Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/96c040-6109-4221-8cad-36b5680ac368/1/Kipa3kLLXBexBMJFIr2nzsJGfAQ.roa
File: Kipa3kLLXBexBMJFIr2nzsJGfAQ.roa (raw, json)
Hash identifier: MEzxz1fu8r8OcAfHUpLMgUbApSNH2jwTj14hFHpw51I=
Subject key identifier: 2A:2A:5A:DE:42:CB:5C:17:B1:04:C2:45:22:BD:A7:CE:C2:46:7C:04
Certificate issuer: /CN=ec09f0e88663f83a5b6f84f1fee6b42c35c0f8f2
Certificate serial: 019A488A6E24A1C4559D680B2CB04AE3A51E
Authority key identifier: EC:09:F0:E8:86:63:F8:3A:5B:6F:84:F1:FE:E6:B4:2C:35:C0:F8:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7Anw6IZj-Dpbb4Tx_ua0LDXA-PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/96c040-6109-4221-8cad-36b5680ac368/1/Kipa3kLLXBexBMJFIr2nzsJGfAQ.roa
Signing time: Mon 03 Nov 2025 07:07:02 +0000
ROA not before: Mon 03 Nov 2025 07:07:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8247
IP address blocks: 213.232.131.0/24 maxlen: 24
213.232.132.0/24 maxlen: 24
213.232.133.0/24 maxlen: 24
213.232.134.0/24 maxlen: 24
213.232.135.0/24 maxlen: 24
213.232.150.0/24 maxlen: 24
213.232.160.0/24 maxlen: 24
213.232.161.0/24 maxlen: 24
213.232.162.0/24 maxlen: 24
213.232.163.0/24 maxlen: 24
213.232.172.0/24 maxlen: 24
213.232.173.0/24 maxlen: 24
213.232.174.0/24 maxlen: 24
213.232.175.0/24 maxlen: 24
213.232.180.0/24 maxlen: 24
213.232.190.0/24 maxlen: 24
213.232.191.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4d/96c040-6109-4221-8cad-36b5680ac368/1/7Anw6IZj-Dpbb4Tx_ua0LDXA-PI.crl
rsync://rpki.ripe.net/repository/DEFAULT/4d/96c040-6109-4221-8cad-36b5680ac368/1/7Anw6IZj-Dpbb4Tx_ua0LDXA-PI.mft
rsync://rpki.ripe.net/repository/DEFAULT/7Anw6IZj-Dpbb4Tx_ua0LDXA-PI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 04:00:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:48:8a:6e:24:a1:c4:55:9d:68:0b:2c:b0:4a:e3:a5:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ec09f0e88663f83a5b6f84f1fee6b42c35c0f8f2
Validity
Not Before: Nov 3 07:07:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2a2a5ade42cb5c17b104c24522bda7cec2467c04
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:2c:45:cb:af:73:e3:cf:b3:dd:45:e9:26:e5:
33:ba:e6:e2:28:25:96:6c:cf:24:d0:17:c9:ac:9b:
a4:43:49:14:a6:6e:7c:3e:47:ca:14:bc:16:16:a2:
77:20:46:12:cd:97:dc:58:04:d3:65:e0:c8:45:43:
25:e5:6e:04:be:de:0b:cf:ee:31:c5:ae:9e:8d:b5:
bf:40:8c:b3:59:3e:93:c4:9e:17:2b:76:c0:3b:47:
ef:c4:67:19:df:b5:a9:7b:ba:6b:f8:a1:6a:4c:de:
66:19:fa:6a:81:2a:5a:d8:7c:86:39:fc:55:77:7b:
9c:1f:69:c6:0d:d1:93:4d:36:f9:d6:d6:fa:db:bf:
10:14:49:ba:ed:1e:d0:e1:28:bf:74:79:6f:8b:7c:
8d:0a:27:46:85:03:e5:f2:ac:e5:ec:e4:44:3a:2c:
bc:74:0b:7d:b4:46:84:53:8f:86:87:3c:5b:bf:1a:
f4:66:13:7d:5f:73:ec:11:6f:ee:76:43:b1:55:5c:
42:8b:61:97:d4:90:c5:a5:54:6a:05:f7:60:9d:bc:
e9:98:b7:21:d7:76:4a:32:da:d3:4d:7a:f0:b1:19:
c1:ac:ba:54:1d:28:6b:a2:92:df:7f:28:94:a9:a3:
87:ca:22:22:7f:5e:2c:f2:58:a8:e6:5b:2f:5d:c1:
13:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:2A:5A:DE:42:CB:5C:17:B1:04:C2:45:22:BD:A7:CE:C2:46:7C:04
X509v3 Authority Key Identifier:
keyid:EC:09:F0:E8:86:63:F8:3A:5B:6F:84:F1:FE:E6:B4:2C:35:C0:F8:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7Anw6IZj-Dpbb4Tx_ua0LDXA-PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/96c040-6109-4221-8cad-36b5680ac368/1/Kipa3kLLXBexBMJFIr2nzsJGfAQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/96c040-6109-4221-8cad-36b5680ac368/1/7Anw6IZj-Dpbb4Tx_ua0LDXA-PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.232.131.0-213.232.135.255
213.232.150.0/24
213.232.160.0/22
213.232.172.0/22
213.232.180.0/24
213.232.190.0/23
Signature Algorithm: sha256WithRSAEncryption
72:be:49:b8:e2:6a:b1:3e:7f:97:4a:1f:b9:2d:ce:83:7b:a1:
d0:e9:0a:5b:2d:c9:a4:2b:c7:cc:48:b3:c5:f6:1b:5d:43:df:
ef:b1:d2:8c:a2:cf:50:c1:db:0b:04:41:42:0e:9e:01:e4:a9:
92:d2:75:ee:dd:f4:82:a1:05:cd:59:a4:25:93:d1:e0:34:a7:
e4:05:eb:29:e4:8c:9a:d9:01:48:b8:31:59:c0:99:db:43:3d:
a2:2a:1a:63:cb:ea:7a:19:4e:3d:dd:0b:c1:d3:0e:fa:ce:cf:
ef:28:85:93:71:33:2e:84:7f:83:d4:eb:10:21:e8:48:60:dd:
b6:0d:22:7e:32:1b:9d:20:0f:25:6b:1b:8d:e4:77:b1:d8:a7:
a9:9a:2e:67:7b:c1:32:71:be:f2:bc:f6:00:c7:88:33:48:9d:
1a:ca:67:96:f7:7b:87:f9:09:96:c0:dd:3f:7b:db:fe:ee:8c:
b5:90:3f:6f:e9:ed:f2:3a:4b:0d:05:86:0a:c0:89:87:f3:c6:
5e:41:76:d2:16:b2:f7:00:41:1e:3b:2f:9b:cf:c9:08:92:2b:
30:25:bf:09:2e:0d:64:30:70:2b:a6:1d:4a:93:0e:e4:fd:47:
c0:c1:cc:70:23:75:e4:5e:03:dc:60:dc:c3:8d:55:ed:e7:bd:
72:2b:e2:20
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZpIim4kocRVnWgLLLBK46UeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjMDlmMGU4ODY2M2Y4M2E1YjZmODRmMWZlZTZiNDJjMzVj
MGY4ZjIwHhcNMjUxMTAzMDcwNzAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTJhNWFkZTQyY2I1YzE3YjEwNGMyNDUyMmJkYTdjZWMyNDY3YzA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlCxFy69z48+z3UXpJuUzuubiKCWW
bM8k0BfJrJukQ0kUpm58PkfKFLwWFqJ3IEYSzZfcWATTZeDIRUMl5W4Evt4Lz+4x
xa6ejbW/QIyzWT6TxJ4XK3bAO0fvxGcZ37Wpe7pr+KFqTN5mGfpqgSpa2HyGOfxV
d3ucH2nGDdGTTTb51tb6278QFEm67R7Q4Si/dHlvi3yNCidGhQPl8qzl7OREOiy8
dAt9tEaEU4+Ghzxbvxr0ZhN9X3PsEW/udkOxVVxCi2GX1JDFpVRqBfdgnbzpmLch
13ZKMtrTTXrwsRnBrLpUHShropLffyiUqaOHyiIif14s8lio5lsvXcETdQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFCoqWt5Cy1wXsQTCRSK9p87CRnwEMB8GA1UdIwQY
MBaAFOwJ8OiGY/g6W2+E8f7mtCw1wPjyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN0FudzZJWmotRHBiYjRUeF91YTBMRFhBLVBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC85NmMwNDAtNjEwOS00MjIxLThjYWQt
MzZiNTY4MGFjMzY4LzEvS2lwYTNrTExYQmV4Qk1KRklyMm56c0pHZkFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC85NmMwNDAtNjEwOS00MjIxLThjYWQtMzZiNTY4MGFjMzY4
LzEvN0FudzZJWmotRHBiYjRUeF91YTBMRFhBLVBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsMAwDBADV6IMD
BAPV6IADBADV6JYDBALV6KADBALV6KwDBADV6LQDBAHV6L4wDQYJKoZIhvcNAQEL
BQADggEBAHK+SbjiarE+f5dKH7ktzoN7odDpClstyaQrx8xIs8X2G11D3++x0oyi
z1DB2wsEQUIOngHkqZLSde7d9IKhBc1ZpCWT0eA0p+QF6ynkjJrZAUi4MVnAmdtD
PaIqGmPL6noZTj3dC8HTDvrOz+8ohZNxMy6Ef4PU6xAh6Ehg3bYNIn4yG50gDyVr
G43kd7HYp6maLmd7wTJxvvK89gDHiDNInRrKZ5b3e4f5CZbA3T972/7ujLWQP2/p
7fI6Sw0FhgrAiYfzxl5BdtIWsvcAQR47L5vPyQiSKzAlvwkuDWQwcCumHUqTDuT9
R8DBzHAjdeReA9xg3MONVe3nvXIr4iA=
-----END CERTIFICATE-----
Generated at Tue Nov 11 13:57:47 2025 by rpki-client