Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/MOIMwcNcxT_iZoG_VAkf6Z_NOFc.roa
File: MOIMwcNcxT_iZoG_VAkf6Z_NOFc.roa (raw, json)
Hash identifier: dTx/n0Jnjz3M3yYXJQNtx4LFFnmqtS8DL6yPCW6hud0=
Subject key identifier: 30:E2:0C:C1:C3:5C:C5:3F:E2:66:81:BF:54:09:1F:E9:9F:CD:38:57
Certificate issuer: /CN=15f19074548d2a294e4385d95cd6752490ee46d7
Certificate serial: 0198A2347999CB374261BCDC2316F14F93E1
Authority key identifier: 15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/MOIMwcNcxT_iZoG_VAkf6Z_NOFc.roa
Signing time: Wed 13 Aug 2025 06:53:24 +0000
ROA not before: Wed 13 Aug 2025 06:53:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 62.72.162.0/23 maxlen: 23
62.72.164.0/22 maxlen: 22
62.72.164.0/23 maxlen: 23
62.72.180.0/24 maxlen: 24
62.72.187.0/24 maxlen: 24
81.21.2.0/23 maxlen: 23
81.21.4.0/22 maxlen: 24
176.57.53.0/24 maxlen: 24
176.57.63.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.mft
rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:a2:34:79:99:cb:37:42:61:bc:dc:23:16:f1:4f:93:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=15f19074548d2a294e4385d95cd6752490ee46d7
Validity
Not Before: Aug 13 06:53:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=30e20cc1c35cc53fe26681bf54091fe99fcd3857
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:54:b5:3e:2f:06:02:3a:d9:f0:cf:bf:04:84:
4f:82:08:86:d7:e0:f6:03:0a:a5:e6:e9:6a:08:1b:
4e:ad:af:80:59:75:1a:1d:70:14:4e:ec:d7:ba:3f:
5b:5b:5f:54:b5:27:dc:c7:a5:db:82:39:22:61:23:
52:ba:fb:26:f2:00:dc:a6:fb:87:79:78:1d:8a:17:
f8:ba:e6:de:ee:18:de:d2:ed:66:d1:98:36:79:ba:
94:4f:e5:6d:da:89:9e:b0:7e:92:e2:72:61:db:05:
0a:d8:f6:65:ce:94:90:63:b0:d7:85:70:47:d7:8a:
ea:90:ba:d8:f0:5b:e5:c1:04:36:4f:76:2c:d8:0a:
63:b5:8f:69:85:df:34:8c:ac:a0:8f:17:90:2f:52:
5f:6b:4d:12:4e:23:6c:af:ca:ff:e7:01:43:e6:fa:
07:44:34:80:9a:33:c7:ec:a4:f9:68:9b:91:3d:dd:
df:07:95:ab:dd:b7:b3:34:53:50:69:ec:d4:15:87:
0b:db:d1:c2:5c:e5:16:d3:0d:e8:62:14:00:e4:2f:
89:bd:a8:f8:9c:1e:58:5c:c5:4a:56:c4:6b:cc:d3:
de:24:77:93:c1:e6:bd:3f:57:ef:01:92:01:fe:a1:
c4:f8:1c:d7:ed:61:40:28:66:bc:48:77:32:eb:ce:
2d:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:E2:0C:C1:C3:5C:C5:3F:E2:66:81:BF:54:09:1F:E9:9F:CD:38:57
X509v3 Authority Key Identifier:
keyid:15:F1:90:74:54:8D:2A:29:4E:43:85:D9:5C:D6:75:24:90:EE:46:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/MOIMwcNcxT_iZoG_VAkf6Z_NOFc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/006241-808d-4a49-b0cd-56244f430dcc/1/FfGQdFSNKilOQ4XZXNZ1JJDuRtc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.72.162.0-62.72.167.255
62.72.180.0/24
62.72.187.0/24
81.21.2.0-81.21.7.255
176.57.53.0/24
176.57.63.0/24
Signature Algorithm: sha256WithRSAEncryption
58:3f:83:78:6d:33:51:eb:fc:5f:af:a3:d0:b4:bf:50:99:c0:
48:14:e1:35:77:46:d9:22:0b:47:f3:cf:26:0b:f6:5e:05:85:
85:d0:c3:d3:24:e8:70:31:ef:1e:73:6a:f1:14:30:ba:1a:ef:
79:98:87:a8:91:0a:c0:e9:6d:7b:88:84:86:f7:d1:e0:2f:a0:
14:59:5e:da:b3:bf:eb:d2:65:8f:57:7b:bf:ff:c1:70:0e:13:
1e:e3:4d:fc:65:3e:3c:15:36:62:c3:8b:ee:01:b0:d7:d6:0d:
5f:73:12:b2:94:0f:b6:41:0c:6b:b2:ff:d3:bd:82:68:ab:be:
93:fc:79:7d:93:71:37:5d:29:77:58:19:44:bd:42:0f:db:f6:
90:c6:aa:28:f3:9c:58:04:82:83:53:78:0a:b2:4e:47:e8:c8:
58:35:85:3c:f3:d5:67:90:01:11:da:81:73:04:23:f7:0b:32:
d9:36:08:2c:42:9a:16:ac:2f:72:45:de:8c:55:63:58:30:bb:
9b:91:53:e6:90:4b:cb:9b:82:8f:db:fa:7f:10:8a:a6:87:e0:
dd:43:f1:a8:05:cd:d6:ac:cd:28:1c:96:f0:c3:e9:7d:eb:ca:
0e:89:70:9d:28:05:de:ce:88:b8:77:27:e4:0e:70:b1:e0:e8:
a3:0b:f8:e8
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAZiiNHmZyzdCYbzcIxbxT5PhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1ZjE5MDc0NTQ4ZDJhMjk0ZTQzODVkOTVjZDY3NTI0OTBl
ZTQ2ZDcwHhcNMjUwODEzMDY1MzI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMGUyMGNjMWMzNWNjNTNmZTI2NjgxYmY1NDA5MWZlOTlmY2QzODU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvFS1Pi8GAjrZ8M+/BIRPggiG1+D2
Awql5ulqCBtOra+AWXUaHXAUTuzXuj9bW19UtSfcx6XbgjkiYSNSuvsm8gDcpvuH
eXgdihf4uube7hje0u1m0Zg2ebqUT+Vt2omesH6S4nJh2wUK2PZlzpSQY7DXhXBH
14rqkLrY8FvlwQQ2T3Ys2ApjtY9phd80jKygjxeQL1Jfa00STiNsr8r/5wFD5voH
RDSAmjPH7KT5aJuRPd3fB5Wr3bezNFNQaezUFYcL29HCXOUW0w3oYhQA5C+Jvaj4
nB5YXMVKVsRrzNPeJHeTwea9P1fvAZIB/qHE+BzX7WFAKGa8SHcy684txQIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFDDiDMHDXMU/4maBv1QJH+mfzThXMB8GA1UdIwQY
MBaAFBXxkHRUjSopTkOF2VzWdSSQ7kbXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2Qt
NTYyNDRmNDMwZGNjLzEvTU9JTXdjTmN4VF9pWm9HX1ZBa2Y2Wl9OT0ZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8wMDYyNDEtODA4ZC00YTQ5LWIwY2QtNTYyNDRmNDMwZGNj
LzEvRmZHUWRGU05LaWxPUTRYWlhOWjFKSkR1UnRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDA6BAIAATA0MAwDBAE+SKID
BAM+SKADBAA+SLQDBAA+SLswDAMEAVEVAgMEA1EVAAMEALA5NQMEALA5PzANBgkq
hkiG9w0BAQsFAAOCAQEAWD+DeG0zUev8X6+j0LS/UJnASBThNXdG2SILR/PPJgv2
XgWFhdDD0yTocDHvHnNq8RQwuhrveZiHqJEKwOlte4iEhvfR4C+gFFle2rO/69Jl
j1d7v//BcA4THuNN/GU+PBU2YsOL7gGw19YNX3MSspQPtkEMa7L/072CaKu+k/x5
fZNxN10pd1gZRL1CD9v2kMaqKPOcWASCg1N4CrJOR+jIWDWFPPPVZ5ABEdqBcwQj
9wsy2TYILEKaFqwvckXejFVjWDC7m5FT5pBLy5uCj9v6fxCKpofg3UPxqAXN1qzN
KByW8MPpfevKDolwnSgF3s6IuHcn5A5wseDoowv46A==
-----END CERTIFICATE-----
Generated at Sat Aug 23 08:30:31 2025 by rpki-client