Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/KbvkmgMZoMONyUWIgzFPy-Hs_9Q.roa
File: KbvkmgMZoMONyUWIgzFPy-Hs_9Q.roa (raw, json)
Hash identifier: GCni2LajGJuRbLxU2MyQgz1J4QV9yOMWcnwePk3e/Xo=
Subject key identifier: 29:BB:E4:9A:03:19:A0:C3:8D:C9:45:88:83:31:4F:CB:E1:EC:FF:D4
Certificate issuer: /CN=2e6a86e62f0ce98e02e980869ff4414ee2a0f0ce
Certificate serial: 019865A156DE1590DA407DD2B20E8BBAEEBD
Authority key identifier: 2E:6A:86:E6:2F:0C:E9:8E:02:E9:80:86:9F:F4:41:4E:E2:A0:F0:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/KbvkmgMZoMONyUWIgzFPy-Hs_9Q.roa
Signing time: Fri 01 Aug 2025 12:35:29 +0000
ROA not before: Fri 01 Aug 2025 12:35:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58061
IP address blocks: 170.168.4.0/24 maxlen: 24
170.168.5.0/24 maxlen: 24
170.168.26.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.crl
rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.mft
rsync://rpki.ripe.net/repository/DEFAULT/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 11 Aug 2025 15:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:65:a1:56:de:15:90:da:40:7d:d2:b2:0e:8b:ba:ee:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e6a86e62f0ce98e02e980869ff4414ee2a0f0ce
Validity
Not Before: Aug 1 12:35:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=29bbe49a0319a0c38dc9458883314fcbe1ecffd4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:ab:f2:43:9e:73:ab:5f:d9:95:82:7e:42:51:
aa:79:37:1d:98:d3:64:70:d8:61:e4:52:06:4c:dc:
1c:32:23:46:df:0f:40:f7:76:48:da:25:aa:33:0e:
a1:f9:16:54:5a:49:3e:0d:ce:8e:50:5b:a4:8e:db:
d1:20:45:de:5b:5c:6d:4a:49:4c:4d:b7:bd:8c:fc:
11:7d:02:0a:bb:83:b4:c0:5a:c7:7e:77:2f:0c:04:
e6:14:f6:91:1c:a0:cb:f1:01:6e:7f:65:d8:26:6a:
50:91:90:4b:ed:60:2c:0b:85:cf:20:6f:f8:97:58:
3b:7c:3c:d8:bb:7b:5f:64:cf:e6:ee:a1:d5:71:97:
e1:1e:8e:84:59:03:33:00:a9:3f:74:6c:fe:ac:f3:
1a:fb:b8:ef:b1:82:fc:13:a9:fe:a3:4e:e7:3a:df:
bc:b6:0f:2a:78:b7:08:47:7e:49:1f:30:2e:8f:63:
c6:1d:d4:67:53:a1:3b:cf:c7:11:40:d1:23:42:9c:
11:65:5c:4e:20:ee:50:94:24:12:72:24:81:2b:13:
46:10:5e:ef:0f:d2:17:f8:2c:71:76:01:54:a7:f2:
92:8c:d1:24:d2:5f:2d:2d:86:ea:dc:34:4a:aa:ad:
25:99:e0:c3:0e:47:26:62:b1:2b:fb:b9:81:d0:30:
ef:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:BB:E4:9A:03:19:A0:C3:8D:C9:45:88:83:31:4F:CB:E1:EC:FF:D4
X509v3 Authority Key Identifier:
keyid:2E:6A:86:E6:2F:0C:E9:8E:02:E9:80:86:9F:F4:41:4E:E2:A0:F0:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/KbvkmgMZoMONyUWIgzFPy-Hs_9Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
170.168.4.0/23
170.168.26.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:c1:ad:25:60:62:7c:9d:39:9d:24:9d:c5:e2:f5:83:5d:bb:
88:df:40:e1:8f:b9:2c:0e:02:e8:bf:fd:6a:fa:4b:cc:93:b0:
09:e5:9c:04:44:a8:e4:8b:4b:21:24:f9:d2:23:1d:06:fd:a0:
15:dc:2d:ed:60:18:f5:27:74:3e:6b:af:c8:73:cf:2c:5c:78:
66:09:be:0b:2f:49:3c:e1:1e:e5:3e:d5:a1:25:d6:c7:5f:19:
28:85:21:76:74:eb:ff:9e:81:67:7a:44:85:14:40:6b:c0:d5:
ab:0b:83:ff:e9:95:ab:f2:82:c5:60:47:0e:00:2e:63:84:f1:
d3:32:3b:8d:78:b8:e5:42:22:fd:96:c3:bc:26:3c:69:61:62:
5c:85:d5:0a:4d:ba:a5:fa:e9:8d:24:c5:26:e8:e4:df:50:96:
2d:a1:71:11:0b:49:1a:69:0f:83:5c:83:d3:02:3d:36:37:9e:
78:73:79:c0:37:80:f4:44:4a:70:22:3e:c7:c1:bb:e2:82:1d:
75:3e:c2:65:06:52:71:30:ff:c7:55:7b:1b:4a:94:87:7e:85:
8c:c1:be:d8:7f:29:01:e9:c6:9e:2a:f6:5d:98:0c:9a:ea:e6:
c4:17:e1:bf:6d:00:fc:b1:11:1c:2f:3a:f2:55:e0:ac:4c:7e:
51:39:a6:c0
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZhloVbeFZDaQH3Ssg6Luu69MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlNmE4NmU2MmYwY2U5OGUwMmU5ODA4NjlmZjQ0MTRlZTJh
MGYwY2UwHhcNMjUwODAxMTIzNTI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWJiZTQ5YTAzMTlhMGMzOGRjOTQ1ODg4MzMxNGZjYmUxZWNmZmQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk6vyQ55zq1/ZlYJ+QlGqeTcdmNNk
cNhh5FIGTNwcMiNG3w9A93ZI2iWqMw6h+RZUWkk+Dc6OUFukjtvRIEXeW1xtSklM
Tbe9jPwRfQIKu4O0wFrHfncvDATmFPaRHKDL8QFuf2XYJmpQkZBL7WAsC4XPIG/4
l1g7fDzYu3tfZM/m7qHVcZfhHo6EWQMzAKk/dGz+rPMa+7jvsYL8E6n+o07nOt+8
tg8qeLcIR35JHzAuj2PGHdRnU6E7z8cRQNEjQpwRZVxOIO5QlCQSciSBKxNGEF7v
D9IX+CxxdgFUp/KSjNEk0l8tLYbq3DRKqq0lmeDDDkcmYrEr+7mB0DDvIwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCm75JoDGaDDjclFiIMxT8vh7P/UMB8GA1UdIwQY
MBaAFC5qhuYvDOmOAumAhp/0QU7ioPDOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTG1xRzVpOE02WTRDNllDR25fUkJUdUtnOE00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC8yYjYwMzAtNmQ4OC00ZTNlLTlmM2Et
YTY2N2JiNzY1MDYwLzEvS2J2a21nTVpvTU9OeVVXSWd6RlB5LUhzXzlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC8yYjYwMzAtNmQ4OC00ZTNlLTlmM2EtYTY2N2JiNzY1MDYw
LzEvTG1xRzVpOE02WTRDNllDR25fUkJUdUtnOE00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBqqgEAwQA
qqgaMA0GCSqGSIb3DQEBCwUAA4IBAQA+wa0lYGJ8nTmdJJ3F4vWDXbuI30Dhj7ks
DgLov/1q+kvMk7AJ5ZwERKjki0shJPnSIx0G/aAV3C3tYBj1J3Q+a6/Ic88sXHhm
Cb4LL0k84R7lPtWhJdbHXxkohSF2dOv/noFnekSFFEBrwNWrC4P/6ZWr8oLFYEcO
AC5jhPHTMjuNeLjlQiL9lsO8JjxpYWJchdUKTbql+umNJMUm6OTfUJYtoXERC0ka
aQ+DXIPTAj02N554c3nAN4D0REpwIj7Hwbvigh11PsJlBlJxMP/HVXsbSpSHfoWM
wb7YfykB6caeKvZdmAya6ubEF+G/bQD8sREcLzryVeCsTH5ROabA
-----END CERTIFICATE-----
Generated at Sun Aug 10 21:11:07 2025 by rpki-client