Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/f516f6-d5a0-4086-94f2-abd4c5c9b374/1/pS_aC8FbZiw_mmNWrXEQK1MHFNw.roa
File: pS_aC8FbZiw_mmNWrXEQK1MHFNw.roa (raw, json)
Hash identifier: 0RzrxLXwiw0ILr05gey7vS2L1ChVUD2SMX+WoCfTDCU=
Subject key identifier: A5:2F:DA:0B:C1:5B:66:2C:3F:9A:63:56:AD:71:10:2B:53:07:14:DC
Certificate issuer: /CN=92ec1050d3a9320ab9f0ce2b365a097ee4134b24
Certificate serial: 019CB32E612511A743AE32D2209E5B9406F9
Authority key identifier: 92:EC:10:50:D3:A9:32:0A:B9:F0:CE:2B:36:5A:09:7E:E4:13:4B:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kuwQUNOpMgq58M4rNloJfuQTSyQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/f516f6-d5a0-4086-94f2-abd4c5c9b374/1/pS_aC8FbZiw_mmNWrXEQK1MHFNw.roa
Signing time: Tue 03 Mar 2026 10:11:26 +0000
ROA not before: Tue 03 Mar 2026 10:11:26 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 15541
IP address blocks: 62.121.128.0/24 maxlen: 24
62.121.129.0/24 maxlen: 24
62.121.130.0/24 maxlen: 24
62.121.131.0/24 maxlen: 24
62.121.132.0/24 maxlen: 24
62.121.133.0/24 maxlen: 24
62.121.135.0/24 maxlen: 24
62.121.136.0/24 maxlen: 24
62.121.138.0/24 maxlen: 24
62.121.141.0/24 maxlen: 24
62.121.142.0/24 maxlen: 24
62.121.143.0/24 maxlen: 24
62.121.144.0/24 maxlen: 24
62.121.145.0/24 maxlen: 24
62.121.146.0/24 maxlen: 24
62.121.148.0/24 maxlen: 24
62.121.150.0/24 maxlen: 24
62.121.152.0/24 maxlen: 24
62.121.159.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/30/f516f6-d5a0-4086-94f2-abd4c5c9b374/1/kuwQUNOpMgq58M4rNloJfuQTSyQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/30/f516f6-d5a0-4086-94f2-abd4c5c9b374/1/kuwQUNOpMgq58M4rNloJfuQTSyQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/kuwQUNOpMgq58M4rNloJfuQTSyQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 22:01:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:b3:2e:61:25:11:a7:43:ae:32:d2:20:9e:5b:94:06:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92ec1050d3a9320ab9f0ce2b365a097ee4134b24
Validity
Not Before: Mar 3 10:11:26 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=a52fda0bc15b662c3f9a6356ad71102b530714dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:fb:98:6b:cb:f1:37:a4:c1:ed:a7:bb:84:ed:
03:94:56:b7:00:ed:12:ae:09:9f:26:10:40:95:82:
8e:52:20:2d:1d:61:42:8d:39:7e:18:c2:25:3e:0e:
45:02:5d:20:15:7e:4a:a8:df:03:82:e2:d0:65:f5:
93:bd:2a:6e:e8:ce:e8:a3:4b:2d:3f:a1:08:90:c9:
6d:e0:65:32:6e:ef:01:c2:c8:81:e2:eb:c7:39:b6:
a5:13:2e:4f:ba:a1:05:94:68:c7:07:0c:2a:e7:23:
c7:40:d8:c0:3e:5a:10:d9:a2:14:97:1f:49:bc:17:
0a:dd:85:12:f6:db:50:85:a6:fd:6b:1a:70:ea:cc:
c4:a1:7f:d7:cb:98:37:38:f0:1c:12:58:d9:f0:e5:
72:a6:c5:56:70:57:75:39:14:9f:7b:d5:ef:d2:38:
22:be:d2:f0:62:a3:da:b3:88:78:ca:8e:2a:9b:08:
db:97:31:c0:f3:1d:29:ea:c3:a0:6d:74:5a:94:30:
12:48:a4:67:e2:90:5f:fb:90:f3:3c:0f:d8:c2:13:
ca:3b:b3:73:0f:6a:38:f6:ca:df:10:c4:1f:7b:3d:
5c:cf:3a:b4:65:8e:f1:54:67:57:e4:45:f8:5c:56:
db:10:fb:de:34:ba:b3:b1:0a:c4:4c:a0:66:84:46:
13:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:2F:DA:0B:C1:5B:66:2C:3F:9A:63:56:AD:71:10:2B:53:07:14:DC
X509v3 Authority Key Identifier:
keyid:92:EC:10:50:D3:A9:32:0A:B9:F0:CE:2B:36:5A:09:7E:E4:13:4B:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kuwQUNOpMgq58M4rNloJfuQTSyQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/f516f6-d5a0-4086-94f2-abd4c5c9b374/1/pS_aC8FbZiw_mmNWrXEQK1MHFNw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/f516f6-d5a0-4086-94f2-abd4c5c9b374/1/kuwQUNOpMgq58M4rNloJfuQTSyQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.121.128.0-62.121.133.255
62.121.135.0-62.121.136.255
62.121.138.0/24
62.121.141.0-62.121.146.255
62.121.148.0/24
62.121.150.0/24
62.121.152.0/24
62.121.159.0/24
Signature Algorithm: sha256WithRSAEncryption
84:4a:24:56:d2:2e:8b:8d:b9:7e:d8:46:70:96:71:42:24:e2:
47:90:4a:29:91:b3:a0:4e:97:c6:6e:a5:e9:2d:f5:93:94:f0:
6f:44:54:e9:fa:40:d7:a8:77:b5:f6:f9:29:9f:d4:3b:69:86:
6b:15:49:67:6b:62:d1:66:08:3d:4c:2b:bf:72:59:60:87:39:
e9:61:c4:19:d5:21:50:1c:f7:f5:31:3d:ab:7d:48:2f:43:99:
23:dd:f2:37:e5:70:00:4f:5f:5c:01:f0:a1:17:e3:71:0a:74:
ec:fc:99:b2:34:d3:8b:4e:b8:7b:39:c4:a0:1b:7b:f6:af:47:
b2:9e:78:f8:56:21:d4:fd:fe:7e:46:da:b6:b8:a6:ff:1c:9b:
f1:ed:6b:39:36:20:03:07:5a:7a:ce:da:0f:23:b1:25:4b:6f:
90:58:09:60:bb:34:43:c0:03:12:e2:e0:93:d9:25:80:f4:d2:
66:85:b1:71:07:23:ac:b2:98:74:f2:da:7f:f4:ce:22:b8:93:
5e:38:31:51:82:0b:1d:23:47:fc:cd:68:9b:94:af:81:fb:90:
71:99:c9:a6:ad:60:9f:76:16:a6:fc:8d:f8:d7:1c:cc:5b:c6:
2f:54:fb:8b:5c:f2:7a:b3:e4:83:37:02:6a:83:29:57:86:73:
82:a0:65:d9
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAZyzLmElEadDrjLSIJ5blAb5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZWMxMDUwZDNhOTMyMGFiOWYwY2UyYjM2NWEwOTdlZTQx
MzRiMjQwHhcNMjYwMzAzMTAxMTI2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTJmZGEwYmMxNWI2NjJjM2Y5YTYzNTZhZDcxMTAyYjUzMDcxNGRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv/uYa8vxN6TB7ae7hO0DlFa3AO0S
rgmfJhBAlYKOUiAtHWFCjTl+GMIlPg5FAl0gFX5KqN8DguLQZfWTvSpu6M7oo0st
P6EIkMlt4GUybu8BwsiB4uvHObalEy5PuqEFlGjHBwwq5yPHQNjAPloQ2aIUlx9J
vBcK3YUS9ttQhab9axpw6szEoX/Xy5g3OPAcEljZ8OVypsVWcFd1ORSfe9Xv0jgi
vtLwYqPas4h4yo4qmwjblzHA8x0p6sOgbXRalDASSKRn4pBf+5DzPA/YwhPKO7Nz
D2o49srfEMQfez1czzq0ZY7xVGdX5EX4XFbbEPveNLqzsQrETKBmhEYTJwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFKUv2gvBW2YsP5pjVq1xECtTBxTcMB8GA1UdIwQY
MBaAFJLsEFDTqTIKufDOKzZaCX7kE0skMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3V3UVVOT3BNZ3E1OE00ck5sb0pmdVFUU3lRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9mNTE2ZjYtZDVhMC00MDg2LTk0ZjIt
YWJkNGM1YzliMzc0LzEvcFNfYUM4RmJaaXdfbW1OV3JYRVFLMU1IRk53LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9mNTE2ZjYtZDVhMC00MDg2LTk0ZjItYWJkNGM1YzliMzc0
LzEva3V3UVVOT3BNZ3E1OE00ck5sb0pmdVFUU3lRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIMAwDBAc+eYAD
BAE+eYQwDAMEAD55hwMEAD55iAMEAD55ijAMAwQAPnmNAwQAPnmSAwQAPnmUAwQA
PnmWAwQAPnmYAwQAPnmfMA0GCSqGSIb3DQEBCwUAA4IBAQCESiRW0i6Ljbl+2EZw
lnFCJOJHkEopkbOgTpfGbqXpLfWTlPBvRFTp+kDXqHe19vkpn9Q7aYZrFUlna2LR
Zgg9TCu/cllghznpYcQZ1SFQHPf1MT2rfUgvQ5kj3fI35XAAT19cAfChF+NxCnTs
/JmyNNOLTrh7OcSgG3v2r0eynnj4ViHU/f5+Rtq2uKb/HJvx7Ws5NiADB1p6ztoP
I7ElS2+QWAlguzRDwAMS4uCT2SWA9NJmhbFxByOssph08tp/9M4iuJNeODFRggsd
I0f8zWiblK+B+5BxmcmmrWCfdham/I341xzMW8YvVPuLXPJ6s+SDNwJqgylXhnOC
oGXZ
-----END CERTIFICATE-----
Generated at Thu Mar 26 10:05:38 2026 by rpki-client