Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/K9ASZtEGHuU_002cWg_k-WWvcM0.roa
File: K9ASZtEGHuU_002cWg_k-WWvcM0.roa (raw, json)
Hash identifier: DuiM84C/OVW62N8fpdh+g0ti3ahocHRWJonnsSWoux8=
Subject key identifier: 2B:D0:12:66:D1:06:1E:E5:3F:D3:4D:9C:5A:0F:E4:F9:65:AF:70:CD
Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial: 019A3132C91CDE3802E4090BF9AF969FEF8D
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/K9ASZtEGHuU_002cWg_k-WWvcM0.roa
Signing time: Wed 29 Oct 2025 18:20:03 +0000
ROA not before: Wed 29 Oct 2025 18:20:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34567
IP address blocks: 2a0d:6b40::/29 maxlen: 29
2a0d:6ec0::/29 maxlen: 29
2a0d:7140::/29 maxlen: 29
2a0d:8cc0::/29 maxlen: 29
2a0d:9740::/29 maxlen: 29
2a0d:97c0::/29 maxlen: 29
2a0d:a3c0::/29 maxlen: 29
2a0d:ad40::/29 maxlen: 29
2a0d:b540::/29 maxlen: 29
2a0d:b840::/29 maxlen: 29
2a0d:c1c0::/29 maxlen: 29
2a0d:cc40::/29 maxlen: 29
2a0d:ce40::/29 maxlen: 29
2a0d:d3c0::/29 maxlen: 29
2a0d:e1c0::/29 maxlen: 29
2a0d:e240::/29 maxlen: 29
2a0d:e340::/29 maxlen: 29
2a0d:f140::/29 maxlen: 29
2a0d:f5c0::/29 maxlen: 29
2a0e:8c0::/29 maxlen: 29
2a0e:af40::/29 maxlen: 29
2a0e:e9c0::/29 maxlen: 29
2a0f:2200::/29 maxlen: 29
2a0f:cb80::/29 maxlen: 29
2a0f:e180::/29 maxlen: 29
2a11:ec0::/29 maxlen: 29
2a11:17c0::/29 maxlen: 29
2a11:1c80::/29 maxlen: 29
2a11:2d00::/29 maxlen: 29
2a11:4480::/29 maxlen: 29
2a11:4540::/29 maxlen: 29
2a11:4f00::/29 maxlen: 29
2a11:6040::/29 maxlen: 29
2a11:64c0::/29 maxlen: 29
2a11:6b80::/29 maxlen: 29
2a11:77c0::/29 maxlen: 29
2a11:81c0::/29 maxlen: 29
2a11:86c0::/29 maxlen: 29
2a11:8740::/29 maxlen: 29
2a11:8980::/29 maxlen: 29
2a11:8bc0::/29 maxlen: 29
2a11:9040::/29 maxlen: 29
2a11:9580::/29 maxlen: 29
2a11:9640::/29 maxlen: 29
2a11:9900::/29 maxlen: 29
2a11:9f00::/29 maxlen: 29
2a11:a040::/29 maxlen: 29
2a11:a140::/29 maxlen: 29
2a11:b0c0::/29 maxlen: 29
2a11:b4c0::/29 maxlen: 29
2a11:b700::/29 maxlen: 29
2a11:bb00::/29 maxlen: 29
2a11:bbc0::/29 maxlen: 29
2a11:bdc0::/29 maxlen: 29
2a11:be40::/29 maxlen: 29
2a11:bf80::/29 maxlen: 29
2a11:c240::/29 maxlen: 29
2a11:c2c0::/29 maxlen: 29
2a11:c580::/29 maxlen: 29
2a11:c680::/29 maxlen: 29
2a11:cec0::/29 maxlen: 29
2a11:d340::/29 maxlen: 29
2a11:d880::/29 maxlen: 29
2a11:dac0::/29 maxlen: 29
2a11:df00::/29 maxlen: 29
2a11:e2c0::/29 maxlen: 29
2a11:e640::/29 maxlen: 29
2a11:e6c0::/29 maxlen: 29
2a11:e8c0::/29 maxlen: 29
2a11:eac0::/29 maxlen: 29
2a11:fa40::/29 maxlen: 29
2a11:fc40::/29 maxlen: 29
2a11:ff40::/29 maxlen: 29
2a12:580::/29 maxlen: 29
2a12:640::/29 maxlen: 29
2a12:900::/29 maxlen: 29
2a12:dc0::/29 maxlen: 29
2a12:e40::/29 maxlen: 29
2a12:e80::/29 maxlen: 29
2a12:11c0::/29 maxlen: 29
2a12:12c0::/29 maxlen: 29
2a12:1a80::/29 maxlen: 29
2a12:2800::/29 maxlen: 29
2a12:2b80::/29 maxlen: 29
2a12:2e80::/29 maxlen: 29
2a12:3c00::/29 maxlen: 29
2a12:57c0::/29 maxlen: 29
2a12:6480::/29 maxlen: 29
2a12:8380::/29 maxlen: 29
2a12:8480::/29 maxlen: 29
2a12:8780::/29 maxlen: 29
2a12:8a00::/29 maxlen: 29
2a12:9200::/29 maxlen: 29
2a12:a500::/29 maxlen: 29
2a12:aa00::/29 maxlen: 29
2a12:af00::/29 maxlen: 29
2a12:b400::/29 maxlen: 29
2a12:b700::/29 maxlen: 29
2a12:bb00::/29 maxlen: 29
2a12:bc80::/29 maxlen: 29
2a12:c980::/29 maxlen: 29
2a12:cf80::/29 maxlen: 29
2a12:d080::/29 maxlen: 29
2a12:d200::/29 maxlen: 29
2a12:d800::/29 maxlen: 29
2a12:f980::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.mft
rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 18:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:31:32:c9:1c:de:38:02:e4:09:0b:f9:af:96:9f:ef:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Validity
Not Before: Oct 29 18:20:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2bd01266d1061ee53fd34d9c5a0fe4f965af70cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:47:19:c0:a8:cd:3c:2d:81:f8:51:7d:6a:27:
43:cf:0d:fd:8a:af:41:a0:0e:a4:4e:f7:8e:84:78:
a8:25:1b:93:ce:4c:24:a5:bc:a7:c9:ef:bf:ae:26:
7f:40:08:5f:26:e0:d2:be:37:e1:8b:d3:64:7c:6f:
34:af:02:8b:20:da:26:2b:26:23:b8:f6:6c:9a:15:
1f:d1:60:78:ea:1f:52:c1:67:de:d3:d9:20:e5:b0:
d1:1b:88:7d:91:2d:23:07:5d:3d:69:15:76:70:8c:
98:c1:a3:ba:b0:8e:3d:2a:e8:e4:ad:20:31:b0:ff:
5b:99:4b:50:1c:ae:e3:99:8c:87:ad:67:40:3c:d2:
1f:1c:64:e0:d2:86:ff:67:8f:27:c1:9c:05:5a:17:
f0:73:73:b1:94:cd:25:c5:d6:82:70:7e:98:9b:0b:
3a:45:61:b3:b7:bf:11:84:5e:36:9d:a3:54:ac:d7:
a8:02:3b:7a:98:08:71:6d:3f:16:aa:a5:61:15:f2:
10:a4:23:e2:ad:f8:eb:03:c7:bf:6c:3e:31:0c:ed:
97:a5:51:ca:1b:84:2f:3b:d5:22:db:e8:14:70:a0:
b3:9c:e8:b3:a8:17:fb:f6:99:c3:d2:f0:08:9f:95:
a0:1b:70:7f:03:99:b5:c2:28:d2:68:38:b0:7f:c9:
1c:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:D0:12:66:D1:06:1E:E5:3F:D3:4D:9C:5A:0F:E4:F9:65:AF:70:CD
X509v3 Authority Key Identifier:
keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/K9ASZtEGHuU_002cWg_k-WWvcM0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:6b40::/29
2a0d:6ec0::/29
2a0d:7140::/29
2a0d:8cc0::/29
2a0d:9740::/29
2a0d:97c0::/29
2a0d:a3c0::/29
2a0d:ad40::/29
2a0d:b540::/29
2a0d:b840::/29
2a0d:c1c0::/29
2a0d:cc40::/29
2a0d:ce40::/29
2a0d:d3c0::/29
2a0d:e1c0::/29
2a0d:e240::/29
2a0d:e340::/29
2a0d:f140::/29
2a0d:f5c0::/29
2a0e:8c0::/29
2a0e:af40::/29
2a0e:e9c0::/29
2a0f:2200::/29
2a0f:cb80::/29
2a0f:e180::/29
2a11:ec0::/29
2a11:17c0::/29
2a11:1c80::/29
2a11:2d00::/29
2a11:4480::/29
2a11:4540::/29
2a11:4f00::/29
2a11:6040::/29
2a11:64c0::/29
2a11:6b80::/29
2a11:77c0::/29
2a11:81c0::/29
2a11:86c0::/29
2a11:8740::/29
2a11:8980::/29
2a11:8bc0::/29
2a11:9040::/29
2a11:9580::/29
2a11:9640::/29
2a11:9900::/29
2a11:9f00::/29
2a11:a040::/29
2a11:a140::/29
2a11:b0c0::/29
2a11:b4c0::/29
2a11:b700::/29
2a11:bb00::/29
2a11:bbc0::/29
2a11:bdc0::/29
2a11:be40::/29
2a11:bf80::/29
2a11:c240::/29
2a11:c2c0::/29
2a11:c580::/29
2a11:c680::/29
2a11:cec0::/29
2a11:d340::/29
2a11:d880::/29
2a11:dac0::/29
2a11:df00::/29
2a11:e2c0::/29
2a11:e640::/29
2a11:e6c0::/29
2a11:e8c0::/29
2a11:eac0::/29
2a11:fa40::/29
2a11:fc40::/29
2a11:ff40::/29
2a12:580::/29
2a12:640::/29
2a12:900::/29
2a12:dc0::/29
2a12:e40::/29
2a12:e80::/29
2a12:11c0::/29
2a12:12c0::/29
2a12:1a80::/29
2a12:2800::/29
2a12:2b80::/29
2a12:2e80::/29
2a12:3c00::/29
2a12:57c0::/29
2a12:6480::/29
2a12:8380::/29
2a12:8480::/29
2a12:8780::/29
2a12:8a00::/29
2a12:9200::/29
2a12:a500::/29
2a12:aa00::/29
2a12:af00::/29
2a12:b400::/29
2a12:b700::/29
2a12:bb00::/29
2a12:bc80::/29
2a12:c980::/29
2a12:cf80::/29
2a12:d080::/29
2a12:d200::/29
2a12:d800::/29
2a12:f980::/29
Signature Algorithm: sha256WithRSAEncryption
32:e8:93:1a:5a:e7:94:32:61:55:1b:4d:46:a2:ce:2b:80:0c:
f6:ad:16:c5:53:01:76:48:1b:38:c9:3f:f7:5b:ca:56:4c:8a:
af:d6:4b:17:87:e3:58:16:01:a4:03:78:14:3f:0e:09:65:92:
36:49:23:90:2a:a7:12:2d:a7:73:bf:75:4c:c0:61:54:c1:a3:
72:93:63:2b:c1:58:84:c3:0a:3a:1b:66:32:7a:8f:1f:e7:3f:
c8:0c:61:11:8f:d3:e3:03:32:01:77:37:51:dc:95:ab:b0:e7:
05:ed:6c:ad:a6:3f:bf:d5:79:92:32:21:d0:62:09:00:ad:a9:
bb:fb:f9:f5:05:67:f4:97:c8:a4:52:39:7a:27:00:0f:5e:95:
67:6a:77:9b:c4:d4:80:58:14:fc:d1:37:1a:bb:42:ae:61:2a:
b1:a4:f5:8d:f7:87:78:f8:60:a7:79:74:02:15:88:94:3c:d1:
2d:e1:82:d5:61:5c:72:52:27:7f:f5:a3:2c:5d:42:c1:0e:67:
72:b3:00:81:f5:07:72:67:8f:76:60:69:68:56:8f:89:3c:45:
f8:29:2b:23:6a:8c:ca:49:b0:1d:b5:96:dd:b4:c2:6a:dc:ac:
56:1a:04:36:a8:a6:40:5f:17:78:c4:9c:ed:d7:7b:e0:6c:ed:
25:52:67:71
-----BEGIN CERTIFICATE-----
MIIH5zCCBs+gAwIBAgISAZoxMskc3jgC5AkL+a+Wn++NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjUxMDI5MTgyMDAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYmQwMTI2NmQxMDYxZWU1M2ZkMzRkOWM1YTBmZTRmOTY1YWY3MGNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA50cZwKjNPC2B+FF9aidDzw39iq9B
oA6kTveOhHioJRuTzkwkpbynye+/riZ/QAhfJuDSvjfhi9NkfG80rwKLINomKyYj
uPZsmhUf0WB46h9SwWfe09kg5bDRG4h9kS0jB109aRV2cIyYwaO6sI49KujkrSAx
sP9bmUtQHK7jmYyHrWdAPNIfHGTg0ob/Z48nwZwFWhfwc3OxlM0lxdaCcH6Ymws6
RWGzt78RhF42naNUrNeoAjt6mAhxbT8WqqVhFfIQpCPirfjrA8e/bD4xDO2XpVHK
G4QvO9Ui2+gUcKCznOizqBf79pnD0vAIn5WgG3B/A5m1wijSaDiwf8kchwIDAQAB
o4IE8zCCBO8wHQYDVR0OBBYEFCvQEmbRBh7lP9NNnFoP5Pllr3DNMB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvSzlBU1p0RUdIdVVfMDAyY1dnX2stV1d2Y00wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIDBwYIKwYBBQUHAQcBAf8EggL2MIIC8jCCAu4EAgACMIIC
5gMFAyoNa0ADBQMqDW7AAwUDKg1xQAMFAyoNjMADBQMqDZdAAwUDKg2XwAMFAyoN
o8ADBQMqDa1AAwUDKg21QAMFAyoNuEADBQMqDcHAAwUDKg3MQAMFAyoNzkADBQMq
DdPAAwUDKg3hwAMFAyoN4kADBQMqDeNAAwUDKg3xQAMFAyoN9cADBQMqDgjAAwUD
Kg6vQAMFAyoO6cADBQMqDyIAAwUDKg/LgAMFAyoP4YADBQMqEQ7AAwUDKhEXwAMF
AyoRHIADBQMqES0AAwUDKhFEgAMFAyoRRUADBQMqEU8AAwUDKhFgQAMFAyoRZMAD
BQMqEWuAAwUDKhF3wAMFAyoRgcADBQMqEYbAAwUDKhGHQAMFAyoRiYADBQMqEYvA
AwUDKhGQQAMFAyoRlYADBQMqEZZAAwUDKhGZAAMFAyoRnwADBQMqEaBAAwUDKhGh
QAMFAyoRsMADBQMqEbTAAwUDKhG3AAMFAyoRuwADBQMqEbvAAwUDKhG9wAMFAyoR
vkADBQMqEb+AAwUDKhHCQAMFAyoRwsADBQMqEcWAAwUDKhHGgAMFAyoRzsADBQMq
EdNAAwUDKhHYgAMFAyoR2sADBQMqEd8AAwUDKhHiwAMFAyoR5kADBQMqEebAAwUD
KhHowAMFAyoR6sADBQMqEfpAAwUDKhH8QAMFAyoR/0ADBQMqEgWAAwUDKhIGQAMF
AyoSCQADBQMqEg3AAwUDKhIOQAMFAyoSDoADBQMqEhHAAwUDKhISwAMFAyoSGoAD
BQMqEigAAwUDKhIrgAMFAyoSLoADBQMqEjwAAwUDKhJXwAMFAyoSZIADBQMqEoOA
AwUDKhKEgAMFAyoSh4ADBQMqEooAAwUDKhKSAAMFAyoSpQADBQMqEqoAAwUDKhKv
AAMFAyoStAADBQMqErcAAwUDKhK7AAMFAyoSvIADBQMqEsmAAwUDKhLPgAMFAyoS
0IADBQMqEtIAAwUDKhLYAAMFAyoS+YAwDQYJKoZIhvcNAQELBQADggEBADLokxpa
55QyYVUbTUaiziuADPatFsVTAXZIGzjJP/dbylZMiq/WSxeH41gWAaQDeBQ/Dgll
kjZJI5AqpxItp3O/dUzAYVTBo3KTYyvBWITDCjobZjJ6jx/nP8gMYRGP0+MDMgF3
N1Hclauw5wXtbK2mP7/VeZIyIdBiCQCtqbv7+fUFZ/SXyKRSOXonAA9elWdqd5vE
1IBYFPzRNxq7Qq5hKrGk9Y33h3j4YKd5dAIViJQ80S3hgtVhXHJSJ3/1oyxdQsEO
Z3KzAIH1B3Jnj3ZgaWhWj4k8RfgpKyNqjMpJsB21lt20wmrcrFYaBDaopkBfF3jE
nO3Xe+Bs7SVSZ3E=
-----END CERTIFICATE-----
Generated at Tue Nov 4 22:30:08 2025 by rpki-client