Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/bappW0a76vCPpE7es6c1mZAIjsM.roa
File: bappW0a76vCPpE7es6c1mZAIjsM.roa (raw, json)
Hash identifier: cqG7BmBZANbhw2q44YhM+SIY2oACb3Cf8jR7Of0U21w=
Subject key identifier: 6D:AA:69:5B:46:BB:EA:F0:8F:A4:4E:DE:B3:A7:35:99:90:08:8E:C3
Certificate issuer: /CN=21021b252222997bfe33b7e4b315ac8d5e067954
Certificate serial: 01992ED03B044ADA7A0A6F8A46822BF72136
Authority key identifier: 21:02:1B:25:22:22:99:7B:FE:33:B7:E4:B3:15:AC:8D:5E:06:79:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IQIbJSIimXv-M7fksxWsjV4GeVQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/bappW0a76vCPpE7es6c1mZAIjsM.roa
Signing time: Tue 09 Sep 2025 14:10:22 +0000
ROA not before: Tue 09 Sep 2025 14:10:22 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203061
IP address blocks: 72.63.4.0/23 maxlen: 23
72.63.16.0/23 maxlen: 23
72.63.36.0/23 maxlen: 23
72.63.52.0/23 maxlen: 23
72.63.76.0/23 maxlen: 23
72.63.84.0/23 maxlen: 23
72.63.96.0/23 maxlen: 23
72.63.108.0/23 maxlen: 23
72.63.128.0/23 maxlen: 23
72.63.212.0/23 maxlen: 23
72.63.244.0/23 maxlen: 23
72.63.252.0/23 maxlen: 23
185.145.216.0/22 maxlen: 22
193.84.183.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/IQIbJSIimXv-M7fksxWsjV4GeVQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/IQIbJSIimXv-M7fksxWsjV4GeVQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/IQIbJSIimXv-M7fksxWsjV4GeVQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 20:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:2e:d0:3b:04:4a:da:7a:0a:6f:8a:46:82:2b:f7:21:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21021b252222997bfe33b7e4b315ac8d5e067954
Validity
Not Before: Sep 9 14:10:22 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6daa695b46bbeaf08fa44edeb3a7359990088ec3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:51:7f:1c:44:b5:55:11:92:3a:2b:c5:b2:ea:
51:e2:c1:c3:59:ba:52:d7:2d:02:60:6d:78:eb:8b:
91:26:e1:7b:d2:20:1c:10:2a:54:a3:d9:f9:ee:16:
71:96:b0:cb:69:1b:88:c6:92:04:a4:e9:8f:f0:3c:
6e:c1:3c:19:51:b1:74:ed:1d:23:83:06:92:a0:36:
ac:5c:3a:3f:73:0b:1e:89:4e:90:ce:b8:83:09:45:
39:51:68:a5:58:e2:ff:45:cc:60:00:74:5b:1d:65:
1c:e2:bd:e9:94:dc:bb:e5:76:aa:b2:50:9a:7f:50:
3f:3a:23:9f:63:78:39:58:57:f3:3f:30:22:65:9c:
31:66:85:67:a4:48:dd:46:71:ab:35:60:31:3f:84:
5a:ab:4b:69:d8:c0:d0:9e:e6:79:d6:a1:99:84:2e:
d1:4a:bb:18:53:7d:4b:67:9e:bc:a9:5f:27:4f:35:
9c:db:7e:d8:b0:3d:c6:c1:51:5d:4b:32:0b:69:42:
4e:df:a5:40:67:5e:b1:b0:50:7b:e6:62:8b:21:f7:
23:7b:31:5f:81:ac:d1:ed:3a:02:fc:4b:21:46:f3:
08:96:4c:f8:de:cc:1c:3c:41:a2:c4:39:2b:07:5d:
93:3e:8c:ac:32:4e:f7:72:e1:ce:fb:2e:9a:cd:36:
c6:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:AA:69:5B:46:BB:EA:F0:8F:A4:4E:DE:B3:A7:35:99:90:08:8E:C3
X509v3 Authority Key Identifier:
keyid:21:02:1B:25:22:22:99:7B:FE:33:B7:E4:B3:15:AC:8D:5E:06:79:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IQIbJSIimXv-M7fksxWsjV4GeVQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/bappW0a76vCPpE7es6c1mZAIjsM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/59294c-0f24-40c5-b5c3-6eac62e60df7/1/IQIbJSIimXv-M7fksxWsjV4GeVQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
72.63.4.0/23
72.63.16.0/23
72.63.36.0/23
72.63.52.0/23
72.63.76.0/23
72.63.84.0/23
72.63.96.0/23
72.63.108.0/23
72.63.128.0/23
72.63.212.0/23
72.63.244.0/23
72.63.252.0/23
185.145.216.0/22
193.84.183.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:11:e3:b7:eb:8a:64:db:84:ab:6e:ad:de:2f:73:aa:21:e1:
7a:97:e1:48:4b:83:95:dd:60:ce:1a:f9:10:e5:d7:25:33:65:
39:01:04:ed:89:84:fa:d8:9e:ba:21:f8:cc:f1:b1:d3:19:1a:
a9:df:6b:35:83:7c:6d:20:08:a6:25:e0:1e:3e:26:bf:c1:80:
d0:4e:d0:af:5d:88:15:57:5b:cf:21:a9:95:87:32:50:46:1b:
21:64:d0:d2:9b:5f:79:01:6a:67:85:4a:63:4c:6b:e6:ba:7b:
27:61:08:15:a3:7e:c5:a5:1f:f7:55:73:3f:18:2a:f4:ab:39:
9a:00:c2:1c:39:01:03:e7:44:62:a2:10:7f:a5:65:55:bb:b3:
1e:fd:bf:d3:7d:6a:f0:34:bf:ef:ae:8f:45:23:36:87:30:99:
6a:af:ca:10:5e:17:52:f1:53:4f:b1:4b:9c:42:17:a1:58:df:
28:2e:a5:36:5f:1a:5a:d0:2d:c8:d7:29:a8:20:63:f7:db:c0:
33:81:01:06:81:f3:52:6f:91:c0:f6:e0:b0:61:4d:c4:26:4e:
27:a7:a9:d0:fb:6e:77:e0:02:40:f9:c2:10:e6:ad:4a:fd:f4:
fc:9d:99:e8:04:7b:c2:f9:cc:d9:a8:f7:e0:66:f4:0b:3f:9f:
65:38:24:80
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAZku0DsEStp6Cm+KRoIr9yE2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMDIxYjI1MjIyMjk5N2JmZTMzYjdlNGIzMTVhYzhkNWUw
Njc5NTQwHhcNMjUwOTA5MTQxMDIyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZGFhNjk1YjQ2YmJlYWYwOGZhNDRlZGViM2E3MzU5OTkwMDg4ZWMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk1F/HES1VRGSOivFsupR4sHDWbpS
1y0CYG1464uRJuF70iAcECpUo9n57hZxlrDLaRuIxpIEpOmP8DxuwTwZUbF07R0j
gwaSoDasXDo/cwseiU6QzriDCUU5UWilWOL/RcxgAHRbHWUc4r3plNy75XaqslCa
f1A/OiOfY3g5WFfzPzAiZZwxZoVnpEjdRnGrNWAxP4Raq0tp2MDQnuZ51qGZhC7R
SrsYU31LZ568qV8nTzWc237YsD3GwVFdSzILaUJO36VAZ16xsFB75mKLIfcjezFf
gazR7ToC/EshRvMIlkz43swcPEGixDkrB12TPoysMk73cuHO+y6azTbGJQIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFG2qaVtGu+rwj6RO3rOnNZmQCI7DMB8GA1UdIwQY
MBaAFCECGyUiIpl7/jO35LMVrI1eBnlUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVFJYkpTSWltWHYtTTdma3N4V3NqVjRHZVZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC81OTI5NGMtMGYyNC00MGM1LWI1YzMt
NmVhYzYyZTYwZGY3LzEvYmFwcFcwYTc2dkNQcEU3ZXM2YzFtWkFJanNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC81OTI5NGMtMGYyNC00MGM1LWI1YzMtNmVhYzYyZTYwZGY3
LzEvSVFJYkpTSWltWHYtTTdma3N4V3NqVjRHZVZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBaBAIAATBUAwQBSD8EAwQB
SD8QAwQBSD8kAwQBSD80AwQBSD9MAwQBSD9UAwQBSD9gAwQBSD9sAwQBSD+AAwQB
SD/UAwQBSD/0AwQBSD/8AwQCuZHYAwQAwVS3MA0GCSqGSIb3DQEBCwUAA4IBAQBc
EeO364pk24Srbq3eL3OqIeF6l+FIS4OV3WDOGvkQ5dclM2U5AQTtiYT62J66IfjM
8bHTGRqp32s1g3xtIAimJeAePia/wYDQTtCvXYgVV1vPIamVhzJQRhshZNDSm195
AWpnhUpjTGvmunsnYQgVo37FpR/3VXM/GCr0qzmaAMIcOQED50RiohB/pWVVu7Me
/b/TfWrwNL/vro9FIzaHMJlqr8oQXhdS8VNPsUucQhehWN8oLqU2Xxpa0C3I1ymo
IGP328AzgQEGgfNSb5HA9uCwYU3EJk4np6nQ+2534AJA+cIQ5q1K/fT8nZnoBHvC
+czZqPfgZvQLP59lOCSA
-----END CERTIFICATE-----
Generated at Mon Oct 20 03:43:28 2025 by rpki-client