Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/KPdWvyZQLm2EIjDjtyxzqnj4DcQ.roa
File: KPdWvyZQLm2EIjDjtyxzqnj4DcQ.roa (raw, json)
Hash identifier: RACyoOqs1cWZQrBckWCRm1eqJcmZZQUmskdufw7KR2M=
Subject key identifier: 28:F7:56:BF:26:50:2E:6D:84:22:30:E3:B7:2C:73:AA:78:F8:0D:C4
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 01991D526F968280C303A5A1FDD4020FA6C9
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/KPdWvyZQLm2EIjDjtyxzqnj4DcQ.roa
Signing time: Sat 06 Sep 2025 04:39:25 +0000
ROA not before: Sat 06 Sep 2025 04:39:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60439
IP address blocks: 151.243.28.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Oct 2025 00:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:1d:52:6f:96:82:80:c3:03:a5:a1:fd:d4:02:0f:a6:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Sep 6 04:39:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=28f756bf26502e6d842230e3b72c73aa78f80dc4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:6d:e7:6f:6b:a2:3b:be:22:48:e8:7c:03:d5:
75:e5:2e:90:dd:d0:4b:4c:24:a8:8c:84:06:59:38:
64:3a:3a:c1:7b:95:83:c2:b2:7f:2d:b6:da:2d:9c:
e9:56:74:b1:23:29:d7:fa:b0:82:58:ce:ee:b3:1f:
89:af:59:d9:64:c8:bc:2e:fb:69:4a:6b:7b:f0:02:
f1:81:9e:d2:03:f8:94:36:05:b1:e0:7b:08:92:e8:
34:88:a8:b5:1a:85:83:68:bf:ce:9e:bc:01:77:eb:
a8:98:43:5d:49:dc:39:68:8e:fe:b1:b1:a4:55:ba:
d4:2f:4a:d5:45:2a:50:b8:e3:23:25:a1:3f:e5:cf:
b0:38:7d:05:be:28:c5:0b:e9:36:ee:ac:7f:86:3e:
d4:36:f8:f0:e6:ea:5e:80:e9:c8:c3:36:34:71:86:
dd:d6:41:26:ec:d2:72:86:45:18:0e:65:83:38:66:
f8:35:e4:ec:22:f9:9e:58:d3:cc:02:5f:f2:83:1e:
8e:e3:66:11:31:f7:04:48:6f:68:7f:d4:22:7e:68:
4f:4e:31:18:b7:2b:15:91:4c:23:c2:b3:5a:74:f1:
2f:4d:9c:ce:b9:2b:c5:ac:8f:58:bf:65:b5:4b:b1:
a6:8c:e5:08:53:53:8f:18:64:8a:19:57:14:04:26:
cd:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:F7:56:BF:26:50:2E:6D:84:22:30:E3:B7:2C:73:AA:78:F8:0D:C4
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/KPdWvyZQLm2EIjDjtyxzqnj4DcQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.243.28.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:e6:9c:77:ad:fd:05:2e:f0:4e:b8:7c:94:d6:b1:f1:01:19:
db:d6:12:0d:a2:69:32:1b:8f:1d:55:80:0d:52:7a:b6:59:1b:
72:8b:fb:22:dd:4c:4a:bc:9a:42:6c:a3:fc:78:ff:cc:93:3e:
3c:9b:92:a1:14:d0:a9:b1:c3:50:b9:0d:57:66:18:cb:a1:d0:
98:7f:24:1c:01:46:b7:82:a2:22:be:e1:19:ac:0c:50:10:0e:
b7:c8:67:59:7d:36:1f:c7:54:14:8b:b7:f1:3d:b6:fb:5a:01:
99:db:1e:82:b2:5c:d4:27:7b:bb:c9:f2:bd:69:a8:3b:78:a6:
27:ad:b5:31:d7:19:eb:08:5b:32:79:2e:bb:ab:c8:07:a4:5c:
50:c9:20:c1:cc:dd:30:b1:4a:73:73:78:32:e7:fa:f9:03:9d:
ed:04:7e:65:ec:f7:8e:57:79:5d:88:ad:9d:0b:88:f0:1e:40:
33:2a:5e:96:aa:8b:e6:78:fa:47:39:9d:7d:34:4d:15:53:b5:
27:3e:ee:62:66:03:3c:9e:b9:26:8e:54:cb:be:b9:5b:d6:9a:
b4:7c:1d:60:65:63:ce:6c:67:88:a1:a7:27:8b:f1:22:26:55:
d1:83:b2:af:fb:a8:ba:f2:bf:aa:68:f8:9d:c8:25:64:bb:13:
23:8a:4e:e2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZkdUm+WgoDDA6Wh/dQCD6bJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwOTA2MDQzOTI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGY3NTZiZjI2NTAyZTZkODQyMjMwZTNiNzJjNzNhYTc4ZjgwZGM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwG3nb2uiO74iSOh8A9V15S6Q3dBL
TCSojIQGWThkOjrBe5WDwrJ/LbbaLZzpVnSxIynX+rCCWM7usx+Jr1nZZMi8Lvtp
Smt78ALxgZ7SA/iUNgWx4HsIkug0iKi1GoWDaL/OnrwBd+uomENdSdw5aI7+sbGk
VbrUL0rVRSpQuOMjJaE/5c+wOH0FvijFC+k27qx/hj7UNvjw5upegOnIwzY0cYbd
1kEm7NJyhkUYDmWDOGb4NeTsIvmeWNPMAl/ygx6O42YRMfcESG9of9QifmhPTjEY
tysVkUwjwrNadPEvTZzOuSvFrI9Yv2W1S7GmjOUIU1OPGGSKGVcUBCbNjQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCj3Vr8mUC5thCIw47csc6p4+A3EMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvS1BkV3Z5WlFMbTJFSWpEanR5eHpxbmo0RGNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAl/McMA0G
CSqGSIb3DQEBCwUAA4IBAQB/5px3rf0FLvBOuHyU1rHxARnb1hINomkyG48dVYAN
Unq2WRtyi/si3UxKvJpCbKP8eP/Mkz48m5KhFNCpscNQuQ1XZhjLodCYfyQcAUa3
gqIivuEZrAxQEA63yGdZfTYfx1QUi7fxPbb7WgGZ2x6CslzUJ3u7yfK9aag7eKYn
rbUx1xnrCFsyeS67q8gHpFxQySDBzN0wsUpzc3gy5/r5A53tBH5l7PeOV3ldiK2d
C4jwHkAzKl6WqovmePpHOZ19NE0VU7UnPu5iZgM8nrkmjlTLvrlb1pq0fB1gZWPO
bGeIoacni/EiJlXRg7Kv+6i68r+qaPidyCVkuxMjik7i
-----END CERTIFICATE-----
Generated at Fri Oct 17 07:45:18 2025 by rpki-client