25 Feb 2026 13:54:27 +0000
ROA not before: Wed 25 Feb 2026 13:54:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 28968
IP address blocks: 62.181.34.0/23 maxlen: 23
62.181.36.0/22 maxlen: 22
62.181.38.0/24 maxlen: 24
62.181.46.0/23 maxlen: 23
62.181.56.0/21 maxlen: 24
62.181.56.0/22 maxlen: 24
62.181.58.0/23 maxlen: 23
77.232.32.0/23 maxlen: 23
77.232.35.0/24 maxlen: 24
77.232.48.0/23 maxlen: 23
212.59.96.0/20 maxlen: 20
212.59.96.0/21 maxlen: 21
212.59.108.0/23 maxlen: 23
212.59.108.0/24 maxlen: 24
212.59.109.0/24 maxlen: 24
2a00:f460::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ac/572ea6-1436-4f26-af57-5975913f52c5/1/87VkazYDeZJMttnD2ZZpzn87LKI.crl
rsync://rpki.ripe.net/repository/DEFAULT/ac/572ea6-1436-4f26-af57-5975913f52c5/1/87VkazYDeZJMttnD2ZZpzn87LKI.mft
rsync://rpki.ripe.net/repository/DEFAULT/87VkazYDeZJMttnD2ZZpzn87LKI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 10:01:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:95:14:63:a4:fc:a1:80:b6:10:15:44:ea:c4:28:7e:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f3b5646b360379924cb6d9c3d99669ce7f3b2ca2
Validity
Not Before: Feb 25 13:54:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=a5dc876fc985362c7027f5ef014c894bf3b0da0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:e4:1a:7d:8e:e9:e9:f7:c0:d8:f3:ff:f0:3f:
52:e8:67:4e:6f:e4:f2:c9:f6:2e:87:99:24:28:9e:
47:67:2b:58:6e:6f:95:c1:76:b5:51:bb:5c:55:cd:
46:5a:2d:dc:2a:d2:a8:88:d4:22:71:bf:9a:72:2e:
77:b5:42:b0:a8:be:06:96:13:2b:b5:68:58:da:ef:
50:05:dd:8d:49:7d:ae:23:62:aa:34:8c:73:d1:85:
94:e3:29:58:2c:2d:98:80:82:62:dc:5b:9e:d7:83:
54:b1:4a:74:47:90:7d:c6:53:29:a0:65:1b:c0:83:
2a:54:55:11:09:d0:0a:d9:f8:dc:a6:b0:3f:56:73:
cd:c5:51:07:1b:c4:d1:e6:94:c6:1a:87:ab:3c:85:
5e:28:2c:fb:88:12:27:da:38:a0:20:87:b8:c3:27:
83:2d:0c:be:7e:77:0b:75:42:3d:00:95:8a:06:f9:
d5:31:c1:c9:9e:d8:c8:8e:d5:c5:2b:02:be:6c:6a:
07:51:d0:7c:ca:d9:bd:df:7d:a1:b4:f2:ca:78:48:
11:12:3b:6f:70:66:58:ae:ec:8e:ba:20:f1:42:21:
ba:de:3b:c9:30:41:9b:29:28:20:fa:d2:a7:9a:05:
a5:8a:5e:ce:c9:4e:27:d0:8d:44:d0:9c:49:0a:26:
6d:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:DC:87:6F:C9:85:36:2C:70:27:F5:EF:01:4C:89:4B:F3:B0:DA:0E
X509v3 Authority Key Identifier:
keyid:F3:B5:64:6B:36:03:79:92:4C:B6:D9:C3:D9:96:69:CE:7F:3B:2C:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/87VkazYDeZJMttnD2ZZpzn87LKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/572ea6-1436-4f26-af57-5975913f52c5/1/pdyHb8mFNixwJ_XvAUyJS_Ow2g4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/572ea6-1436-4f26-af57-5975913f52c5/1/87VkazYDeZJMttnD2ZZpzn87LKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.181.34.0-62.181.39.255
62.181.46.0/23
62.181.56.0/21
77.232.32.0/23
77.232.35.0/24
77.232.48.0/23
212.59.96.0/20
IPv6:
2a00:f460::/32
Signature Algorithm: sha256WithRSAEncryption
65:68:d5:92:c7:43:ad:c7:43:4b:74:88:b5:de:7d:7a:0a:65:
0d:14:83:9a:95:6d:3d:88:b1:33:0c:4c:bf:0b:97:99:2a:8a:
41:77:2a:b5:64:0c:de:1e:14:5c:94:71:e4:cf:e2:c2:34:9b:
69:47:e6:90:2a:75:f8:6b:96:6b:f3:be:ba:e9:8b:c0:86:c8:
8c:56:4c:45:7e:da:52:79:f6:6f:76:c1:08:a8:fc:6c:d3:83:
c7:b8:62:96:b8:87:c6:91:ff:2c:bd:5a:27:f9:0e:8f:89:76:
5f:c6:7c:93:e4:cb:3c:2c:30:eb:d1:2f:5d:a8:bd:19:85:bf:
b4:d2:ed:db:0f:fc:52:35:b6:a4:8d:c9:f8:34:97:f3:00:f4:
c9:e4:90:dc:77:6f:24:b4:13:b2:92:11:4b:55:32:43:ba:69:
60:73:c5:f1:14:28:5b:60:f6:c9:fa:e6:e4:b5:30:62:3c:65:
7f:62:bb:f3:8d:29:96:fe:d7:2d:9c:8f:bb:57:a9:02:43:48:
34:db:8f:8b:41:ea:42:30:56:79:0c:b4:b2:d9:66:c4:c0:f1:
2d:c9:5a:8f:d4:4b:3b:c1:21:ee:57:23:a6:6a:25:ee:b3:a9:
ba:b4:c6:f0:0f:b9:40:d0:35:0f:24:df:05:0f:98:57:72:08:
9e:45:c7:d7
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgISAZyVFGOk/KGAthAVROrEKH67MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzYjU2NDZiMzYwMzc5OTI0Y2I2ZDljM2Q5OTY2OWNlN2Yz
YjJjYTIwHhcNMjYwMjI1MTM1NDI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNWRjODc2ZmM5ODUzNjJjNzAyN2Y1ZWYwMTRjODk0YmYzYjBkYTBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3OQafY7p6ffA2PP/8D9S6GdOb+Ty
yfYuh5kkKJ5HZytYbm+VwXa1UbtcVc1GWi3cKtKoiNQicb+aci53tUKwqL4GlhMr
tWhY2u9QBd2NSX2uI2KqNIxz0YWU4ylYLC2YgIJi3Fue14NUsUp0R5B9xlMpoGUb
wIMqVFURCdAK2fjcprA/VnPNxVEHG8TR5pTGGoerPIVeKCz7iBIn2jigIIe4wyeD
LQy+fncLdUI9AJWKBvnVMcHJntjIjtXFKwK+bGoHUdB8ytm9332htPLKeEgREjtv
cGZYruyOuiDxQiG63jvJMEGbKSgg+tKnmgWlil7OyU4n0I1E0JxJCiZt/wIDAQAB
o4ICRDCCAkAwHQYDVR0OBBYEFKXch2/JhTYscCf17wFMiUvzsNoOMB8GA1UdIwQY
MBaAFPO1ZGs2A3mSTLbZw9mWac5/OyyiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvODdWa2F6WURlWkpNdHRuRDJaWnB6bjg3TEtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy81NzJlYTYtMTQzNi00ZjI2LWFmNTct
NTk3NTkxM2Y1MmM1LzEvcGR5SGI4bUZOaXh3Sl9YdkFVeUpTX093Mmc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy81NzJlYTYtMTQzNi00ZjI2LWFmNTctNTk3NTkxM2Y1MmM1
LzEvODdWa2F6WURlWkpNdHRuRDJaWnB6bjg3TEtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFoGCCsGAQUFBwEHAQH/BEswSTA4BAIAATAyMAwDBAE+tSID
BAM+tSADBAE+tS4DBAM+tTgDBAFN6CADBABN6CMDBAFN6DADBATUO2AwDQQCAAIw
BwMFACoA9GAwDQYJKoZIhvcNAQELBQADggEBAGVo1ZLHQ63HQ0t0iLXefXoKZQ0U
g5qVbT2IsTMMTL8Ll5kqikF3KrVkDN4eFFyUceTP4sI0m2lH5pAqdfhrlmvzvrrp
i8CGyIxWTEV+2lJ59m92wQio/GzTg8e4Ypa4h8aR/yy9Wif5Do+Jdl/GfJPkyzws
MOvRL12ovRmFv7TS7dsP/FI1tqSNyfg0l/MA9MnkkNx3byS0E7KSEUtVMkO6aWBz
xfEUKFtg9sn65uS1MGI8ZX9iu/ONKZb+1y2cj7tXqQJDSDTbj4tB6kIwVnkMtLLZ
ZsTA8S3JWo/USzvBIe5XI6ZqJe6zqbq0xvAPuUDQNQ8k3wUPmFdyCJ5Fx9c=
-----END CERTIFICATE-----
Generated at Mon Mar 2 19:22:46 2026 by rpki-client