Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/62BDcwhbU_0uQc_enrWP-Z6m7QQ.roa
File: 62BDcwhbU_0uQc_enrWP-Z6m7QQ.roa (raw, json)
Hash identifier: OfrM2iB4mEqa+0lRBnK1oschgUGN5IX1UkkXWIZ/u/I=
Subject key identifier: EB:60:43:73:08:5B:53:FD:2E:41:CF:DE:9E:B5:8F:F9:9E:A6:ED:04
Certificate issuer: /CN=9aee15c33de358938d6900a1b3c14480a389e85b
Certificate serial: 01999715F604CA1B8126CD3B8C474D1E8E50
Authority key identifier: 9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/62BDcwhbU_0uQc_enrWP-Z6m7QQ.roa
Signing time: Mon 29 Sep 2025 20:07:02 +0000
ROA not before: Mon 29 Sep 2025 20:07:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14576
IP address blocks: 5.183.252.0/24 maxlen: 24
45.10.167.0/24 maxlen: 24
77.220.192.0/24 maxlen: 24
77.220.195.0/24 maxlen: 24
141.98.84.0/24 maxlen: 24
185.77.220.0/22 maxlen: 24
194.104.8.0/24 maxlen: 24
213.108.0.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.crl
rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.mft
rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:97:15:f6:04:ca:1b:81:26:cd:3b:8c:47:4d:1e:8e:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9aee15c33de358938d6900a1b3c14480a389e85b
Validity
Not Before: Sep 29 20:07:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=eb604373085b53fd2e41cfde9eb58ff99ea6ed04
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:92:d8:fc:00:c7:7d:16:69:2e:63:06:9c:d4:
da:43:44:04:96:6c:d7:31:63:1a:00:27:78:6c:ad:
9c:ec:f8:f5:c6:3c:a8:65:8d:dc:41:89:1b:17:5f:
ef:d8:1a:52:41:02:6f:c8:ee:e4:47:35:e8:f9:14:
45:18:00:fc:fe:1d:a2:ff:2e:05:35:11:88:0f:bd:
53:46:42:df:c2:79:1b:6a:45:d6:8e:c6:a8:00:0d:
0a:fc:df:e2:56:ae:e6:d0:66:16:d0:dd:5c:c0:84:
b4:39:9e:80:6a:0c:34:d6:43:e3:76:eb:bf:49:66:
94:50:51:c3:7c:ef:dd:69:67:95:66:32:62:b5:fc:
1e:f2:5f:30:ac:ed:c9:af:92:c7:b8:28:d2:93:59:
72:11:d3:31:f3:3a:a8:45:da:85:c2:9d:2d:3a:7c:
93:24:cc:b0:a8:f4:15:f9:19:0f:b3:f2:74:39:e4:
8f:9e:b8:fa:67:27:b7:19:ed:da:6b:c7:64:e6:4c:
a5:a1:c5:a7:40:a7:fc:4d:ae:f3:41:79:96:5b:35:
08:eb:b9:43:3f:3e:30:e5:2c:17:50:9c:61:bb:9c:
75:9d:e4:42:6b:f0:ba:2c:55:f2:91:6c:e2:60:f4:
36:dc:c1:d2:08:45:1c:85:0b:48:5d:9c:ae:82:54:
09:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:60:43:73:08:5B:53:FD:2E:41:CF:DE:9E:B5:8F:F9:9E:A6:ED:04
X509v3 Authority Key Identifier:
keyid:9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/62BDcwhbU_0uQc_enrWP-Z6m7QQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.183.252.0/24
45.10.167.0/24
77.220.192.0/24
77.220.195.0/24
141.98.84.0/24
185.77.220.0/22
194.104.8.0/24
213.108.0.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:42:77:90:9a:f6:c5:8a:53:32:ed:00:88:f1:20:9d:3f:c3:
52:40:ee:66:5c:ef:b1:bd:94:9c:01:9b:de:48:db:fb:d2:ec:
4e:fb:06:a4:26:75:6a:89:ea:95:68:2f:87:c5:cf:d7:37:3b:
06:18:b7:3b:70:4e:19:3f:dd:08:d7:1a:23:e2:58:eb:39:bb:
5c:a7:63:bf:4c:27:0d:8e:2c:20:13:c8:3b:54:5f:79:8e:fd:
93:c2:b7:74:14:5c:fd:32:72:6e:f3:25:73:d4:e4:40:98:34:
4f:ec:64:e1:75:58:d5:76:55:bc:50:d8:e9:d4:33:1b:37:92:
98:2f:a3:7b:7c:d2:13:a8:e4:75:52:2b:d5:1c:b0:f1:61:ce:
43:c9:67:6b:da:36:a4:03:2f:d5:eb:05:c3:16:19:dc:a8:72:
3c:3d:c5:d0:9e:94:c4:7a:f3:c0:a9:09:5d:db:83:86:fc:e3:
e1:7c:3b:b3:30:ab:f1:ca:cb:0a:a6:c0:a8:ce:be:bb:38:22:
fd:dd:ec:82:b4:e7:19:a6:2a:65:80:01:d4:de:a6:af:90:15:
1c:fa:d8:0e:a9:ec:9f:40:ba:83:29:92:01:3e:93:a3:0d:c8:
34:dc:27:22:89:23:ac:e8:c7:d7:10:8a:37:25:7f:37:a1:dc:
18:5b:7f:0c
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZmXFfYEyhuBJs07jEdNHo5QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhZWUxNWMzM2RlMzU4OTM4ZDY5MDBhMWIzYzE0NDgwYTM4
OWU4NWIwHhcNMjUwOTI5MjAwNzAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjYwNDM3MzA4NWI1M2ZkMmU0MWNmZGU5ZWI1OGZmOTllYTZlZDA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr5LY/ADHfRZpLmMGnNTaQ0QElmzX
MWMaACd4bK2c7Pj1xjyoZY3cQYkbF1/v2BpSQQJvyO7kRzXo+RRFGAD8/h2i/y4F
NRGID71TRkLfwnkbakXWjsaoAA0K/N/iVq7m0GYW0N1cwIS0OZ6Aagw01kPjduu/
SWaUUFHDfO/daWeVZjJitfwe8l8wrO3Jr5LHuCjSk1lyEdMx8zqoRdqFwp0tOnyT
JMywqPQV+RkPs/J0OeSPnrj6Zye3Ge3aa8dk5kylocWnQKf8Ta7zQXmWWzUI67lD
Pz4w5SwXUJxhu5x1neRCa/C6LFXykWziYPQ23MHSCEUchQtIXZyuglQJOwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFOtgQ3MIW1P9LkHP3p61j/mepu0EMB8GA1UdIwQY
MBaAFJruFcM941iTjWkAobPBRICjiehbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjIt
NmVlNTM0ZDkyZTUyLzEvNjJCRGN3aGJVXzB1UWNfZW5yV1AtWjZtN1FRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjItNmVlNTM0ZDkyZTUy
LzEvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQABbf8AwQA
LQqnAwQATdzAAwQATdzDAwQAjWJUAwQCuU3cAwQAwmgIAwQA1WwAMA0GCSqGSIb3
DQEBCwUAA4IBAQCKQneQmvbFilMy7QCI8SCdP8NSQO5mXO+xvZScAZveSNv70uxO
+wakJnVqieqVaC+Hxc/XNzsGGLc7cE4ZP90I1xoj4ljrObtcp2O/TCcNjiwgE8g7
VF95jv2Twrd0FFz9MnJu8yVz1ORAmDRP7GThdVjVdlW8UNjp1DMbN5KYL6N7fNIT
qOR1UivVHLDxYc5DyWdr2jakAy/V6wXDFhncqHI8PcXQnpTEevPAqQld24OG/OPh
fDuzMKvxyssKpsCozr67OCL93eyCtOcZpiplgAHU3qavkBUc+tgOqeyfQLqDKZIB
PpOjDcg03CciiSOs6MfXEIo3JX83odwYW38M
-----END CERTIFICATE-----
Generated at Sun Oct 19 21:10:26 2025 by rpki-client