Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/Kqlp59cNQIWxbpMlG7rfsIQdWaY.roa
File: Kqlp59cNQIWxbpMlG7rfsIQdWaY.roa (raw, json)
Hash identifier: KPymKzBlwUfLVUe90vHDX9VxjZVIfwPy3XALAmoYOtE=
Subject key identifier: 2A:A9:69:E7:D7:0D:40:85:B1:6E:93:25:1B:BA:DF:B0:84:1D:59:A6
Certificate issuer: /CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Certificate serial: 01991F1A5805305E12036E27B3AABB97E9E1
Authority key identifier: D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/Kqlp59cNQIWxbpMlG7rfsIQdWaY.roa
Signing time: Sat 06 Sep 2025 12:57:24 +0000
ROA not before: Sat 06 Sep 2025 12:57:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210369
IP address blocks: 94.74.158.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.mft
rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 07 Sep 2025 11:14:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:1f:1a:58:05:30:5e:12:03:6e:27:b3:aa:bb:97:e9:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Validity
Not Before: Sep 6 12:57:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2aa969e7d70d4085b16e93251bbadfb0841d59a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:e9:4b:37:0d:09:ce:f1:ad:df:4d:f8:b8:ed:
c5:6a:3f:9a:65:b0:cf:0b:b1:30:9d:69:ea:1d:b7:
3c:bc:e1:65:a2:8e:67:ca:4c:a5:5b:4a:83:3e:f0:
01:a3:98:20:2c:96:e3:7e:93:24:e5:1a:06:9a:74:
80:28:fe:2e:ab:8b:e1:77:c1:75:9d:ab:b7:ca:96:
98:8d:85:b4:8d:c4:9f:6c:50:73:c8:50:fc:ab:56:
4c:9a:60:bf:dd:7e:ad:cd:43:69:32:7e:0a:92:f1:
89:06:39:f2:d2:1b:0b:8a:26:2f:5d:44:f6:c9:f0:
c5:93:d5:c8:4b:4b:f8:51:f3:bd:dc:4d:19:37:8b:
4f:b8:0a:ea:1e:c0:e4:f5:2f:bd:4a:0e:d4:4f:06:
8d:fa:97:91:e2:6b:47:16:91:1a:a0:ab:94:8b:b8:
71:95:c4:25:7a:a0:47:07:09:32:71:aa:97:18:90:
2c:70:6c:e8:42:a7:52:30:e2:68:33:74:36:f1:4d:
55:9c:af:6e:a6:f9:12:9e:0f:32:e2:ad:ba:ee:ac:
75:1d:16:9e:fd:4e:e0:64:40:52:cc:9d:f8:53:fa:
94:e4:d1:3b:f6:9e:69:b7:f0:bd:f4:33:0e:51:59:
6c:6b:ae:30:f4:35:36:91:22:ee:5b:23:ae:f2:2b:
1d:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:A9:69:E7:D7:0D:40:85:B1:6E:93:25:1B:BA:DF:B0:84:1D:59:A6
X509v3 Authority Key Identifier:
keyid:D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/Kqlp59cNQIWxbpMlG7rfsIQdWaY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.74.158.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:c1:04:8e:42:06:59:da:b9:62:a9:ad:99:14:16:c1:92:80:
0a:07:51:3d:89:59:3b:1b:79:15:5c:53:e0:62:b3:09:77:fd:
73:5e:a1:91:89:b2:f8:e1:3f:e3:9e:26:08:72:7a:57:b7:1c:
21:62:59:5a:dc:7a:24:f9:22:4c:02:f3:53:31:a2:b2:ea:04:
e3:bf:99:3d:52:0b:9b:7a:92:25:22:fd:28:b4:dc:b2:c8:36:
18:7c:35:45:1e:e0:43:c8:4a:f1:3d:4b:f6:6e:32:ac:7b:99:
98:c6:16:2f:37:c8:90:2e:91:21:33:17:c3:78:5f:31:f7:84:
aa:c3:8e:7e:a8:3c:a2:a3:5c:c8:19:17:4f:cb:2f:31:ec:e9:
c2:67:4e:01:92:53:4c:35:fb:af:34:48:e0:f4:83:db:42:a2:
2c:b0:75:31:a8:4d:06:15:37:10:34:36:ba:3c:9c:fd:d0:0e:
2a:8f:7a:5e:79:ff:65:55:4c:01:f5:db:bc:69:7a:e4:15:4f:
9e:8b:0b:06:a1:51:0a:29:56:4a:1a:09:f4:8d:60:da:4d:fa:
24:54:85:9e:6b:04:40:af:59:aa:82:a7:3b:c8:e6:d6:70:3f:
fa:8c:11:4c:aa:7d:8c:e1:64:2d:b0:fa:a0:52:a3:d0:7f:2b:
43:64:ec:17
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZkfGlgFMF4SA24ns6q7l+nhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MDQ3NWViZTdmMDdkNzQxNTNjYjFjY2EzMzhjMTZkODAx
ZjQ1ZjcwHhcNMjUwOTA2MTI1NzI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYWE5NjllN2Q3MGQ0MDg1YjE2ZTkzMjUxYmJhZGZiMDg0MWQ1OWE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1+lLNw0JzvGt3034uO3Faj+aZbDP
C7EwnWnqHbc8vOFloo5nykylW0qDPvABo5ggLJbjfpMk5RoGmnSAKP4uq4vhd8F1
nau3ypaYjYW0jcSfbFBzyFD8q1ZMmmC/3X6tzUNpMn4KkvGJBjny0hsLiiYvXUT2
yfDFk9XIS0v4UfO93E0ZN4tPuArqHsDk9S+9Sg7UTwaN+peR4mtHFpEaoKuUi7hx
lcQleqBHBwkycaqXGJAscGzoQqdSMOJoM3Q28U1VnK9upvkSng8y4q267qx1HRae
/U7gZEBSzJ34U/qU5NE79p5pt/C99DMOUVlsa64w9DU2kSLuWyOu8isdcQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCqpaefXDUCFsW6TJRu637CEHVmmMB8GA1UdIwQY
MBaAFNYEdevn8H10FTyxzKM4wW2AH0X3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2Mt
NDk2ZjhlYmIyZDYxLzEvS3FscDU5Y05RSVd4YnBNbEc3cmZzSVFkV2FZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2MtNDk2ZjhlYmIyZDYx
LzEvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXkqeMA0G
CSqGSIb3DQEBCwUAA4IBAQAfwQSOQgZZ2rliqa2ZFBbBkoAKB1E9iVk7G3kVXFPg
YrMJd/1zXqGRibL44T/jniYIcnpXtxwhYlla3Hok+SJMAvNTMaKy6gTjv5k9Ugub
epIlIv0otNyyyDYYfDVFHuBDyErxPUv2bjKse5mYxhYvN8iQLpEhMxfDeF8x94Sq
w45+qDyio1zIGRdPyy8x7OnCZ04BklNMNfuvNEjg9IPbQqIssHUxqE0GFTcQNDa6
PJz90A4qj3peef9lVUwB9du8aXrkFU+eiwsGoVEKKVZKGgn0jWDaTfokVIWeawRA
r1mqgqc7yObWcD/6jBFMqn2M4WQtsPqgUqPQfytDZOwX
-----END CERTIFICATE-----
Generated at Sat Sep 6 20:56:57 2025 by rpki-client