Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/KH7cexp6-l1q-hMz0XztCASAh_0.roa
File: KH7cexp6-l1q-hMz0XztCASAh_0.roa (raw, json)
Hash identifier: n04fnnbHSBbrosj8SpMmI2CoVRjTOGfNu9TSTWPU2ig=
Subject key identifier: 28:7E:DC:7B:1A:7A:FA:5D:6A:FA:13:33:D1:7C:ED:08:04:80:87:FD
Certificate issuer: /CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Certificate serial: 019E3F4B414071B7AA86873B0A25D630CE72
Authority key identifier: 2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/KH7cexp6-l1q-hMz0XztCASAh_0.roa
Signing time: Tue 19 May 2026 08:12:36 +0000
ROA not before: Tue 19 May 2026 08:12:36 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 9087
IP address blocks: 213.145.76.0/23 maxlen: 23
213.145.78.0/23 maxlen: 23
213.145.90.0/23 maxlen: 24
213.145.92.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/L6FqsGAgBndApMH7R6kSYi8dByI.crl
rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/L6FqsGAgBndApMH7R6kSYi8dByI.mft
rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 05 Jun 2026 03:01:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:3f:4b:41:40:71:b7:aa:86:87:3b:0a:25:d6:30:ce:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Validity
Not Before: May 19 08:12:36 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=287edc7b1a7afa5d6afa1333d17ced08048087fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:6c:0f:5b:14:4b:3b:43:71:c2:ae:89:85:c5:
d8:7d:b0:c6:60:96:12:1c:b2:22:e9:76:fd:9c:96:
9f:fd:8d:3b:e5:95:ef:c2:51:44:63:1d:df:7a:d6:
52:4f:e4:a2:8c:45:8e:db:b9:da:36:1a:33:ea:d4:
7f:aa:73:b7:30:a5:fc:6a:d3:f5:86:7d:19:e6:15:
f2:3d:8f:10:b0:d4:19:7a:41:4f:08:21:31:4b:27:
e6:cf:54:86:b6:a3:d2:a2:2f:88:fc:bd:5f:7c:a3:
93:81:a5:de:15:d1:c3:4b:12:03:51:5f:fb:e2:09:
6f:63:3b:1d:95:e9:f0:c8:b0:fc:fa:c2:40:29:03:
cd:df:cd:1d:cc:74:f3:a7:4d:8f:08:f0:6e:99:42:
34:51:cf:06:a2:b4:6d:0d:b4:48:ef:fa:cf:26:f8:
95:89:1b:82:d2:62:c9:39:4c:60:e6:60:22:ca:6f:
5e:2e:4e:5e:46:80:cb:e3:06:59:45:50:45:d3:57:
54:44:0f:d7:d0:f3:f8:85:e6:1b:69:1e:fd:11:b7:
a3:c4:f4:41:e9:84:6f:00:c2:05:27:0f:bc:28:eb:
aa:af:74:31:b9:00:56:9c:a3:b4:ba:8c:59:16:eb:
68:ef:b0:b0:dd:e9:5b:65:31:e3:aa:f3:5f:9d:9c:
ad:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:7E:DC:7B:1A:7A:FA:5D:6A:FA:13:33:D1:7C:ED:08:04:80:87:FD
X509v3 Authority Key Identifier:
keyid:2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/KH7cexp6-l1q-hMz0XztCASAh_0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/L6FqsGAgBndApMH7R6kSYi8dByI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.145.76.0/22
213.145.90.0-213.145.93.255
Signature Algorithm: sha256WithRSAEncryption
45:fb:92:ca:91:59:c2:66:8e:62:43:ba:4b:53:3c:20:7a:e7:
65:df:1f:14:8d:fe:1a:f3:2e:43:ad:fa:27:75:05:39:69:08:
6c:00:d6:87:e3:38:40:f5:43:4e:3b:2f:ae:d5:25:1d:3e:9a:
7a:05:a6:f8:ae:d1:5e:6b:66:1e:4b:8c:49:f0:d8:75:f4:b0:
66:a1:8d:c9:29:9d:bb:6b:38:4b:ec:1f:8c:06:62:69:c0:b2:
a3:cb:41:bd:79:58:03:24:8d:c1:61:bf:92:31:23:5b:17:de:
6a:4e:78:a8:df:6d:2c:24:f9:e6:a4:9b:51:7e:55:0f:fe:60:
a7:89:34:e5:47:18:1e:e2:92:98:7d:e6:8f:cb:ba:fc:93:7d:
76:9e:0c:07:2d:5e:2e:84:c1:fe:b8:6a:41:01:be:e1:8d:32:
bf:9c:ef:27:e3:ef:67:50:20:df:88:2e:b0:3f:44:65:bd:b8:
d6:4d:d7:d0:44:9c:cc:af:e9:c6:05:93:8e:96:1e:ca:91:2b:
8a:37:42:45:11:9c:2e:18:a0:d1:32:bd:4d:09:d2:45:25:3a:
bf:18:92:ea:59:b2:6e:71:4c:c2:e9:b4:3e:65:27:65:64:bd:
ad:46:54:ca:f1:d8:d1:a0:44:1d:88:f2:7b:1b:73:88:42:42:
e8:b1:3b:7a
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZ4/S0FAcbeqhoc7CiXWMM5yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmYTE2YWIwNjAyMDA2Nzc0MGE0YzFmYjQ3YTkxMjYyMmYx
ZDA3MjIwHhcNMjYwNTE5MDgxMjM2WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODdlZGM3YjFhN2FmYTVkNmFmYTEzMzNkMTdjZWQwODA0ODA4N2ZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnWwPWxRLO0Nxwq6JhcXYfbDGYJYS
HLIi6Xb9nJaf/Y075ZXvwlFEYx3fetZST+SijEWO27naNhoz6tR/qnO3MKX8atP1
hn0Z5hXyPY8QsNQZekFPCCExSyfmz1SGtqPSoi+I/L1ffKOTgaXeFdHDSxIDUV/7
4glvYzsdlenwyLD8+sJAKQPN380dzHTzp02PCPBumUI0Uc8GorRtDbRI7/rPJviV
iRuC0mLJOUxg5mAiym9eLk5eRoDL4wZZRVBF01dURA/X0PP4heYbaR79EbejxPRB
6YRvAMIFJw+8KOuqr3QxuQBWnKO0uoxZFuto77Cw3elbZTHjqvNfnZyt+wIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFCh+3HsaevpdavoTM9F87QgEgIf9MB8GA1UdIwQY
MBaAFC+harBgIAZ3QKTB+0epEmIvHQciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUt
ZDI0MmI2ZjNhOGExLzEvS0g3Y2V4cDYtbDFxLWhNejBYenRDQVNBaF8wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUtZDI0MmI2ZjNhOGEx
LzEvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQC1ZFMMAwD
BAHVkVoDBAHVkVwwDQYJKoZIhvcNAQELBQADggEBAEX7ksqRWcJmjmJDuktTPCB6
52XfHxSN/hrzLkOt+id1BTlpCGwA1ofjOED1Q047L67VJR0+mnoFpviu0V5rZh5L
jEnw2HX0sGahjckpnbtrOEvsH4wGYmnAsqPLQb15WAMkjcFhv5IxI1sX3mpOeKjf
bSwk+eakm1F+VQ/+YKeJNOVHGB7ikph95o/LuvyTfXaeDActXi6Ewf64akEBvuGN
Mr+c7yfj72dQIN+ILrA/RGW9uNZN19BEnMyv6cYFk46WHsqRK4o3QkURnC4YoNEy
vU0J0kUlOr8YkupZsm5xTMLptD5lJ2Vkva1GVMrx2NGgRB2I8nsbc4hCQuixO3o=
-----END CERTIFICATE-----
Generated at Thu Jun 4 10:00:11 2026 by rpki-client