Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/HLAFzpF1dtaNSAOxEl-uHrb_wcg.roa
File: HLAFzpF1dtaNSAOxEl-uHrb_wcg.roa (raw, json)
Hash identifier: PtoSILiXlrGyGsA1CVrSehyontCCBay4De7QPXIkVlI=
Subject key identifier: 1C:B0:05:CE:91:75:76:D6:8D:48:03:B1:12:5F:AE:1E:B6:FF:C1:C8
Certificate issuer: /CN=21021b252222997bfe33b7e4b315ac8d5e067954
Certificate serial: 01989E744E37DEFB4DFB980EC9EDE5098278
Authority key identifier: 21:02:1B:25:22:22:99:7B:FE:33:B7:E4:B3:15:AC:8D:5E:06:79:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IQIbJSIimXv-M7fksxWsjV4GeVQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/HLAFzpF1dtaNSAOxEl-uHrb_wcg.roa
Signing time: Tue 12 Aug 2025 13:24:39 +0000
ROA not before: Tue 12 Aug 2025 13:24:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6079
IP address blocks: 72.63.0.0/22 maxlen: 22
72.63.28.0/22 maxlen: 22
72.63.60.0/22 maxlen: 22
72.63.92.0/22 maxlen: 22
72.63.124.0/22 maxlen: 22
72.63.156.0/22 maxlen: 22
72.63.188.0/22 maxlen: 22
72.63.220.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/IQIbJSIimXv-M7fksxWsjV4GeVQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/IQIbJSIimXv-M7fksxWsjV4GeVQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/IQIbJSIimXv-M7fksxWsjV4GeVQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 10:00:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:9e:74:4e:37:de:fb:4d:fb:98:0e:c9:ed:e5:09:82:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21021b252222997bfe33b7e4b315ac8d5e067954
Validity
Not Before: Aug 12 13:24:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1cb005ce917576d68d4803b1125fae1eb6ffc1c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:bd:db:bc:72:2f:1a:68:60:4f:01:9d:38:84:
77:8c:e8:53:d2:35:58:a6:ac:bb:19:81:e4:ca:09:
bd:d2:be:32:a3:8b:5b:85:62:4d:aa:4f:70:cf:74:
bc:1a:9d:b0:bc:9b:4c:97:4b:9a:75:a1:40:d0:ee:
88:2e:08:ff:08:48:27:7c:27:44:fb:ca:0e:a8:0e:
6c:32:25:4d:84:f7:8f:82:ad:c9:b1:c3:5a:22:cb:
8e:04:f0:38:6f:73:3a:de:5c:91:eb:d5:f1:d1:5a:
a8:8e:66:9b:17:2b:45:eb:e5:e5:da:22:ec:11:21:
fa:d0:ab:b5:ee:95:03:3c:d1:5d:ce:80:22:f5:43:
af:93:b5:16:18:16:43:55:fe:74:09:74:5c:23:cb:
61:dd:a3:1c:95:62:8f:eb:f9:a8:75:b2:6c:d5:35:
f7:34:e4:7e:89:70:28:ec:4b:f3:7f:79:73:6b:83:
05:af:32:e6:f3:f1:45:03:3f:80:75:b3:75:f3:64:
23:bc:dc:e0:ed:fa:08:bc:2b:cf:60:6a:5d:d6:0c:
cc:98:22:61:8a:47:90:a8:d9:13:b8:9e:c1:d8:1f:
1d:33:d7:34:9c:a4:43:2b:48:ca:59:e9:6b:48:ef:
27:32:2e:46:0c:79:92:e6:77:fc:db:fa:13:03:93:
e4:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:B0:05:CE:91:75:76:D6:8D:48:03:B1:12:5F:AE:1E:B6:FF:C1:C8
X509v3 Authority Key Identifier:
keyid:21:02:1B:25:22:22:99:7B:FE:33:B7:E4:B3:15:AC:8D:5E:06:79:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IQIbJSIimXv-M7fksxWsjV4GeVQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/HLAFzpF1dtaNSAOxEl-uHrb_wcg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/IQIbJSIimXv-M7fksxWsjV4GeVQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
72.63.0.0/22
72.63.28.0/22
72.63.60.0/22
72.63.92.0/22
72.63.124.0/22
72.63.156.0/22
72.63.188.0/22
72.63.220.0/22
Signature Algorithm: sha256WithRSAEncryption
60:b1:ae:f3:ea:bc:4e:67:d8:ce:dd:f3:86:3f:b5:6a:01:e0:
51:99:e2:58:cb:e5:4c:70:a0:b3:f5:fb:d0:f4:46:b5:11:f1:
a4:67:76:a8:e9:55:92:52:9d:b4:32:42:4c:6a:8a:d9:e3:cd:
f4:8a:5b:6a:4f:a4:8d:eb:d3:ce:92:43:18:ee:be:4f:f2:f9:
35:d0:91:17:d7:e9:9e:d0:4b:22:d9:13:f1:2e:28:d9:4a:ef:
68:96:fd:65:40:c1:23:b3:59:da:d1:cd:90:68:c2:2e:90:80:
51:8b:02:2f:6a:44:ef:b0:9e:1e:16:ab:23:83:cc:22:75:b1:
c6:d6:ef:96:bd:78:f4:25:0d:52:78:d9:3e:4c:48:07:a1:fa:
32:08:46:8e:15:a8:b1:4f:c2:29:1d:48:2b:2b:3f:49:01:14:
fe:b8:93:6c:08:7a:1c:4d:ef:6a:10:34:8b:d1:55:b4:f2:a0:
e4:45:96:01:5e:d5:6d:cd:b8:17:4b:dc:3e:34:f8:5c:d7:99:
c1:b0:ca:ae:10:fd:10:da:ae:20:b5:da:ef:fd:ce:60:f9:99:
e4:93:6c:5f:68:e2:57:d2:57:23:8a:3d:f5:73:a0:c4:2e:b6:
0a:10:f5:f0:67:72:a8:37:a6:e8:ee:f0:3b:e7:e8:28:8f:81:
a9:06:44:70
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZiedE433vtN+5gOye3lCYJ4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMDIxYjI1MjIyMjk5N2JmZTMzYjdlNGIzMTVhYzhkNWUw
Njc5NTQwHhcNMjUwODEyMTMyNDM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxY2IwMDVjZTkxNzU3NmQ2OGQ0ODAzYjExMjVmYWUxZWI2ZmZjMWM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5b3bvHIvGmhgTwGdOIR3jOhT0jVY
pqy7GYHkygm90r4yo4tbhWJNqk9wz3S8Gp2wvJtMl0uadaFA0O6ILgj/CEgnfCdE
+8oOqA5sMiVNhPePgq3JscNaIsuOBPA4b3M63lyR69Xx0VqojmabFytF6+Xl2iLs
ESH60Ku17pUDPNFdzoAi9UOvk7UWGBZDVf50CXRcI8th3aMclWKP6/modbJs1TX3
NOR+iXAo7Evzf3lza4MFrzLm8/FFAz+AdbN182QjvNzg7foIvCvPYGpd1gzMmCJh
ikeQqNkTuJ7B2B8dM9c0nKRDK0jKWelrSO8nMi5GDHmS5nf82/oTA5Pk+QIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFBywBc6RdXbWjUgDsRJfrh62/8HIMB8GA1UdIwQY
MBaAFCECGyUiIpl7/jO35LMVrI1eBnlUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVFJYkpTSWltWHYtTTdma3N4V3NqVjRHZVZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC81OTI5NGMtMGYyNC00MGM1LWI1YzMt
NmVhYzYyZTYwZGY3LzEvSExBRnpwRjFkdGFOU0FPeEVsLXVIcmJfd2NnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC81OTI5NGMtMGYyNC00MGM1LWI1YzMtNmVhYzYyZTYwZGY3
LzEvSVFJYkpTSWltWHYtTTdma3N4V3NqVjRHZVZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQCSD8AAwQC
SD8cAwQCSD88AwQCSD9cAwQCSD98AwQCSD+cAwQCSD+8AwQCSD/cMA0GCSqGSIb3
DQEBCwUAA4IBAQBgsa7z6rxOZ9jO3fOGP7VqAeBRmeJYy+VMcKCz9fvQ9Ea1EfGk
Z3ao6VWSUp20MkJMaorZ4830iltqT6SN69POkkMY7r5P8vk10JEX1+me0Esi2RPx
LijZSu9olv1lQMEjs1na0c2QaMIukIBRiwIvakTvsJ4eFqsjg8widbHG1u+WvXj0
JQ1SeNk+TEgHofoyCEaOFaixT8IpHUgrKz9JART+uJNsCHocTe9qEDSL0VW08qDk
RZYBXtVtzbgXS9w+NPhc15nBsMquEP0Q2q4gtdrv/c5g+Znkk2xfaOJX0lcjij31
c6DELrYKEPXwZ3KoN6bo7vA75+goj4GpBkRw
-----END CERTIFICATE-----
Generated at Sat Aug 23 16:51:57 2025 by rpki-client