Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/447677-9972-4df8-b508-b91b92d4d801/1/KfWydckPfiqGOF337NlzjDPQl00.roa
File: KfWydckPfiqGOF337NlzjDPQl00.roa (raw, json)
Hash identifier: 4ha/Pfwft4tserJ5wBf8nDoQ8MRbjhW1BTAI762DC0o=
Subject key identifier: 29:F5:B2:75:C9:0F:7E:2A:86:38:5D:F7:EC:D9:73:8C:33:D0:97:4D
Certificate issuer: /CN=7d2ea3ecad5a402b8fe5a2a6138af66aac257ff9
Certificate serial: 019C22B7B38FC133DC788549AC3B872F8095
Authority key identifier: 7D:2E:A3:EC:AD:5A:40:2B:8F:E5:A2:A6:13:8A:F6:6A:AC:25:7F:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fS6j7K1aQCuP5aKmE4r2aqwlf_k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/447677-9972-4df8-b508-b91b92d4d801/1/KfWydckPfiqGOF337NlzjDPQl00.roa
Signing time: Tue 03 Feb 2026 08:56:30 +0000
ROA not before: Tue 03 Feb 2026 08:56:30 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 57043
IP address blocks: 5.42.199.0/24 maxlen: 24
5.253.63.0/24 maxlen: 24
45.129.78.0/24 maxlen: 24
45.159.181.0/24 maxlen: 24
77.83.85.0/24 maxlen: 24
77.83.86.0/24 maxlen: 24
77.83.87.0/24 maxlen: 24
79.133.180.0/24 maxlen: 24
89.191.234.0/24 maxlen: 24
176.119.141.0/24 maxlen: 24
185.233.184.0/24 maxlen: 24
185.244.48.0/24 maxlen: 24
185.244.49.0/24 maxlen: 24
185.250.45.0/24 maxlen: 24
194.113.153.0/24 maxlen: 24
194.147.215.0/24 maxlen: 24
195.226.194.0/24 maxlen: 24
195.245.239.0/24 maxlen: 24
217.11.166.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cc/447677-9972-4df8-b508-b91b92d4d801/1/fS6j7K1aQCuP5aKmE4r2aqwlf_k.crl
rsync://rpki.ripe.net/repository/DEFAULT/cc/447677-9972-4df8-b508-b91b92d4d801/1/fS6j7K1aQCuP5aKmE4r2aqwlf_k.mft
rsync://rpki.ripe.net/repository/DEFAULT/fS6j7K1aQCuP5aKmE4r2aqwlf_k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 14:00:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9c:22:b7:b3:8f:c1:33:dc:78:85:49:ac:3b:87:2f:80:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d2ea3ecad5a402b8fe5a2a6138af66aac257ff9
Validity
Not Before: Feb 3 08:56:30 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=29f5b275c90f7e2a86385df7ecd9738c33d0974d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:63:c9:9f:cb:24:95:e9:bb:0d:73:9a:1e:c9:
40:58:d6:f3:9b:8d:66:b3:7d:d3:fd:53:65:47:18:
82:49:38:b9:cd:fe:16:e5:76:00:0b:6f:d7:0b:30:
96:48:a2:38:e2:05:06:db:4d:fc:21:d0:a9:ab:97:
df:e8:50:7a:e6:b8:23:5f:68:df:9f:62:44:c1:04:
a0:58:ee:f3:50:9b:9d:a8:10:1d:50:6b:9d:9f:76:
69:45:78:7e:8b:88:7d:be:81:2c:6a:28:cb:9e:48:
c2:f8:9c:f2:5b:08:e2:02:f6:27:d7:83:2a:39:c4:
b9:4d:b5:c1:82:79:0d:dc:af:96:4f:f7:a1:a8:33:
16:3d:a9:2e:50:81:ed:79:0a:bf:80:ae:0c:5e:2b:
0b:f6:ec:a4:92:4c:1b:80:ab:b4:25:de:ab:c9:04:
c5:b4:0d:9f:91:53:2a:68:f9:ed:34:21:39:2e:ce:
8a:b3:a0:ec:eb:eb:71:18:23:3b:15:56:58:85:ca:
af:90:1c:d1:b8:a0:51:02:5b:ff:2c:c7:6c:4e:f0:
47:27:89:b7:bf:d9:01:2b:9b:41:07:c9:ae:10:7a:
bb:a9:6f:76:d2:eb:3c:9f:00:3b:7e:e7:4b:ad:b3:
83:03:ef:34:db:46:a3:38:d8:f4:9b:e7:b5:04:35:
26:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:F5:B2:75:C9:0F:7E:2A:86:38:5D:F7:EC:D9:73:8C:33:D0:97:4D
X509v3 Authority Key Identifier:
keyid:7D:2E:A3:EC:AD:5A:40:2B:8F:E5:A2:A6:13:8A:F6:6A:AC:25:7F:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fS6j7K1aQCuP5aKmE4r2aqwlf_k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/447677-9972-4df8-b508-b91b92d4d801/1/KfWydckPfiqGOF337NlzjDPQl00.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/447677-9972-4df8-b508-b91b92d4d801/1/fS6j7K1aQCuP5aKmE4r2aqwlf_k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.42.199.0/24
5.253.63.0/24
45.129.78.0/24
45.159.181.0/24
77.83.85.0-77.83.87.255
79.133.180.0/24
89.191.234.0/24
176.119.141.0/24
185.233.184.0/24
185.244.48.0/23
185.250.45.0/24
194.113.153.0/24
194.147.215.0/24
195.226.194.0/24
195.245.239.0/24
217.11.166.0/24
Signature Algorithm: sha256WithRSAEncryption
16:17:ef:15:2b:cf:72:7d:ef:ad:e3:ae:a9:fa:1a:aa:fe:23:
3d:25:57:f6:9a:6b:e2:b9:03:86:e7:a4:56:70:ca:5d:4f:0d:
f2:49:41:05:42:a3:ff:e4:da:4e:62:63:7f:26:bf:62:d5:b1:
27:39:4e:5c:22:4a:e2:83:39:fc:e5:ed:65:b8:d4:71:c6:71:
15:3b:08:ed:56:b4:cb:19:15:dd:c7:07:50:7f:4c:33:5a:29:
f3:17:a7:1f:01:6b:4e:22:d4:a5:f7:49:75:82:b1:5c:01:e2:
19:d4:07:41:e2:76:fd:b7:ae:4c:b5:19:74:1b:ab:cd:99:2a:
83:5e:b8:36:3e:3b:a1:f0:c8:6e:f0:98:51:3b:93:55:26:50:
8e:64:7a:7c:9b:e7:6c:9b:91:15:15:c1:ca:bf:08:6e:21:89:
76:72:e0:6d:25:6a:bb:86:07:2c:a5:5c:2a:94:80:7b:67:a1:
e4:e0:f4:07:e5:c2:78:9b:4d:ad:31:b9:02:e1:b9:06:04:14:
4c:4b:96:08:c5:26:25:b5:36:8d:14:ba:5c:54:e0:24:55:dd:
f1:8b:32:b4:f9:59:03:48:15:5a:c4:c2:8e:96:4b:c6:d9:de:
bc:9c:13:63:f4:a6:1d:7b:d8:64:ca:de:b5:9f:0f:cf:05:93:
d8:6d:ff:89
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgISAZwit7OPwTPceIVJrDuHL4CVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMmVhM2VjYWQ1YTQwMmI4ZmU1YTJhNjEzOGFmNjZhYWMy
NTdmZjkwHhcNMjYwMjAzMDg1NjMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWY1YjI3NWM5MGY3ZTJhODYzODVkZjdlY2Q5NzM4YzMzZDA5NzRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1mPJn8sklem7DXOaHslAWNbzm41m
s33T/VNlRxiCSTi5zf4W5XYAC2/XCzCWSKI44gUG2038IdCpq5ff6FB65rgjX2jf
n2JEwQSgWO7zUJudqBAdUGudn3ZpRXh+i4h9voEsaijLnkjC+JzyWwjiAvYn14Mq
OcS5TbXBgnkN3K+WT/ehqDMWPakuUIHteQq/gK4MXisL9uykkkwbgKu0Jd6ryQTF
tA2fkVMqaPntNCE5Ls6Ks6Ds6+txGCM7FVZYhcqvkBzRuKBRAlv/LMdsTvBHJ4m3
v9kBK5tBB8muEHq7qW920us8nwA7fudLrbODA+8020ajONj0m+e1BDUmvQIDAQAB
o4ICbDCCAmgwHQYDVR0OBBYEFCn1snXJD34qhjhd9+zZc4wz0JdNMB8GA1UdIwQY
MBaAFH0uo+ytWkArj+WiphOK9mqsJX/5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlM2ajdLMWFRQ3VQNWFLbUU0cjJhcXdsZl9rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy80NDc2NzctOTk3Mi00ZGY4LWI1MDgt
YjkxYjkyZDRkODAxLzEvS2ZXeWRja1BmaXFHT0YzMzdObHpqRFBRbDAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy80NDc2NzctOTk3Mi00ZGY4LWI1MDgtYjkxYjkyZDRkODAx
LzEvZlM2ajdLMWFRQ3VQNWFLbUU0cjJhcXdsZl9rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGBBggrBgEFBQcBBwEB/wRyMHAwbgQCAAEwaAMEAAUqxwME
AAX9PwMEAC2BTgMEAC2ftTAMAwQATVNVAwQDTVNQAwQAT4W0AwQAWb/qAwQAsHeN
AwQAuem4AwQBufQwAwQAufotAwQAwnGZAwQAwpPXAwQAw+LCAwQAw/XvAwQA2Qum
MA0GCSqGSIb3DQEBCwUAA4IBAQAWF+8VK89yfe+t466p+hqq/iM9JVf2mmviuQOG
56RWcMpdTw3ySUEFQqP/5NpOYmN/Jr9i1bEnOU5cIkrigzn85e1luNRxxnEVOwjt
VrTLGRXdxwdQf0wzWinzF6cfAWtOItSl90l1grFcAeIZ1AdB4nb9t65MtRl0G6vN
mSqDXrg2Pjuh8Mhu8JhRO5NVJlCOZHp8m+dsm5EVFcHKvwhuIYl2cuBtJWq7hgcs
pVwqlIB7Z6Hk4PQH5cJ4m02tMbkC4bkGBBRMS5YIxSYltTaNFLpcVOAkVd3xizK0
+VkDSBVaxMKOlkvG2d68nBNj9KYde9hkyt61nw/PBZPYbf+J
-----END CERTIFICATE-----
Generated at Mon Mar 2 00:04:45 2026 by rpki-client