Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/e862de-c46c-4f21-b38e-eb5bc7d97aa0/1/kpBZgUoI5SVEvkUD2itySup6KcI.roa
File: kpBZgUoI5SVEvkUD2itySup6KcI.roa (raw, json)
Hash identifier: XeEaX76YfLu7oqRet3KoyuM4S4TCuYJpZv/8fGXU5lk=
Subject key identifier: 92:90:59:81:4A:08:E5:25:44:BE:45:03:DA:2B:72:4A:EA:7A:29:C2
Certificate issuer: /CN=ea46963cc479dadbe3c52234ab9fabaa8122d25b
Certificate serial: 0198EA3E8BAF795965945480E2A68AAF9569
Authority key identifier: EA:46:96:3C:C4:79:DA:DB:E3:C5:22:34:AB:9F:AB:AA:81:22:D2:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6kaWPMR52tvjxSI0q5-rqoEi0ls.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/e862de-c46c-4f21-b38e-eb5bc7d97aa0/1/kpBZgUoI5SVEvkUD2itySup6KcI.roa
Signing time: Wed 27 Aug 2025 06:37:04 +0000
ROA not before: Wed 27 Aug 2025 06:37:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 91.195.242.0/23 maxlen: 24
124.198.192.0/19 maxlen: 24
139.66.0.0/16 maxlen: 24
147.204.0.0/16 maxlen: 24
155.56.0.0/16 maxlen: 24
194.39.128.0/21 maxlen: 24
194.39.136.0/22 maxlen: 24
194.45.236.0/23 maxlen: 24
194.55.88.0/22 maxlen: 24
202.89.128.0/20 maxlen: 24
217.77.240.0/20 maxlen: 24
2a00:fe00::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7b/e862de-c46c-4f21-b38e-eb5bc7d97aa0/1/6kaWPMR52tvjxSI0q5-rqoEi0ls.crl
rsync://rpki.ripe.net/repository/DEFAULT/7b/e862de-c46c-4f21-b38e-eb5bc7d97aa0/1/6kaWPMR52tvjxSI0q5-rqoEi0ls.mft
rsync://rpki.ripe.net/repository/DEFAULT/6kaWPMR52tvjxSI0q5-rqoEi0ls.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 21:00:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:ea:3e:8b:af:79:59:65:94:54:80:e2:a6:8a:af:95:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ea46963cc479dadbe3c52234ab9fabaa8122d25b
Validity
Not Before: Aug 27 06:37:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=929059814a08e52544be4503da2b724aea7a29c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:c8:e9:61:89:a6:7c:d7:fc:97:14:9b:67:33:
fd:2e:1a:68:0a:67:f3:85:50:da:d6:1e:76:84:75:
b9:02:5e:a2:2c:a4:d4:c0:30:15:41:dd:ce:80:25:
84:21:0b:0f:38:09:47:ae:e6:f9:03:30:cb:a8:16:
c8:14:02:46:7f:a8:92:44:1d:ce:0a:a7:93:79:05:
97:3b:bf:22:c1:38:c7:bd:98:17:52:d0:40:80:23:
5e:f3:cd:e5:ff:24:00:6e:d5:da:3e:c4:8d:3a:fa:
32:d2:f0:82:b9:6e:c6:81:dd:cb:85:03:c3:31:34:
6d:d4:1b:0f:07:61:cc:19:a9:70:a4:72:99:00:3a:
d2:07:42:a0:7e:10:f6:8c:59:c5:ec:4a:81:5e:ef:
02:8f:75:a0:a5:af:e4:91:a6:f1:e4:d4:af:93:ce:
ef:5b:41:51:bb:be:66:95:44:a6:6f:ec:6d:2f:3b:
0e:3e:24:84:01:91:da:7b:70:be:ce:d7:14:76:90:
70:58:b3:21:14:0e:fd:66:26:3e:e7:f6:7e:ee:d2:
e1:53:5a:44:18:b6:e6:0b:52:1c:e8:ab:8e:76:30:
db:1f:ae:b8:7e:ee:98:2f:61:27:71:2e:5f:e7:2e:
e3:cd:6c:78:50:75:b4:25:f0:99:7a:a3:c3:8d:f0:
1b:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:90:59:81:4A:08:E5:25:44:BE:45:03:DA:2B:72:4A:EA:7A:29:C2
X509v3 Authority Key Identifier:
keyid:EA:46:96:3C:C4:79:DA:DB:E3:C5:22:34:AB:9F:AB:AA:81:22:D2:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6kaWPMR52tvjxSI0q5-rqoEi0ls.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/e862de-c46c-4f21-b38e-eb5bc7d97aa0/1/kpBZgUoI5SVEvkUD2itySup6KcI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/e862de-c46c-4f21-b38e-eb5bc7d97aa0/1/6kaWPMR52tvjxSI0q5-rqoEi0ls.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.195.242.0/23
124.198.192.0/19
139.66.0.0/16
147.204.0.0/16
155.56.0.0/16
194.39.128.0-194.39.139.255
194.45.236.0/23
194.55.88.0/22
202.89.128.0/20
217.77.240.0/20
IPv6:
2a00:fe00::/32
Signature Algorithm: sha256WithRSAEncryption
8a:2b:af:9f:b8:a9:ff:70:ba:5f:9b:8b:49:c8:2f:59:fb:c7:
c8:be:ec:0c:67:52:35:bd:a7:77:37:bc:c0:a7:f1:8c:3f:bd:
93:eb:30:b7:84:3e:51:7e:2c:15:cd:b3:46:78:21:8f:86:7b:
fc:c0:a3:f1:52:14:66:b2:b7:14:a4:c0:3e:dd:64:72:5f:a2:
d0:cf:72:c7:6d:d5:8c:01:60:7e:df:3b:f7:cd:c8:54:23:13:
a3:fa:94:a2:f0:de:f3:92:44:2d:56:5f:e6:1b:dd:c2:8a:47:
48:21:31:d7:ea:b1:39:99:08:31:13:6c:e2:2b:25:60:d2:80:
56:a9:de:67:4e:8c:00:ed:10:82:08:39:e8:a8:49:3a:89:d4:
97:88:29:c7:d1:26:e9:09:0b:c7:ff:64:f4:65:5d:bb:99:19:
49:5c:ab:56:22:5a:76:7d:8d:40:12:9d:83:e7:91:96:fe:4f:
11:0b:8f:1d:0d:0d:d5:fa:5a:90:41:6e:64:46:50:05:fc:f2:
53:91:60:83:05:10:cd:0f:f8:3d:c6:da:18:f7:cf:c2:bd:b2:
34:31:ed:74:92:f1:b9:67:11:3d:13:47:ac:6b:74:f8:9e:70:
b0:b7:68:54:89:7b:a3:78:21:6b:ed:54:d3:2e:60:65:41:12:
ab:97:b4:aa
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgISAZjqPouveVlllFSA4qaKr5VpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhNDY5NjNjYzQ3OWRhZGJlM2M1MjIzNGFiOWZhYmFhODEy
MmQyNWIwHhcNMjUwODI3MDYzNzA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjkwNTk4MTRhMDhlNTI1NDRiZTQ1MDNkYTJiNzI0YWVhN2EyOWMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAscjpYYmmfNf8lxSbZzP9LhpoCmfz
hVDa1h52hHW5Al6iLKTUwDAVQd3OgCWEIQsPOAlHrub5AzDLqBbIFAJGf6iSRB3O
CqeTeQWXO78iwTjHvZgXUtBAgCNe883l/yQAbtXaPsSNOvoy0vCCuW7Ggd3LhQPD
MTRt1BsPB2HMGalwpHKZADrSB0KgfhD2jFnF7EqBXu8Cj3Wgpa/kkabx5NSvk87v
W0FRu75mlUSmb+xtLzsOPiSEAZHae3C+ztcUdpBwWLMhFA79ZiY+5/Z+7tLhU1pE
GLbmC1Ic6KuOdjDbH664fu6YL2EncS5f5y7jzWx4UHW0JfCZeqPDjfAbxQIDAQAB
o4ICUzCCAk8wHQYDVR0OBBYEFJKQWYFKCOUlRL5FA9orckrqeinCMB8GA1UdIwQY
MBaAFOpGljzEedrb48UiNKufq6qBItJbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNmthV1BNUjUydHZqeFNJMHE1LXJxb0VpMGxzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi9lODYyZGUtYzQ2Yy00ZjIxLWIzOGUt
ZWI1YmM3ZDk3YWEwLzEva3BCWmdVb0k1U1ZFdmtVRDJpdHlTdXA2S2NJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi9lODYyZGUtYzQ2Yy00ZjIxLWIzOGUtZWI1YmM3ZDk3YWEw
LzEvNmthV1BNUjUydHZqeFNJMHE1LXJxb0VpMGxzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGkGCCsGAQUFBwEHAQH/BFowWDBHBAIAATBBAwQBW8PyAwQF
fMbAAwMAi0IDAwCTzAMDAJs4MAwDBAfCJ4ADBALCJ4gDBAHCLewDBALCN1gDBATK
WYADBATZTfAwDQQCAAIwBwMFACoA/gAwDQYJKoZIhvcNAQELBQADggEBAIorr5+4
qf9wul+bi0nIL1n7x8i+7AxnUjW9p3c3vMCn8Yw/vZPrMLeEPlF+LBXNs0Z4IY+G
e/zAo/FSFGaytxSkwD7dZHJfotDPcsdt1YwBYH7fO/fNyFQjE6P6lKLw3vOSRC1W
X+Yb3cKKR0ghMdfqsTmZCDETbOIrJWDSgFap3mdOjADtEIIIOeioSTqJ1JeIKcfR
JukJC8f/ZPRlXbuZGUlcq1YiWnZ9jUASnYPnkZb+TxELjx0NDdX6WpBBbmRGUAX8
8lORYIMFEM0P+D3G2hj3z8K9sjQx7XSS8blnET0TR6xrdPiecLC3aFSJe6N4IWvt
VNMuYGVBEquXtKo=
-----END CERTIFICATE-----
Generated at Mon Sep 8 05:09:40 2025 by rpki-client