Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/KBeigHWgbTxHWEA1Am-HSTGzdaE.roa
File: KBeigHWgbTxHWEA1Am-HSTGzdaE.roa (raw, json)
Hash identifier: m5P6C98YvF9vPMRQSZcVkAXoQ9i/iwwDZ7LQ5Wzp4oo=
Subject key identifier: 28:17:A2:80:75:A0:6D:3C:47:58:40:35:02:6F:87:49:31:B3:75:A1
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 019D73FEF1AED7FAED7DCD6BBD3CE12F6960
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/KBeigHWgbTxHWEA1Am-HSTGzdaE.roa
Signing time: Thu 09 Apr 2026 20:46:20 +0000
ROA not before: Thu 09 Apr 2026 20:46:20 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 215607
IP address blocks: 5.175.186.0/24 maxlen: 24
5.175.248.0/24 maxlen: 24
77.90.33.0/24 maxlen: 24
85.93.5.0/24 maxlen: 24
89.106.89.0/24 maxlen: 24
94.249.190.0/24 maxlen: 24
94.249.203.0/24 maxlen: 24
94.249.239.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.mft
rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Apr 2026 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:73:fe:f1:ae:d7:fa:ed:7d:cd:6b:bd:3c:e1:2f:69:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Apr 9 20:46:20 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=2817a28075a06d3c47584035026f874931b375a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:56:0f:00:c5:44:64:4b:14:4a:76:3e:7a:6b:
52:eb:88:c6:57:80:de:ac:20:1a:1e:52:57:0e:30:
c1:81:18:06:8a:5a:7c:7e:e3:18:0f:04:93:3a:86:
6d:74:9b:14:25:a5:80:fa:f9:33:ad:65:7c:e8:da:
e9:2b:d0:c0:18:88:48:81:14:25:21:99:50:0b:71:
44:59:3c:3e:d0:f7:d9:18:70:0c:40:e8:3c:e6:bc:
f1:34:da:6d:ba:e1:e2:a5:0f:0e:5a:5c:d2:cf:5a:
ea:13:cc:fa:5e:93:90:03:24:61:30:8f:4f:a6:de:
81:03:28:76:53:45:b6:20:b1:5f:e3:d5:16:dc:14:
c3:3c:b7:26:01:26:f7:82:f1:09:96:60:d8:23:7d:
40:dc:a1:a1:32:bd:24:78:65:a2:78:41:73:76:fc:
00:f5:13:97:34:5a:b5:f4:5f:f3:4f:2d:64:88:43:
ff:b1:1e:7e:36:a3:ad:a8:83:8e:6f:ea:28:e3:4f:
dd:ff:ea:67:a4:cd:35:6b:af:c3:d6:a0:d5:db:67:
2e:cd:d9:14:ae:76:80:5f:b1:4a:1b:ef:dd:a4:85:
cf:d1:ed:02:eb:bf:73:0e:a3:e9:e3:53:28:f0:bc:
bc:c2:28:f5:9e:dd:32:50:ce:78:98:43:44:18:13:
71:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:17:A2:80:75:A0:6D:3C:47:58:40:35:02:6F:87:49:31:B3:75:A1
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/KBeigHWgbTxHWEA1Am-HSTGzdaE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.175.186.0/24
5.175.248.0/24
77.90.33.0/24
85.93.5.0/24
89.106.89.0/24
94.249.190.0/24
94.249.203.0/24
94.249.239.0/24
Signature Algorithm: sha256WithRSAEncryption
9c:d2:78:72:20:70:e3:05:80:34:ed:ba:ec:e5:a2:02:16:85:
b6:80:82:5b:d5:42:cc:0c:ee:bd:90:f7:57:cf:72:8b:38:1e:
d6:ba:36:e3:1a:77:de:af:23:9a:ef:db:aa:53:0d:45:b3:1e:
47:5b:95:78:a0:53:19:34:aa:fa:6f:18:a8:d2:8b:d2:c7:70:
48:b5:a9:15:98:96:5e:39:23:f7:e7:f4:73:84:0b:c8:42:47:
c9:0d:2d:88:0d:67:d1:60:37:83:bf:84:37:bf:83:98:de:45:
11:33:af:25:04:cb:2b:fc:d6:fa:84:59:6a:76:9a:3e:d9:e9:
09:5c:df:67:ab:ce:c0:68:8a:7b:b9:25:44:2d:4b:a7:e5:ca:
6f:72:ce:37:3e:d9:61:f3:0c:02:37:bf:99:bc:c6:30:31:ec:
d3:3d:e8:cf:97:c9:ab:39:ac:2e:39:cf:67:83:49:f6:d6:eb:
d8:a2:c7:00:3f:f4:41:ce:04:a0:06:49:b9:e3:c1:cf:72:e0:
23:c2:cf:b6:a1:f9:21:54:2f:4f:b4:24:6e:01:a8:d3:b7:79:
f9:bd:3f:ad:08:e8:b3:ed:ca:81:9e:99:d5:34:69:0b:e3:ba:
e7:f6:6c:2d:af:e8:cd:8a:05:3c:79:59:34:cd:85:fb:9b:0e:
1f:ba:3c:6a
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZ1z/vGu1/rtfc1rvTzhL2lgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjYwNDA5MjA0NjIwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODE3YTI4MDc1YTA2ZDNjNDc1ODQwMzUwMjZmODc0OTMxYjM3NWExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArFYPAMVEZEsUSnY+emtS64jGV4De
rCAaHlJXDjDBgRgGilp8fuMYDwSTOoZtdJsUJaWA+vkzrWV86NrpK9DAGIhIgRQl
IZlQC3FEWTw+0PfZGHAMQOg85rzxNNptuuHipQ8OWlzSz1rqE8z6XpOQAyRhMI9P
pt6BAyh2U0W2ILFf49UW3BTDPLcmASb3gvEJlmDYI31A3KGhMr0keGWieEFzdvwA
9ROXNFq19F/zTy1kiEP/sR5+NqOtqIOOb+oo40/d/+pnpM01a6/D1qDV22cuzdkU
rnaAX7FKG+/dpIXP0e0C679zDqPp41Mo8Ly8wij1nt0yUM54mENEGBNx8wIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFCgXooB1oG08R1hANQJvh0kxs3WhMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvS0JlaWdIV2diVHhIV0VBMUFtLUhTVEd6ZGFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQABa+6AwQA
Ba/4AwQATVohAwQAVV0FAwQAWWpZAwQAXvm+AwQAXvnLAwQAXvnvMA0GCSqGSIb3
DQEBCwUAA4IBAQCc0nhyIHDjBYA07brs5aICFoW2gIJb1ULMDO69kPdXz3KLOB7W
ujbjGnferyOa79uqUw1Fsx5HW5V4oFMZNKr6bxio0ovSx3BItakVmJZeOSP35/Rz
hAvIQkfJDS2IDWfRYDeDv4Q3v4OY3kURM68lBMsr/Nb6hFlqdpo+2ekJXN9nq87A
aIp7uSVELUun5cpvcs43Ptlh8wwCN7+ZvMYwMezTPejPl8mrOawuOc9ng0n21uvY
oscAP/RBzgSgBkm548HPcuAjws+2ofkhVC9PtCRuAajTt3n5vT+tCOiz7cqBnpnV
NGkL47rn9mwtr+jNigU8eVk0zYX7mw4fujxq
-----END CERTIFICATE-----
Generated at Fri Apr 17 02:31:10 2026 by rpki-client