Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/0c0c37-b401-401b-aa65-2cc675726975/1/Kcp5gcp8r-fk_k2q0ABexZpyyfo.roa
File: Kcp5gcp8r-fk_k2q0ABexZpyyfo.roa (raw, json)
Hash identifier: dLvRpPgS0mSohIEsT2azbP1rRmPg71Gd3Dzw9SueGPA=
Subject key identifier: 29:CA:79:81:CA:7C:AF:E7:E4:FE:4D:AA:D0:00:5E:C5:9A:72:C9:FA
Certificate issuer: /CN=5975d519de239cf164cb94a6660c2530ceaef254
Certificate serial: 019A00999EAB6E7CFCA8614DF85D1C0D9468
Authority key identifier: 59:75:D5:19:DE:23:9C:F1:64:CB:94:A6:66:0C:25:30:CE:AE:F2:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WXXVGd4jnPFky5SmZgwlMM6u8lQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/0c0c37-b401-401b-aa65-2cc675726975/1/Kcp5gcp8r-fk_k2q0ABexZpyyfo.roa
Signing time: Mon 20 Oct 2025 07:50:58 +0000
ROA not before: Mon 20 Oct 2025 07:50:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25211
IP address blocks: 85.11.163.0/24 maxlen: 24
85.11.183.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7e/0c0c37-b401-401b-aa65-2cc675726975/1/WXXVGd4jnPFky5SmZgwlMM6u8lQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/7e/0c0c37-b401-401b-aa65-2cc675726975/1/WXXVGd4jnPFky5SmZgwlMM6u8lQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/WXXVGd4jnPFky5SmZgwlMM6u8lQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 25 Oct 2025 08:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:00:99:9e:ab:6e:7c:fc:a8:61:4d:f8:5d:1c:0d:94:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5975d519de239cf164cb94a6660c2530ceaef254
Validity
Not Before: Oct 20 07:50:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=29ca7981ca7cafe7e4fe4daad0005ec59a72c9fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:9a:40:46:0a:a3:1b:91:b1:9b:e3:a0:9e:21:
74:e4:0f:b9:9a:3e:6b:37:53:2f:5a:24:da:cf:2c:
1c:5c:d2:28:55:95:51:6c:9c:4b:0a:c5:bf:f4:07:
8b:db:6c:5a:19:40:c9:13:a8:ff:1c:00:82:fd:24:
80:63:4b:af:32:6b:48:6a:6f:dc:22:ea:4c:f8:7b:
58:e0:5c:b8:69:2c:de:5b:a6:da:c5:58:1c:b3:12:
53:61:96:bc:46:39:d6:ce:9c:36:55:73:d2:08:1e:
69:cb:f4:9d:e2:bc:2a:e3:51:69:32:84:73:20:d0:
a8:fd:be:d7:c7:7a:74:5a:6b:64:38:9d:da:5d:05:
85:be:34:9e:84:9f:48:7b:18:ad:d7:09:6b:2c:d1:
5b:a7:25:e3:1a:f6:b6:24:47:ee:0c:47:c8:62:34:
e7:8b:a8:dd:b2:f4:8a:46:fb:eb:27:53:ba:96:61:
a8:0f:ee:c6:b5:06:56:0f:25:d8:3a:8f:56:c0:61:
86:61:c4:0f:10:08:2f:b9:ee:5a:89:d2:be:f1:2e:
ce:85:0e:04:47:15:9c:a3:05:d9:1b:77:4f:a2:82:
d0:37:cf:0b:cc:61:c3:d0:b7:23:30:eb:fd:cf:4a:
f9:a7:5d:70:d2:46:35:44:04:bd:93:43:fa:21:30:
84:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:CA:79:81:CA:7C:AF:E7:E4:FE:4D:AA:D0:00:5E:C5:9A:72:C9:FA
X509v3 Authority Key Identifier:
keyid:59:75:D5:19:DE:23:9C:F1:64:CB:94:A6:66:0C:25:30:CE:AE:F2:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WXXVGd4jnPFky5SmZgwlMM6u8lQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/0c0c37-b401-401b-aa65-2cc675726975/1/Kcp5gcp8r-fk_k2q0ABexZpyyfo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/0c0c37-b401-401b-aa65-2cc675726975/1/WXXVGd4jnPFky5SmZgwlMM6u8lQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.11.163.0/24
85.11.183.0/24
Signature Algorithm: sha256WithRSAEncryption
72:c9:bc:68:38:63:6b:af:37:11:b5:c8:09:1b:60:cc:12:a0:
68:bc:29:b4:3d:a2:69:d6:b9:35:8b:d2:9f:15:aa:02:7f:ea:
ed:bc:72:3b:fd:2f:07:c8:34:b1:a4:fc:2b:c5:28:54:81:d6:
1e:5e:f0:1c:ad:0b:d6:2b:fc:84:ab:5f:4c:44:e1:7e:2c:be:
e8:50:71:8f:39:d4:dc:97:f5:9e:42:30:73:e2:51:cc:b3:b9:
b4:f1:b9:5c:c1:d6:28:e9:07:e5:90:e8:18:8b:ad:38:50:47:
ba:3a:b5:de:cd:18:f9:df:88:b5:e8:74:fb:d9:64:e0:34:8f:
b5:29:f2:ba:bb:42:3b:67:b2:63:ac:e0:49:f7:72:4e:17:92:
b9:d4:24:b6:93:02:27:bc:62:e5:01:ec:da:65:cc:70:91:7a:
ff:78:ea:e0:d7:43:dc:73:0b:75:9d:7f:d9:ee:cf:d2:48:dd:
ca:70:b1:6e:58:a2:27:49:b7:fd:8b:64:0c:e2:bb:af:50:45:
76:37:1e:74:9f:71:3c:79:3a:4f:8c:74:79:80:ec:98:0d:64:
12:ef:9e:47:b6:02:3e:99:bc:4b:46:c9:ae:9c:cf:e0:be:64:
f3:e8:bc:d0:02:5e:aa:e0:3e:ef:f9:c0:4b:6c:b1:9b:ae:c4:
4a:4f:00:99
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZoAmZ6rbnz8qGFN+F0cDZRoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU5NzVkNTE5ZGUyMzljZjE2NGNiOTRhNjY2MGMyNTMwY2Vh
ZWYyNTQwHhcNMjUxMDIwMDc1MDU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWNhNzk4MWNhN2NhZmU3ZTRmZTRkYWFkMDAwNWVjNTlhNzJjOWZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApppARgqjG5Gxm+OgniF05A+5mj5r
N1MvWiTazywcXNIoVZVRbJxLCsW/9AeL22xaGUDJE6j/HACC/SSAY0uvMmtIam/c
IupM+HtY4Fy4aSzeW6baxVgcsxJTYZa8RjnWzpw2VXPSCB5py/Sd4rwq41FpMoRz
INCo/b7Xx3p0WmtkOJ3aXQWFvjSehJ9Iexit1wlrLNFbpyXjGva2JEfuDEfIYjTn
i6jdsvSKRvvrJ1O6lmGoD+7GtQZWDyXYOo9WwGGGYcQPEAgvue5aidK+8S7OhQ4E
RxWcowXZG3dPooLQN88LzGHD0LcjMOv9z0r5p11w0kY1RAS9k0P6ITCEgQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCnKeYHKfK/n5P5NqtAAXsWacsn6MB8GA1UdIwQY
MBaAFFl11RneI5zxZMuUpmYMJTDOrvJUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV1hYVkdkNGpuUEZreTVTbVpnd2xNTTZ1OGxRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS8wYzBjMzctYjQwMS00MDFiLWFhNjUt
MmNjNjc1NzI2OTc1LzEvS2NwNWdjcDhyLWZrX2sycTBBQmV4WnB5eWZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS8wYzBjMzctYjQwMS00MDFiLWFhNjUtMmNjNjc1NzI2OTc1
LzEvV1hYVkdkNGpuUEZreTVTbVpnd2xNTTZ1OGxRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVQujAwQA
VQu3MA0GCSqGSIb3DQEBCwUAA4IBAQByybxoOGNrrzcRtcgJG2DMEqBovCm0PaJp
1rk1i9KfFaoCf+rtvHI7/S8HyDSxpPwrxShUgdYeXvAcrQvWK/yEq19MROF+LL7o
UHGPOdTcl/WeQjBz4lHMs7m08blcwdYo6QflkOgYi604UEe6OrXezRj534i16HT7
2WTgNI+1KfK6u0I7Z7JjrOBJ93JOF5K51CS2kwInvGLlAezaZcxwkXr/eOrg10Pc
cwt1nX/Z7s/SSN3KcLFuWKInSbf9i2QM4ruvUEV2Nx50n3E8eTpPjHR5gOyYDWQS
755HtgI+mbxLRsmunM/gvmTz6LzQAl6q4D7v+cBLbLGbrsRKTwCZ
-----END CERTIFICATE-----
Generated at Fri Oct 24 18:20:14 2025 by rpki-client