Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/KApc2VriY3vH3RO-cehMvAdQ_Mg.roa
File: KApc2VriY3vH3RO-cehMvAdQ_Mg.roa (raw, json)
Hash identifier: dQEaO4C1pP95h9tGEJx2RGmSfdTU6JfpV4x4O4Ej5fs=
Subject key identifier: 28:0A:5C:D9:5A:E2:63:7B:C7:DD:13:BE:71:E8:4C:BC:07:50:FC:C8
Certificate issuer: /CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Certificate serial: 019CB957D63A4E1A47D76B4FED008FA83676
Authority key identifier: 62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/KApc2VriY3vH3RO-cehMvAdQ_Mg.roa
Signing time: Wed 04 Mar 2026 14:54:27 +0000
ROA not before: Wed 04 Mar 2026 14:54:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 214833
IP address blocks: 185.189.255.0/24 maxlen: 24
194.147.90.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.mft
rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Mar 2026 16:05:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:b9:57:d6:3a:4e:1a:47:d7:6b:4f:ed:00:8f:a8:36:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Validity
Not Before: Mar 4 14:54:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=280a5cd95ae2637bc7dd13be71e84cbc0750fcc8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:60:82:5b:ae:26:c4:d2:4f:8f:ca:17:19:6c:
b0:b5:05:f7:cf:4a:3b:c9:3d:8c:9d:21:cf:04:5f:
32:f5:32:1f:b0:7a:85:ae:45:60:9e:be:5d:72:2a:
3f:1d:9f:d1:01:c2:bb:e8:75:65:13:12:fb:98:9d:
f0:00:58:70:c5:82:72:4e:b8:0c:e6:e5:95:96:29:
b6:bd:fe:e0:80:d2:dd:32:c2:25:ce:58:d6:14:7f:
30:cc:e9:cf:ce:7d:b8:a9:e1:92:a9:50:c8:38:fa:
fa:7e:e8:aa:b2:60:c9:b7:c2:be:8c:90:b6:6c:49:
81:60:d2:40:41:07:74:35:6d:3f:56:84:a9:dd:da:
77:fe:d0:5f:e0:56:77:a3:55:54:f7:b5:01:51:92:
44:cb:d4:b1:4e:a3:a0:87:90:f8:cb:1b:3c:ee:38:
67:09:c2:73:42:4b:57:71:87:ba:e7:f6:78:35:7f:
50:c2:15:66:d8:65:7c:13:81:60:d2:1f:40:4a:42:
5d:50:f7:70:73:3a:bb:99:25:63:82:a8:43:7a:89:
c9:b8:e3:c8:56:bd:1b:73:72:12:b4:b3:8f:f1:20:
83:58:a4:7e:54:15:8f:26:56:34:59:7d:c3:2e:b1:
6c:59:77:10:cd:fb:d5:62:51:01:63:c9:26:be:4a:
19:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:0A:5C:D9:5A:E2:63:7B:C7:DD:13:BE:71:E8:4C:BC:07:50:FC:C8
X509v3 Authority Key Identifier:
keyid:62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/KApc2VriY3vH3RO-cehMvAdQ_Mg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.189.255.0/24
194.147.90.0/24
Signature Algorithm: sha256WithRSAEncryption
85:a4:ba:58:ee:e2:a8:88:16:91:f0:c6:b8:ff:40:be:7d:4a:
3a:d9:49:c5:5f:ca:28:3b:d9:66:3e:53:4f:e5:88:e2:1a:0e:
99:3c:43:ac:61:3f:74:e3:c9:1f:90:5f:82:62:c1:71:0d:0a:
17:0c:fe:14:cd:21:8a:65:ba:e9:fa:bb:63:0a:bc:67:72:73:
77:f0:0f:25:bd:7b:1b:d4:fb:91:6d:d6:09:e3:d0:f3:8a:10:
b3:5b:4b:85:a4:ff:6f:7e:fd:c8:53:75:cd:7e:aa:84:30:63:
97:ab:57:0b:53:d6:aa:18:e2:38:8f:c4:7d:33:1d:b4:51:26:
c8:1b:7f:2b:7c:68:b0:48:bf:4c:01:1c:88:1e:e4:99:ed:f6:
0a:1f:df:d4:d1:c7:ad:ae:68:02:33:12:dc:b2:fb:7e:b3:04:
5b:73:f0:49:d4:a0:e4:0e:87:81:0c:fa:78:bf:78:02:b1:d4:
2b:4f:bf:9c:57:c9:bc:57:e9:5a:79:be:2e:65:33:00:88:a2:
d9:32:a6:8f:fb:c3:a8:7c:cd:46:93:e1:a7:85:20:6e:a1:a5:
99:b3:88:87:f3:08:f7:10:02:42:a3:5c:64:05:d9:e6:be:61:
00:65:f5:9f:af:26:8e:af:8f:2f:b8:47:cd:5d:03:e3:26:2e:
d8:42:1a:b7
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZy5V9Y6ThpH12tP7QCPqDZ2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMjJlMWMyYTUzMTUzMzRiNjZkODBmNzhkNWI1MGI0MmU0
ODBiOWMwHhcNMjYwMzA0MTQ1NDI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODBhNWNkOTVhZTI2MzdiYzdkZDEzYmU3MWU4NGNiYzA3NTBmY2M4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqWCCW64mxNJPj8oXGWywtQX3z0o7
yT2MnSHPBF8y9TIfsHqFrkVgnr5dcio/HZ/RAcK76HVlExL7mJ3wAFhwxYJyTrgM
5uWVlim2vf7ggNLdMsIlzljWFH8wzOnPzn24qeGSqVDIOPr6fuiqsmDJt8K+jJC2
bEmBYNJAQQd0NW0/VoSp3dp3/tBf4FZ3o1VU97UBUZJEy9SxTqOgh5D4yxs87jhn
CcJzQktXcYe65/Z4NX9QwhVm2GV8E4Fg0h9ASkJdUPdwczq7mSVjgqhDeonJuOPI
Vr0bc3IStLOP8SCDWKR+VBWPJlY0WX3DLrFsWXcQzfvVYlEBY8kmvkoZLQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCgKXNla4mN7x90TvnHoTLwHUPzIMB8GA1UdIwQY
MBaAFGIi4cKlMVM0tm2A941bULQuSAucMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEt
NTczNzAxYzg0ODMzLzEvS0FwYzJWcmlZM3ZIM1JPLWNlaE12QWRRX01nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEtNTczNzAxYzg0ODMz
LzEvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAub3/AwQA
wpNaMA0GCSqGSIb3DQEBCwUAA4IBAQCFpLpY7uKoiBaR8Ma4/0C+fUo62UnFX8oo
O9lmPlNP5YjiGg6ZPEOsYT9048kfkF+CYsFxDQoXDP4UzSGKZbrp+rtjCrxncnN3
8A8lvXsb1PuRbdYJ49DzihCzW0uFpP9vfv3IU3XNfqqEMGOXq1cLU9aqGOI4j8R9
Mx20USbIG38rfGiwSL9MARyIHuSZ7fYKH9/U0cetrmgCMxLcsvt+swRbc/BJ1KDk
DoeBDPp4v3gCsdQrT7+cV8m8V+laeb4uZTMAiKLZMqaP+8OofM1Gk+GnhSBuoaWZ
s4iH8wj3EAJCo1xkBdnmvmEAZfWfryaOr48vuEfNXQPjJi7YQhq3
-----END CERTIFICATE-----
Generated at Thu Mar 5 21:45:31 2026 by rpki-client