Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/PGVYIzwHf6UcdybJmIRuEKbJaI4.roa
File: PGVYIzwHf6UcdybJmIRuEKbJaI4.roa (raw, json)
Hash identifier: B6cWExLpRhYUY+7dvKifsqY+kTpw4Z9WuxqoFZGkCSk=
Subject key identifier: 3C:65:58:23:3C:07:7F:A5:1C:77:26:C9:98:84:6E:10:A6:C9:68:8E
Certificate issuer: /CN=00775d9471b85d963fef6d283590e2d942dd5c21
Certificate serial: 0198A3E0F1C1FA8354CFC39208153799F8F6
Authority key identifier: 00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/PGVYIzwHf6UcdybJmIRuEKbJaI4.roa
Signing time: Wed 13 Aug 2025 14:41:24 +0000
ROA not before: Wed 13 Aug 2025 14:41:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 24631
IP address blocks: 62.220.97.0/24 maxlen: 24
62.220.102.0/24 maxlen: 24
87.107.102.0/24 maxlen: 24
87.107.172.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/AHddlHG4XZY_720oNZDi2ULdXCE.crl
rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/AHddlHG4XZY_720oNZDi2ULdXCE.mft
rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 08:00:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:a3:e0:f1:c1:fa:83:54:cf:c3:92:08:15:37:99:f8:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00775d9471b85d963fef6d283590e2d942dd5c21
Validity
Not Before: Aug 13 14:41:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3c6558233c077fa51c7726c998846e10a6c9688e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:eb:d4:fd:23:20:99:58:49:ed:f6:8a:c1:4c:
78:79:6a:fb:c4:76:f7:d2:bc:51:cd:4c:b8:3f:e0:
d4:55:ed:08:2f:64:02:38:27:55:6b:bf:92:0c:25:
1e:fb:8c:3d:61:ff:6e:9e:f8:22:2a:78:87:7e:10:
ba:cf:b7:37:5c:e2:52:d8:24:ad:07:79:99:17:5a:
f2:e2:e5:ec:cc:fb:bd:5d:8d:64:29:53:fb:72:cf:
19:82:f9:b0:b9:57:a5:f6:92:4d:ea:c3:f2:6a:0d:
7b:6f:3c:ef:47:55:d5:4f:2f:1c:25:ef:ef:03:a2:
39:7b:7a:68:10:05:a3:d0:31:59:4b:25:bd:2c:a9:
48:85:ee:5e:7a:c6:9c:08:0a:56:c9:aa:ba:e0:22:
cd:2c:96:a6:38:0a:72:c2:3e:d3:63:f7:35:bd:6c:
d1:01:8a:a9:0d:4d:31:ac:fb:1d:23:54:ae:71:e5:
87:8c:3f:10:15:c5:b4:62:e4:ad:38:ba:50:d4:05:
dd:d6:1b:89:dc:90:58:2e:7e:bc:5f:37:c2:25:1c:
3d:1c:72:25:2b:c7:d5:b5:78:94:a9:c1:f6:bd:76:
2e:96:47:44:be:5d:64:57:88:8a:6c:53:f0:60:8f:
3b:ca:b7:a1:53:3b:d4:c2:ac:0c:2a:96:e2:0b:d4:
bc:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:65:58:23:3C:07:7F:A5:1C:77:26:C9:98:84:6E:10:A6:C9:68:8E
X509v3 Authority Key Identifier:
keyid:00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/PGVYIzwHf6UcdybJmIRuEKbJaI4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/AHddlHG4XZY_720oNZDi2ULdXCE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.220.97.0/24
62.220.102.0/24
87.107.102.0/24
87.107.172.0/24
Signature Algorithm: sha256WithRSAEncryption
cf:62:0e:3a:2c:7f:41:c7:22:6f:c7:ab:a9:79:fb:a8:5b:c3:
4c:46:b1:ed:80:c8:eb:df:ed:33:0b:f0:1b:32:fe:1c:e2:98:
3e:e2:6d:99:ea:29:c9:70:e2:b4:60:19:31:0a:4d:9d:18:fd:
bc:12:45:47:04:58:e1:3f:fa:b1:3d:ac:a4:67:4d:06:9c:02:
ab:f1:07:fc:ab:1c:9e:53:03:ed:16:41:c9:82:4e:9e:89:62:
8e:48:a1:41:d5:90:33:b3:f6:63:98:ac:fe:84:4c:fa:5b:c2:
12:f1:db:91:d8:82:b1:85:df:e3:58:28:88:62:f4:8d:e2:63:
ec:19:04:d5:c5:68:1e:41:55:64:09:25:f7:bc:97:76:ec:f8:
6b:cc:d0:d3:cd:34:ca:99:28:9d:6b:41:1a:98:33:72:b6:12:
83:13:32:dc:b8:9e:82:fd:a5:77:74:77:ea:eb:58:aa:42:43:
48:84:2f:c7:f6:34:da:b3:f3:ef:73:49:46:13:d4:40:d1:30:
e4:34:61:eb:0f:79:93:b8:7d:96:55:2f:e0:6a:a8:5e:ba:fc:
a5:39:9c:57:45:1c:22:73:61:a7:97:c4:94:dd:9d:0a:32:dc:
00:d7:0c:8a:4c:af:99:2f:41:92:59:3a:a7:a9:18:13:ca:1d:
10:0f:fb:89
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZij4PHB+oNUz8OSCBU3mfj2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwNzc1ZDk0NzFiODVkOTYzZmVmNmQyODM1OTBlMmQ5NDJk
ZDVjMjEwHhcNMjUwODEzMTQ0MTI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzY1NTgyMzNjMDc3ZmE1MWM3NzI2Yzk5ODg0NmUxMGE2Yzk2ODhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmOvU/SMgmVhJ7faKwUx4eWr7xHb3
0rxRzUy4P+DUVe0IL2QCOCdVa7+SDCUe+4w9Yf9unvgiKniHfhC6z7c3XOJS2CSt
B3mZF1ry4uXszPu9XY1kKVP7cs8ZgvmwuVel9pJN6sPyag17bzzvR1XVTy8cJe/v
A6I5e3poEAWj0DFZSyW9LKlIhe5eesacCApWyaq64CLNLJamOApywj7TY/c1vWzR
AYqpDU0xrPsdI1SuceWHjD8QFcW0YuStOLpQ1AXd1huJ3JBYLn68XzfCJRw9HHIl
K8fVtXiUqcH2vXYulkdEvl1kV4iKbFPwYI87yrehUzvUwqwMKpbiC9S86QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFDxlWCM8B3+lHHcmyZiEbhCmyWiOMB8GA1UdIwQY
MBaAFAB3XZRxuF2WP+9tKDWQ4tlC3VwhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUhkZGxIRzRYWllfNzIwb05aRGkyVUxkWENFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi82Mzc2MGMtZTIxYi00YmFmLWE5YTQt
NzZiMzNlNGNlODIxLzEvUEdWWUl6d0hmNlVjZHliSm1JUnVFS2JKYUk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi82Mzc2MGMtZTIxYi00YmFmLWE5YTQtNzZiMzNlNGNlODIx
LzEvQUhkZGxIRzRYWllfNzIwb05aRGkyVUxkWENFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAPtxhAwQA
PtxmAwQAV2tmAwQAV2usMA0GCSqGSIb3DQEBCwUAA4IBAQDPYg46LH9BxyJvx6up
efuoW8NMRrHtgMjr3+0zC/AbMv4c4pg+4m2Z6inJcOK0YBkxCk2dGP28EkVHBFjh
P/qxPaykZ00GnAKr8Qf8qxyeUwPtFkHJgk6eiWKOSKFB1ZAzs/ZjmKz+hEz6W8IS
8duR2IKxhd/jWCiIYvSN4mPsGQTVxWgeQVVkCSX3vJd27PhrzNDTzTTKmSida0Ea
mDNythKDEzLcuJ6C/aV3dHfq61iqQkNIhC/H9jTas/Pvc0lGE9RA0TDkNGHrD3mT
uH2WVS/gaqheuvylOZxXRRwic2Gnl8SU3Z0KMtwA1wyKTK+ZL0GSWTqnqRgTyh0Q
D/uJ
-----END CERTIFICATE-----
Generated at Sat Aug 23 18:44:22 2025 by rpki-client