Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/1b9a66-f820-45a0-b02d-d78766d8c858/1/KVd8UU1QCGLbelU8FBZ3BjTJf_M.roa
File: KVd8UU1QCGLbelU8FBZ3BjTJf_M.roa (raw, json)
Hash identifier: e0wcDwUSIAfCnaYto4Jivp2KjPS/q2XzRg7RSdokzyQ=
Subject key identifier: 29:57:7C:51:4D:50:08:62:DB:7A:55:3C:14:16:77:06:34:C9:7F:F3
Certificate issuer: /CN=4186e6b9d1f78c94d63fac934ab9aadc0c96d43e
Certificate serial: 019B7A5AE10D1C362D2C6EB4722F05793D69
Authority key identifier: 41:86:E6:B9:D1:F7:8C:94:D6:3F:AC:93:4A:B9:AA:DC:0C:96:D4:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QYbmudH3jJTWP6yTSrmq3AyW1D4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/1b9a66-f820-45a0-b02d-d78766d8c858/1/KVd8UU1QCGLbelU8FBZ3BjTJf_M.roa
Signing time: Thu 01 Jan 2026 16:18:54 +0000
ROA not before: Thu 01 Jan 2026 16:18:54 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 15516
IP address blocks: 62.61.128.0/19 maxlen: 19
77.75.160.0/21 maxlen: 21
79.98.192.0/21 maxlen: 21
81.161.128.0/18 maxlen: 18
82.147.224.0/19 maxlen: 19
82.211.224.0/19 maxlen: 19
85.24.0.0/17 maxlen: 17
87.72.0.0/15 maxlen: 15
91.100.0.0/15 maxlen: 15
195.135.216.0/22 maxlen: 22
2001:14d0::/29 maxlen: 29
2a01:558::/32 maxlen: 32
2a07:8900::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/1b9a66-f820-45a0-b02d-d78766d8c858/1/QYbmudH3jJTWP6yTSrmq3AyW1D4.crl
rsync://rpki.ripe.net/repository/DEFAULT/17/1b9a66-f820-45a0-b02d-d78766d8c858/1/QYbmudH3jJTWP6yTSrmq3AyW1D4.mft
rsync://rpki.ripe.net/repository/DEFAULT/QYbmudH3jJTWP6yTSrmq3AyW1D4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Mar 2026 07:00:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9b:7a:5a:e1:0d:1c:36:2d:2c:6e:b4:72:2f:05:79:3d:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4186e6b9d1f78c94d63fac934ab9aadc0c96d43e
Validity
Not Before: Jan 1 16:18:54 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=29577c514d500862db7a553c1416770634c97ff3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:e5:36:bd:2d:6f:02:5a:0c:92:bf:73:e4:dc:
4f:fa:1d:7e:85:77:73:e8:2e:3e:4c:8a:cb:40:23:
90:f8:b8:c5:8d:82:e6:39:77:0e:03:7c:42:04:90:
f4:e9:8b:24:78:e5:40:38:53:aa:7c:63:56:97:34:
3f:9a:e9:a4:ca:56:5c:05:b6:4d:11:7f:72:99:fc:
d4:d7:f0:74:5a:f0:e8:e5:8a:12:47:f6:44:dc:a9:
f4:4d:2d:6c:3c:6d:34:d9:f0:79:13:49:55:93:d4:
95:6c:fd:a0:4c:f3:8b:c7:5a:47:b8:be:43:d0:4f:
93:0f:5c:32:a5:81:53:7f:cb:9a:40:bc:1f:9c:94:
09:02:0f:5e:34:fc:61:e6:65:86:5d:a6:1b:d4:64:
b8:24:e6:1a:2f:a5:c0:26:f3:fa:e2:af:5e:e3:46:
87:b9:55:a6:59:0c:34:ba:05:c5:43:7e:bd:dc:fb:
de:12:14:5f:85:38:56:b2:cc:9b:fc:3e:13:d1:d4:
66:fc:76:22:1f:a8:73:dc:4b:a0:bc:b2:e6:15:63:
77:54:28:ee:62:e4:c1:89:eb:2b:c6:03:a5:49:f2:
d5:65:b2:ba:4e:78:94:4f:2e:a2:90:d9:24:6a:2d:
18:9f:bf:60:4e:fd:c2:9d:9a:fd:f1:80:10:15:9b:
c9:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:57:7C:51:4D:50:08:62:DB:7A:55:3C:14:16:77:06:34:C9:7F:F3
X509v3 Authority Key Identifier:
keyid:41:86:E6:B9:D1:F7:8C:94:D6:3F:AC:93:4A:B9:AA:DC:0C:96:D4:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QYbmudH3jJTWP6yTSrmq3AyW1D4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1b9a66-f820-45a0-b02d-d78766d8c858/1/KVd8UU1QCGLbelU8FBZ3BjTJf_M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1b9a66-f820-45a0-b02d-d78766d8c858/1/QYbmudH3jJTWP6yTSrmq3AyW1D4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.61.128.0/19
77.75.160.0/21
79.98.192.0/21
81.161.128.0/18
82.147.224.0/19
82.211.224.0/19
85.24.0.0/17
87.72.0.0/15
91.100.0.0/15
195.135.216.0/22
IPv6:
2001:14d0::/29
2a01:558::/32
2a07:8900::/29
Signature Algorithm: sha256WithRSAEncryption
a2:42:25:24:3c:a3:57:76:b0:00:2f:c2:f9:68:51:a2:d2:08:
57:86:a5:f5:c4:38:76:ab:f5:68:82:a2:25:8a:ff:6d:f8:d0:
29:cd:40:72:f8:97:c2:47:4a:88:ce:6c:0d:d2:04:c6:37:df:
9e:c1:90:52:a0:8d:e9:d3:85:ee:09:04:31:40:67:d0:5e:34:
9e:f6:8f:bb:3f:e3:79:14:19:3a:03:04:41:33:50:e5:2b:02:
79:e3:a1:6e:88:1a:b5:5a:c1:f1:89:61:99:d2:18:89:fa:8a:
c6:21:df:bd:99:a4:da:d8:df:30:69:26:5b:dd:04:17:a6:5b:
aa:1b:ea:28:34:65:1b:91:a2:ee:2a:0a:50:e1:95:2b:7f:df:
aa:2d:d5:09:11:cf:a3:5f:bc:43:c5:32:42:5f:b0:f8:31:3d:
a8:0a:8a:d7:1d:2b:66:4f:73:a4:47:bb:ba:b6:57:88:7b:7f:
5a:14:db:ff:e1:e7:8a:c7:10:9f:bf:1f:bb:5e:36:19:8b:c6:
1e:db:d1:f1:3e:b0:c1:53:7e:77:e6:90:97:22:76:23:a9:df:
73:bb:48:58:89:e8:45:cc:8d:fe:4f:ac:f2:9a:55:0d:bb:10:
7a:2b:c0:d6:90:46:cb:82:58:a2:bd:db:41:05:dc:76:09:e2:
31:c5:14:02
-----BEGIN CERTIFICATE-----
MIIFTjCCBDagAwIBAgISAZt6WuENHDYtLG60ci8FeT1pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxODZlNmI5ZDFmNzhjOTRkNjNmYWM5MzRhYjlhYWRjMGM5
NmQ0M2UwHhcNMjYwMTAxMTYxODU0WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTU3N2M1MTRkNTAwODYyZGI3YTU1M2MxNDE2NzcwNjM0Yzk3ZmYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqOU2vS1vAloMkr9z5NxP+h1+hXdz
6C4+TIrLQCOQ+LjFjYLmOXcOA3xCBJD06YskeOVAOFOqfGNWlzQ/mumkylZcBbZN
EX9ymfzU1/B0WvDo5YoSR/ZE3Kn0TS1sPG002fB5E0lVk9SVbP2gTPOLx1pHuL5D
0E+TD1wypYFTf8uaQLwfnJQJAg9eNPxh5mWGXaYb1GS4JOYaL6XAJvP64q9e40aH
uVWmWQw0ugXFQ3693PveEhRfhThWssyb/D4T0dRm/HYiH6hz3EugvLLmFWN3VCju
YuTBiesrxgOlSfLVZbK6TniUTy6ikNkkai0Yn79gTv3CnZr98YAQFZvJAQIDAQAB
o4ICWjCCAlYwHQYDVR0OBBYEFClXfFFNUAhi23pVPBQWdwY0yX/zMB8GA1UdIwQY
MBaAFEGG5rnR94yU1j+sk0q5qtwMltQ+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVlibXVkSDNqSlRXUDZ5VFNybXEzQXlXMUQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8xYjlhNjYtZjgyMC00NWEwLWIwMmQt
ZDc4NzY2ZDhjODU4LzEvS1ZkOFVVMVFDR0xiZWxVOEZCWjNCalRKZl9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8xYjlhNjYtZjgyMC00NWEwLWIwMmQtZDc4NzY2ZDhjODU4
LzEvUVlibXVkSDNqSlRXUDZ5VFNybXEzQXlXMUQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHAGCCsGAQUFBwEHAQH/BGEwXzBABAIAATA6AwQFPj2AAwQD
TUugAwQDT2LAAwQGUaGAAwQFUpPgAwQFUtPgAwQHVRgAAwMBV0gDAwFbZAMEAsOH
2DAbBAIAAjAVAwUDIAEU0AMFACoBBVgDBQMqB4kAMA0GCSqGSIb3DQEBCwUAA4IB
AQCiQiUkPKNXdrAAL8L5aFGi0ghXhqX1xDh2q/VogqIliv9t+NApzUBy+JfCR0qI
zmwN0gTGN9+ewZBSoI3p04XuCQQxQGfQXjSe9o+7P+N5FBk6AwRBM1DlKwJ546Fu
iBq1WsHxiWGZ0hiJ+orGId+9maTa2N8waSZb3QQXpluqG+ooNGUbkaLuKgpQ4ZUr
f9+qLdUJEc+jX7xDxTJCX7D4MT2oCorXHStmT3OkR7u6tleIe39aFNv/4eeKxxCf
vx+7XjYZi8Ye29HxPrDBU3535pCXInYjqd9zu0hYiehFzI3+T6zymlUNuxB6K8DW
kEbLgliivdtBBdx2CeIxxRQC
-----END CERTIFICATE-----
Generated at Mon Mar 2 19:23:39 2026 by rpki-client