Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/2925a3-871b-4676-ae10-688d333ed9d5/1/X6QCTOwOC8y3vNqfakDVWl14x2E.roa
File: X6QCTOwOC8y3vNqfakDVWl14x2E.roa (raw, json)
Hash identifier: ntyGFIij13k4RvM2mOeeSG9K/6TRfBr3RSElp30qqF4=
Subject key identifier: 5F:A4:02:4C:EC:0E:0B:CC:B7:BC:DA:9F:6A:40:D5:5A:5D:78:C7:61
Certificate issuer: /CN=ef1c665b038692b93bdf5d1d8f3cea3e98697a03
Certificate serial: 01978D7B64F8DB056AF626B5F2002F7F5F4F
Authority key identifier: EF:1C:66:5B:03:86:92:B9:3B:DF:5D:1D:8F:3C:EA:3E:98:69:7A:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7xxmWwOGkrk7310djzzqPphpegM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/2925a3-871b-4676-ae10-688d333ed9d5/1/X6QCTOwOC8y3vNqfakDVWl14x2E.roa
Signing time: Fri 20 Jun 2025 13:16:03 +0000
ROA not before: Fri 20 Jun 2025 13:16:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204582
IP address blocks: 62.76.248.0/24 maxlen: 24
62.76.249.0/24 maxlen: 24
62.76.250.0/24 maxlen: 24
62.76.251.0/24 maxlen: 24
62.76.252.0/24 maxlen: 24
62.76.255.0/24 maxlen: 24
194.85.31.0/24 maxlen: 24
194.85.77.0/24 maxlen: 24
194.85.78.0/24 maxlen: 24
194.85.79.0/24 maxlen: 24
212.193.116.0/24 maxlen: 24
212.193.117.0/24 maxlen: 24
212.193.118.0/24 maxlen: 24
212.193.119.0/24 maxlen: 24
212.193.120.0/24 maxlen: 24
212.193.121.0/24 maxlen: 24
212.193.122.0/24 maxlen: 24
212.193.123.0/24 maxlen: 24
212.193.124.0/24 maxlen: 24
212.193.125.0/24 maxlen: 24
212.193.126.0/24 maxlen: 24
212.193.127.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/88/2925a3-871b-4676-ae10-688d333ed9d5/1/7xxmWwOGkrk7310djzzqPphpegM.crl
rsync://rpki.ripe.net/repository/DEFAULT/88/2925a3-871b-4676-ae10-688d333ed9d5/1/7xxmWwOGkrk7310djzzqPphpegM.mft
rsync://rpki.ripe.net/repository/DEFAULT/7xxmWwOGkrk7310djzzqPphpegM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 04 Jul 2025 05:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:8d:7b:64:f8:db:05:6a:f6:26:b5:f2:00:2f:7f:5f:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef1c665b038692b93bdf5d1d8f3cea3e98697a03
Validity
Not Before: Jun 20 13:16:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5fa4024cec0e0bccb7bcda9f6a40d55a5d78c761
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:f9:ab:64:73:18:ac:c9:ef:59:3c:38:09:f0:
23:2c:38:12:b1:11:64:4f:46:8f:23:03:17:47:ab:
fb:ef:2a:e5:65:9b:91:d6:4b:56:70:31:ae:17:e6:
75:03:97:18:ce:82:77:f8:ef:71:9b:3f:14:64:66:
87:7f:0e:e5:74:b0:e1:9b:6f:17:8b:6d:12:f0:39:
d4:33:ac:13:d0:72:88:fd:4d:1b:69:99:3d:84:8f:
3d:e5:a8:cc:06:d2:21:5d:af:93:2c:98:3f:cf:c8:
7e:f3:57:7d:38:89:2e:52:f5:b4:30:0c:99:27:fc:
5c:7c:9c:3d:34:cf:6a:ae:bb:b4:ee:a2:5e:64:c9:
3d:7f:22:4f:a5:66:20:8c:b4:b7:77:0f:1a:77:ea:
ac:40:34:46:55:86:87:d0:3d:e2:f2:41:be:49:7f:
ab:89:59:42:74:91:bf:e2:56:44:3d:f3:07:fb:1b:
10:7d:26:52:f1:10:b9:23:04:38:7a:24:62:48:4f:
22:6d:25:ce:97:fb:13:a6:df:ca:e7:f5:83:9e:96:
63:4f:ae:16:d4:65:37:bd:1f:2d:46:80:35:b3:93:
99:5b:98:41:88:5f:e2:40:e8:a9:d2:83:e2:c8:ba:
38:54:c0:9e:80:b7:f2:32:2e:bc:ba:bb:a4:2c:9d:
02:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:A4:02:4C:EC:0E:0B:CC:B7:BC:DA:9F:6A:40:D5:5A:5D:78:C7:61
X509v3 Authority Key Identifier:
keyid:EF:1C:66:5B:03:86:92:B9:3B:DF:5D:1D:8F:3C:EA:3E:98:69:7A:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7xxmWwOGkrk7310djzzqPphpegM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/2925a3-871b-4676-ae10-688d333ed9d5/1/X6QCTOwOC8y3vNqfakDVWl14x2E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/2925a3-871b-4676-ae10-688d333ed9d5/1/7xxmWwOGkrk7310djzzqPphpegM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.248.0-62.76.252.255
62.76.255.0/24
194.85.31.0/24
194.85.77.0-194.85.79.255
212.193.116.0-212.193.127.255
Signature Algorithm: sha256WithRSAEncryption
ba:9e:f8:a6:8b:d9:4c:4c:5b:61:4c:32:d9:a8:06:d9:a7:68:
e8:2d:98:b3:6c:2b:1a:ca:98:81:3d:ce:54:f4:3d:d1:4a:13:
87:a5:33:01:96:61:d9:47:63:75:1d:97:7e:b4:7a:f9:cb:38:
73:56:08:a7:c2:08:2d:22:b6:94:a4:be:ee:51:6b:14:58:28:
c5:76:07:34:28:b0:dc:c6:85:29:19:af:7c:3b:78:a1:26:8e:
53:62:6a:ff:20:8e:6a:d3:76:b8:32:6e:dd:b1:4d:75:95:68:
28:3a:e3:e4:96:10:12:d3:35:7b:47:d4:f7:b1:76:c5:43:7f:
1b:68:a8:2d:32:e8:50:bd:bc:d0:87:98:37:5d:64:12:4e:8f:
ad:4f:9a:6d:9f:ea:b7:82:31:8c:de:f0:df:ef:a9:3d:b3:63:
00:0d:54:7c:82:87:cc:ba:8d:29:13:3d:c7:8a:04:82:c5:df:
58:4d:eb:47:09:03:ba:ff:bf:75:6a:be:a8:10:62:0e:98:de:
48:72:bb:a5:c6:3c:0e:0d:d6:b5:e5:ca:77:ab:41:ed:b0:a1:
2a:4b:79:81:aa:b4:60:c4:d1:46:fe:44:60:6c:82:a9:50:58:
7f:fc:d9:ef:fd:ca:a2:fb:82:f4:c8:a8:20:0a:9b:82:c8:2c:
18:11:e2:73
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZeNe2T42wVq9ia18gAvf19PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmMWM2NjViMDM4NjkyYjkzYmRmNWQxZDhmM2NlYTNlOTg2
OTdhMDMwHhcNMjUwNjIwMTMxNjAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZmE0MDI0Y2VjMGUwYmNjYjdiY2RhOWY2YTQwZDU1YTVkNzhjNzYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzfmrZHMYrMnvWTw4CfAjLDgSsRFk
T0aPIwMXR6v77yrlZZuR1ktWcDGuF+Z1A5cYzoJ3+O9xmz8UZGaHfw7ldLDhm28X
i20S8DnUM6wT0HKI/U0baZk9hI895ajMBtIhXa+TLJg/z8h+81d9OIkuUvW0MAyZ
J/xcfJw9NM9qrru07qJeZMk9fyJPpWYgjLS3dw8ad+qsQDRGVYaH0D3i8kG+SX+r
iVlCdJG/4lZEPfMH+xsQfSZS8RC5IwQ4eiRiSE8ibSXOl/sTpt/K5/WDnpZjT64W
1GU3vR8tRoA1s5OZW5hBiF/iQOip0oPiyLo4VMCegLfyMi68urukLJ0C6QIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFF+kAkzsDgvMt7zan2pA1VpdeMdhMB8GA1UdIwQY
MBaAFO8cZlsDhpK5O99dHY886j6YaXoDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3h4bVd3T0drcms3MzEwZGp6enFQcGhwZWdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC8yOTI1YTMtODcxYi00Njc2LWFlMTAt
Njg4ZDMzM2VkOWQ1LzEvWDZRQ1RPd09DOHkzdk5xZmFrRFZXbDE0eDJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC8yOTI1YTMtODcxYi00Njc2LWFlMTAtNjg4ZDMzM2VkOWQ1
LzEvN3h4bVd3T0drcms3MzEwZGp6enFQcGhwZWdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2MAwDBAM+TPgD
BAA+TPwDBAA+TP8DBADCVR8wDAMEAMJVTQMEBMJVQDAMAwQC1MF0AwQH1MEAMA0G
CSqGSIb3DQEBCwUAA4IBAQC6nvimi9lMTFthTDLZqAbZp2joLZizbCsaypiBPc5U
9D3RShOHpTMBlmHZR2N1HZd+tHr5yzhzVginwggtIraUpL7uUWsUWCjFdgc0KLDc
xoUpGa98O3ihJo5TYmr/II5q03a4Mm7dsU11lWgoOuPklhAS0zV7R9T3sXbFQ38b
aKgtMuhQvbzQh5g3XWQSTo+tT5ptn+q3gjGM3vDf76k9s2MADVR8gofMuo0pEz3H
igSCxd9YTetHCQO6/791ar6oEGIOmN5IcrulxjwODda15cp3q0HtsKEqS3mBqrRg
xNFG/kRgbIKpUFh//Nnv/cqi+4L0yKggCpuCyCwYEeJz
-----END CERTIFICATE-----
Generated at Thu Jul 3 10:30:40 2025 by rpki-client