Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/4ef680-7c55-4a5b-8568-336ac9456464/1/6Xm-75V0sXQGqzDZtgBZ1MB1y7U.roa
File: 6Xm-75V0sXQGqzDZtgBZ1MB1y7U.roa (raw, json)
Hash identifier: y6WKfvCzgcr5qRF8JvQX+THC7a2GBmmRXVuRnQY8PoA=
Subject key identifier: E9:79:BE:EF:95:74:B1:74:06:AB:30:D9:B6:00:59:D4:C0:75:CB:B5
Certificate issuer: /CN=3a4945e46764029d2581d820c3373fa445855539
Certificate serial: 019994C01ED359E1BF25A8F2210BB578B2C0
Authority key identifier: 3A:49:45:E4:67:64:02:9D:25:81:D8:20:C3:37:3F:A4:45:85:55:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OklF5GdkAp0lgdggwzc_pEWFVTk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/4ef680-7c55-4a5b-8568-336ac9456464/1/6Xm-75V0sXQGqzDZtgBZ1MB1y7U.roa
Signing time: Mon 29 Sep 2025 09:14:02 +0000
ROA not before: Mon 29 Sep 2025 09:14:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2856
IP address blocks: 62.244.11.0/24 maxlen: 24
62.244.12.0/24 maxlen: 24
62.244.29.0/24 maxlen: 24
62.244.36.0/24 maxlen: 24
62.244.37.0/24 maxlen: 24
62.244.41.0/24 maxlen: 24
62.244.43.0/24 maxlen: 24
62.244.45.0/24 maxlen: 24
62.244.56.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c1/4ef680-7c55-4a5b-8568-336ac9456464/1/OklF5GdkAp0lgdggwzc_pEWFVTk.crl
rsync://rpki.ripe.net/repository/DEFAULT/c1/4ef680-7c55-4a5b-8568-336ac9456464/1/OklF5GdkAp0lgdggwzc_pEWFVTk.mft
rsync://rpki.ripe.net/repository/DEFAULT/OklF5GdkAp0lgdggwzc_pEWFVTk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:94:c0:1e:d3:59:e1:bf:25:a8:f2:21:0b:b5:78:b2:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a4945e46764029d2581d820c3373fa445855539
Validity
Not Before: Sep 29 09:14:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e979beef9574b17406ab30d9b60059d4c075cbb5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:f0:4a:fc:eb:20:3f:20:4a:80:9b:72:e8:72:
68:23:e1:fb:df:a2:5a:5a:0d:3b:95:80:eb:55:16:
88:93:2d:84:80:70:6f:1d:29:6a:48:4c:52:b2:d4:
44:60:b5:f9:e1:e7:fd:c4:de:83:3b:82:89:37:cf:
0f:51:b6:92:d5:6c:c9:bc:82:0f:7f:80:cc:1d:b1:
32:33:11:e2:2f:c6:dd:46:50:05:95:fa:59:88:d9:
6c:f1:39:ea:07:a6:89:d6:5e:3e:ca:9e:a1:0d:f9:
58:72:1d:0b:bf:59:bb:87:8f:31:95:2d:9b:cc:d1:
ad:6c:f8:4d:bc:aa:a4:77:f5:92:68:0b:36:21:49:
86:d6:1a:2b:6f:7d:5e:55:77:e2:54:38:33:15:b8:
c0:f2:09:e7:48:77:05:46:87:24:99:d6:0e:ba:eb:
66:82:56:eb:e4:43:52:7c:72:08:37:0f:63:f3:af:
77:1e:76:be:f3:44:ba:cd:ad:8e:60:98:46:ba:12:
9f:eb:d3:04:ca:b3:87:64:3e:d4:70:b9:5d:b5:18:
e1:d2:1f:a6:fb:6f:87:1a:f3:d5:5b:2d:84:12:bc:
ef:52:7b:96:52:30:73:b0:a7:29:2e:d5:1f:a1:8e:
39:d7:22:f1:b4:11:73:ab:0a:fb:cf:8f:de:7a:ed:
e5:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:79:BE:EF:95:74:B1:74:06:AB:30:D9:B6:00:59:D4:C0:75:CB:B5
X509v3 Authority Key Identifier:
keyid:3A:49:45:E4:67:64:02:9D:25:81:D8:20:C3:37:3F:A4:45:85:55:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OklF5GdkAp0lgdggwzc_pEWFVTk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/4ef680-7c55-4a5b-8568-336ac9456464/1/6Xm-75V0sXQGqzDZtgBZ1MB1y7U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/4ef680-7c55-4a5b-8568-336ac9456464/1/OklF5GdkAp0lgdggwzc_pEWFVTk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.244.11.0-62.244.12.255
62.244.29.0/24
62.244.36.0/23
62.244.41.0/24
62.244.43.0/24
62.244.45.0/24
62.244.56.0/24
Signature Algorithm: sha256WithRSAEncryption
a9:26:9a:55:38:62:6a:f9:79:23:e6:50:2f:be:db:c9:bc:74:
79:e6:01:12:67:d9:69:84:9f:0f:80:b5:58:13:7e:d9:0d:2c:
27:31:0c:22:18:dc:cf:71:7a:58:6d:5e:4d:a4:5e:02:7a:3c:
63:f3:f0:31:b0:c2:63:ea:6b:ab:ea:88:21:91:f3:71:1b:2c:
ff:7f:64:f8:b3:4c:9a:50:6f:40:15:67:29:49:3b:70:d6:7d:
5e:47:36:74:66:53:00:85:f4:96:06:93:b9:29:a1:67:6a:ec:
24:f0:ab:76:a4:27:af:15:93:68:a3:c0:b8:11:71:4e:ba:18:
60:00:3d:49:2e:00:62:cd:24:68:ac:c9:4c:dd:f9:b3:ce:69:
09:27:ef:93:9a:75:62:99:bb:30:c2:73:73:4e:80:8a:f9:99:
01:94:ab:af:17:cc:c6:2a:e1:a4:89:8c:be:74:73:15:05:df:
5e:a7:67:fc:81:cb:9d:6a:66:55:2a:42:74:e7:11:4c:37:3e:
f7:b2:a2:e8:d4:5f:4d:aa:96:68:a9:3a:2a:96:7e:ae:22:6a:
04:5d:aa:32:1f:d2:28:d7:74:30:24:d3:9e:c5:a9:18:6b:76:
8b:51:ed:21:06:40:8d:a5:67:f3:13:ca:40:69:41:db:78:38:
cc:03:cf:37
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAZmUwB7TWeG/JajyIQu1eLLAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhNDk0NWU0Njc2NDAyOWQyNTgxZDgyMGMzMzczZmE0NDU4
NTU1MzkwHhcNMjUwOTI5MDkxNDAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOTc5YmVlZjk1NzRiMTc0MDZhYjMwZDliNjAwNTlkNGMwNzVjYmI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz/BK/OsgPyBKgJty6HJoI+H736Ja
Wg07lYDrVRaIky2EgHBvHSlqSExSstREYLX54ef9xN6DO4KJN88PUbaS1WzJvIIP
f4DMHbEyMxHiL8bdRlAFlfpZiNls8TnqB6aJ1l4+yp6hDflYch0Lv1m7h48xlS2b
zNGtbPhNvKqkd/WSaAs2IUmG1horb31eVXfiVDgzFbjA8gnnSHcFRockmdYOuutm
glbr5ENSfHIINw9j8693Hna+80S6za2OYJhGuhKf69MEyrOHZD7UcLldtRjh0h+m
+2+HGvPVWy2EErzvUnuWUjBzsKcpLtUfoY451yLxtBFzqwr7z4/eeu3l1QIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFOl5vu+VdLF0Bqsw2bYAWdTAdcu1MB8GA1UdIwQY
MBaAFDpJReRnZAKdJYHYIMM3P6RFhVU5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2tsRjVHZGtBcDBsZ2RnZ3d6Y19wRVdGVlRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS80ZWY2ODAtN2M1NS00YTViLTg1Njgt
MzM2YWM5NDU2NDY0LzEvNlhtLTc1VjBzWFFHcXpEWnRnQloxTUIxeTdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS80ZWY2ODAtN2M1NS00YTViLTg1NjgtMzM2YWM5NDU2NDY0
LzEvT2tsRjVHZGtBcDBsZ2RnZ3d6Y19wRVdGVlRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyMAwDBAA+9AsD
BAA+9AwDBAA+9B0DBAE+9CQDBAA+9CkDBAA+9CsDBAA+9C0DBAA+9DgwDQYJKoZI
hvcNAQELBQADggEBAKkmmlU4Ymr5eSPmUC++28m8dHnmARJn2WmEnw+AtVgTftkN
LCcxDCIY3M9xelhtXk2kXgJ6PGPz8DGwwmPqa6vqiCGR83EbLP9/ZPizTJpQb0AV
ZylJO3DWfV5HNnRmUwCF9JYGk7kpoWdq7CTwq3akJ68Vk2ijwLgRcU66GGAAPUku
AGLNJGisyUzd+bPOaQkn75OadWKZuzDCc3NOgIr5mQGUq68XzMYq4aSJjL50cxUF
316nZ/yBy51qZlUqQnTnEUw3PveyoujUX02qlmipOiqWfq4iagRdqjIf0ijXdDAk
057FqRhrdotR7SEGQI2lZ/MTykBpQdt4OMwDzzc=
-----END CERTIFICATE-----
Generated at Sun Oct 19 21:09:03 2025 by rpki-client