Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/993772-5fba-40bf-b721-6c3950194370/1/KKPvuphxl-jCXx-t6E5TKLh7ouE.roa
File: KKPvuphxl-jCXx-t6E5TKLh7ouE.roa (raw, json)
Hash identifier: ghQPL+5j3H9Pp1Ju//l14r1R97GRHHIGE3fwtOKGTjA=
Subject key identifier: 28:A3:EF:BA:98:71:97:E8:C2:5F:1F:AD:E8:4E:53:28:B8:7B:A2:E1
Certificate issuer: /CN=8353accb94e10cf8c2c29679067ee39099f404d3
Certificate serial: 019E92A7C9DCB60D42EEA41BCBA937EC3C32
Authority key identifier: 83:53:AC:CB:94:E1:0C:F8:C2:C2:96:79:06:7E:E3:90:99:F4:04:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/g1Osy5ThDPjCwpZ5Bn7jkJn0BNM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/993772-5fba-40bf-b721-6c3950194370/1/KKPvuphxl-jCXx-t6E5TKLh7ouE.roa
Signing time: Thu 04 Jun 2026 12:42:09 +0000
ROA not before: Thu 04 Jun 2026 12:42:09 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 44375
IP address blocks: 93.126.0.0/18 maxlen: 18
93.126.9.0/24 maxlen: 24
193.178.200.0/22 maxlen: 22
193.178.200.0/24 maxlen: 24
193.178.201.0/24 maxlen: 24
193.178.202.0/24 maxlen: 24
2a13:f140::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8c/993772-5fba-40bf-b721-6c3950194370/1/g1Osy5ThDPjCwpZ5Bn7jkJn0BNM.crl
rsync://rpki.ripe.net/repository/DEFAULT/8c/993772-5fba-40bf-b721-6c3950194370/1/g1Osy5ThDPjCwpZ5Bn7jkJn0BNM.mft
rsync://rpki.ripe.net/repository/DEFAULT/g1Osy5ThDPjCwpZ5Bn7jkJn0BNM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 22:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:92:a7:c9:dc:b6:0d:42:ee:a4:1b:cb:a9:37:ec:3c:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8353accb94e10cf8c2c29679067ee39099f404d3
Validity
Not Before: Jun 4 12:42:09 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=28a3efba987197e8c25f1fade84e5328b87ba2e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:bc:20:b7:69:d4:de:f4:eb:38:58:97:14:65:
32:ac:8e:86:1e:0b:47:c4:a8:70:47:5d:2e:80:5d:
70:77:0d:0a:29:0a:f6:09:7a:a0:d4:8d:41:d5:07:
c5:f7:47:51:86:e3:57:4d:e2:e6:75:81:1c:4b:34:
19:8e:4e:1e:e6:53:3f:df:60:91:b7:67:e6:6f:ba:
f0:bf:57:b9:40:ec:dd:cc:e7:0c:e9:e5:90:b3:22:
fc:0a:f5:07:43:97:d2:55:6d:e5:b2:1e:4b:20:9b:
ec:5e:b8:e3:4e:0b:e1:e5:3a:fd:ea:a3:7a:25:9c:
6b:2d:7a:be:e9:f9:27:db:21:3f:e3:89:1d:00:d5:
04:6a:fc:3e:2d:a8:d3:40:96:0b:9c:af:79:34:b0:
ce:47:ee:0f:12:b3:9d:e4:39:26:d3:ba:ee:50:22:
ab:f1:31:65:23:01:52:5f:53:0c:0b:6b:06:5b:e8:
bb:76:8c:4c:45:56:3c:60:3a:ad:0f:8a:b8:b5:72:
25:1e:02:e0:54:92:42:18:4e:cc:40:60:92:06:8f:
d6:18:e2:2e:0d:f6:91:8a:7b:b8:90:97:33:c4:26:
9c:63:f3:32:0e:96:ae:3e:c1:19:5f:7a:92:4c:d6:
75:0b:a8:75:03:0d:0e:61:50:37:66:57:76:91:1a:
15:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:A3:EF:BA:98:71:97:E8:C2:5F:1F:AD:E8:4E:53:28:B8:7B:A2:E1
X509v3 Authority Key Identifier:
keyid:83:53:AC:CB:94:E1:0C:F8:C2:C2:96:79:06:7E:E3:90:99:F4:04:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g1Osy5ThDPjCwpZ5Bn7jkJn0BNM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/993772-5fba-40bf-b721-6c3950194370/1/KKPvuphxl-jCXx-t6E5TKLh7ouE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/993772-5fba-40bf-b721-6c3950194370/1/g1Osy5ThDPjCwpZ5Bn7jkJn0BNM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.126.0.0/18
193.178.200.0/22
IPv6:
2a13:f140::/29
Signature Algorithm: sha256WithRSAEncryption
07:e3:00:d3:34:8c:c4:b2:46:38:e5:80:22:ce:83:81:53:a5:
9a:49:58:23:78:c0:50:e6:df:8e:4a:7f:1f:1f:25:7b:50:17:
6c:3b:ee:eb:14:d2:98:3c:e5:94:30:8b:87:60:22:94:4f:ef:
67:c8:50:ae:4a:66:ff:46:4c:36:d9:c8:1c:51:ee:8b:46:c1:
d0:10:2c:0b:71:0d:e6:b4:c4:06:63:8f:f3:ce:81:27:db:a4:
09:b1:53:fe:5d:a2:36:44:c0:6f:d0:99:a4:3d:32:ad:97:82:
50:2f:73:0f:ea:62:74:0f:0d:35:ef:bd:ce:ff:48:d8:61:d9:
1e:b6:0f:61:53:b4:d6:f0:6f:d0:b3:13:ff:31:40:d2:2a:90:
60:70:a3:f2:3a:2e:88:09:ef:c9:a0:af:c5:19:0e:86:e0:a5:
2a:33:db:65:89:48:dc:e6:d2:da:29:e6:fb:06:d2:11:47:9a:
4f:53:86:ae:dc:ea:34:b9:5a:f4:aa:3d:43:1e:38:58:9c:33:
99:11:7c:fc:66:3a:45:9e:22:6b:7c:f8:32:b9:04:ff:9b:a4:
cf:b2:5c:31:89:cc:46:ea:c4:9f:9d:79:d0:1e:51:d8:fb:b5:
bb:91:d8:67:70:ab:c8:00:22:1d:00:93:ab:0b:b3:e8:b5:2f:
8a:59:29:45
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZ6Sp8nctg1C7qQby6k37DwyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzNTNhY2NiOTRlMTBjZjhjMmMyOTY3OTA2N2VlMzkwOTlm
NDA0ZDMwHhcNMjYwNjA0MTI0MjA5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGEzZWZiYTk4NzE5N2U4YzI1ZjFmYWRlODRlNTMyOGI4N2JhMmUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAubwgt2nU3vTrOFiXFGUyrI6GHgtH
xKhwR10ugF1wdw0KKQr2CXqg1I1B1QfF90dRhuNXTeLmdYEcSzQZjk4e5lM/32CR
t2fmb7rwv1e5QOzdzOcM6eWQsyL8CvUHQ5fSVW3lsh5LIJvsXrjjTgvh5Tr96qN6
JZxrLXq+6fkn2yE/44kdANUEavw+LajTQJYLnK95NLDOR+4PErOd5Dkm07ruUCKr
8TFlIwFSX1MMC2sGW+i7doxMRVY8YDqtD4q4tXIlHgLgVJJCGE7MQGCSBo/WGOIu
DfaRinu4kJczxCacY/MyDpauPsEZX3qSTNZ1C6h1Aw0OYVA3Zld2kRoVAwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFCij77qYcZfowl8frehOUyi4e6LhMB8GA1UdIwQY
MBaAFINTrMuU4Qz4wsKWeQZ+45CZ9ATTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZzFPc3k1VGhEUGpDd3BaNUJuN2prSm4wQk5NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy85OTM3NzItNWZiYS00MGJmLWI3MjEt
NmMzOTUwMTk0MzcwLzEvS0tQdnVwaHhsLWpDWHgtdDZFNVRLTGg3b3VFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy85OTM3NzItNWZiYS00MGJmLWI3MjEtNmMzOTUwMTk0Mzcw
LzEvZzFPc3k1VGhEUGpDd3BaNUJuN2prSm4wQk5NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQGXX4AAwQC
wbLIMA0EAgACMAcDBQMqE/FAMA0GCSqGSIb3DQEBCwUAA4IBAQAH4wDTNIzEskY4
5YAizoOBU6WaSVgjeMBQ5t+OSn8fHyV7UBdsO+7rFNKYPOWUMIuHYCKUT+9nyFCu
Smb/Rkw22cgcUe6LRsHQECwLcQ3mtMQGY4/zzoEn26QJsVP+XaI2RMBv0JmkPTKt
l4JQL3MP6mJ0Dw01773O/0jYYdketg9hU7TW8G/QsxP/MUDSKpBgcKPyOi6ICe/J
oK/FGQ6G4KUqM9tliUjc5tLaKeb7BtIRR5pPU4au3Oo0uVr0qj1DHjhYnDOZEXz8
ZjpFniJrfPgyuQT/m6TPslwxicxG6sSfnXnQHlHY+7W7kdhncKvIACIdAJOrC7Po
tS+KWSlF
-----END CERTIFICATE-----
Generated at Fri Jun 12 07:48:51 2026 by rpki-client