Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/4ef680-7c55-4a5b-8568-336ac9456464/1/1-yPHrZgsoThpMDnxsp8ik7ZJAmM.roa
File: 1-yPHrZgsoThpMDnxsp8ik7ZJAmM.roa (raw, json)
Hash identifier: PkPdKCMYMFbeGyHu/UiymTakLQYctiNwfIAb9+YJYgQ=
Subject key identifier: FB:23:C7:AD:98:2C:A1:38:69:30:39:F1:B2:9F:22:93:B6:49:02:63
Certificate issuer: /CN=3a4945e46764029d2581d820c3373fa445855539
Certificate serial: 01990A1359E44E41D0D81D26D78C9CD15573
Authority key identifier: 3A:49:45:E4:67:64:02:9D:25:81:D8:20:C3:37:3F:A4:45:85:55:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OklF5GdkAp0lgdggwzc_pEWFVTk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/4ef680-7c55-4a5b-8568-336ac9456464/1/1-yPHrZgsoThpMDnxsp8ik7ZJAmM.roa
Signing time: Tue 02 Sep 2025 10:57:44 +0000
ROA not before: Tue 02 Sep 2025 10:57:44 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3254
IP address blocks: 62.244.0.0/18 maxlen: 18
62.244.48.0/22 maxlen: 22
193.193.192.0/19 maxlen: 19
193.193.212.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c1/4ef680-7c55-4a5b-8568-336ac9456464/1/OklF5GdkAp0lgdggwzc_pEWFVTk.crl
rsync://rpki.ripe.net/repository/DEFAULT/c1/4ef680-7c55-4a5b-8568-336ac9456464/1/OklF5GdkAp0lgdggwzc_pEWFVTk.mft
rsync://rpki.ripe.net/repository/DEFAULT/OklF5GdkAp0lgdggwzc_pEWFVTk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:0a:13:59:e4:4e:41:d0:d8:1d:26:d7:8c:9c:d1:55:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a4945e46764029d2581d820c3373fa445855539
Validity
Not Before: Sep 2 10:57:44 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fb23c7ad982ca138693039f1b29f2293b6490263
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:e5:63:df:41:e0:9d:13:69:00:3d:86:e0:64:
3d:04:25:ab:d3:bb:67:23:f7:d1:31:21:7c:42:a4:
83:84:3c:ac:1b:f3:47:2e:08:39:cd:dc:b6:5c:37:
73:0f:e0:73:9a:9b:5b:e6:90:92:fa:8a:b1:89:ba:
97:c4:d4:69:68:93:e0:d8:b8:1c:0d:b8:72:ef:9b:
cf:d3:13:1f:b3:a9:d3:a1:8c:39:64:cf:6a:11:03:
f5:34:dc:ba:b9:9e:36:15:19:73:59:7c:36:e6:06:
5a:ed:d6:47:d9:a6:cf:43:ab:a9:fc:9f:d8:1c:d6:
8a:97:13:a9:e5:e1:e5:76:01:99:0b:4a:08:17:01:
1a:d7:01:f6:28:81:fd:98:2a:1b:8d:43:26:61:2d:
f4:e3:67:eb:b8:8e:1f:c8:e0:4e:30:9f:48:d7:c6:
85:65:93:e1:1f:2b:d4:1d:bd:2d:c4:c2:04:36:99:
56:4e:68:36:fa:66:3c:43:73:e0:08:bc:fb:7a:dd:
ea:d9:6a:6d:1c:45:05:54:b0:c6:b7:63:21:92:97:
b7:f9:fa:fc:11:d1:57:ac:71:23:ee:41:23:7b:33:
4e:4b:64:d2:a7:d1:09:01:67:2a:91:40:fa:1a:20:
ae:0d:35:e7:f3:75:18:96:3e:21:cc:76:f4:a4:27:
e9:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:23:C7:AD:98:2C:A1:38:69:30:39:F1:B2:9F:22:93:B6:49:02:63
X509v3 Authority Key Identifier:
keyid:3A:49:45:E4:67:64:02:9D:25:81:D8:20:C3:37:3F:A4:45:85:55:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OklF5GdkAp0lgdggwzc_pEWFVTk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/4ef680-7c55-4a5b-8568-336ac9456464/1/1-yPHrZgsoThpMDnxsp8ik7ZJAmM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/4ef680-7c55-4a5b-8568-336ac9456464/1/OklF5GdkAp0lgdggwzc_pEWFVTk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.244.0.0/18
193.193.192.0/19
Signature Algorithm: sha256WithRSAEncryption
27:6a:25:af:c4:fd:c7:5b:91:24:79:06:d4:67:02:f0:87:90:
c5:4b:22:e9:af:de:d4:90:6d:4d:19:e4:9e:9f:db:e7:30:ed:
6f:4f:09:b1:45:49:9b:63:c1:3a:aa:b5:4e:d6:ca:f0:af:66:
1d:13:28:00:60:80:1b:c1:ea:45:a5:ed:d6:6e:9f:aa:f1:10:
a2:eb:09:7c:aa:a2:6c:22:b0:ae:51:1d:f6:19:07:40:15:a6:
32:66:1c:91:13:e6:4c:a5:e5:7d:94:b7:9e:42:4c:4c:c4:c6:
8d:5b:a5:91:d9:44:bc:1a:fd:ab:44:d9:aa:42:5b:1b:25:9b:
00:fc:ae:a2:ee:87:3e:3e:da:8a:13:18:2e:fa:36:17:fb:7c:
6c:d4:f6:4d:54:07:16:05:fe:db:53:b0:a2:9e:4c:2d:3c:40:
06:3c:ef:eb:6d:24:6f:c6:a4:d6:9b:0e:1f:25:42:87:64:ab:
70:8c:aa:1b:19:47:95:db:91:83:a4:ce:f3:2e:4f:ac:a6:14:
34:8d:c1:57:ba:73:c6:21:c3:4e:72:f2:a8:68:aa:24:f4:5a:
82:d5:15:10:37:9f:52:b6:66:09:ba:7e:5f:4a:e2:a3:30:cc:
26:d9:30:d7:da:95:19:e2:31:b9:8c:1c:6b:6c:af:bd:62:e7:
fc:ad:f6:f1
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAZkKE1nkTkHQ2B0m14yc0VVzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhNDk0NWU0Njc2NDAyOWQyNTgxZDgyMGMzMzczZmE0NDU4
NTU1MzkwHhcNMjUwOTAyMTA1NzQ0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYjIzYzdhZDk4MmNhMTM4NjkzMDM5ZjFiMjlmMjI5M2I2NDkwMjYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxuVj30HgnRNpAD2G4GQ9BCWr07tn
I/fRMSF8QqSDhDysG/NHLgg5zdy2XDdzD+Bzmptb5pCS+oqxibqXxNRpaJPg2Lgc
Dbhy75vP0xMfs6nToYw5ZM9qEQP1NNy6uZ42FRlzWXw25gZa7dZH2abPQ6up/J/Y
HNaKlxOp5eHldgGZC0oIFwEa1wH2KIH9mCobjUMmYS3042fruI4fyOBOMJ9I18aF
ZZPhHyvUHb0txMIENplWTmg2+mY8Q3PgCLz7et3q2WptHEUFVLDGt2Mhkpe3+fr8
EdFXrHEj7kEjezNOS2TSp9EJAWcqkUD6GiCuDTXn83UYlj4hzHb0pCfpSQIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFPsjx62YLKE4aTA58bKfIpO2SQJjMB8GA1UdIwQY
MBaAFDpJReRnZAKdJYHYIMM3P6RFhVU5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2tsRjVHZGtBcDBsZ2RnZ3d6Y19wRVdGVlRrLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS80ZWY2ODAtN2M1NS00YTViLTg1Njgt
MzM2YWM5NDU2NDY0LzEvMS15UEhyWmdzb1RocE1EbnhzcDhpazdaSkFtTS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYzEvNGVmNjgwLTdjNTUtNGE1Yi04NTY4LTMzNmFjOTQ1NjQ2
NC8xL09rbEY1R2RrQXAwbGdkZ2d3emNfcEVXRlZUay5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEBj70AAME
BcHBwDANBgkqhkiG9w0BAQsFAAOCAQEAJ2olr8T9x1uRJHkG1GcC8IeQxUsi6a/e
1JBtTRnknp/b5zDtb08JsUVJm2PBOqq1TtbK8K9mHRMoAGCAG8HqRaXt1m6fqvEQ
ousJfKqibCKwrlEd9hkHQBWmMmYckRPmTKXlfZS3nkJMTMTGjVulkdlEvBr9q0TZ
qkJbGyWbAPyuou6HPj7aihMYLvo2F/t8bNT2TVQHFgX+21Owop5MLTxABjzv620k
b8ak1psOHyVCh2SrcIyqGxlHlduRg6TO8y5PrKYUNI3BV7pzxiHDTnLyqGiqJPRa
gtUVEDefUrZmCbp+X0riozDMJtkw19qVGeIxuYwca2yvvWLn/K328Q==
-----END CERTIFICATE-----
Generated at Mon Oct 20 01:35:09 2025 by rpki-client