Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/7d7e1d-33c0-4342-b259-a7bf3bf902d8/1/KvGrSnuEc1cM9X2Nk9gFAk0Nuqk.roa
File: KvGrSnuEc1cM9X2Nk9gFAk0Nuqk.roa (raw, json)
Hash identifier: HFWxJLi4fAw0JkNdDx7HNRCU+Sz89xJhj6dOpXyk9UI=
Subject key identifier: 2A:F1:AB:4A:7B:84:73:57:0C:F5:7D:8D:93:D8:05:02:4D:0D:BA:A9
Certificate issuer: /CN=576705b557b823086b6a532324bfbba36995cb1c
Certificate serial: 019805A35C03D8A2E25C331F0A6AF85E288A
Authority key identifier: 57:67:05:B5:57:B8:23:08:6B:6A:53:23:24:BF:BB:A3:69:95:CB:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V2cFtVe4IwhralMjJL-7o2mVyxw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/7d7e1d-33c0-4342-b259-a7bf3bf902d8/1/KvGrSnuEc1cM9X2Nk9gFAk0Nuqk.roa
Signing time: Sun 13 Jul 2025 21:14:08 +0000
ROA not before: Sun 13 Jul 2025 21:14:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214098
IP address blocks: 185.56.161.0/24 maxlen: 24
2a07:5c0:1::/48 maxlen: 48
2a07:5c0:2::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cd/7d7e1d-33c0-4342-b259-a7bf3bf902d8/1/V2cFtVe4IwhralMjJL-7o2mVyxw.crl
rsync://rpki.ripe.net/repository/DEFAULT/cd/7d7e1d-33c0-4342-b259-a7bf3bf902d8/1/V2cFtVe4IwhralMjJL-7o2mVyxw.mft
rsync://rpki.ripe.net/repository/DEFAULT/V2cFtVe4IwhralMjJL-7o2mVyxw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 26 Jul 2025 21:00:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:05:a3:5c:03:d8:a2:e2:5c:33:1f:0a:6a:f8:5e:28:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=576705b557b823086b6a532324bfbba36995cb1c
Validity
Not Before: Jul 13 21:14:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2af1ab4a7b8473570cf57d8d93d805024d0dbaa9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:ad:9c:ff:d7:49:c0:e9:af:c2:b6:7e:1c:0d:
b0:aa:1e:b5:68:a2:a4:09:ba:6c:60:af:89:f6:d2:
e8:d7:c5:12:de:7d:91:40:fe:4e:d4:28:86:94:cf:
a3:38:d1:91:e4:95:50:b6:5b:d5:d6:94:fb:61:6c:
3e:b2:12:aa:36:cb:d8:ae:5f:ad:e9:84:c1:45:f0:
e7:c6:4c:20:43:b0:96:50:cc:37:b7:ae:5d:10:7f:
c9:03:06:73:07:a8:90:6f:09:0f:b8:41:3c:96:e3:
f3:31:bd:aa:ef:7a:69:ea:a4:71:2d:ba:35:5b:7b:
f7:52:63:0b:ff:84:a3:96:00:e9:48:f2:07:75:a2:
21:38:f5:e1:40:b4:f1:e3:eb:60:ab:29:76:3e:5c:
79:b4:47:93:64:b9:27:52:29:e0:99:49:b3:67:82:
27:04:7a:65:37:e2:42:40:c5:ea:82:5d:23:af:da:
48:54:0d:9f:e4:29:7c:43:ab:51:d1:e0:a2:0f:28:
36:75:24:66:27:ce:c4:66:4b:f7:a0:d6:db:72:67:
da:2f:97:6b:fd:9b:cb:c0:6a:68:97:3c:c1:3f:59:
00:03:8e:d5:af:30:6a:50:a8:50:02:0c:7f:79:96:
c4:36:26:c6:16:9a:b9:44:13:c5:a1:2d:01:b5:3b:
a9:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:F1:AB:4A:7B:84:73:57:0C:F5:7D:8D:93:D8:05:02:4D:0D:BA:A9
X509v3 Authority Key Identifier:
keyid:57:67:05:B5:57:B8:23:08:6B:6A:53:23:24:BF:BB:A3:69:95:CB:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V2cFtVe4IwhralMjJL-7o2mVyxw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/7d7e1d-33c0-4342-b259-a7bf3bf902d8/1/KvGrSnuEc1cM9X2Nk9gFAk0Nuqk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/7d7e1d-33c0-4342-b259-a7bf3bf902d8/1/V2cFtVe4IwhralMjJL-7o2mVyxw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.56.161.0/24
IPv6:
2a07:5c0:1::-2a07:5c0:2:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
29:98:a0:9d:ef:5c:bb:26:d4:34:e5:43:e8:96:a5:2c:02:18:
7f:ef:ea:86:ca:de:ca:12:10:11:3c:a4:3c:b7:b0:a4:8a:27:
e1:43:dc:cf:3a:6d:eb:9e:45:69:a7:7a:37:bc:a1:4d:cd:bd:
b1:3c:67:9f:cc:c3:95:17:62:99:93:ef:37:bc:a0:76:ee:f1:
ae:b1:21:f5:ae:fd:a1:67:e3:5e:19:aa:23:72:f4:2d:30:04:
06:87:e3:b6:b8:43:ec:e3:12:cb:e5:e8:09:8c:d5:41:05:0a:
e3:69:84:55:e2:06:78:6f:65:7d:47:de:81:35:d4:57:15:d5:
2b:8d:4d:07:f5:fb:df:36:a6:07:47:7b:8e:b4:ad:a3:c8:be:
c9:13:04:e2:5d:74:10:d1:93:e6:03:91:3c:5d:a7:fd:bd:5d:
b2:98:03:fe:17:3e:b7:42:b1:fa:30:68:fb:75:bb:de:72:7b:
5b:07:45:cf:5e:31:0e:52:e6:3c:1d:6a:47:85:c6:ff:37:d8:
66:78:7c:c0:7b:d3:b0:99:94:b0:e3:27:ea:2e:8c:09:7f:9d:
25:53:7e:75:3c:e0:14:dd:c6:21:84:a3:44:01:05:5b:6a:b9:
8d:f1:f9:8b:ca:35:bb:03:db:24:b5:53:cf:df:72:a9:4c:fa:
9a:d1:f7:0f
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZgFo1wD2KLiXDMfCmr4XiiKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3NjcwNWI1NTdiODIzMDg2YjZhNTMyMzI0YmZiYmEzNjk5
NWNiMWMwHhcNMjUwNzEzMjExNDA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYWYxYWI0YTdiODQ3MzU3MGNmNTdkOGQ5M2Q4MDUwMjRkMGRiYWE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8q2c/9dJwOmvwrZ+HA2wqh61aKKk
CbpsYK+J9tLo18US3n2RQP5O1CiGlM+jONGR5JVQtlvV1pT7YWw+shKqNsvYrl+t
6YTBRfDnxkwgQ7CWUMw3t65dEH/JAwZzB6iQbwkPuEE8luPzMb2q73pp6qRxLbo1
W3v3UmML/4SjlgDpSPIHdaIhOPXhQLTx4+tgqyl2Plx5tEeTZLknUingmUmzZ4In
BHplN+JCQMXqgl0jr9pIVA2f5Cl8Q6tR0eCiDyg2dSRmJ87EZkv3oNbbcmfaL5dr
/ZvLwGpolzzBP1kAA47VrzBqUKhQAgx/eZbENibGFpq5RBPFoS0BtTupXwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFCrxq0p7hHNXDPV9jZPYBQJNDbqpMB8GA1UdIwQY
MBaAFFdnBbVXuCMIa2pTIyS/u6NplcscMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjJjRnRWZTRJd2hyYWxNakpMLTdvMm1WeXh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC83ZDdlMWQtMzNjMC00MzQyLWIyNTkt
YTdiZjNiZjkwMmQ4LzEvS3ZHclNudUVjMWNNOVgyTms5Z0ZBazBOdXFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC83ZDdlMWQtMzNjMC00MzQyLWIyNTktYTdiZjNiZjkwMmQ4
LzEvVjJjRnRWZTRJd2hyYWxNakpMLTdvMm1WeXh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAMBAIAATAGAwQAuTihMBoE
AgACMBQwEgMHACoHBcAAAQMHACoHBcAAAjANBgkqhkiG9w0BAQsFAAOCAQEAKZig
ne9cuybUNOVD6JalLAIYf+/qhsreyhIQETykPLewpIon4UPczzpt655Faad6N7yh
Tc29sTxnn8zDlRdimZPvN7ygdu7xrrEh9a79oWfjXhmqI3L0LTAEBofjtrhD7OMS
y+XoCYzVQQUK42mEVeIGeG9lfUfegTXUVxXVK41NB/X73zamB0d7jrSto8i+yRME
4l10ENGT5gORPF2n/b1dspgD/hc+t0Kx+jBo+3W73nJ7WwdFz14xDlLmPB1qR4XG
/zfYZnh8wHvTsJmUsOMn6i6MCX+dJVN+dTzgFN3GIYSjRAEFW2q5jfH5i8o1uwPb
JLVTz99yqUz6mtH3Dw==
-----END CERTIFICATE-----
Generated at Sat Jul 26 06:23:01 2025 by rpki-client