Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/30cd0a-93cf-45dc-9356-14a09993d671/1/c72wk2piK98wT4mJw8_ZtS1RplA.roa
File: c72wk2piK98wT4mJw8_ZtS1RplA.roa (raw, json)
Hash identifier: sWf1C2L00m53zAy7UBc4ltRNb1KloYEQlgh8zb6I1Tg=
Subject key identifier: 73:BD:B0:93:6A:62:2B:DF:30:4F:89:89:C3:CF:D9:B5:2D:51:A6:50
Certificate issuer: /CN=510b419f0c17b4c8be217f64388d268d14dc261e
Certificate serial: 019D1A26481660756851F2AB1B513316E202
Authority key identifier: 51:0B:41:9F:0C:17:B4:C8:BE:21:7F:64:38:8D:26:8D:14:DC:26:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UQtBnwwXtMi-IX9kOI0mjRTcJh4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/30cd0a-93cf-45dc-9356-14a09993d671/1/c72wk2piK98wT4mJw8_ZtS1RplA.roa
Signing time: Mon 23 Mar 2026 10:03:29 +0000
ROA not before: Mon 23 Mar 2026 10:03:29 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 63911
IP address blocks: 62.171.232.0/21 maxlen: 24
62.171.240.0/21 maxlen: 24
63.254.128.0/20 maxlen: 24
85.136.88.0/21 maxlen: 24
85.136.96.0/21 maxlen: 24
85.136.128.0/21 maxlen: 24
85.136.160.0/21 maxlen: 24
85.137.112.0/20 maxlen: 24
135.132.176.0/20 maxlen: 24
153.55.160.0/20 maxlen: 24
198.13.144.0/22 maxlen: 24
209.92.144.0/21 maxlen: 24
217.177.80.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/68/30cd0a-93cf-45dc-9356-14a09993d671/1/UQtBnwwXtMi-IX9kOI0mjRTcJh4.crl
rsync://rpki.ripe.net/repository/DEFAULT/68/30cd0a-93cf-45dc-9356-14a09993d671/1/UQtBnwwXtMi-IX9kOI0mjRTcJh4.mft
rsync://rpki.ripe.net/repository/DEFAULT/UQtBnwwXtMi-IX9kOI0mjRTcJh4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:1a:26:48:16:60:75:68:51:f2:ab:1b:51:33:16:e2:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=510b419f0c17b4c8be217f64388d268d14dc261e
Validity
Not Before: Mar 23 10:03:29 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=73bdb0936a622bdf304f8989c3cfd9b52d51a650
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:e8:0c:63:97:df:cf:a3:e4:ca:6d:88:46:db:
10:fa:0e:5e:fd:5a:cb:ea:4e:b9:dd:dd:ee:28:6f:
f3:2a:39:28:04:57:91:61:d0:88:8d:f9:ca:d3:c6:
d5:68:8c:a3:1f:b8:4c:7c:df:14:35:2f:f6:87:1d:
9e:7a:cd:d7:07:6a:34:92:3f:00:b8:95:49:2f:5b:
83:d2:b5:c8:7a:fb:71:d1:14:56:65:4f:d1:5e:0c:
62:24:0a:27:d5:32:6b:6a:39:20:65:95:5f:31:24:
4e:81:a6:aa:93:43:a0:fb:3d:5f:57:80:ab:de:88:
72:fb:a8:57:12:7c:a1:ba:9f:ea:80:b3:2c:57:05:
3d:1a:1f:b1:17:76:fd:67:e8:18:75:50:46:57:b7:
67:75:8e:d3:4f:a5:78:e0:c6:5f:30:90:2e:0d:c9:
6c:df:83:55:73:02:89:50:82:c1:8a:8f:f7:3d:e4:
33:3d:80:0c:06:94:8c:f5:65:55:bf:1d:42:08:70:
4f:72:c0:70:42:5c:00:0c:d0:21:ca:a9:f2:67:e4:
31:76:c6:2e:37:80:96:0f:6b:96:69:b3:d2:58:b8:
61:cc:7b:d8:ce:e2:0f:72:70:d9:d5:e2:9d:30:fc:
09:55:6e:e5:78:34:12:ef:65:aa:eb:6d:0f:09:bf:
c1:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:BD:B0:93:6A:62:2B:DF:30:4F:89:89:C3:CF:D9:B5:2D:51:A6:50
X509v3 Authority Key Identifier:
keyid:51:0B:41:9F:0C:17:B4:C8:BE:21:7F:64:38:8D:26:8D:14:DC:26:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UQtBnwwXtMi-IX9kOI0mjRTcJh4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/30cd0a-93cf-45dc-9356-14a09993d671/1/c72wk2piK98wT4mJw8_ZtS1RplA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/30cd0a-93cf-45dc-9356-14a09993d671/1/UQtBnwwXtMi-IX9kOI0mjRTcJh4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.171.232.0-62.171.247.255
63.254.128.0/20
85.136.88.0-85.136.103.255
85.136.128.0/21
85.136.160.0/21
85.137.112.0/20
135.132.176.0/20
153.55.160.0/20
198.13.144.0/22
209.92.144.0/21
217.177.80.0/21
Signature Algorithm: sha256WithRSAEncryption
5d:54:b8:de:9a:f1:43:20:9e:47:26:75:73:00:f5:af:5a:f9:
86:59:33:9b:74:e1:c9:b7:bc:a2:04:96:b7:f8:75:fc:0e:92:
fd:61:74:f6:cd:c7:7f:4c:ff:e4:2e:c8:90:c2:79:9b:32:dc:
c8:94:b7:bd:8d:a7:4e:b9:95:88:4b:92:12:00:94:4f:2a:99:
88:d3:b7:6f:27:60:36:15:84:5d:78:4b:72:13:db:16:69:08:
f5:0d:95:1c:e3:37:53:1a:10:a9:15:a9:86:93:00:d8:7e:f8:
a4:3b:fc:51:61:22:91:b9:ac:36:87:48:e2:29:3f:ed:80:c1:
ba:82:d9:62:cf:44:bb:cb:01:1b:9b:01:b2:61:15:87:26:c3:
e6:8f:7f:9f:7a:47:f5:c7:24:3f:c0:d7:f4:1f:94:c0:b8:63:
79:94:a7:9d:a7:bd:b6:8b:a3:60:0b:b7:d2:de:25:b8:70:2a:
4b:0a:be:69:6d:0e:4f:97:23:3b:c1:67:2c:24:b4:c8:f6:8e:
86:de:23:21:bd:bd:55:0f:ac:31:47:f4:9f:7d:c7:a8:af:c0:
38:d3:87:51:b0:fb:f5:d1:23:6c:90:25:af:2d:63:d9:68:f5:
19:06:27:d6:ad:85:18:a0:da:07:14:c6:4e:7e:fa:1d:1d:bc:
11:5d:8f:19
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgISAZ0aJkgWYHVoUfKrG1EzFuICMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxMGI0MTlmMGMxN2I0YzhiZTIxN2Y2NDM4OGQyNjhkMTRk
YzI2MWUwHhcNMjYwMzIzMTAwMzI5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3M2JkYjA5MzZhNjIyYmRmMzA0Zjg5ODljM2NmZDliNTJkNTFhNjUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr+gMY5ffz6Pkym2IRtsQ+g5e/VrL
6k653d3uKG/zKjkoBFeRYdCIjfnK08bVaIyjH7hMfN8UNS/2hx2ees3XB2o0kj8A
uJVJL1uD0rXIevtx0RRWZU/RXgxiJAon1TJrajkgZZVfMSROgaaqk0Og+z1fV4Cr
3ohy+6hXEnyhup/qgLMsVwU9Gh+xF3b9Z+gYdVBGV7dndY7TT6V44MZfMJAuDcls
34NVcwKJUILBio/3PeQzPYAMBpSM9WVVvx1CCHBPcsBwQlwADNAhyqnyZ+QxdsYu
N4CWD2uWabPSWLhhzHvYzuIPcnDZ1eKdMPwJVW7leDQS72Wq620PCb/B6wIDAQAB
o4ICVTCCAlEwHQYDVR0OBBYEFHO9sJNqYivfME+JicPP2bUtUaZQMB8GA1UdIwQY
MBaAFFELQZ8MF7TIviF/ZDiNJo0U3CYeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVF0Qm53d1h0TWktSVg5a09JMG1qUlRjSmg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC8zMGNkMGEtOTNjZi00NWRjLTkzNTYt
MTRhMDk5OTNkNjcxLzEvYzcyd2sycGlLOTh3VDRtSnc4X1p0UzFScGxBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC8zMGNkMGEtOTNjZi00NWRjLTkzNTYtMTRhMDk5OTNkNjcx
LzEvVVF0Qm53d1h0TWktSVg5a09JMG1qUlRjSmg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGsGCCsGAQUFBwEHAQH/BFwwWjBYBAIAATBSMAwDBAM+q+gD
BAM+q/ADBAQ//oAwDAMEA1WIWAMEA1WIYAMEA1WIgAMEA1WIoAMEBFWJcAMEBIeE
sAMEBJk3oAMEAsYNkAMEA9FckAMEA9mxUDANBgkqhkiG9w0BAQsFAAOCAQEAXVS4
3prxQyCeRyZ1cwD1r1r5hlkzm3Thybe8ogSWt/h1/A6S/WF09s3Hf0z/5C7IkMJ5
mzLcyJS3vY2nTrmViEuSEgCUTyqZiNO3bydgNhWEXXhLchPbFmkI9Q2VHOM3UxoQ
qRWphpMA2H74pDv8UWEikbmsNodI4ik/7YDBuoLZYs9Eu8sBG5sBsmEVhybD5o9/
n3pH9cckP8DX9B+UwLhjeZSnnae9toujYAu30t4luHAqSwq+aW0OT5cjO8FnLCS0
yPaOht4jIb29VQ+sMUf0n33HqK/AONOHUbD79dEjbJAlry1j2Wj1GQYn1q2FGKDa
BxTGTn76HR28EV2PGQ==
-----END CERTIFICATE-----
Generated at Thu Mar 26 09:36:56 2026 by rpki-client