Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/0ffb64-efcb-49f5-8342-f9fb38c77c55/1/KFPzXGig6-JZEigfWypf4i7snd8.roa
File: KFPzXGig6-JZEigfWypf4i7snd8.roa (raw, json)
Hash identifier: gMefxtYQn5VqlQav2iaduqr6+qO+sCBpVkf0YedD9mU=
Subject key identifier: 28:53:F3:5C:68:A0:EB:E2:59:12:28:1F:5B:2A:5F:E2:2E:EC:9D:DF
Certificate issuer: /CN=b30e3011a0fb3111fbe8493c1230974aef532704
Certificate serial: 019ECA7DF00022DF7E65464AC8DF0BA907AD
Authority key identifier: B3:0E:30:11:A0:FB:31:11:FB:E8:49:3C:12:30:97:4A:EF:53:27:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sw4wEaD7MRH76Ek8EjCXSu9TJwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/0ffb64-efcb-49f5-8342-f9fb38c77c55/1/KFPzXGig6-JZEigfWypf4i7snd8.roa
Signing time: Mon 15 Jun 2026 08:55:11 +0000
ROA not before: Mon 15 Jun 2026 08:55:11 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 208951
IP address blocks: 31.44.0.0/22 maxlen: 22
31.44.0.0/24 maxlen: 24
31.44.1.0/24 maxlen: 24
31.44.2.0/24 maxlen: 24
31.44.3.0/24 maxlen: 24
31.44.4.0/24 maxlen: 24
31.44.5.0/24 maxlen: 24
31.44.6.0/24 maxlen: 24
31.44.7.0/24 maxlen: 24
45.14.48.0/22 maxlen: 22
45.14.48.0/24 maxlen: 24
45.14.49.0/24 maxlen: 24
45.14.50.0/24 maxlen: 24
45.14.51.0/24 maxlen: 24
45.133.16.0/22 maxlen: 22
45.133.16.0/24 maxlen: 24
45.133.17.0/24 maxlen: 24
45.133.18.0/24 maxlen: 24
45.133.19.0/24 maxlen: 24
45.138.24.0/23 maxlen: 23
45.138.24.0/24 maxlen: 24
45.138.25.0/24 maxlen: 24
45.138.26.0/24 maxlen: 24
45.138.27.0/24 maxlen: 24
78.111.84.0/22 maxlen: 22
78.111.84.0/24 maxlen: 24
78.111.85.0/24 maxlen: 24
78.111.86.0/24 maxlen: 24
78.111.88.0/23 maxlen: 23
78.111.90.0/23 maxlen: 23
78.111.90.0/24 maxlen: 24
78.111.91.0/24 maxlen: 24
92.246.128.0/24 maxlen: 24
92.246.129.0/24 maxlen: 24
92.246.130.0/24 maxlen: 24
92.246.131.0/24 maxlen: 24
94.141.96.0/24 maxlen: 24
94.141.97.0/24 maxlen: 24
94.141.98.0/24 maxlen: 24
109.207.168.0/24 maxlen: 24
109.207.169.0/24 maxlen: 24
109.207.170.0/24 maxlen: 24
109.207.171.0/24 maxlen: 24
109.207.172.0/22 maxlen: 22
109.207.172.0/24 maxlen: 24
109.207.173.0/24 maxlen: 24
109.207.174.0/23 maxlen: 23
188.227.56.0/22 maxlen: 22
188.227.57.0/24 maxlen: 24
188.227.58.0/24 maxlen: 24
188.227.59.0/24 maxlen: 24
188.227.84.0/22 maxlen: 22
188.227.84.0/24 maxlen: 24
188.227.85.0/24 maxlen: 24
188.227.86.0/24 maxlen: 24
188.227.87.0/24 maxlen: 24
188.227.106.0/24 maxlen: 24
188.227.107.0/24 maxlen: 24
2a0e:b80::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1a/0ffb64-efcb-49f5-8342-f9fb38c77c55/1/sw4wEaD7MRH76Ek8EjCXSu9TJwQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/1a/0ffb64-efcb-49f5-8342-f9fb38c77c55/1/sw4wEaD7MRH76Ek8EjCXSu9TJwQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/sw4wEaD7MRH76Ek8EjCXSu9TJwQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 30 Jun 2026 02:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:ca:7d:f0:00:22:df:7e:65:46:4a:c8:df:0b:a9:07:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b30e3011a0fb3111fbe8493c1230974aef532704
Validity
Not Before: Jun 15 08:55:11 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=2853f35c68a0ebe25912281f5b2a5fe22eec9ddf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:31:7c:09:82:05:7a:e8:eb:29:12:87:cd:30:
74:7f:7d:64:29:31:a8:2a:84:61:25:1e:43:3e:3b:
c1:66:77:80:17:fe:87:54:2d:a5:be:f7:13:14:3c:
dc:8d:ac:cb:56:2e:cb:ba:f3:56:e2:48:34:ed:b9:
a3:f9:a5:c4:8d:37:af:67:31:27:66:1d:c3:29:e0:
75:45:0e:73:2d:4c:bf:ea:8f:97:7c:0d:41:f7:a2:
ea:03:d6:90:fd:1d:dd:04:1b:39:48:2d:2b:81:57:
fa:6e:bd:91:b3:b1:31:f3:28:3d:34:b6:bc:d7:af:
4d:b0:93:ae:45:60:c7:75:d7:82:4e:ea:a2:9a:3e:
35:f7:df:5d:4d:31:7e:3b:54:dc:04:04:8e:4a:15:
46:3e:ba:1b:ab:f3:bb:39:67:ba:79:ed:99:41:83:
e9:c1:29:26:93:ef:d0:de:d8:f2:a6:d0:86:ef:b6:
27:13:08:c7:4f:12:2c:de:45:d2:be:3a:f0:a1:59:
8b:8f:7a:15:3f:55:00:b5:f4:5e:56:93:06:30:00:
a3:87:f2:13:69:6f:9c:00:b4:eb:24:8b:fa:5a:54:
19:ec:ed:8e:41:e1:bf:5f:33:c3:c4:69:ff:66:47:
6f:ec:96:b1:d2:ba:cd:3c:39:4b:63:0a:d5:17:fc:
4e:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:53:F3:5C:68:A0:EB:E2:59:12:28:1F:5B:2A:5F:E2:2E:EC:9D:DF
X509v3 Authority Key Identifier:
keyid:B3:0E:30:11:A0:FB:31:11:FB:E8:49:3C:12:30:97:4A:EF:53:27:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sw4wEaD7MRH76Ek8EjCXSu9TJwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/0ffb64-efcb-49f5-8342-f9fb38c77c55/1/KFPzXGig6-JZEigfWypf4i7snd8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/0ffb64-efcb-49f5-8342-f9fb38c77c55/1/sw4wEaD7MRH76Ek8EjCXSu9TJwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.44.0.0/21
45.14.48.0/22
45.133.16.0/22
45.138.24.0/22
78.111.84.0-78.111.91.255
92.246.128.0/22
94.141.96.0-94.141.98.255
109.207.168.0/21
188.227.56.0/22
188.227.84.0/22
188.227.106.0/23
IPv6:
2a0e:b80::/29
Signature Algorithm: sha256WithRSAEncryption
76:a9:f4:80:5d:34:40:57:fa:74:4c:20:90:9e:b2:27:d9:83:
0b:cc:6f:9a:0f:75:0e:b0:32:65:de:9f:3a:d4:85:3f:88:4a:
cc:f9:cb:f1:23:7b:c3:b5:c5:c2:fb:c6:f4:d3:f1:43:cf:c5:
e7:fa:8c:a0:42:ab:b2:0f:ea:b5:9c:95:d2:df:f0:f5:d5:12:
cb:f4:ea:fe:63:8f:44:5b:e2:32:ce:77:4e:7f:f8:b2:5a:84:
cb:a8:c8:e8:1b:e1:d6:db:1c:24:1e:c8:e1:8c:fe:9a:71:72:
c8:a7:cd:ea:64:0f:d9:50:c7:9d:85:5d:47:77:0d:54:58:98:
98:58:6f:fb:b0:27:08:87:43:aa:92:1a:72:9c:98:ea:76:e0:
f3:97:19:6d:60:c2:0c:f3:f6:23:b6:14:79:59:60:7f:93:56:
de:df:b4:ac:4a:dd:49:36:45:ee:3f:bb:73:27:f4:e9:f5:db:
e0:5c:78:4d:a4:96:24:55:3c:71:2d:72:bc:b2:2f:cd:5a:bc:
7f:c8:5d:a0:79:aa:ad:ab:65:95:d2:54:f9:82:57:58:ac:82:
b0:4e:6d:42:52:a4:83:33:c8:1d:23:20:1d:2d:2a:e1:1b:6f:
f8:d1:d3:99:a7:87:89:4c:9f:aa:1e:b9:6e:a6:a8:75:3e:94:
24:9b:49:00
-----BEGIN CERTIFICATE-----
MIIFWDCCBECgAwIBAgISAZ7KffAAIt9+ZUZKyN8LqQetMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzMGUzMDExYTBmYjMxMTFmYmU4NDkzYzEyMzA5NzRhZWY1
MzI3MDQwHhcNMjYwNjE1MDg1NTExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODUzZjM1YzY4YTBlYmUyNTkxMjI4MWY1YjJhNWZlMjJlZWM5ZGRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1jF8CYIFeujrKRKHzTB0f31kKTGo
KoRhJR5DPjvBZneAF/6HVC2lvvcTFDzcjazLVi7LuvNW4kg07bmj+aXEjTevZzEn
Zh3DKeB1RQ5zLUy/6o+XfA1B96LqA9aQ/R3dBBs5SC0rgVf6br2Rs7Ex8yg9NLa8
169NsJOuRWDHddeCTuqimj41999dTTF+O1TcBASOShVGProbq/O7OWe6ee2ZQYPp
wSkmk+/Q3tjyptCG77YnEwjHTxIs3kXSvjrwoVmLj3oVP1UAtfReVpMGMACjh/IT
aW+cALTrJIv6WlQZ7O2OQeG/XzPDxGn/Zkdv7Jax0rrNPDlLYwrVF/xONQIDAQAB
o4ICZDCCAmAwHQYDVR0OBBYEFChT81xooOviWRIoH1sqX+Iu7J3fMB8GA1UdIwQY
MBaAFLMOMBGg+zER++hJPBIwl0rvUycEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3c0d0VhRDdNUkg3NkVrOEVqQ1hTdTlUSndRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS8wZmZiNjQtZWZjYi00OWY1LTgzNDIt
ZjlmYjM4Yzc3YzU1LzEvS0ZQelhHaWc2LUpaRWlnZld5cGY0aTdzbmQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS8wZmZiNjQtZWZjYi00OWY1LTgzNDItZjlmYjM4Yzc3YzU1
LzEvc3c0d0VhRDdNUkg3NkVrOEVqQ1hTdTlUSndRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHoGCCsGAQUFBwEHAQH/BGswaTBYBAIAATBSAwQDHywAAwQC
LQ4wAwQCLYUQAwQCLYoYMAwDBAJOb1QDBAJOb1gDBAJc9oAwDAMEBV6NYAMEAF6N
YgMEA23PqAMEArzjOAMEArzjVAMEAbzjajANBAIAAjAHAwUDKg4LgDANBgkqhkiG
9w0BAQsFAAOCAQEAdqn0gF00QFf6dEwgkJ6yJ9mDC8xvmg91DrAyZd6fOtSFP4hK
zPnL8SN7w7XFwvvG9NPxQ8/F5/qMoEKrsg/qtZyV0t/w9dUSy/Tq/mOPRFviMs53
Tn/4slqEy6jI6Bvh1tscJB7I4Yz+mnFyyKfN6mQP2VDHnYVdR3cNVFiYmFhv+7An
CIdDqpIacpyY6nbg85cZbWDCDPP2I7YUeVlgf5NW3t+0rErdSTZF7j+7cyf06fXb
4Fx4TaSWJFU8cS1yvLIvzVq8f8hdoHmqratlldJU+YJXWKyCsE5tQlKkgzPIHSMg
HS0q4Rtv+NHTmaeHiUyfqh65bqaodT6UJJtJAA==
-----END CERTIFICATE-----
Generated at Mon Jun 29 10:35:32 2026 by rpki-client