Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/KWeUe8stEcRBCfK1V9M1OdEhYVo.roa
File: KWeUe8stEcRBCfK1V9M1OdEhYVo.roa (raw, json)
Hash identifier: 5db5SBY8xLjigcej1g8W2J/cv1YnUc8GiiKN3rxcM4Y=
Subject key identifier: 29:67:94:7B:CB:2D:11:C4:41:09:F2:B5:57:D3:35:39:D1:21:61:5A
Certificate issuer: /CN=52cd9a6512dbf25a5f19b827d7a2c7e22a2ee8dd
Certificate serial: 019EB12EC069DFDBBF2E666711BC34B96D0F
Authority key identifier: 52:CD:9A:65:12:DB:F2:5A:5F:19:B8:27:D7:A2:C7:E2:2A:2E:E8:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/KWeUe8stEcRBCfK1V9M1OdEhYVo.roa
Signing time: Wed 10 Jun 2026 10:58:11 +0000
ROA not before: Wed 10 Jun 2026 10:58:11 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 204800
IP address blocks: 65.98.12.0/24 maxlen: 24
103.138.189.0/24 maxlen: 24
192.250.228.0/24 maxlen: 24
192.250.235.0/24 maxlen: 24
198.38.91.0/24 maxlen: 24
209.42.27.0/24 maxlen: 24
216.67.230.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.crl
rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.mft
rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 20:26:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:b1:2e:c0:69:df:db:bf:2e:66:67:11:bc:34:b9:6d:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52cd9a6512dbf25a5f19b827d7a2c7e22a2ee8dd
Validity
Not Before: Jun 10 10:58:11 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=2967947bcb2d11c44109f2b557d33539d121615a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:ec:36:f0:d0:a8:c9:6c:43:5a:67:fc:ca:1b:
ac:47:4a:e6:77:d5:4e:9a:de:8e:0e:9c:92:5f:63:
68:9a:9c:9b:38:4e:69:3d:0c:54:18:dc:ed:95:90:
88:bd:54:a6:dd:7d:fc:b8:b5:b8:72:7b:10:0c:5a:
a3:7e:e1:f3:bf:7e:98:08:80:f0:08:02:b6:2a:3a:
fc:36:b6:35:d4:2b:80:59:94:6e:25:d6:fb:b8:2f:
82:e3:3d:ff:e8:c2:4e:a8:82:e3:4c:d6:49:8d:a2:
4c:05:3d:17:92:9c:8f:ae:e3:5e:0d:e7:34:89:b7:
2d:f8:c2:bd:ea:fd:25:9b:98:d8:3e:d5:90:b0:ee:
b8:37:c3:d7:d3:f4:43:3b:96:d1:ca:d0:b5:b1:03:
39:04:2a:ed:b7:31:e1:f4:7e:60:d3:d5:37:eb:6d:
e4:97:d9:d2:a2:ef:a2:b6:1b:c7:6f:8b:57:c8:5c:
5a:95:5c:7f:a2:0e:8a:51:cf:1d:e4:23:3e:b2:41:
91:7c:bb:b6:1b:d5:df:97:0a:3b:36:75:50:cc:4c:
78:7e:ff:a6:64:4a:98:c8:05:36:ec:ad:a4:6d:ce:
8b:ee:e5:5d:f7:da:42:e4:86:4c:75:6e:e1:fa:4c:
ef:11:95:50:14:d0:a2:93:74:8c:a8:04:46:80:b6:
33:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:67:94:7B:CB:2D:11:C4:41:09:F2:B5:57:D3:35:39:D1:21:61:5A
X509v3 Authority Key Identifier:
keyid:52:CD:9A:65:12:DB:F2:5A:5F:19:B8:27:D7:A2:C7:E2:2A:2E:E8:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/KWeUe8stEcRBCfK1V9M1OdEhYVo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
65.98.12.0/24
103.138.189.0/24
192.250.228.0/24
192.250.235.0/24
198.38.91.0/24
209.42.27.0/24
216.67.230.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:17:d7:c0:83:ed:2f:aa:33:ab:40:60:ae:bd:9e:0f:c4:83:
89:24:3f:ce:e8:5c:48:16:6e:39:8c:aa:61:3c:4f:22:2b:38:
c6:f1:ff:cb:95:d0:f4:25:b6:cd:a5:e5:50:c7:2d:f6:b0:14:
fc:8c:c8:5f:65:9b:cb:cf:24:6f:52:c7:c8:59:64:e3:e0:60:
0b:64:66:69:3f:4e:dd:fc:89:94:53:76:cf:61:9a:13:7e:c1:
35:89:0a:1c:1a:7e:e4:4a:86:3b:74:9b:87:bd:8c:8c:a5:1b:
78:fd:5d:68:4f:d2:4a:6a:b7:13:58:80:c6:f6:ee:cb:d3:c1:
28:d6:db:c7:3f:46:49:db:09:d2:f8:61:83:39:32:cb:c2:8b:
40:ac:63:66:ed:21:00:b6:cf:7d:2b:4d:45:ce:c2:d7:32:60:
89:7e:27:ac:8d:3c:2d:5b:2b:25:e7:a0:c8:f2:25:00:5a:b1:
d1:b7:8c:c6:07:8d:02:c1:dd:56:07:06:23:a0:97:b8:1c:2b:
e2:4b:6d:fc:8b:6c:1f:b5:d0:96:3f:aa:34:1d:8c:6d:a0:37:
a5:9b:50:7c:bc:2d:1f:8b:74:da:05:05:43:7b:cd:97:be:72:
84:bd:ed:7c:e5:2c:fd:1b:27:b5:54:2f:5f:15:c7:53:98:4f:
08:8e:4a:8c
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZ6xLsBp39u/LmZnEbw0uW0PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyY2Q5YTY1MTJkYmYyNWE1ZjE5YjgyN2Q3YTJjN2UyMmEy
ZWU4ZGQwHhcNMjYwNjEwMTA1ODExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTY3OTQ3YmNiMmQxMWM0NDEwOWYyYjU1N2QzMzUzOWQxMjE2MTVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk+w28NCoyWxDWmf8yhusR0rmd9VO
mt6ODpySX2NompybOE5pPQxUGNztlZCIvVSm3X38uLW4cnsQDFqjfuHzv36YCIDw
CAK2Kjr8NrY11CuAWZRuJdb7uC+C4z3/6MJOqILjTNZJjaJMBT0XkpyPruNeDec0
ibct+MK96v0lm5jYPtWQsO64N8PX0/RDO5bRytC1sQM5BCrttzHh9H5g09U3623k
l9nSou+ithvHb4tXyFxalVx/og6KUc8d5CM+skGRfLu2G9Xflwo7NnVQzEx4fv+m
ZEqYyAU27K2kbc6L7uVd99pC5IZMdW7h+kzvEZVQFNCik3SMqARGgLYzDQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFClnlHvLLRHEQQnytVfTNTnRIWFaMB8GA1UdIwQY
MBaAFFLNmmUS2/JaXxm4J9eix+IqLujdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXMyYVpSTGI4bHBmR2JnbjE2TEg0aW91Nk4wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi8yMjIzY2EtY2UzOC00OWJiLWIxMjUt
Y2NhMzc2MDZiZjE4LzEvS1dlVWU4c3RFY1JCQ2ZLMVY5TTFPZEVoWVZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi8yMjIzY2EtY2UzOC00OWJiLWIxMjUtY2NhMzc2MDZiZjE4
LzEvVXMyYVpSTGI4bHBmR2JnbjE2TEg0aW91Nk4wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAQWIMAwQA
Z4q9AwQAwPrkAwQAwPrrAwQAxiZbAwQA0SobAwQA2EPmMA0GCSqGSIb3DQEBCwUA
A4IBAQBKF9fAg+0vqjOrQGCuvZ4PxIOJJD/O6FxIFm45jKphPE8iKzjG8f/LldD0
JbbNpeVQxy32sBT8jMhfZZvLzyRvUsfIWWTj4GALZGZpP07d/ImUU3bPYZoTfsE1
iQocGn7kSoY7dJuHvYyMpRt4/V1oT9JKarcTWIDG9u7L08Eo1tvHP0ZJ2wnS+GGD
OTLLwotArGNm7SEAts99K01FzsLXMmCJfiesjTwtWysl56DI8iUAWrHRt4zGB40C
wd1WBwYjoJe4HCviS238i2wftdCWP6o0HYxtoDelm1B8vC0fi3TaBQVDe82XvnKE
ve185Sz9Gye1VC9fFcdTmE8IjkqM
-----END CERTIFICATE-----
Generated at Fri Jun 12 04:40:55 2026 by rpki-client