Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/KWUvTM8KxaT1Ms7mykdSenkOl8I.roa
File: KWUvTM8KxaT1Ms7mykdSenkOl8I.roa (raw, json)
Hash identifier: PzGGbPlHVvUfO9EFPUVc2aYpWWTQxrouzpNn85MFo1U=
Subject key identifier: 29:65:2F:4C:CF:0A:C5:A4:F5:32:CE:E6:CA:47:52:7A:79:0E:97:C2
Certificate issuer: /CN=56b98f83ccbda7c19f004151c98b57c59d268f54
Certificate serial: 019EB770027397451A51656F982E58820574
Authority key identifier: 56:B9:8F:83:CC:BD:A7:C1:9F:00:41:51:C9:8B:57:C5:9D:26:8F:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/KWUvTM8KxaT1Ms7mykdSenkOl8I.roa
Signing time: Thu 11 Jun 2026 16:07:11 +0000
ROA not before: Thu 11 Jun 2026 16:07:11 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 212238
IP address blocks: 2a0b:3e00::/32 maxlen: 32
2a0b:3e01::/32 maxlen: 32
2a0b:3e02::/32 maxlen: 32
2a0b:3e03::/32 maxlen: 32
2a0b:3e04::/32 maxlen: 32
2a0b:3e05::/32 maxlen: 32
2a0b:3e06::/32 maxlen: 32
2a0b:3e07::/32 maxlen: 32
2a0c:8340::/32 maxlen: 32
2a0c:8341::/32 maxlen: 32
2a0c:8342::/32 maxlen: 32
2a0c:8343::/32 maxlen: 32
2a0c:8344::/32 maxlen: 32
2a0c:8345::/32 maxlen: 32
2a0c:8346::/32 maxlen: 32
2a0c:8347::/32 maxlen: 32
2a13:d2c4::/32 maxlen: 32
2a14:35c0::/32 maxlen: 32
2a14:35c1::/32 maxlen: 32
2a14:35c2::/32 maxlen: 32
2a14:35c3::/32 maxlen: 32
2a14:35c4::/32 maxlen: 32
2a14:35c5::/32 maxlen: 32
2a14:35c6::/32 maxlen: 32
2a14:35c7::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 00:00:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:b7:70:02:73:97:45:1a:51:65:6f:98:2e:58:82:05:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=56b98f83ccbda7c19f004151c98b57c59d268f54
Validity
Not Before: Jun 11 16:07:11 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=29652f4ccf0ac5a4f532cee6ca47527a790e97c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:93:bb:a5:0e:f6:90:fa:1f:89:7f:e0:96:f1:
81:bc:96:5b:77:b3:51:11:b6:25:85:87:7b:64:b1:
eb:31:b7:27:d6:1b:56:f2:4e:2b:fe:2e:ec:1b:e8:
1d:f2:67:c5:c3:75:77:f7:cc:a1:58:3d:e6:07:fe:
88:2f:5f:f8:e3:b4:ca:95:04:18:9a:a0:41:4d:f5:
d3:c3:cd:72:d4:ba:41:16:63:67:16:d5:79:c0:4c:
8d:79:72:2d:4f:dc:ec:4b:63:32:56:bc:2f:49:ce:
af:cd:8d:b2:66:3f:81:8c:09:df:76:5e:a9:36:bd:
a6:0f:c9:bf:b6:51:fe:3e:3c:3d:66:53:b1:96:15:
c7:cd:60:28:30:58:18:1b:30:b3:d6:f2:92:28:70:
10:3f:ed:67:9a:b6:b4:b5:2d:75:f7:6b:df:1e:35:
0a:f5:e2:77:b5:69:e6:31:9f:b7:02:49:34:08:f6:
39:af:c5:f1:6e:c4:71:2d:c0:c7:e9:1f:27:2f:a0:
5d:6b:ca:de:54:42:83:2f:29:38:a9:50:55:05:b4:
f9:55:7a:83:9f:3a:62:68:fc:eb:20:af:e6:76:ea:
82:40:26:ee:b0:cf:e7:98:f6:85:78:16:1e:e5:9d:
25:4f:fd:9a:eb:f2:fc:0c:06:18:1b:6a:36:b3:37:
0c:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:65:2F:4C:CF:0A:C5:A4:F5:32:CE:E6:CA:47:52:7A:79:0E:97:C2
X509v3 Authority Key Identifier:
keyid:56:B9:8F:83:CC:BD:A7:C1:9F:00:41:51:C9:8B:57:C5:9D:26:8F:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/KWUvTM8KxaT1Ms7mykdSenkOl8I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:3e00::/29
2a0c:8340::/29
2a13:d2c4::/32
2a14:35c0::/29
Signature Algorithm: sha256WithRSAEncryption
af:06:1d:3b:28:d3:65:45:49:ac:2b:b9:e5:4c:a1:c1:9f:60:
69:84:de:81:00:9f:e7:c2:36:d1:4d:0b:cd:7a:41:b1:a9:5d:
a8:ff:75:a8:10:30:85:1c:76:aa:f9:16:c8:bd:6f:91:13:d9:
89:a4:60:bf:92:49:89:12:3c:dd:b8:ac:b7:d7:70:45:a8:6d:
2b:65:8e:55:b5:67:41:8f:94:f1:7e:d2:4e:d5:15:1f:f8:e3:
dc:bd:ff:52:12:ff:77:82:8d:3f:0e:a8:40:c2:39:2e:6f:4a:
e6:c7:84:e2:25:62:0b:8e:d9:5d:e0:af:c7:1e:7b:53:ee:06:
d1:eb:f5:83:50:42:1f:aa:f8:e6:00:2d:bd:d8:c8:10:af:77:
ef:a7:96:7b:f6:36:89:f8:a3:48:0a:39:4a:0d:d8:b6:4b:9f:
44:fd:6f:54:e2:31:72:92:bf:c6:93:28:bb:a3:57:11:fb:af:
91:d6:cf:6d:10:3c:d5:f1:d6:06:d5:cf:01:d1:cb:69:3a:8f:
ac:2a:62:36:08:52:22:07:d9:ee:d7:bc:7b:40:f5:51:00:cd:
6f:6f:09:28:d5:9d:60:e0:6b:3e:08:33:25:92:2b:5c:a4:9a:
dd:f6:d5:b2:1c:e1:17:4b:53:9b:f5:df:fe:0c:a2:fe:60:e6:
1b:e8:ad:77
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZ63cAJzl0UaUWVvmC5YggV0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2Yjk4ZjgzY2NiZGE3YzE5ZjAwNDE1MWM5OGI1N2M1OWQy
NjhmNTQwHhcNMjYwNjExMTYwNzExWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTY1MmY0Y2NmMGFjNWE0ZjUzMmNlZTZjYTQ3NTI3YTc5MGU5N2MyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqpO7pQ72kPofiX/glvGBvJZbd7NR
EbYlhYd7ZLHrMbcn1htW8k4r/i7sG+gd8mfFw3V398yhWD3mB/6IL1/447TKlQQY
mqBBTfXTw81y1LpBFmNnFtV5wEyNeXItT9zsS2MyVrwvSc6vzY2yZj+BjAnfdl6p
Nr2mD8m/tlH+Pjw9ZlOxlhXHzWAoMFgYGzCz1vKSKHAQP+1nmra0tS1192vfHjUK
9eJ3tWnmMZ+3Akk0CPY5r8XxbsRxLcDH6R8nL6Bda8reVEKDLyk4qVBVBbT5VXqD
nzpiaPzrIK/mduqCQCbusM/nmPaFeBYe5Z0lT/2a6/L8DAYYG2o2szcM2wIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFCllL0zPCsWk9TLO5spHUnp5DpfCMB8GA1UdIwQY
MBaAFFa5j4PMvafBnwBBUcmLV8WdJo9UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnJtUGc4eTlwOEdmQUVGUnlZdFh4WjBtajFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My84Y2I5MzUtNzFhMy00ZGIzLTlmM2Yt
N2FhN2ZjMzU5NjU1LzEvS1dVdlRNOEt4YVQxTXM3bXlrZFNlbmtPbDhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My84Y2I5MzUtNzFhMy00ZGIzLTlmM2YtN2FhN2ZjMzU5NjU1
LzEvVnJtUGc4eTlwOEdmQUVGUnlZdFh4WjBtajFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAAjAcAwUDKgs+AAMF
AyoMg0ADBQAqE9LEAwUDKhQ1wDANBgkqhkiG9w0BAQsFAAOCAQEArwYdOyjTZUVJ
rCu55UyhwZ9gaYTegQCf58I20U0LzXpBsaldqP91qBAwhRx2qvkWyL1vkRPZiaRg
v5JJiRI83bist9dwRahtK2WOVbVnQY+U8X7STtUVH/jj3L3/UhL/d4KNPw6oQMI5
Lm9K5seE4iViC47ZXeCvxx57U+4G0ev1g1BCH6r45gAtvdjIEK9376eWe/Y2ifij
SAo5Sg3YtkufRP1vVOIxcpK/xpMou6NXEfuvkdbPbRA81fHWBtXPAdHLaTqPrCpi
NghSIgfZ7te8e0D1UQDNb28JKNWdYOBrPggzJZIrXKSa3fbVshzhF0tTm/Xf/gyi
/mDmG+itdw==
-----END CERTIFICATE-----
Generated at Sat Jun 13 07:54:59 2026 by rpki-client