
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/156f45-da23-4e25-a08c-3687c2f7d83e/1/kpshd_nqvOSLpdq8n2Xp9TiBzzY.roa
File: kpshd_nqvOSLpdq8n2Xp9TiBzzY.roa (raw, json)
Hash identifier: gHB/NPpss7TTnWxPCb4UR0vpBAt4lH1CE9UBGyO8VuM=
Subject key identifier: 92:9B:21:77:F9:EA:BC:E4:8B:A5:DA:BC:9F:65:E9:F5:38:81:CF:36
Certificate issuer: /CN=988ce6e4ee09ef66658286451790969d7cffe9b9
Certificate serial: 019F087CFB13345388C0CDC722359641E913
Authority key identifier: 98:8C:E6:E4:EE:09:EF:66:65:82:86:45:17:90:96:9D:7C:FF:E9:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mIzm5O4J72ZlgoZFF5CWnXz_6bk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/156f45-da23-4e25-a08c-3687c2f7d83e/1/kpshd_nqvOSLpdq8n2Xp9TiBzzY.roa
Signing time: Sat 27 Jun 2026 09:50:36 +0000
ROA not before: Sat 27 Jun 2026 09:50:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 50810
IP address blocks: 31.40.4.0/22 maxlen: 22
91.206.177.0/24 maxlen: 24
153.51.0.0/19 maxlen: 19
153.51.128.0/19 maxlen: 19
193.37.38.0/24 maxlen: 24
194.5.16.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e7/156f45-da23-4e25-a08c-3687c2f7d83e/1/mIzm5O4J72ZlgoZFF5CWnXz_6bk.crl
rsync://rpki.ripe.net/repository/DEFAULT/e7/156f45-da23-4e25-a08c-3687c2f7d83e/1/mIzm5O4J72ZlgoZFF5CWnXz_6bk.mft
rsync://rpki.ripe.net/repository/DEFAULT/mIzm5O4J72ZlgoZFF5CWnXz_6bk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 01 Jul 2026 18:02:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9f:08:7c:fb:13:34:53:88:c0:cd:c7:22:35:96:41:e9:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=988ce6e4ee09ef66658286451790969d7cffe9b9
Validity
Not Before: Jun 27 09:50:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=929b2177f9eabce48ba5dabc9f65e9f53881cf36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:5d:f7:95:2d:c2:a3:f8:8e:9b:d2:da:13:bd:
dd:42:97:73:98:d4:1f:c7:f0:03:25:92:ff:5d:fd:
48:be:ae:b3:38:49:fe:37:78:c2:15:ca:8b:3b:7f:
9a:1e:aa:c6:83:2d:4c:9b:bc:fa:60:47:a1:e1:c2:
53:2a:75:da:d5:a8:d8:ab:77:38:a2:92:ef:e3:23:
09:18:d5:f2:04:d7:9f:f0:94:d7:48:26:57:f7:06:
a0:73:a9:c4:53:ee:7d:70:52:20:90:66:8a:b1:47:
c1:15:e3:c1:93:af:3f:81:81:4c:cf:cd:42:eb:bb:
17:af:f9:62:0b:ab:2b:bb:ca:82:f4:34:32:4c:19:
7e:aa:96:5a:f5:06:ec:41:1d:a8:75:9f:2d:84:83:
f6:a5:1c:18:4d:11:04:a1:b0:73:b9:a1:c9:07:a0:
d0:2e:52:99:09:d6:9b:9a:93:50:26:a5:1a:79:37:
3d:98:d1:3c:54:ed:f9:4e:52:a7:52:e9:b0:77:10:
5a:28:b9:40:54:3a:40:9a:c9:36:9c:21:37:3f:e7:
3d:64:6f:3f:61:95:1a:38:f6:23:e9:e2:94:f6:af:
41:20:d5:b6:0a:91:ab:05:cd:6a:6a:02:e6:39:b1:
f1:06:5a:96:d1:b0:0f:d7:23:26:3b:14:7c:a0:75:
6a:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:9B:21:77:F9:EA:BC:E4:8B:A5:DA:BC:9F:65:E9:F5:38:81:CF:36
X509v3 Authority Key Identifier:
keyid:98:8C:E6:E4:EE:09:EF:66:65:82:86:45:17:90:96:9D:7C:FF:E9:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mIzm5O4J72ZlgoZFF5CWnXz_6bk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/156f45-da23-4e25-a08c-3687c2f7d83e/1/kpshd_nqvOSLpdq8n2Xp9TiBzzY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/156f45-da23-4e25-a08c-3687c2f7d83e/1/mIzm5O4J72ZlgoZFF5CWnXz_6bk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.40.4.0/22
91.206.177.0/24
153.51.0.0/19
153.51.128.0/19
193.37.38.0/24
194.5.16.0/24
Signature Algorithm: sha256WithRSAEncryption
45:e8:1b:ca:93:59:a1:f7:e2:74:e2:17:d9:06:36:73:5b:45:
ba:5a:20:e6:e8:c3:bb:b3:7d:47:f6:49:19:95:28:66:56:47:
b0:dc:57:0a:f5:9d:74:af:da:96:21:7a:a2:e0:b6:ef:ae:32:
0a:9f:6c:84:f7:b6:a5:44:03:a6:29:3a:75:c2:ea:48:1b:9b:
99:b6:68:0a:95:74:87:09:a2:5c:48:e7:b9:57:6c:aa:b4:bf:
40:8e:9a:70:d9:7d:d4:f9:e8:63:e5:0d:51:40:35:0b:6b:4e:
75:9c:bf:e4:3b:b8:25:14:e3:b6:16:68:08:27:20:34:ff:a6:
50:04:18:e4:f7:55:60:85:fc:b6:0d:15:39:d8:6f:9e:17:cf:
fb:dd:c5:9b:6c:97:8c:4b:33:73:40:20:a8:83:8a:0f:cd:d5:
fa:36:c3:ef:cd:59:d4:67:7d:d8:94:e7:29:61:10:03:4f:91:
ce:bc:5a:da:40:81:45:f4:43:fe:26:6d:32:c1:89:9d:d8:f3:
20:18:08:7a:3c:0d:b4:0e:7b:0e:4e:08:34:04:f9:5f:e2:70:
20:f8:8c:5b:0c:65:e5:ed:75:76:48:7b:5f:20:71:e5:10:b9:
01:4b:23:87:a7:8a:b8:2e:23:5c:04:5e:0a:7a:ab:b9:20:13:
a3:ab:7c:5e
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZ8IfPsTNFOIwM3HIjWWQekTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4OGNlNmU0ZWUwOWVmNjY2NTgyODY0NTE3OTA5NjlkN2Nm
ZmU5YjkwHhcNMjYwNjI3MDk1MDM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjliMjE3N2Y5ZWFiY2U0OGJhNWRhYmM5ZjY1ZTlmNTM4ODFjZjM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmV33lS3Co/iOm9LaE73dQpdzmNQf
x/ADJZL/Xf1Ivq6zOEn+N3jCFcqLO3+aHqrGgy1Mm7z6YEeh4cJTKnXa1ajYq3c4
opLv4yMJGNXyBNef8JTXSCZX9wagc6nEU+59cFIgkGaKsUfBFePBk68/gYFMz81C
67sXr/liC6sru8qC9DQyTBl+qpZa9QbsQR2odZ8thIP2pRwYTREEobBzuaHJB6DQ
LlKZCdabmpNQJqUaeTc9mNE8VO35TlKnUumwdxBaKLlAVDpAmsk2nCE3P+c9ZG8/
YZUaOPYj6eKU9q9BINW2CpGrBc1qagLmObHxBlqW0bAP1yMmOxR8oHVqIwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFJKbIXf56rzki6XavJ9l6fU4gc82MB8GA1UdIwQY
MBaAFJiM5uTuCe9mZYKGRReQlp18/+m5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUl6bTVPNEo3MlpsZ29aRkY1Q1duWHpfNmJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy8xNTZmNDUtZGEyMy00ZTI1LWEwOGMt
MzY4N2MyZjdkODNlLzEva3BzaGRfbnF2T1NMcGRxOG4yWHA5VGlCenpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy8xNTZmNDUtZGEyMy00ZTI1LWEwOGMtMzY4N2MyZjdkODNl
LzEvbUl6bTVPNEo3MlpsZ29aRkY1Q1duWHpfNmJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCHygEAwQA
W86xAwQFmTMAAwQFmTOAAwQAwSUmAwQAwgUQMA0GCSqGSIb3DQEBCwUAA4IBAQBF
6BvKk1mh9+J04hfZBjZzW0W6WiDm6MO7s31H9kkZlShmVkew3FcK9Z10r9qWIXqi
4LbvrjIKn2yE97alRAOmKTp1wupIG5uZtmgKlXSHCaJcSOe5V2yqtL9Ajppw2X3U
+ehj5Q1RQDULa051nL/kO7glFOO2FmgIJyA0/6ZQBBjk91Vghfy2DRU52G+eF8/7
3cWbbJeMSzNzQCCog4oPzdX6NsPvzVnUZ33YlOcpYRADT5HOvFraQIFF9EP+Jm0y
wYmd2PMgGAh6PA20DnsOTgg0BPlf4nAg+IxbDGXl7XV2SHtfIHHlELkBSyOHp4q4
LiNcBF4Kequ5IBOjq3xe
-----END CERTIFICATE-----
Generated at Wed Jul 1 01:34:18 2026 by rpki-client