Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/c031e5-fc67-41f5-8ebe-3197110097c9/1/z6mBzW6H29uI5KxETsJqR2soNbo.roa
File: z6mBzW6H29uI5KxETsJqR2soNbo.roa (raw, json)
Hash identifier: UhKW2I+drpoL0LurJwnMOqRysLzBC/O6KKhMC7EQlLM=
Subject key identifier: CF:A9:81:CD:6E:87:DB:DB:88:E4:AC:44:4E:C2:6A:47:6B:28:35:BA
Certificate issuer: /CN=69a4d6916b93159aa80984a9b3774683bb550ebd
Certificate serial: 0198D23E7236DB88677C648AB9EAE90275AA
Authority key identifier: 69:A4:D6:91:6B:93:15:9A:A8:09:84:A9:B3:77:46:83:BB:55:0E:BD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aaTWkWuTFZqoCYSps3dGg7tVDr0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/c031e5-fc67-41f5-8ebe-3197110097c9/1/z6mBzW6H29uI5KxETsJqR2soNbo.roa
Signing time: Fri 22 Aug 2025 14:46:04 +0000
ROA not before: Fri 22 Aug 2025 14:46:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205952
IP address blocks: 62.113.95.0/24 maxlen: 24
62.213.72.0/21 maxlen: 21
62.213.94.0/23 maxlen: 23
62.213.102.0/23 maxlen: 23
62.213.112.0/23 maxlen: 23
62.213.116.0/24 maxlen: 24
212.24.37.0/24 maxlen: 24
212.24.39.0/24 maxlen: 24
212.24.40.0/24 maxlen: 24
212.24.43.0/24 maxlen: 24
212.24.50.0/24 maxlen: 24
212.24.57.0/24 maxlen: 24
212.158.168.0/24 maxlen: 24
212.158.170.0/23 maxlen: 23
212.158.174.0/23 maxlen: 23
217.23.129.0/24 maxlen: 24
217.23.139.0/24 maxlen: 24
217.23.152.0/21 maxlen: 21
2a01:9860::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/54/c031e5-fc67-41f5-8ebe-3197110097c9/1/aaTWkWuTFZqoCYSps3dGg7tVDr0.crl
rsync://rpki.ripe.net/repository/DEFAULT/54/c031e5-fc67-41f5-8ebe-3197110097c9/1/aaTWkWuTFZqoCYSps3dGg7tVDr0.mft
rsync://rpki.ripe.net/repository/DEFAULT/aaTWkWuTFZqoCYSps3dGg7tVDr0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d2:3e:72:36:db:88:67:7c:64:8a:b9:ea:e9:02:75:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=69a4d6916b93159aa80984a9b3774683bb550ebd
Validity
Not Before: Aug 22 14:46:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cfa981cd6e87dbdb88e4ac444ec26a476b2835ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:eb:38:ad:d9:66:29:59:2a:4d:16:62:b5:b7:
8a:d9:8a:ed:89:26:ca:38:63:f2:d5:ec:83:46:63:
51:2b:76:38:d4:32:61:4f:01:b9:5e:33:03:af:b9:
a0:de:b7:1c:de:02:a5:98:25:f4:f5:8e:f7:da:b2:
1c:f5:4f:85:7b:26:0e:c1:10:40:01:67:fb:5e:7b:
ab:43:83:39:3a:1f:dd:1c:44:4a:bb:38:19:b9:f5:
80:c8:89:32:51:dd:85:5a:5f:bd:b3:be:e4:10:81:
2b:c1:67:c6:46:37:ae:44:87:47:bc:dd:4a:f2:53:
4b:70:88:f7:3d:b9:eb:be:02:3b:74:23:5a:d7:26:
05:18:52:df:dc:47:f0:f7:0d:93:b6:6b:1c:30:3f:
d5:95:c0:27:a9:ee:eb:dc:e9:b7:f1:5e:ba:36:df:
1c:2f:f5:a0:51:80:fd:f1:00:c1:84:a4:29:07:39:
f2:46:89:4b:26:03:50:7e:06:2f:37:1d:66:6b:cf:
dd:ff:8c:df:f5:41:4e:31:6a:75:77:8e:16:d0:72:
5c:82:01:0c:a0:71:fb:1d:04:5b:e9:04:8f:ba:b7:
5f:aa:76:61:2a:a6:20:77:13:fe:6a:6c:da:24:26:
8e:22:0e:58:0a:d6:f7:c2:ff:c9:c5:65:62:ce:f4:
1c:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:A9:81:CD:6E:87:DB:DB:88:E4:AC:44:4E:C2:6A:47:6B:28:35:BA
X509v3 Authority Key Identifier:
keyid:69:A4:D6:91:6B:93:15:9A:A8:09:84:A9:B3:77:46:83:BB:55:0E:BD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aaTWkWuTFZqoCYSps3dGg7tVDr0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/c031e5-fc67-41f5-8ebe-3197110097c9/1/z6mBzW6H29uI5KxETsJqR2soNbo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/c031e5-fc67-41f5-8ebe-3197110097c9/1/aaTWkWuTFZqoCYSps3dGg7tVDr0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.113.95.0/24
62.213.72.0/21
62.213.94.0/23
62.213.102.0/23
62.213.112.0/23
62.213.116.0/24
212.24.37.0/24
212.24.39.0-212.24.40.255
212.24.43.0/24
212.24.50.0/24
212.24.57.0/24
212.158.168.0/24
212.158.170.0/23
212.158.174.0/23
217.23.129.0/24
217.23.139.0/24
217.23.152.0/21
IPv6:
2a01:9860::/32
Signature Algorithm: sha256WithRSAEncryption
10:d5:69:97:00:ea:66:bf:7a:24:7d:39:97:e6:9d:a0:f4:15:
6c:a2:74:50:0f:aa:bd:53:8f:0c:d0:c9:d9:9c:c9:10:4e:6c:
a2:a7:22:c5:81:b9:48:a4:bc:8e:d7:98:22:7d:3b:1e:53:1a:
04:9f:fc:36:6d:39:b5:cd:4f:d4:c6:a9:f5:ea:83:ef:f5:19:
94:82:5e:4c:cb:c3:bd:6a:fc:6d:54:47:8a:cc:2e:8d:b2:7a:
89:ca:e2:0a:73:27:b3:f7:47:df:ff:72:fe:af:69:cd:75:d9:
40:ae:b7:fb:74:d1:ae:9d:a8:b5:f5:85:06:26:00:bc:12:eb:
88:9a:4e:8e:c1:4b:1a:55:50:ac:a6:33:c2:9f:55:e3:19:cf:
b4:cf:f4:be:06:65:80:c9:31:1e:67:1d:6a:88:84:f9:c8:68:
a4:19:27:b4:e0:38:02:ad:b0:7f:41:7e:35:cf:cb:c1:9f:10:
ff:e4:6c:b6:5e:75:57:9a:e3:d4:f9:2f:aa:44:50:a3:30:8f:
ea:b1:b3:0f:c5:2f:8d:eb:df:54:72:2a:51:f5:af:c8:c7:c7:
40:69:5d:28:f0:fe:63:52:05:3e:2e:b2:64:4a:36:5a:0c:0c:
bb:ce:47:83:13:ec:13:da:d5:58:82:3d:e0:4a:3b:c0:4c:6d:
b8:f8:a3:b6
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgISAZjSPnI224hnfGSKuerpAnWqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5YTRkNjkxNmI5MzE1OWFhODA5ODRhOWIzNzc0NjgzYmI1
NTBlYmQwHhcNMjUwODIyMTQ0NjA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZmE5ODFjZDZlODdkYmRiODhlNGFjNDQ0ZWMyNmE0NzZiMjgzNWJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5+s4rdlmKVkqTRZitbeK2YrtiSbK
OGPy1eyDRmNRK3Y41DJhTwG5XjMDr7mg3rcc3gKlmCX09Y732rIc9U+FeyYOwRBA
AWf7XnurQ4M5Oh/dHERKuzgZufWAyIkyUd2FWl+9s77kEIErwWfGRjeuRIdHvN1K
8lNLcIj3PbnrvgI7dCNa1yYFGFLf3Efw9w2TtmscMD/VlcAnqe7r3Om38V66Nt8c
L/WgUYD98QDBhKQpBznyRolLJgNQfgYvNx1ma8/d/4zf9UFOMWp1d44W0HJcggEM
oHH7HQRb6QSPurdfqnZhKqYgdxP+amzaJCaOIg5YCtb3wv/JxWVizvQc3wIDAQAB
o4ICgzCCAn8wHQYDVR0OBBYEFM+pgc1uh9vbiOSsRE7CakdrKDW6MB8GA1UdIwQY
MBaAFGmk1pFrkxWaqAmEqbN3RoO7VQ69MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWFUV2tXdVRGWnFvQ1lTcHMzZEdnN3RWRHIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC9jMDMxZTUtZmM2Ny00MWY1LThlYmUt
MzE5NzExMDA5N2M5LzEvejZtQnpXNkgyOXVJNUt4RVRzSnFSMnNvTmJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC9jMDMxZTUtZmM2Ny00MWY1LThlYmUtMzE5NzExMDA5N2M5
LzEvYWFUV2tXdVRGWnFvQ1lTcHMzZEdnN3RWRHIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGYBggrBgEFBQcBBwEB/wSBiDCBhTB0BAIAATBuAwQAPnFf
AwQDPtVIAwQBPtVeAwQBPtVmAwQBPtVwAwQAPtV0AwQA1BglMAwDBADUGCcDBADU
GCgDBADUGCsDBADUGDIDBADUGDkDBADUnqgDBAHUnqoDBAHUnq4DBADZF4EDBADZ
F4sDBAPZF5gwDQQCAAIwBwMFACoBmGAwDQYJKoZIhvcNAQELBQADggEBABDVaZcA
6ma/eiR9OZfmnaD0FWyidFAPqr1TjwzQydmcyRBObKKnIsWBuUikvI7XmCJ9Ox5T
GgSf/DZtObXNT9TGqfXqg+/1GZSCXkzLw71q/G1UR4rMLo2yeonK4gpzJ7P3R9//
cv6vac112UCut/t00a6dqLX1hQYmALwS64iaTo7BSxpVUKymM8KfVeMZz7TP9L4G
ZYDJMR5nHWqIhPnIaKQZJ7TgOAKtsH9BfjXPy8GfEP/kbLZedVea49T5L6pEUKMw
j+qxsw/FL43r31RyKlH1r8jHx0BpXSjw/mNSBT4usmRKNloMDLvOR4MT7BPa1ViC
PeBKO8BMbbj4o7Y=
-----END CERTIFICATE-----
Generated at Sat Aug 23 21:03:44 2025 by rpki-client