Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/2c2817-3701-4783-8fbd-eec4885c4f8d/1/T0WVdzOAzxv7YhavZ8vWFS4Ty_I.roa
File: T0WVdzOAzxv7YhavZ8vWFS4Ty_I.roa (raw, json)
Hash identifier: b3F/epBvj8JhSWlR2DiuUydqiu726jVzSOK2gVzNlcU=
Subject key identifier: 4F:45:95:77:33:80:CF:1B:FB:62:16:AF:67:CB:D6:15:2E:13:CB:F2
Certificate issuer: /CN=20ca2d4cb3e56b5d29970a97fc645eb2fd6876a1
Certificate serial: 019898F5D54DEF7DDF58BFEBAC91F50C0FB8
Authority key identifier: 20:CA:2D:4C:B3:E5:6B:5D:29:97:0A:97:FC:64:5E:B2:FD:68:76:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IMotTLPla10plwqX_GResv1odqE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/2c2817-3701-4783-8fbd-eec4885c4f8d/1/T0WVdzOAzxv7YhavZ8vWFS4Ty_I.roa
Signing time: Mon 11 Aug 2025 11:48:24 +0000
ROA not before: Mon 11 Aug 2025 11:48:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214461
IP address blocks: 62.113.59.0/24 maxlen: 24
128.0.67.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d4/2c2817-3701-4783-8fbd-eec4885c4f8d/1/IMotTLPla10plwqX_GResv1odqE.crl
rsync://rpki.ripe.net/repository/DEFAULT/d4/2c2817-3701-4783-8fbd-eec4885c4f8d/1/IMotTLPla10plwqX_GResv1odqE.mft
rsync://rpki.ripe.net/repository/DEFAULT/IMotTLPla10plwqX_GResv1odqE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 11:02:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:98:f5:d5:4d:ef:7d:df:58:bf:eb:ac:91:f5:0c:0f:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=20ca2d4cb3e56b5d29970a97fc645eb2fd6876a1
Validity
Not Before: Aug 11 11:48:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4f4595773380cf1bfb6216af67cbd6152e13cbf2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:5c:c2:15:dd:9c:7b:fb:91:f3:cd:c8:b3:cd:
87:d7:af:6e:29:15:30:fb:96:4a:e1:d5:d6:74:95:
df:81:28:d8:a5:e2:fe:f9:53:55:ed:e4:72:87:bc:
0c:63:09:ce:24:24:59:14:43:d4:a4:76:5f:b0:c4:
d5:32:c1:bd:88:c8:39:82:68:7f:c5:1d:49:eb:db:
85:17:66:f1:ba:85:70:cd:26:08:d9:8d:63:f6:a2:
d0:e7:15:45:74:b5:18:bf:09:92:4a:44:6f:b1:c6:
cf:28:58:43:71:03:7f:f3:8d:ac:89:cf:c8:88:67:
d1:27:20:2c:55:70:3b:b9:c7:17:9b:5a:b5:3a:cc:
3f:42:45:25:7f:6a:8b:ee:f3:db:c5:a6:ac:7b:65:
50:30:f5:2b:63:88:95:0e:62:eb:bd:10:74:d0:28:
3b:fb:53:68:86:72:d8:8e:c1:53:1e:40:30:d2:52:
37:30:95:08:9c:28:48:60:7c:ab:fa:b5:12:7e:87:
ab:9f:b4:f9:a1:2c:54:7a:da:3d:26:65:71:52:73:
e5:4a:72:d3:9e:1e:b7:df:b4:11:11:c2:07:c1:5e:
3d:d7:50:75:62:dc:c9:85:08:40:6d:98:37:5c:f4:
f8:ab:2b:9f:0a:46:bf:9c:b4:8b:40:33:38:98:47:
62:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:45:95:77:33:80:CF:1B:FB:62:16:AF:67:CB:D6:15:2E:13:CB:F2
X509v3 Authority Key Identifier:
keyid:20:CA:2D:4C:B3:E5:6B:5D:29:97:0A:97:FC:64:5E:B2:FD:68:76:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IMotTLPla10plwqX_GResv1odqE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/2c2817-3701-4783-8fbd-eec4885c4f8d/1/T0WVdzOAzxv7YhavZ8vWFS4Ty_I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/2c2817-3701-4783-8fbd-eec4885c4f8d/1/IMotTLPla10plwqX_GResv1odqE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.113.59.0/24
128.0.67.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:73:bb:06:4e:48:a6:da:ad:4a:42:16:c1:19:c0:7c:07:70:
f0:7a:9b:1c:02:60:ff:92:9c:32:a5:7d:9e:81:69:5a:84:7b:
40:af:ef:59:88:bc:73:ad:3b:9c:bb:f6:aa:4c:75:6c:22:0d:
c5:fb:e6:ed:a4:36:55:17:fa:3d:74:06:21:65:0e:38:29:43:
5d:ea:1f:84:cf:ea:cf:33:d8:bd:9b:28:c2:e9:ac:ea:e8:c5:
ea:01:98:d9:57:0a:3c:08:5c:05:26:a0:35:d7:c2:c5:18:13:
5f:54:68:20:cb:3a:3d:73:48:95:4e:1d:ca:83:d7:7d:dd:c1:
c8:e0:ba:69:cb:95:0d:b4:92:4d:28:23:19:bb:6f:0d:56:47:
82:16:67:1b:20:47:28:a3:9f:ae:50:98:02:19:86:ef:ce:7f:
ff:35:82:9c:58:f1:5e:3f:f7:17:22:24:4d:c7:e4:e6:5e:bf:
00:85:ae:7e:8c:d9:4b:ac:45:d4:55:34:2e:f1:1d:61:20:54:
89:09:32:ed:7a:e6:95:c2:da:43:d0:c4:bc:7f:c4:7b:f4:45:
25:02:73:d6:b8:dd:39:b9:62:48:bc:cb:b2:24:ea:fe:ec:c5:
f8:34:33:e1:b6:66:50:67:18:d7:68:5f:69:67:2c:7f:49:5f:
c1:de:5e:6d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZiY9dVN733fWL/rrJH1DA+4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwY2EyZDRjYjNlNTZiNWQyOTk3MGE5N2ZjNjQ1ZWIyZmQ2
ODc2YTEwHhcNMjUwODExMTE0ODI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjQ1OTU3NzMzODBjZjFiZmI2MjE2YWY2N2NiZDYxNTJlMTNjYmYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsFzCFd2ce/uR883Is82H169uKRUw
+5ZK4dXWdJXfgSjYpeL++VNV7eRyh7wMYwnOJCRZFEPUpHZfsMTVMsG9iMg5gmh/
xR1J69uFF2bxuoVwzSYI2Y1j9qLQ5xVFdLUYvwmSSkRvscbPKFhDcQN/842sic/I
iGfRJyAsVXA7uccXm1q1Osw/QkUlf2qL7vPbxaase2VQMPUrY4iVDmLrvRB00Cg7
+1NohnLYjsFTHkAw0lI3MJUInChIYHyr+rUSfoern7T5oSxUeto9JmVxUnPlSnLT
nh6337QREcIHwV4911B1YtzJhQhAbZg3XPT4qyufCka/nLSLQDM4mEdiBwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFE9FlXczgM8b+2IWr2fL1hUuE8vyMB8GA1UdIwQY
MBaAFCDKLUyz5WtdKZcKl/xkXrL9aHahMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSU1vdFRMUGxhMTBwbHdxWF9HUmVzdjFvZHFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC8yYzI4MTctMzcwMS00NzgzLThmYmQt
ZWVjNDg4NWM0ZjhkLzEvVDBXVmR6T0F6eHY3WWhhdlo4dldGUzRUeV9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC8yYzI4MTctMzcwMS00NzgzLThmYmQtZWVjNDg4NWM0Zjhk
LzEvSU1vdFRMUGxhMTBwbHdxWF9HUmVzdjFvZHFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAPnE7AwQA
gABDMA0GCSqGSIb3DQEBCwUAA4IBAQAsc7sGTkim2q1KQhbBGcB8B3DwepscAmD/
kpwypX2egWlahHtAr+9ZiLxzrTucu/aqTHVsIg3F++btpDZVF/o9dAYhZQ44KUNd
6h+Ez+rPM9i9myjC6azq6MXqAZjZVwo8CFwFJqA118LFGBNfVGggyzo9c0iVTh3K
g9d93cHI4Lppy5UNtJJNKCMZu28NVkeCFmcbIEcoo5+uUJgCGYbvzn//NYKcWPFe
P/cXIiRNx+TmXr8Aha5+jNlLrEXUVTQu8R1hIFSJCTLteuaVwtpD0MS8f8R79EUl
AnPWuN05uWJIvMuyJOr+7MX4NDPhtmZQZxjXaF9pZyx/SV/B3l5t
-----END CERTIFICATE-----
Generated at Sat Aug 23 19:54:22 2025 by rpki-client